Access Control up grade from 5.2 to 5.3

Similar Messages

• Is there any alternative way to access controls of views from controller?

  For Example
  I can access TextBox of View from controller like this
  sap.ui.getCore().byId("txtBox1").setEnabled(true);
  and By passing Parameter.
  Can anyone please tell if there is any alternative way to do it..?

  Hi Rama,
  I tried, But its not working,Am getting Error like this
  Uncaught TypeError: undefined is not a function
  Regards
  Raghu

• FINE GRAINED ACCESS CONTROL(FGAC)를 위한 DBMS_RLS.ADD_POLICY의 VERSION별 특징

  제품 : ORACLE SERVER
  작성날짜 : 2005-11-24
  FINE GRAINED ACCESS CONTROL(FGAC)를 위한 DBMS_RLS.ADD_POLICY의 VERSION별 특징
  =======================================================================
  PURPOSE
  row leve의 security 및 context관리 방법인 FGAC에 대한 간단한 개념 및 사용방법은
  <bul 23026>에 제시하였다.
  이 문서에는 FGAC를 위한 dbms_rls package의 8i ~ 10g까지의 version별 특징을
  정리하며, STATIC_POLICY와 POLCICY_TYPE parameter에 대해서는 예제를 이용하여
  자세히 살펴보도록 한다.
  Explanation & Examples
  dbms_rls.add_policy를 사용할 때 일반적으로 주는 value값의 예제는 다음과 같다.
  이중 대부분은 default값을 이용하여, 일반적으로는 앞의 5개의 parameter만
  value를 주면 된다.
  SQL> exec DBMS_RLS.ADD_POLICY ( -
  > object_schema => 'SCOTT', -
  > object_name => 'EMP', -
  > policy_name => 'POL1', -
  > function_schema => 'SYS', -
  > policy_function => 'PREDICATE', -
  > statement_types => 'SELECT', -
  > static_policy => false, -
  > policy_type => DBMS_RLS.DYNAMIC
  > long_predicate => false);
  1. FGAC의 version별 특징
  (1) sec_relevant_cols/sec_relevant_cols_opt : 10G
  위에 기술한 add_policy procedure의 parameter외에 10g에서 추가된
  parameter로 다음 두 parameter가 존재한다.
  이 parameter는 해당되는 column이 조회될때만 policy가 작동하게 하기 위한
  것으로 metalink.oracle.com site에서 <Note 250795.1> 를 살펴보면 사용 방법
  및 예제를 확인 가능하다.
  - sec_relevant_cols
  - sec_relevant_cols_opt
  (2) long_predicate : 10G
  default는 false이며, true로 지정하는 경우 predicate이 4000 bytes이상이
  될 수 있다.
  (3) statement_types : 10G부터 INDEX type추가
  9i까지는 SELECT, INSERT, UPDATE, DELETE에 대해서는 FGAC를 적용할 수
  있었으나, 10g부터는 INDEX type도 지정 가능하다.
  index를 지정하는 경우, function-based index 생성을 제한할 수 있으며,
  자세한 예제는 metalink.oracle.com site에서 <Note 315687.1>를 조회하여
  확인할 수 있다.
  (4) EXEMPT ACCESS POLICY 권한 : 9i
  특정 user가 모든 fine-grained access control policy의 영향을 받지
  않도록 하려면 exempt access policy권한을 grant하면 되며, 이것은 9i부터
  소개되었다.
  SQL> grant exempt access policy to scott;
  와 같은 방식으로 권한을 부여하면 되며, 이에 대한 자세한 예제는
  metalink.oracle.com site에서 <Note 174799.1>를 통해 확인 가능하다.
  (5) synonym에 대한 policy설정 : 9.2
