Access Security Exception

Similar Messages

• I failed to Confirm Security Exception for a site confirmed to be trusted, but apparently only supported by Internet Explorer, and am now barred from the site, so how do I access it?

  I have been successfully accessing a secure site using a Citrix plugin. The security certificate for the site was renewed on 17 September and is valid, but is apparently supported by Explorer. When I accessed it today, Firefox reported it as Insecure. I attempted to bypass the Firefox block, but must have failed to Confirm Security Exception, so that my access is now denied as I 'have said this is not a trusted site' (error 183). Is there any way I can now access the site.

  Thank you for your reply.
  My problem isn't removing my log-in name and password for a site.
  The problem is I already had the log-in name and password saved by FF, but I was required by the site to change the password. FF did not recognize that it had changed and refuses to prompt me to save the new password.
  After several attempts to force the prompt, I deleted the site from the Saved Password list, hoping that the next time I entered my log-in name and password on that site FF would ask if I wanted to save both. That did not happen even after exiting FF and relaunching it.
  So, right now FF will not save my log-in name and password for a site that it used track for me. Given the complexity of the new password, I really do not want to manually enter it every time I use the site.
  Regards.

• Security exception while trying to access EJB from stand alone client

  Hi!, I am trying a sample EJB application to R&D some security related issues. I want to access EJB through a web application as well as a stand-alone client. I have set approriate <method-permission> in EJB deployment descriptor. I am using users.properties/roles.properties file for authentication mechanism. I am using JBoss 3.2.
  - On the web application side I am using BASIC authentication and the servlet is able to access the EJB OK, as long as I am using a login/password that has access to the EJB.
  - Now I am trying to access the EJB using a stand alone Java class. These are the things I have tried till now:
  =>Created a InitialContext with appropriate principal, credentials and tried getting a reference to EJB home interface. That resulted in security exception.
  =>Logged into a LoginContext by using appropriate JBossSX classes and then tried getting a EJB home interface. Again security exception.
  Now I am not sure what to do. I read at some places about client side container but not sure what that is. Does anyone has any ideas to try? Is there any other way I can make a swing application and a web application authenticate to EJB container?
  Also can anyone point me to any documentation that gives some idea about how the security credentials gets propagated from web application/standalone client to EJB container?

  It would be better if you can post your code...and DD that way we can help you better

• Security exception when provisioning using multiple access policies

  We have upgraded our eDirectory connector to version 9.0.4.12. When provisoning manually all process tasks work correctly. However, when provisioning through an access policy or multiple access policies, once the edirectory Create User task runs it creates a security exception and all other connectors fail to provision until retried. We have set the system config parameter of Access Policy Multiple Resource Enhancement to TRUE and we have set the account discirminator in the process form to Server. Why would it fail?

  I have the same problem. Have you solved your problem, if so please let me know what the solution is.
  Einar �rn

• I am trying to access an https site and am getting a "This connection is untrusted" message. I am willing to bypass, but when I click the Add Exception button and then try to click the Confirm Security Exception button, nothing happens.

  I am trying to access an https site and am getting a "This connection is untrusted" message. I am willing to bypass, but when I click the Add Exception button and then try to click the Confirm Security Exception button, nothing happens.

  unfortunately the do_not_trust certificates might be a sign of unwanted software present on your pc that is intercepting secure network traffic. please go into the system control panel and uninstall programs like BrowserSafeguard, BrowserSafe, SafeGuard or other software that sounds suspicious and didn't get installed by you intentionally.
  <br>_{reference: https://support.mozilla.org/en-US/questions/982532#answer-520145}
  afterwards, run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] & [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner].
  [[Troubleshoot Firefox issues caused by malware]]

