Security Restrictions disappear when webi is modified

Hello,
I have the following problem with Security restrictions.
I have created a business security profile, and assign this profile to a user directly (I have tested the same assign the profile to a group and the problem occurs too).
The business security profile is defined this way:
1. At the first tap (Create query), I grant all the views of the business layer and all the objects.
2. At the second tap (Data) all objects are granted.
3. At the filter tap, I defined the row restrictions of the profile (3 conditions with and).
4. I assign the business profile to the user.
The steps to reproduce the problem are:
1.  I create a webi (with an administrator user) that uses the universe that contains the business security profile
2. The user that have the business security profile restrictions assign, open the webi refresh and show only his data.
    The SQL of the webi query shows the security restrictions (profile filters).
3. I modify the report (for instance, I drag a dimension on it). Save the report.
4. The user that have the business security profile restrictions, open the modified webi refresh and show all the data (as he was an administrator user).
    The SQL of the webi query does not show the security restrictions (filters). The restrictions desappear of the SQL.
Please, could you help me?
Thanks
Pilar

Enable the following auditing on the server either through domain
policy or local policy:
Audit logon events - Success
Audit Object Access  - Success
On the Auditing tab, add Everyone with the following audit settings.

Similar Messages

  • All of my previous security exceptions disappeared when I upgraded Firefox and I have NO list of what they were; how do I get them back?

    I was pestered to death by Firefox to upgrade to 12.0. I am really sorry I did. I lost all my Security Exceptions. Tools > Options > Security > Exceptions All of my previous security exceptions disappeared when I upgraded Firefox. They are gone and I have NO list of what they were. Is there ant way to bring them back?

    The security exceptions that allow other sites to install software?
    Which version did you have before -- 3.6.x or Firefox 11?
    I don't know whether you regularly back up your computer, but if you have a backup of your Firefox profile folder, then that data should be in there. If you can locate a backup copy of permissions.sqlite, you could use a utility to extract the list. (Or find a volunteer here to assist you with that.)
    By the way, did your pop-up exceptions and image exceptions carry over? You can check those under Tools > Options > Content.

  • Error deploying when web.xml contains similiar security-constraint elements

    I am receiving an error when I include similiar security constraints in my web.xml descriptor.  I actually have many security-constraint elements defined but I have narrowed it down to the following two that appear kind of similiar which are causing the problem:
    <security-constraint>
    <web-resource-collection>
         <web-resource-name>ProcessesPosts</web-resource-name>
         <url-pattern>/processPost/*</url-pattern>
    </web-resource-collection>
    </security-constraint>
    <security-constraint>
    <web-resource-collection>
         <web-resource-name>Processes</web-resource-name>
         <url-pattern>/process/*</url-pattern>
    </web-resource-collection>
    </security-constraint>
    The error I receive is:
    #1#com.sap.engine.services.deploy.exceptions.ServerDeploymentException: Exception during generating components of sap.com/s25qoie_1_SAP application in servlet_jsp container.
         at com.sap.engine.services.deploy.server.application.DeploymentTransaction.makeComponents(DeploymentTransaction.java:512)
         at com.sap.engine.services.deploy.server.application.DeployUtilTransaction.commonBegin(DeployUtilTransaction.java:248)
         at com.sap.engine.services.deploy.server.application.DeploymentTransaction.begin(DeploymentTransaction.java:215)
         at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesOnOneServer(ApplicationTransaction.java:371)
         at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhases(ApplicationTransaction.java:405)
         at com.sap.engine.services.deploy.server.DeployServiceImpl.makeGlobalTransaction(DeployServiceImpl.java:2298)
         at com.sap.engine.services.deploy.server.DeployServiceImpl.deploy(DeployServiceImpl.java:286)
         at com.sap.engine.services.deploy.server.DeployServiceImplp4_Skel.dispatch(DeployServiceImplp4_Skel.java:2636)
         at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:253)
         at com.sap.engine.services.rmi_p4.P4Message.execute(P4Message.java:109)
         at com.sap.engine.services.cross.fca.FCAConnectorImpl.executeRequest(FCAConnectorImpl.java:841)
         at com.sap.engine.services.rmi_p4.P4Message.process(P4Message.java:125)
         at com.sap.engine.services.cross.fca.MessageReader.run(MessageReader.java:59)
         at com.sap.engine.core.thread.execution.Executable.run(Executable.java:108)
         at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:168)
    Caused by: java.lang.IllegalArgumentException: Invalid prefix pattern in URLPatternList
         at javax.security.jacc.URLPatternSpec.setURLPatternArray(URLPatternSpec.java:329)
         at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:106)
         at javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:188)
         at com.sap.engine.services.servlets_jsp.server.deploy.util.jacc.JACCRulesGenerator.generatePermissionsUnchecked(JACCRulesGenerator.java:311)
         at com.sap.engine.services.servlets_jsp.server.deploy.util.jacc.JACCRulesGenerator.generateAndAddPermissionsIntoPolicyConfiguration(JACCRulesGenerator.java:132)
         at com.sap.engine.services.servlets_jsp.server.deploy.util.jacc.SecurityConstraintParser.processAllSecurityConstraints(SecurityConstraintParser.java:151)
         at com.sap.engine.services.servlets_jsp.server.deploy.util.jacc.SecurityConstraintParser.createSecurityResourcesJACC(SecurityConstraintParser.java:57)
         at com.sap.engine.services.servlets_jsp.server.deploy.util.SecurityUtils.createSecurityResources(SecurityUtils.java:122)
         at com.sap.engine.services.servlets_jsp.server.deploy.DeployAction.initXmls(DeployAction.java:722)
         at com.sap.engine.services.servlets_jsp.server.deploy.DeployAction.deploy(DeployAction.java:276)
         at com.sap.engine.services.servlets_jsp.server.deploy.WebContainer.deploy(WebContainer.java:181)
         at com.sap.engine.services.deploy.server.application.DeploymentTransaction.makeComponents(DeploymentTransaction.java:506)
         ... 14 more
    Has anyone seen anything like this?  Have I defined something wrong in my web.xml?  The exact same web.xml file does work in several other application servers.