  synonym에 대해서 VPD (Virtudal Private Database)에 대한 policy를 설정하는
  것이 가능해 졌으며 이에 대해서는 metalink.oracle.com에서 <Note 174368.1>를
  조회하여 자세한 방법 및 예제를 살펴볼 수 있다.
  (6) static_policy : 8.1.7.4
  static_policy paramter는 8i에는 없던 것으로 9i에서 도입되면서, 8.1.7.4에도
  반영되었다. default값은 false이며, 8173까지는 항상 false인 형태로 동작한다.
  즉, policy function이 매번 object를 access할때마다 실행된다.
  8.1.7.4부터는 이 parameter를 true로 설정할 수 있는대, 이렇게 되면
  해당 session에서 policy function이 한번 실행되고 그 function이 shared pool에
  cache되어 있으면 재실행없이 그대로 사용된다.
  10g부터는 (7)번에 설명하는 policy_type parameter가 추가되어,
  이 parameter에 true로 지정하는 대신, static_type은 false로 두고,
  policy_type을 dbms_rls.static 으로 지정하면,
  9i와 8174에서 static_policy를 true로 한것과 같은 결과가 나타난다.
  (7) policy_type: 10g
  다음과 같이 5가지 value가 가능하며, 이 중 default는 dynamic이다.
  - STATIC
  policy fuction에 포함된 predicate이 runtime환경에 따라 다른 결과를 내지
  않는 경우 사용하게 된다. 예를 들어 sysdate의해 다른 결과를 return하는
  경우에는 사용하면 사용하면 문제가 될 수 있다.
  static을 사용하는 경우 policy function은 한번 실행되어 SGA에 올라온 다음
  이후 같은 session에서 같은 object를 사용시에는 재실행 없이 해당 predicate의
  결과를 그대로 사용한다.
  - SHARD_STATIC
  STATIC과 같으나, 이 값은 다른 object에 대해서도 같은 predicate function이
  사용되는 경우, 먼저 cache된 predicate을 찾아서 있으면 그 값을 이용한다.
  STATIC의 경우는 다른 object 사이에서는 공유하지 않으며 같은 object에
  대해서만 cache된 값을 사용한다.
  - CONTEXT_SENSITIVE
  한 session에서 context가 변경되면 그때 predicate를 재 실행시킨다.
  WAS(web application server)를 사용하는 경우 connection pooling방법을
  기본적으로 사용하는대, 이 경우 하나의 session을 여러 사용자가 이어서
  교대로 사용하는 방식이 된다. 이 경우 middle tier단에서 context를 설정해
  주면 context가 변경될때마다 predicate를 새로 실행시켜 변경된 sysdate나
  session_user등의 값을 다시 계산하게 되는것이다.
  jdbc에서 context설정에 관한 예제는 metalink.oracle.com에서
  <Note 110604.1>에서 확인가능하다.
  - SHARED_CONTEXT_SENSITIVE
  context_sensitive와 동일하며, 단 shared_static과 마찬가지로 여러 object에
  대해서 같은 predicate을 사용하는 경우 다른 object에 대한 같은 predicate이
  cache되어 있는지를 먼저 살펴본다.
  존재하면 session private application context가 변경되기 전까지 그 predicate의
  결과를 그대로 사용한다.
  - DYNAMIC
  이 값이 default값이다. 즉, predicate function이나 시스템이나 환경에
  영향을 받는다고 판단하여 statement가 실행될때마다 매번 predicate function을
  재 실행하여 환경에 맞는 값을 return하여 준다.
  아래에서 sysdate 값에 따라 다른 결과를 return하게 되어 있는
  predicate을 이용한 예제를 통해 정확한 메카니즘을 확인한다.
  2. static_policy 및 policy_type의 value에 따른 policy function의 작동예제
  (a) STATIC_POLICY => TRUE and POLICY_TYPE => NULL
  (1) 기존에 pol1 policy가 존재하는 경우 다음과 같이 drop시킨다.
  SQL> exec DBMS_RLS.DROP_POLICY ('SCOTT', 'EMP','POL1');
  (2) 다음과 같이 predicate function을 scott user로 만들어둔다.
  SQL> create or replace function PREDICATE (obj_schema varchar2, obj_name varchar2)
  2 return varchar2 is d_predicate varchar2(2000);