• Error while accessing secure store

  Hi Team,
  We are on EP 7.0 on SQL server 2005 . Iam facing one problem , in sometimemy IRJ pOrtal site stops giving error " Java iView Runtime " .At this time what happens that in my usr/sap drive , the sap folder is not shown as shared its share goes away and that time when i connect to visual admin tool the authentication fails and that time config tool gives error
  #1.5#00188B417A01007E0160B338000008FC00045DE876A4C303#1229152911187#com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl##com.sap.engine.services.dbpool.spi.ManagedConnectionFactoryImpl#Guest#2####f168def0c8c411dd9a2100188b417a01#SAPEngine_Application_Thread[impl:3]_29##0#0#Error##Plain###ManagedConnectionFactoryImpl.createManagedConnection(): SQLException occured while creating ManagedConnection: com.sap.sql.log.OpenSQLException: Error while accessing secure store: File "
  musaprd
  sapmnt
  PWC
  SYS
  global
  security
  data
  SecStore.properties" does not exist although it should..#
  #1.5#00188B417A010085015AAAF5000008FC00045DE876A4C207#1229152911187#com.sap.sql.connect.OpenSQLDataSourceImpl##com.sap.sql.connect.OpenSQLDataSourceImpl#Guest#2####09e36ed0c8c711dd93b200188b417a01#SAPEngine_Application_Thread[impl:3]_39##0#0#Error#1#/System/Database/sql/connect#Java#com.sap.sql_0019##Exception of type com.sap.sql.log.OpenSQLException caught: Error while accessing secure store: File
  When i check in this path SecStore.properties is there , also i have checked the permissions .....................please revert the reason of this error  . 
  Main part of this all is that after taking a reboot everything becomes fine , this happens every few days .
  Please revert to this .
  Regards,
  Somya

  Hi,
  This error crops up when the the folder usr/sap folder sharing is lost .  We  have recently faced this problem this is Windows OS level problem you can ask your OS admin. Applying a security patch will do.
  Regards,
  Vamshi.

• Error while accessing secure store: File "SecStore.properties" does not exi

  Hi ,
  I have a java desktop application, and i am trying to get a connection from a datasource deployed on one SAP AS Java, I can get the datasource succsfullly but when i try to get a connection from the DS, it throughs this exception, I put the secstore..properties file in the classpath even after that it is not happy,
  any solution/hint/light please!!!!
  com.sap.sql.log.OpenSQLException: Error while accessing secure store: File "SecStore.properties" does not exist although it should..
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:106)
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:145)
       at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:226)
       at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:197)
       at com.sap.customcode.ConflictingActionFixture.(ConflictingActionFixture.java:53)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
       at java.lang.reflect.Constructor.newInstance(Unknown Source)
       at java.lang.Class.newInstance0(Unknown Source)
       at java.lang.Class.newInstance(Unknown Source)
       at fit.FixtureClass.newInstance(Unknown Source)
       at fit.FixtureLoader.instantiateFixture(Unknown Source)
       at fit.FixtureLoader.instantiateFirstValidFixtureClass(Unknown Source)
       at fit.FixtureLoader.disgraceThenLoad(Unknown Source)
       at fit.Fixture.loadFixture(Unknown Source)
       at fit.Fixture.getLinkedFixtureWithArgs(Unknown Source)
       at fit.Fixture.doTables(Unknown Source)
       at fit.FitServer.process(Unknown Source)
       at fit.FitServer.run(Unknown Source)
       at fit.FitServer.main(Unknown Source)
  Caused by: com.sap.security.core.server.secstorefs.FileMissingException: File "SecStore.properties" does not exist although it should.
       at com.sap.security.core.server.secstorefs.StorageHandler.openExistingStore(StorageHandler.java:372)
       at com.sap.security.core.server.secstorefs.SecStoreFS.openExistingStore(SecStoreFS.java:1946)
       at com.sap.sql.connect.OpenSQLConnectInfo.getStore(OpenSQLConnectInfo.java:802)
       at com.sap.sql.connect.OpenSQLConnectInfo.lookup(OpenSQLConnectInfo.java:783)
       at com.sap.sql.connect.OpenSQLDataSourceImpl.setDataSourceName(OpenSQLDataSourceImpl.java:209)
       ... 18 more
  caused by

  the SecStore.key file was not there, I changed the passwd and checked the 'Encryption' on, after that my sever instance is not starting.
  Any idea?
  -Puneet