    Hi Jay,
    I am not aware of such document for the preview release.
    About the concrete problem your investigation was enough detailed so we managed to reproduce and fix it.
    Thanks and regards

  • TS3714 How can i restore or retrieve my calendar inputs that disappeared when i tried to sync it to my internet accounts?? I didnt find it on my yahoo and gmail accounts on thw web. Pls help me

    How can i restore or retrieve my calendar inputs that disappeared when i tried to sync it to my internet accounts?? I didnt find it on my yahoo and gmail accounts on thw web. Pls help me

    You don’t need to do that. Click here and follow the instructions, or if they don't cover the type of adware on the computer, these ones. If you're willing to download software to resolve this issue(you don't need to, but may find it easier), you can instead run Adware Medic; this link is a direct download.
    (117389)

  • How to make Management of row level restrictions easy for webi reports?

    Hi all
    Our BO Product version is 12.3.0.601 (BO 3.1)
    We are applying row level security for webi reports at universe level...
    Since  Universes are more in Number we have to create same restrictions and apply it to the users lets take a restrictions on region....which is common across all universes.
    So the problem lies with the management of restrictions created at universe level.
    Can we have a setup in where we can centralized the restirctions at a place so that management would be easy ......???
    Shall we have to import the roles(restrictions) from R/3 or BW or Database level...?
    Then how we will restrict our report (webi) to a region?????
    So basically webi reports should run with the restrictions lets say region....How we will achieve this?/
    Thanks and Regards
    Ritu Raj

    Hi,
    what is your Datasource?
    If its SAP BW i would highly recommend you use the SAP Authentication in your  BOE XI 3.1 So the users log into BOE with their SAP Username and Password and than the Data restriction of your BW takes place when the users run their Reports.
    Informations on how to confiure the SAP Authentication you will find in the installation Guide of the SAP ITK.
    Regards
    -Seb.