  3 begin
  4 if to_char(sysdate, 'HH24') >= '06' and to_char(sysdate, 'MI')<'05' then
  5 d_predicate := 'ename = sys_context (''USERENV'' , ''SESSION'');
  6 else d_predicate := 'sal>=3000';
  7 end if;
  8 return d_predicate;
  9 end predicate;
  10 /
  (3) pol1을 새로 add시킨다.
  SQL> exec DBMS_RLS.ADD_POLICY ( -
  object_schema => 'SCOTT', -
  object_name => 'EMP', -
  policy_name => 'POL1', -
  function_schema => 'SCOTT', -
  policy_function => 'PREDICATE', -
  statement_types => 'SELECT', -
  static_policy => TRUE, -
  policy_type => NULL);
  (4) adams user에서 scott.emp를 조회해 본다.
  단 다음과 같이 scott.emp에 대한 select권한을 king에게 주어야 한다.
  SQL>grant select on emp to king;
  SQL>!date
  Thu Nov 24 14:01:13 EST 2005
  SQL> connect king/king
  SQL> select * from scott.emp;
  EMPNO ENAME JOB MGR HIREDATE SAL COMM
  DEPTNO
  7839 KING PRESIDENT 17-NOV-81 5000
  10
  5분이후가 되어 predicate function의 if조건을 만족하지 않아도,
  king user는 같은 값을 emp table에 대해서 return한다.
  SQL>!date
  Thu Nov 24 14:10:13 EST 2005
  SQL> connect king/king
  SQL> select * from scott.emp;
  EMPNO ENAME JOB MGR HIREDATE SAL COMM
  DEPTNO
  7839 KING PRESIDENT 17-NOV-81 5000
  10
  (b) STATIC_POLICY => FALSE and POLICY_TYPE => DBMS_RLS.DYNAMIC
  (1) 기존의 policy를 다음과 같이 drop시킨다.
  SQL> exec DBMS_RLS.DROP_POLICY ('SCOTT', 'EMP','POL1');
  (2) pol1을 새로 add시키는대 이대 static_policy와 policy_type을 다음과 같이
  변경한다.
  SQL> exec DBMS_RLS.ADD_POLICY ( -
  object_schema => 'SCOTT', -
  object_name => 'EMP', -
  policy_name => 'POL1', -
  function_schema => 'SCOTT', -
  policy_function => 'PREDICATE', -
  statement_types => 'SELECT', -
  static_policy => flase, -
  policy_type => dbms_rls.dynamic);
  (3) king user에서 조회해본다.
  predicate function은 위의 2-(a)에서 실행한 것을 그대로 사용한다.
  즉 (a)를 실행하지 않은 경우, 조회전에 (a)-(2)번을 실행해야 한다.
  SQL>!date
  Thu Nov 24 15:01:13 EST 2005
  SQL> connect king/king
  SQL> select * from scott.emp;
  EMPNO ENAME JOB MGR HIREDATE SAL COMM
  DEPTNO
  7839 KING PRESIDENT 17-NOV-81 5000
  10
  5분 이후가 되어 다시한번 king user에서 실행해본다.
  SQL>!date
  Thu Nov 24 15:10:13 EST 2005
  SQL> select * from scott.emp;
  EMPNO ENAME JOB MGR HIREDATE SAL COMM
  DEPTNO
  7788 SCOTT ANALYST 7566 19-APR-87 3000
  20
  7839 KING PRESIDENT 17-NOV-81 5000
  10
  7902 FORD ANALYST 7566 03-DEC-81 3000
  20
  RELATED DOCUMENTS
  <Note 281970.1> 10g Enhancement on STATIC_POLICY with POLICY_TYPE Behaviors
  in DBMS_RLS.ADD_POLICY Procedure
  <Note 281829.1> Evolution of Fine Grain Access Control FGAC Feature From 8i
  to 10g