• Untrusted Connection - when I try to add a security exception, NOTHING happens

  A game company Web site I go to all the time has just started giving me Untrusted Connection messages. I was able to visit it with no problems as recently as a few hours ago, but now I just get a page that says "You have asked Firefox to connect securely to [site], but we can't confirm that your connection is secure" and goes on to explain about security certificates and so on.
  When I click "I understand the risks" then "Add exception", an "Add Security Exception" dialog box comes up as expected. However, when I click "Confirm Security Exception" on that dialog box (with or without clicking "Get Certificate" first), LITERALLY NOTHING happens. I don't mean I get an error message, or some result I'm not expecting, or even that the dialog box disappears. When I say nothing happens, I mean quite literally NOTHING happens. The button is not greyed out, yet clicking it has absolutely no effect. This leaves me with no means of closing the dialog box except clicking "Cancel", and therefore no means of accessing the site.
  I've seen similar problems mentioned on this site, but mostly they either have the button greyed out (mine isn't) or they get a conflicting message saying the certificate is fine and doesn't need replacing (I don't). I have not seen anyone else post about my version, where everything looks normal and internally consistent yet the "Confirm Security Exception" button is non-functional.
  This is not the first time I've had this problem, but it's the most annoying in that this time, it's affecting a site I normally visit several times a day rather than one I don't care that much about. As far as I recall, in my hands the "Confirm Security Exception" button has NEVER functioned, with the problem even surviving a near-total replacement of the hardware including the hard drive Firefox lives on.

  Make sure that you do not run Firefox in (permanent) Private Browsing mode (Never Remember History).
  *https://support.mozilla.org/kb/Private+Browsing
  *Tools > Options > Privacy > Firefox will: "Use custom settings for history"
  *Deselect: [ ] "Always use private browsing mode"
  Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.
  You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.
  *Click the link at the bottom of the error page: "I Understand the Risks"
  Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".
  *Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.
  You can see more Details like intermediate certificates that are used in the Details pane.
  If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".
  Note that some firewalls monitor secure (https) connections and send their own certificate instead of the website's certificate.

• How can I get Firefox to load pages properly and stop asking me to add every single page I visit as a "security exception"?

  I just downloaded the newest version of Firefox today because it is required for some of the websites I need for my college courses. However, every single website I go to (even the Mozilla site, Google, etc.) says that there's an "untrusted connection." On some sites I have an option between "Get me out of here!" or to add this particular site as a security exception. As you can probably imagine, this is very time consuming and frustrating. I have uninstalled the program (clean uninstall) and reinstalled it. I have reset Firefox, and nothing helps. The problem persists in Safe Mode as well. Along with this issue, every website I manage to get access to is all kinds of messed up. Modules are missing, or the whole page is blank. It can sit there for an hour and nothing loads. I have a good internet connection and fast processor. I was using Chrome before, and Internet Explorer with no issue. About two years ago I used Mozilla Firefox on this same computer and had no issues. I have a 64-bit system, which is the only issue I can think might be causing this problem. I have gone through and tried changing just about every setting, and nothing has helped. I am at my wit's end because I have homework to do and can't because of this problem.

  Glad it is fixed. Thanks for posting back, (even if we are not sure exactly what happened).

• Access control exception only on Linux/Debian not on Windows!?