  • Security restrictions , how to read access a txt file supplied in a jar

    I had written a simple application which uses file handling to display random line from a file on a swing window
    but I do not know how to give my web application permission to access a file
    when I set security permission to all, then error says the application cannot load because the code require unrestricted acess to system resources and is unsigned, I don't know how to get that certificate and I am only doing it for learning purposes.
    when I remove security permissions then it says
    access denied java.io.FilePermissions geekjoskes.txt readPlease help
    I locally signed the jar file, and give my jnlp fiel all permissions, worked fine in my system but when I access same file from local lan it sho errors ,
    please help, I have my txt file stored in my jar file with main class
    the whole jnlp file is
    <?xml version="1.0" encoding="utf-8"?>
    <!-- JNLP File for geek jokes -->     
    <jnlp spec="1.0+"
           codebase="http://localhost/javasoft/webstart/"
          href="geekjokes.jnlp">
       <information>
          <title>Geek Jokes</title>
          <vendor>Vaibhav Mishra</vendor>
          <description>Geeky jokes</description>
          <homepage href="http://scjpbeginner.blogspot.com"/>
          <description kind="short">shows random jokes</description>
          <offline-allowed/>
       </information>
       <resources>    
            <jar href="GeekJokes0.1.jar"/>  
         <j2se version="1.6+"
               href="http://java.sun.com/products/autodl/j2se"/>
         <icon href="geekjokes.gif"/>
       <icon kind="splash" href = "geekjokes.gif"/>
       </resources>
       <security>
          <all-permissions/>
       </security>
       <offline-allowed/>  
       <application-desc main-class="GeekJokes"/>
    </jnlp>Edited by: 76jsr on Aug 7, 2008 3:45 PM
    Edited by: 76jsr on Aug 7, 2008 3:49 PM

    >
    I am extremely thankful to you and finally my first little app is working thanks to you,
    here is it's link
    [http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes/geekjokes.jnlp|http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes/geekjokes.jnlp] >
    I am glad you got it working! But that launch file is still slightly invalid.
    Here is a corrected, and slightly optimized (you can leave the prefix off the href, if it is the same as the codebase), version of it.
    <?xml version="1.0" encoding="utf-8"?>
    <!-- JNLP File for GeekJokes 0.3 app -->
    <jnlp spec="1.0+"
          codebase="http://profile.iiita.ac.in/IIT2006117/javasoft/webstart/geekjokes"
          href="geekjokes.jnlp">
       <information>
          <title>GeekJokes App</title>
          <vendor>Vaibhav Mishra</vendor>
          <homepage href="http://scjpbeginner.blogspot.com"/>
          <description>Geeky Jokes</description>
          <description kind="short">Cshows random jokes</description>
          <offline-allowed/>
       </information>
       <resources>
           <j2se version="1.6+"
               href="http://java.sun.com/products/autodl/j2se"/>
           <jar href="GeekJokes0.3.jar"/>
       </resources>
       <application-desc main-class="Process"/>
    </jnlp>Very 'Geeky', BTW. ;-)
    Another few things I noted when I looked at it.
    1) There is a stray thread going after the JOptionPane is dismissed. The VM does not end, and the console (if you have it configured to pop-up for JWS apps.) stays on-screen.
    2) If all the jokes are prefixed by '* ' I would recommend removing it from every line of the source file and either re-adding it at runtime, or (preferably) not adding it at all (since it is redundant).
    3) Reconfigure the app. into a loop, and offer the user a JOptionPane with "Another Joke"/"End" instead of "OK".
    4) You can always remove that debugging line I inserted in the code to show the path to the Jar - it was just intended as a 'sanity check' during testing.
    5) Why is it Java 1.6+? JOptionPane was introduced in Java 1.2 with the first Swing implementations, and the I/O is compatible with Java 1.1.
    >
    Thanks again!!!!>Thanks are best expressed (to me) in the notation of a helpful/correct answer (which you have done), and the assignation of (the remaining) dukes*. ;-)
    * After all - checks the title - we have gotten entirely around those 'security restrictions' in a sandboxed application. The reason being that File objects are rarely the correct choice, for applets or JWS apps.

  • Prompts parameters disappear when reschedule a instance from history

    Dear All,
    In BI 4.1 launch pad, when I reshceudle a report using an instance from the history, the prompt values given for that instances disappear for all prompts and need to enter all the parameters again. This happens only when I click the prompt icon on the schedule window, otherwise the parameters are retained and the report can be scheduled with the previous given parameters.
    As a result, I have to run either with previuos selected parameters or need to input all prompts again, no way to change only certain prompts and keep the previous parameters for the rest.
    In XI 3.1, the prompt parameters will be retained of that instance during reschedule and we can change certain prompts parameters as per our requirement and rest we can leave with the previuos parameters.
    Is this the funcitonality or bug or any settings available to retain the prompt inputs.
    Regards,
    Ravi