  first you could use default column values, not a trigger, which is more expensive.
  if your apps already assumes full access to table to get max id ( another RT ), this is bad. Current RLS can not really help if you can not change the apps because of this flaw logic ( you can store the maxid anywhere, why scanning the whole table to find it )

• Dynamic Access Control from PowerShell

  Hi Guys 
  Please I need your help, I am working with AD Dynamics Access Control (AD DAC)  and Windows Powershell (PS), the Idea is create a menu for AD DAC in PS, Everything is OK but I have a problem when I create  a new  ClaimType, because from AD DAC
  windows  Menu you can select an AD Attribute and there is a Column naming  "Value Type" , but in my Script I Don't know how to get this to show in OUT-GridView, I dont know what is the correct property. 
  My Code:
  Get-ADObject -SearchBase ((Get-AdRootDSE).SchemaNamingContext) -SearchScope 1 -filter *  -Property name, Ldapdisplayname | out-gridview -outputmode Single
  Sorry But I can't put my image here 
  Thanks in advance 

  Hi,
  Change the -Property parameter to a wildcard and check the output. Once you know what property you need (assuming it is actually listed), you can add it to your current list.
  As for posting screenshots, you'll need to post in the current verification thread stuck at the top of this forum here:
  https://social.technet.microsoft.com/Forums/en-US/home?forum=reportabug
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• 401 Unauthorized Error when accessing a task from REST API which contains Role or Privilege in Access Control definition

  Hi Team,
  As of IDM 7.2 SP8 patch2, when we use Enterprise role or Privilege in the access control definition of a task, accessing this task from UI5 i.e REST API is giving unauthorized error even though user is already having the required role or privilege.
  But the task is working fine if we use fixed user ID or keeping blank value in allowed users field.
  Attached the current access control definition of the task we configured & the error message info for reference
  Regards,
  Venkata Bavirisetty

  Hi Ralitsa,
  Thanks for your response and sorry for late reply.
  The XXXX in role is not used as a wild card. the name itself is in that format. I have searched the role and then selected from search list.
  Let me know if you need any clarifications?
  Refards,
  Venkata Bavirisetty

• I can't access "control panel" on my 4s from the lock screen. My settings are active

  I can't access "control panel" on my 4s from the lock screen or home screen. My settings are active.

  You can try resetting  Settings>General>Reset>Reset All Settings 
  if not
  Basics from the manual are restart, reset, restore
  Follow the 3R's- if a restart does not solve your problem proceed
  User troubleshooting is:
  1.restart, ie power off/on,
  2. reset  http://support.apple.com/kb/HT1430,
  3. restore from backup, restore as new device. http://support.apple.com/kb/HT1414

• How to allow multiple domains under Access-Control-Allow-Origin

  Hi,
  We have a domain where will get CORS request from another domain hosted on seperate DC. We can't set
  Access-Control-Allow-Origin as * due to security concerns & IIS can't take more than 1 value at a time. Kindly suggest how to pass multiple httpheader  for
  Access-Control-Allow-Origin.
  Regards,
  Dhiraj

  Hello Dhiraj,
  This is not the suitable forum for your question, you may post in
  IIS forums for more help.
  Thanks for your understanding.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• How to access my macbook pro from a windows pc?

  how to access my macbook pro from a windows pc?

  Depending on what you mean by "access" the following may help:
  File sharing: How to connect with File Sharing on your Mac - Apple Support
  One way (and there are others) for remote control and remote access between Mac and Windows: http://www.teamviewer.com/en/index.aspx

• Time Capsule Access Control and Extended Network Question

  I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
  Thanks for any help…this doesn't seem clear from what I've read/seen.
  James

  I have a Time Capsule where I have set up a wireless network access list…and extended the network using an Airport Express unit. The Airport Express unit also has settings for an Access Control list. Do these need to be the same as the those for the network from TC that it is extending…or does that happen automatically…and if not what on earth are they for?
  Unfortunately, they are not automatically applied to each base station in an extended network. You would have to manually enter the exact same list in each base station.