  We have a rmi server application with a webstart rmi swing client that we have been running successfully on Windows. The client is downloaded and running without any problems on Windows platforms (W2003, Win2K, WinXP). The client webstart jar is signed and all permissions is set in the jnlp file.
  As soon as we setup a server on linux/debian sarge we get these access control exceptions when the server tries to send events back to the client. It complains on
  file permssions not being set on the server jar file and the strange thing is that the path separator is backslash on linux?
  I've tried the following:
  1) java.policy. Added All permssions to the server jar file and/or bin the folder.
  2) Running without any security manager, i.e., System.setSecurityManager(null)
  3) Explicitly setting the policy on the server. Policy.setPolicy(...)
  4) Explicitly setting a policy on the client. URL policyUrl = Thread.currentThread().getContextClassLoader().getResource("server.policy");
  5) Building the server and client on debian
  I'm at my wits end... I've searched these forums and it seems that this is might be a common problem but I've not found a solution yet.
  Our system works 100% on Windows without any problems, it's only on linux/debian that we get these access control problems.
  2005-sep-19 09:39:19 se.xxx.xxx.admin.AdminManager change
  ERROR: java.security.AccessControlException: access denied (java.io.FilePermission \\usr\local\XXX\bin\server.jar read)
  java.security.AccessControlContext.checkPermission(Unknown Source)
  java.security.AccessController.checkPermission(Unknown Source)
  java.lang.SecurityManager.checkPermission(Unknown Source)
  java.lang.SecurityManager.checkRead(Unknown Source)
  java.io.File.exists(Unknown Source)
  sun.net.www.protocol.file.Handler.openConnection(Unknown Source)
  sun.net.www.protocol.file.Handler.openConnection(Unknown Source)
  java.net.URL.openConnection(Unknown Source)
  sun.rmi.server.LoaderHandler.addPermissionsForURLs(Unknown Source)
  sun.rmi.server.LoaderHandler.access$300(Unknown Source)
  sun.rmi.server.LoaderHandler$Loader.<init>(Unknown Source)
  sun.rmi.server.LoaderHandler$Loader.<init>(Unknown Source)
  sun.rmi.server.LoaderHandler$1.run(Unknown Source)
  java.security.AccessController.doPrivileged(Native Method)
  sun.rmi.server.LoaderHandler.lookupLoader(Unknown Source)
  sun.rmi.server.LoaderHandler.loadClass(Unknown Source)
  sun.rmi.server.LoaderHandler.loadClass(Unknown Source)
  java.rmi.server.RMIClassLoader$2.loadClass(Unknown Source)
  java.rmi.server.RMIClassLoader.loadClass(Unknown Source)
  sun.rmi.server.MarshalInputStream.resolveClass(Unknown Source)
  java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
  java.io.ObjectInputStream.readClassDesc(Unknown Source)
  java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
  java.io.ObjectInputStream.readObject0(Unknown Source)
  java.io.ObjectInputStream.readObject(Unknown Source)
  sun.rmi.server.UnicastRef.unmarshalValue(Unknown Source)
  sun.rmi.server.UnicastServerRef.dispatch(Unknown Source)
  sun.rmi.transport.Transport$1.run(Unknown Source)
  java.security.AccessController.doPrivileged(Native Method)
  sun.rmi.transport.Transport.serviceCall(Unknown Source)
  sun.rmi.transport.tcp.TCPTransport.handleMessages(Unknown Source)
  sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(Unknown Source)
  java.lang.Thread.run(Unknown Source)
  sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(Unknown Source)
  sun.rmi.transport.StreamRemoteCall.executeCall(Unknown Source)
  sun.rmi.server.UnicastRef.invoke(Unknown Source)
  se.xxx.xxx.client.XXXApplication_Stub.notify(Unknown Source)
  )

  I have two suggestions. The first is that you didn't indicate the permissions of the file and the directories above it along with the user you're running the program as. In Unix it is easier to get an access issue as you're probably not running as root. In a traditional Windows environment everything runs with admin permission allowing access to anything. While the error comes from the security manager it has nothing to do with traditional J2SE security - it may be an O/S level thing.
  But the second suggestion touches on the other question you have - why is this showing up as backslashes? Is there perhaps an issue with the JNLP file? Is there any code that should be using System.getProperty( "file.separator") and is instead just using the backslash?

• Security exceptions not configurable after release 31 (bug number 1042889 is not fixed)

  We are running Firefox 31 32 and 33 on different machines on windows/XP (updated until end of support).
  Our router has an expired certificate. On the machines updated to Firefox 32 or above the security popup screen does not show. Instead we just get the corresponding error message, when trying to access the router's homepage.
  I looked at the support thread "Secure Connection Failed- can not confirm security exception (since update to 31)" .
  The posted solutions do NOT work!
  Chrome and even IE work fine.
  Please take a look at what was changed and reverse it.
  Or add a possibility to configure exceptions to the always accessible options tab "security", Having only 262 users with the same problem, means all others having the problem just moved to other browsers.
  For someone using Firefox since the beginning and liking it this will be a hard step, so I raise the issue again.
  No, buying a new router is NOT an option, because it manages our network storage and printers and the rule is "never fix a running system".

  hello, the fix of the bug number you have referred to has already landed in firefox 31.2.0 esr and will land in the regular firefox release channel in case there is an update to firefox 33 or else in version 34.