    "This happens only when I click the prompt icon on the schedule window, otherwise the parameters are retained and the report can be scheduled with the previous given parameters"
    I test a WebI report with prompt on a BI4.1 SP05, and the Prompt's values are retained when reschedule and modify the Prompt. Can you check your BI4.x production version and let us know if this problem is replicated on your BI4.1 SP05 or above? Regards, Jin-Chong

  • An unknown website just appeared in my 'exceptions' list (Tools Options Security "warn me when sites try to install add-ons"-how could this happen?

    downloaded Firefox onto friends' laptop last night. Found it necessary to place two websites in the (afore-mentioned) "Exceptions" category. shut down/re-booted three-four times over the next few hours before shutting down the laptop and going to bed. Booted up this am and, WHOA!-suddenly my menu/toolbars have new, undesired toolbars(?) search boxes(?): the search box, if I remember right, was labeled "My Web Search sponsored by iwon!" Whilst eliminating the intruders I became aware that by some unknown means I had fetched up on some webpage I've never heard of and had no reason to go to-( the very top of my display (above the menu and address bar) read: 'reason upgrade Search' (separated by a line symbol I can't reproduce here), then 'Musician's Friend' ....HUH? (feeling like Dorothy w/o a tornado transport). So I finish getting rid of the invaders and check out my History to try to figure out how I wound up at this website. my history indicates the last site I visited before going to bed, then 'aclk' (www.google/aclk? followed by a string of mixed symbols letters etc. Then 'redirect' (www.rkdms.com/redirect?c=....and a string of numbers and letters. Then the website"reason upgrade Search (?) Musician's Friend " then 'redirect.jhtml' (www.search.mywebsearch.com/mywe.........) Them 'Firefox Web Browser& Thunder....' still no clue how or why I wound up at that site..didn't go there, (not of my volition, anyways!!) so im checking my security settings and in Tools>options>Security>advanced> in the "Exceptions" category of "Warn me when sites try to install add-ons" is a website I've never heard of (getpersonas.com) and DID NOT enter!!!!!!!.Need to know how this could happen, how to prevent recurrence and how hard should I hit the panic button because right now I'm totally freaked!
    == today

    These prefs get set to an empty String once the sites have been added to the whitelist if the pref is not empty if you open the exception window.
    Tools > Options > Security : "Warn me when sites try to install add-ons": Exceptions
    You can reset these prefs on the about:config page.
    xpinstall.whitelist.add - addons.mozilla.org
    xpinstall.whitelist.add.36 - getpersonas.com
    To open the ''about:config'' page, type '''about:config''' in the location (address) bar and press the Enter key, just like you type the url of a website to open a website.
    If you see a warning then you can confirm that you want to access that page.

  • Static NAT entry disappears when using NVI on Cisco 1921 (Multiple versions)

    We have a Cisco 1921 as an IPSec tunnel endpoint where we assign static NAT entries. It is a static one-to-one NAT putting each remote endpoint as a local /24 subnet. We are using NVI and we see some of these static entries disappear when packets are unable to reach the destination. 
    The production router is running 15.0(1r)M16 but we were able to reproduce this same behavior on 15.4(1)T2.
    To reproduce, we add the static NVI entry:
    ip nat source static X.X.X.X 172.30.250.11
    And things look good for a bit:
    ROUTER# sh ip nat nvi trans | i 172.30.250.11
    gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
    --- 172.30.250.11 138.54.32.9 --- ---
    tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
    There is a known issue with GRE traffic being dropped at this particular endpoint, so after generating GRE traffic, the entry completely disappears:
    ROUTER# sh run | i 172.30.250.11
    ROUTER#
    ROUTER# sh ip nat nvi trans | i 172.30.250.11
    gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
    icmp Y.Y.Y.Y:59916 Z.Z.Z.Z:59916 172.30.250.11:59916 172.30.250.11:59916
    tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
    I can reproduce this by severing the tunnel to any other remote site, and after generating GRE traffic to the downed endpoint, the corresponding static NAT entry will disappear.
    Debugging has not shown anything, and I have found some mentions of similar behavior on older versions. Has anyone seen this? We don't have support access to test all versions, so if it is known to be resolved in a particular one, we would love to know to work towards loading that version.
    Thanks