• How do I set up timed access control for a time past midnight

  I would like to set up timed access control for a number of my devices that would stretch past midnight...   An open network from 6AM to 2AM - effectively only blocking access from 2AM tp 6AM in the morning....
  Any notion on how to do this?  the timed factily does not like the setting to enable 6A to 2A, says the times are invalid. 
  Setting up timed access from 6AM to 11:59P, then doing another from 12A to 2A causes a service "hiccup" of 1 Minute.

  Set up each device as follows:
  Everyday........Between.......6:00 AM and 11:59 PM
  Add a second rule for each device that will state....
  Everyday.....Between.......12:00 AM and 2:00 AM
  You might think that there would be a one minute break between 11:59 PM and 12:00 AM, but that will not be the case, at least on every AirPort that I have ever programmed..  Reason.....11:59 is really 11:59:59:59 turning off at 12:00 AM.  But, you have a second rule to allow access at 12:00 AM, so the AirPort will be "on" at the same time the first rule ends, so there will be no break.
  If you really want the second rule to turn the AirPort "off" at 2:00 AM.......then set that time for 1:59 AM. If you set the rule for 2:00 AM, then AirPort will really turn off at 2:01 AM.

• To run OHS at port 80 using solaris role based access control

  Hi.
  I already know & have done setuid root to ohs/bin/.apachectl to allow ohs to listen to port 80. Now on a new OFM 11.1.1.4 install, I want to use Solaris Role Based Access Control (RBAC) instead. Is it possible? RBAC does work as I can run a home built apache2 httpd at port 80 withOUT suid root.
  On Solaris 10, I enabled oracle uid to run process below port 1024 using RBAC
  /etc/user_attr:
  oracle::::type=normal;defaultpriv=basic,net_privaddr
  Change OHS httpd.conf Listen from port 8888 to port 80.
  However, opmnctl startproc process-type=OHS
  failed as below with nothing showing in the diag logs:
  opmnctl startproc: starting opmn managed processes...
  ================================================================================
  opmn id=truffle:6701
  0 of 1 processes started.
  ias-instance id=asinst_1
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  ias-component/process-type/process-set:
  ohs1/OHS/OHS/
  Error
  --> Process (index=1,uid=187636255,pid=25563)
  failed to start a managed process after the maximum retry limit
  Thx,
  Ken

  Just to add my two cents here.
  The commando used on Solaris to assign the right privilege to bind TCP ports < 1024 is:
  # usermod -K defaultpriv=basic,*net_privaddr* <your_user_name>
  Restart the opmnctl daemond.
  After that OHS/Apache user can bind to lower TCP ports.
  Regards.
  Edited by: Tuelho on Oct 9, 2012 6:05 AM

• SharePoint Provider Hosted App (401) Unauthorized Microsoft.SharePoint.SPException: The Azure Access Control service is unavailable

  Hello,
  I'm attempting to get a SharePoint 2013 Provider Hosted Application working in a brand new SharePoint environment.  I've created snapshots of both my dev and the sharepoint environments along the way and have meticulously documented every step of the
  way.  I've followed these instructions (among many other resources found along this journey) :
  http://msdn.microsoft.com/en-us/library/fp179923(office.15).aspx
  http://technet.microsoft.com/en-us/library/fp161236(office.15).aspx
  http://msdn.microsoft.com/library/office/fp179901%28v=office.15%29
  Upon package and publish of my application to SharePoint, I get a 401 Unauthorized error.  I use Fiddler to obtain the SPErrorCorrelationID to ultimately obtain the following ULS Viewer Output.  Please explain how to fix if you're able.
  Please Note:  I was under the impression that a Provider Hosted Application does not use the Azure Access Control service, so I'm confused as to why my system is attempting to make this connection?
  Also Note:  I've used a self signed and godday obtained certificate to successfully f5 debug my basic web.title (out of the visual studio 2012 box) sharepoint provider hosted application... so I know my certs are good.
  Here's my ULS output:
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Logging Correlation Data    xmnv    Medium    Name=Request (GET:http://portal.cltenet.com/_layouts/15/appredirect.aspx?instance_id=22d5252f%2D392c%2D4f68%2Db820%2Da3053b9d4f24)  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Authentication Authorization    agb9s    Medium    Non-OAuth request.
  IsAuthenticated=True, UserIdentityName=0#.w|cltenet\sp.apps, ClaimsCount=25    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.83    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Logging Correlation Data    xmnv    Medium    Site=/    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.84    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Deployment    acjjg    Medium    The current user has System.Threading.Thread.CurrentPrincipal.Identity.Name
  = 0#.w|cltenet\sp.apps, System.Security.Principal.WindowsIdentity.GetCurrent().Name = NT AUTHORITY\IUSR, System.Web.HttpContext.Current.User.Identity.Name = 0#.w|cltenet\sp.apps.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.84    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsrv    Medium    redirectLaunUrl after getting it from query
  string, web or app instance: https://hightrust31.cltenetapps.com/Pages/Default.aspx?{StandardTokens}    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    General    aib0n    High    trying to get app tokens for site: 888b71f7-51ee-40f5-8344-8de4869d37d0
  Unable to load app tokens from appInstanceId: 22d5252f-392c-4f68-b820-a3053b9d4f24    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsrw    Medium    redirectLaunUrl after getting token replacement:
  https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http%3A%2F%2Fportal%2Ecltenet%2Ecom&SPLanguage=en%2DUS&SPClientTag=0&SPProductNumber=15%2E0%2E4420%2E1017    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsry    Medium    m_oauthAppId after NormalizeAppIdentifier()
  i:0i.t|ms.sp.ext|[email protected]8df36d5d.  Now getting app principal info.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr0    Medium    decided that we need to do a POST to the
  app.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr1    Medium    m_redirectMessage: EndpointAuthorityMatches  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr2    Medium    realm matched attempting to get app token
  using GetAccessToken()    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    advzm    High    Error when get token for app i:0i.t|ms.sp.ext|[email protected]8df36d5d,
  exception: Microsoft.SharePoint.SPException: The Azure Access Control service is unavailable.     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)    
  at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext
  userIdentityContext, String applicationId, Uri applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    ajsr3    High    App token requested from appredirect.aspx
  for site: 888b71f7-51ee-40f5-8344-8de4869d37d0 but there was an error in generating it.  This may be a case when we do not need a token or when the app principal was not properly set up.  LaunchUrl:https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http://portal.cltenet.com&SPLanguage=en-US&SPClientTag=0&SPProductNumber=15.0.4420.1017
  Exception Message:The Azure Access Control service is unavailable.  Stacktrace:    at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)    
  at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext
  userIdentityContext, String applicationId, Uri applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest(). 
  Since this is a nonfatal error, it will be sanitized and posted to the app as part of the app launch.    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    General    ajlz0    High    Getting Error Message for Exception Microsoft.SharePoint.SPException:
  The Azure Access Control service is unavailable.     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext.GetApplicationSecurityTokenServicesUri(SPServiceContext serviceContext)     at Microsoft.SharePoint.ApplicationServices.SPApplicationContext..ctor(SPServiceContext
  serviceContext, SPIdentityContext userIdentity, OAuth2EndpointIdentity applicationEndPoint)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForApplicationContext(SPIdentityContext userIdentityContext, String applicationId, Uri
  applicationRealm, SPApplicationContextAccessTokenType applicationTokenType, SPApplicationDelegationConsentType consentValue)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenPrivate(SPServiceContext serviceContext,
  String appId, Uri appEndpointUrl, SPAppPrincipalInfo appPrincipal, SPApplicationContextAccessTokenType tokenType, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.SPServerToAppServerAccessTokenManager.GetAccessTokenFromThreadIdentityOrUserToken(SPServiceContext
  serviceContext, String appId, Uri appEndpointUrl, SPApplicationContextAccessTokenType tokenType, SPAppPrincipalInfo appPrincipal, Boolean useThreadIdentity, SPUserToken userToken)     at Microsoft.SharePoint.ApplicationPages.AppRedirectPage.ValidateAndProcessRequest()  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    App Auth    aib0p    Medium    Doing appredirect from appredirect.aspx:
  in site: 888b71f7-51ee-40f5-8344-8de4869d37d0 with RedirectLaunchUrl: https://hightrust31.cltenetapps.com/Pages/Default.aspx?SPHostUrl=http%3A%2F%2Fportal%2Ecltenet%2Ecom&SPLanguage=en%2DUS&SPClientTag=0&SPProductNumber=15%2E0%2E4420%2E1017  
   306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  03/24/2014 08:54:47.85    w3wp.exe (0x1448)    0x22D8    SharePoint Foundation    Monitoring    b4ly    Medium    Leaving Monitored Scope (Request (GET:http://portal.cltenet.com/_layouts/15/appredirect.aspx?instance_id=22d5252f%2D392c%2D4f68%2Db820%2Da3053b9d4f24)).
  Execution Time=26.5933938531294    306c809c-66a1-d0d5-d8e2-89d3631ce1bf
  Your help is very much appreciated.
  With Respect,
  Larry