    Hi Ryan,
    Asa cannot ahve 2 default routes, it can only have one. ASA also doesnt support PBR, so the setup that you are trying to configure would not work on the ASA. Router is the correct option for it.
    Hope that helps.
    Thanks,
    Varun Rao
    Security Team,
    Cisco TAC

  • ActiveX controls disappear when VI is loaded in a Sub-Panel with Start Modal Dialog usage

    Hi,
    I have a subpanel in a VI (VI1) in which another VI (VI2) is loaded. VI1 is used as a module for an Action step in TestStand. VI2 has ActiveX controls like ExpressionEdit and Adobe PDF reader etc. VI1 loads VI2 in a sub-panel and calls Start Modal Dialog.vi. I have set 'Show front panel when called' to true for VI1 so that the VI pops up when the sequence is run. When the sequence runs and when the Start Modal Dialog VI is called from VI1, all ActiveX controls in VI2 (loaded in the sub-panel) disappears. Here is the screenshot of the frontpanel of VI1 when the sequence is run:
    This problem occurs in TestStand 4.2.1, TestStand 2010 and TestStand 2010 SP1 (as far as I have tested. May occur in older versions too). In the attached file, VI1 is 'ExprEdit Test.vi' and VI2 is 'SubpanelLoad.vi'. The attached sequence is developed in TestStand 2010 SP1.
    How can this issue be solved?
    Thank you,
    Ganesh Kumar
    Solved!
    Go to Solution.
    Attachments:
    Subpanel Load ExpressionEdit problem.zip ‏23 KB

    Hi,
    An update on this issue: I tried changing the order of loading the VI in the SubPanel and the start modal dialog. I called start modal dialog and then loaded the VI (VI2) in the SubPanel. When I ran the sequence, the activeX controls did not disappear (I was pretty sure that the ActiveX controls in VI2 would not disappear since I am calling Start Modal Dialog before loading the VI in the Subpanel). Then I just changed the sequence of operations back to the previous order (loading the Subpanel with the VI and then calling the Start Modal Dialog). When I ran the sequence, the activeX controls where still displayed. But when I ran the sequence with the VI1 backup (that I had taken before making all these modifications) the activeX controls were not displayed. I a nutshell, I now have 2 versions whose codes are the same. But when I run the sequence with action steps for these VIs, the activeX controls disappear when the unmodified backup VI runs and does not disappear when the modified VI is run. I have attached the files that I used along with the sequence file. The details are as follows:
    ExprEdit Test (Not Working).vi - The unmodified backup VI for which the ActiveX controls disappear.
    ExprEdit Test (Working).vi - The modified VIs in which the ActiveX Controls do not disappear (But same code as ExprEdit Test (Not Working).vi).
    ExpreEdit Test.seq - The sequence file containing 2 action steps one each for theabove mentioned VIs.
    SubpanelLoad.vi - The VI that contains activeX controls and is loaded in the SubPanel.
    Note that the sequence is created in TestStand 4.2.1.
    Thank you,
    Ganesh Kumar
    Attachments:
    Subpanel Load ExpressionEdit problem.zip ‏36 KB

  • The App Store App disappeared when I upgraded to iOS 8.1.3.  I Restored my iPhone 5 and it still did not appear.  How do I get it back?

    The App Store App disappeared when I upgraded to iOS 8.1.3 on my iPhone 5.  Restore didn't work, any suggestions?

    Any restrictions set up in Settings/General/Restrictions? If yes, disable them. Default apps that are restricted will disappear from the screen, lifting the restrictions again will bring them back.

  • My desktop photo disappears when I reboot iMac, replaced with Mac default image. please help?

    My desktop photo disappears when I reboot iMac...replaced with default apple image. does anyone know a fix?

    First, try to delete the Desktop settings file. First, open Finder, select Go menu > Go to Folder, and type ~/Library/Preferences. Then, delete "com.apple.desktop.plist" and "com.apple.systempreferences.plist", and restart your computer. Finally, change the wallpaper and see if it stays after restarting your computer
    If that does not work try
    open the Applications Support folder and then look for the Dock folder and open that. There are two files, one of which is "desktoppicture.db". Move this file to the trash and securely delete it. Restart the computer. A new "desltoppicture.db" will be created on startup.
    Finally, reset your desktop picture again using System Preferences.