  Yes, actually - I was able to resolve it.
  However I don't know how, unfortunately.  I suspect it was because I needed to have the names of the certificates, defined during the certificate registration (to sharepoint) process, different.
  I have a complete document that shows step by step instructions on the exact process I took to complete the provider hosted application creation, deployment and publishing.  It was a daunting task, but I finished it successfully.
  If there's a way to send private message on this forum, please do so and I'll respond with a way to obtain my document.
  NOTE:  I'm not all impressed with the way this forum works.  This is supposed to be a Microsoft resource and I'll be damned if I ever get a response to highly technical questions.  Completely lame.  Boooooo Microsoft.

• How can I access my iTunes account from my iPhone.

  1- I can't access my iTunes account from my iPhone.
  Do I have to sync them or can I download the songs I bought without connecting with my macbook?
  Last time i connected the two, all my music got deleted. Must have done something wrong, but have no idea how to prevent that from happening again.
  2- My "preferences" panel in iTunes, only shows apps and books, not music- Why?
  3- I can't save any music on iClod.

  hello. 
  i followed your link on how to delete content from all things Apple, and nothing removes books, movies, music... it just gives said device(s) the iCloud/download icon on top of the book, movie...  not sure what the 'hide' purchase actually does - after X'ing/hide, everything STILL appears across all devices using that account.  could you clarify this any further?
  if i am understanding iTunes correctly, then EVERYTHING we download (free or purchased) will be FOREVER accessible with zero way for us to control what is filling up this mysterious vault called the cloud?  (creepy- apple is keeping EVERYTHING, what happens when the cloud gets full?)
  since we have iCloud.com and it shows our "stuff" that we iCloud sync from our devices such as notes, contacts, calendar... then why doesn't apple provide an iCloud.com tab that shows ALL of our purchases so we as CONSUMERS control/delete what is in our account? 
  we download ALOT of apps to try and then delete them off our devices.  that works fine, but movies and books are always there.  maybe a glitch?

• How do i access my icloud accound from my pc

  how do i access my icloud accound from my pc (Windows 7)

  www.icloud.com
  Or download the iCloud control panel for Windows and use it with Outlook.

• ORA-24247: network access denied by access control list (ACL)error-UTL_HTTP

  I am getting following ACL error while executing following procedure:
  create or replace procedure sat_proc as
  http_req utl_http.req;
  http_resp utl_http.resp;
  BEGIN
  http_req := utl_http.begin_request('www.yahoo.com');
  http_resp := utl_http.get_response(http_req);
  utl_http.end_response(http_resp);
  END;
  exec sat_proc;
  ORA-29273: HTTP request failed
  ORA-06512: at "SYS.UTL_HTTP", line 1130
  ORA-24247: network access denied by access control list (ACL)
  ORA-06512: at "TRANSDBA.SAT_PROC", line 5
  ORA-06512: at line 1
  I am able to execute successfully while executing above code as PL/SQL block:
  DECLARE
  http_req utl_http.req;
  http_resp utl_http.resp;
  BEGIN
  http_req := utl_http.begin_request('www.yahoo.com');
  http_resp := utl_http.get_response(http_req);
  utl_http.end_response(http_resp);
  END;
  PL/SQL procedure successfully completed.
  Could help me find why I am getting error while executing same code in a procedure? Is there any privilege missing?

  GRANT EXECUTE ON SYS.UTL_HTTP TO <your_user>;
  SQL> set time on
  17:21:01 SQL> set role none;
  Role set.
  17:21:23 SQL> @utl_http.sql
  17:21:34 SQL> DECLARE
  17:21:34   2  http_req utl_http.req;
  17:21:34   3  http_resp utl_http.resp;
  17:21:34   4  BEGIN
  17:21:34   5  http_req := utl_http.begin_request('www.yahoo.com');
  17:21:34   6  http_resp := utl_http.get_response(http_req);
  17:21:34   7  utl_http.end_response(http_resp);
  17:21:34   8  END;
  17:21:34   9  /
  PL/SQL procedure successfully completed.
  17:21:35 SQL> connect / as sysdba
  Connected.
  17:22:47 SQL> connect dbadmin/admindb
  Connected.
  17:23:06 SQL> @utl_http.sql
  17:23:22 SQL> DECLARE
  17:23:22   2  http_req utl_http.req;
  17:23:22   3  http_resp utl_http.resp;
  17:23:22   4  BEGIN
  17:23:22   5  http_req := utl_http.begin_request('www.yahoo.com');
  17:23:22   6  http_resp := utl_http.get_response(http_req);
  17:23:22   7  utl_http.end_response(http_resp);
  17:23:22   8  END;
  17:23:22   9  /
  PL/SQL procedure successfully completed.
  17:23:23 SQL> set role none;
  Role set.
  17:23:29 SQL> @utl_http.sql
  17:23:31 SQL> DECLARE
  17:23:31   2  http_req utl_http.req;
  17:23:31   3  http_resp utl_http.resp;
  17:23:31   4  BEGIN
  17:23:31   5  http_req := utl_http.begin_request('www.yahoo.com');
  17:23:31   6  http_resp := utl_http.get_response(http_req);
  17:23:31   7  utl_http.end_response(http_resp);
  17:23:31   8  END;
  17:23:31   9  /
  DECLARE
  ERROR at line 1:
  ORA-29273: HTTP request failed
  ORA-06512: at "SYS.UTL_HTTP", line 1130
  ORA-24247: network access denied by access control list (ACL)
  ORA-06512: at line 5
  17:23:31 SQL> above is from test user
  Below is from SYSDBA account
  SQL> set time on
  17:20:53 SQL> revoke execute on sys.utl_http to dbadmin;
  revoke execute on sys.utl_http to dbadmin
  ERROR at line 1:
  ORA-00905: missing keyword
  17:22:03 SQL> revoke execute on sys.utl_http from dbadmin;
  revoke execute on sys.utl_http from dbadmin
  ERROR at line 1:
  ORA-04020: deadlock detected while trying to lock object
  ACLiLZU+w09hR7gQAB/AQAjcw==
  17:22:32 SQL> /
  Revoke succeeded.
  17:22:52 SQL> Edited by: sb92075 on Jun 10, 2010 5:24 PM