  • Security-role for java web services developed using j-developer 10.1.2.1

    I have developed a java web service using j-developer 10.1.2.1, I have deployed this web service to oracle 10g (10.1.2.1) application server successfully. Now I want to add security-role to my web service deployment descriptor so that only a group of users that belong to a group can access my web service.
    How can I do this? Can any one please let me know.
    Thanks,
    SC.

    Hi.
    I suspect you have a proxy server between your localhost and the
    drive-app1.drivesoftwaresolutions.com
    Probably in Jdev that proxy is setup nicely in Tools->Preferences->Web Browser and Proxy
    But maybe your OC4J container running BPEL on localhost does not have that proxy setup.
    You need to add startup parameters to the JVM. In 10.1.3 you can do this via the "AS Control" administration pages (there is a link on the SOA suite welcome page). Go to JVM, click on the container and switch to the "Administration" tab.
    The properties are proxySet, proxyHost, proxyPort and nonProxyHosts
    When deploying from JDev, the compilation in JDev works fine (uses the proxy). But when the JAR is transferred to the server, it is compiled again. This fails because the proxy is not used on the server side and it cannot read the wsdl.

  • Single form for secure zone registration and web app submission?

    Hi
    Is it possible to setup a form where a user can simultaneously register for a secure zone and submit a web app entry? The knowledge base / tutorials describe a two step process (web form for secure zone registration and web app input form for web app submission), but I would like users to be able to do both with a single form
    Thanks in advance for any suggestions
    mls

    In order to have a customer create a web app item they must be logged into the secure zone already.  I've seen some instructions on how to let users submit web app items outside a secure zone but that requires creating a dummy anonymous user and logging them into the secure zone via javascript.  You could use this method and once it's submitted you'll have to manually attach the web app item to the correct user in the BC Admin.  That might not work for you but you can read more about that at http://forums.adobe.com/docs/DOC-1784
    You can't use the above solution with the current user's username and password because those tags are only available when the user is logged into a secure zone already.  If your signup form needs to be filled out first, the user isn't logged in.
    Your best bet is to have the public signup form redirect the user after submission to an "Add item" form you have created. Maks sure that form is in a secure zone so when they add the item it is attached to their account.
    If you don't want to redirect them to a secure zone and want it more seamless you could try to use some javascript/ajax to submit the form via javascript and after the form is submitted, use the javascript code in the above to log them in (be careful to use the https://yoursite.worldsecuresystems.com url if you are passing username and password info gathered from your form to log them in via javascript/ajax).  Once they are logged in via the javascript you can use more ajax to fetch a page's HTML that resides in a secure zone.  This HTML returned from the javascript can be your "add web app item" form and since they were logged in via javascript (securely, right?) this HTML should contain the right information.  Insert this returned HTML into your form container that held the original signup form and they can continue to add a web app item without having to log in.
    This is theory and might work but you'll have to start experimenting with it via javascript.  I haven't actually tried to do this so hopefully some other community members who might have tried this can weigh in here as well.
    Good luck!

  • Security restriction in LoginModule?

    I have implemented my own LoginModule. In the module, I try to reference an
    EJB.
    When I call PortableRemoteObject.narrow(), I get the following error:
    java.lang.ClassCastException: Cannot narrow remote object to
    net.lm.uams.service.ejb.UserAccountManagementServiceRemoteHome
    Is this because of some security restriction related to the LoginModule, or
    do you think that the problem stems from having two copies of the same EJB
    classes? If the problem is related to having two copies of the classes, how
    would I go about referencing the classes from the LoginModule without having
    them in that .jar file?
    Note that this problem isn't at weblogic startup - I have written code to
    handle this initial administrator authentication. The problem occurs later
    during form-based authentication. The publicly available pages/EJBs work
    fine.
    using WLS 7.0 on win2000.
    I'd appreciate any pointers.
    thanks
    Sean

    Bill,
    I haven't added anything at all to the classpath in my startup script. WL
    just picks up my jar in WL_HOME/server/lib/mbeantypes. I've done a
    System.getProperty() for the classpath at runtime, and it doesn't include my
    ejb.jar.
    Yesterday, I re-wrote my class to do a straight JDBC lookup to the database
    for username/pwd/roles. It's not the solution I'd prefer, because it
    introduces a reliance on the underlying database schema into the
    LoginModule. But, I don't really have time at the moment to spend
    experimenting with my original idea. Hopefully I can come back to it in the
    future.
    thanks again,
    Sean
    "William Kemp" <[email protected]> wrote in message
    news:[email protected]...
    Each enterprise application has it's own classloader hierarchy, whichmeans the
    ejbs and webapps in an EAR file are loaded by a classloader hierarchy thatis
    parented by the boot, system, and application classloaders that load theboot
    classes, java core classes, and weblogic.jar classes, and any classes thatyou
    put in the classpath when you start weblogic. The EAR file classes areloaded
    below these, hierarchically speaking.
    I am assuming that you have put your LoginModule classfile in the javaclasspath
    when you start the server. Are you perhaps putting the jar file generatedby the
    ejbc process in the java classpath when you start the server, too? Couldyou
    post your start script? Also, remember that the start script that comeswith
    weblogic prepends it's jars and what not to the existing classpath. So,that
    while you may not be explicitly adding the ejb jar file to the classpathin the
    start script, it may be already in the classpath in the currentenvironment and
    the start script is tacking that on at the end.
    Just a guess.
    Bill
    Sean Ryan wrote:
    Thanks for the response William. I have tried what you suggested, but
    the
    problem is still the same.
    If I do the jndi lookup without the narrow() part, I can execute methodson
    the resultant object using reflection. This is a bit of a hack, and not
    really a satisfactory solution.
    I have written a main() method in my class, and when I execute it (fromthe
    .jar), it can do the lookup and narrow without any difficulty.
    As I understand it, each container has its own classloader, however myclass
    is essentially executing from within weblogic. Is there a bit of a greyarea
    here in relation to class loading? Because, as I said my class worksfine
    when it is executing in a separate jvm.
    again, I would appreciate any input you can offer.
    Sean
    "William Kemp" <[email protected]> wrote in message
    news:[email protected]...
    If this was because of a security restriction, you would see a
    different
    Exception. Try putting just the compiled Home and Remote interfaces inthe
    classpath used by the LoginModule and not the jar file with thegenerated
    and
    compiled code for the stubs. You don't need them in the client becuase
    you
    are
    coding to the inteface, not the stubs.
    Bill
    Sean Ryan wrote:
    I have implemented my own LoginModule. In the module, I try to
    reference
    an
    EJB.
    When I call PortableRemoteObject.narrow(), I get the following
    error:
    >>>>
    java.lang.ClassCastException: Cannot narrow remote object to
    net.lm.uams.service.ejb.UserAccountManagementServiceRemoteHome
    Is this because of some security restriction related to theLoginModule,
    or
    do you think that the problem stems from having two copies of the
    same
    EJB
    classes? If the problem is related to having two copies of the
    classes,
    how
    would I go about referencing the classes from the LoginModule
    without
    having
    them in that .jar file?
    Note that this problem isn't at weblogic startup - I have written
    code
    to
    handle this initial administrator authentication. The problem occurslater
    during form-based authentication. The publicly available pages/EJBs
    work
    fine.
    using WLS 7.0 on win2000.
    I'd appreciate any pointers.
    thanks
    Sean

Maybe you are looking for

  • Iphone won't connect to Computer or Itunes.

    Hi. I was in ITunes syncing my phone when all of the sudden ITunes froze (surprising i know -_-). So I unplugged my IPhone, restarted ITunes and plugged my device back it. I got an error code (dont remember it) and it saying it couldn't connect to th

  • Dreamweaver 8 on INtel Mac ftp problems????

    The basic setup: I have an emac, installed Dreamweaver 8 (actually the entire studio package), it works fine. I want to move our webpage to a new imac (intel). I've copied the files, installed Dreamweaver 8, done the set up for the site. The problem

  • Shaking letters.

    Hey guys, I just recently upgraded from Final Cut Express to Final Cut Pro. I'm making a video and it periodically has a sentence of text that starts like a medium font size and gets larger (like its coming toward you). In Final Cut Express what I wo

  • Photo Quality Airplay and AppleTV 2

    Hi and thanks for reading, I just bought a 50'' Full HD TV and made some test with my Apple TV 2. I noticed that by Air Playing my iPhone photoes I have not the same definition and quality that I have by uploading my photos from my iPhone to the TV b

  • Any latest addition regarding java.sql.Date

    I have separate strings "10/21/2003" and "02:33:27". Just to convert String "10/21/2003" to sql date, do I really need to call up simple date format and parsing it? why? there is no time associated with this string. The time is on a separate string.