• Unable to run a form(FOrms 5.0) on Web. Security exception E

  Hi,
  I am trying to run a simple form developed in Forms 5.0 over our
  intranet.
  Environment: On NT I am using Oracle 8.0.5, Developer/2000
  Server and Internet Information Server 4.0.
  I have created a simple form and deployed on the server.
  (created the virtual directories for Java related directories as
  per some documentation available with me). Made a small html
  document containing the Applet definition to run this form. When
  I tried to execute this, it gives the following security
  exception error.
  ==============================================
  com.ms.security.SecurityExceptionEx
  [oracle/forms/uiClient/v1_4/engine/Runform.initClipboard]:
  Clipboard access denied.
  at com/ms/security/permissions/UIPermission.check
  at com/ms/security/PolicyEngine.deepCheck
  at com/ms/security/PolicyEngine.checkPermission
  at com/ms/security/StandardSecurityManager.chk
  at
  com/ms/security/StandardSecurityManager.checkSystemClipboardAcces
  s
  at com/ms/awt/WToolkit.getSystemClipboard
  at
  oracle/forms/uiClient/v1_4/engine/Runform.initClipboard
  at oracle/forms/uiClient/v1_4/engine/Runform.startRunform
  at oracle/forms/uiClient/v1_4/engine/Runform.run
  at java/lang/Thread.run
  com.ms.security.SecurityExceptionEx
  [oracle/forms/uiClient/v1_4/engine/Runform.initClipboard]:
  Clipboard access denied.:Clipboard access denied.
  Microsoft (R) VM for Java, 4.0 Release 4.79.0.2435
  ==============================================
  ? help
  c clear
  f run finalizers
  g garbage collect
  m memory usage
  q quit
  t thread list
  ==============================================
  Can any body help me, where I might have gone wrong, either in
  the development or deployment.
  I am also, running Oracle Application server 4.0.7 on the
  server, but I am not using the cartridge based deployment of
  forms, beca, I could not find way to create Forms
  application/Cartridge in it. If any one about it please help me.
  Early response is highly appreciated.
  Thanking you in advance ..// Manohar Reddy //
  null

  Hi Mobeen,
  That is one thing that I wanted to know. How do I make Forms
  Server to run as Service. Please explain me the
  procedure/operation.
  I am using IIS 4.0.
  Do you have any Idea, how to implement the Cartridge version of
  the Forms on OAS 4.0
  Thanks for the information though ..// Manohar //
  mobeen (guest) wrote:
  : hi
  : well u can run forms server asa service on NT then even if u
  log
  : out i wont terminate.
  : which web server r u running
  : mobeen
  : Manohar Reddy (guest) wrote:
  : : Thank you Mobeen for your time..
  : : I was able solve the problem.
  : : The problem was, my Forms Server(F50srv32.exe) was
  terminating,
  : : whenever I log out of that box. Now, I need to know, I to
  make
  : : that Process to run continuously, like a servece.
  : : Another issue, which mentioned, in my y'days mail is, How to
  : run
  : : these forms as the CARTRIDGE method ? ..
  : : Does any bdy can help me ..// Manohar //
  : : Mobeen (guest) wrote:
  : : : Hi
  : : : i guesss u have not exported Dev2k.x509 for Developer/2000.
  : : : copy Dev2k.x059 file to ur harddisk from the media
  : : : then
  : : : use javakey -c Developer/2000 true
  : : : javekey -ic Developer/2000 Dev2k.x509
  : : : it would generate identitydb.obj place that file in
  : : /user/profile
  : : : directory.
  : : : plus u have to set forms60_mapping and forms60_output
  : Registry
  : : : Variables
  : : : i hope that would sovle ur problem
  : : : mobeen
  : : : Manohar Reddy (guest) wrote:
  : : : : Hi,
  : : : : I am trying to run a simple form developed in Forms 5.0
  : over
  : : : our
  : : : : intranet.
  : : : : Environment: On NT I am using Oracle 8.0.5,
  Developer/2000
  : : : : Server and Internet Information Server 4.0.
  : : : : I have created a simple form and deployed on the server.
  : : : : (created the virtual directories for Java related
  : directories
  : : : as
  : : : : per some documentation available with me). Made a small
  : html
  : : : : document containing the Applet definition to run this
  form.
  : : : When
  : : : : I tried to execute this, it gives the following security
  : : : : exception error.
  : : : : ==============================================
  : : : : com.ms.security.SecurityExceptionEx
  [oracle/forms/uiClient/v1_4/engine/Runform.initClipboard]:
  : : : : Clipboard access denied.
  : : : : at com/ms/security/permissions/UIPermission.check
  : : : : at com/ms/security/PolicyEngine.deepCheck
  : : : : at com/ms/security/PolicyEngine.checkPermission
  : : : : at com/ms/security/StandardSecurityManager.chk
  : : : : at
  com/ms/security/StandardSecurityManager.checkSystemClipboardAcces
  : : : : s
  : : : : at com/ms/awt/WToolkit.getSystemClipboard
  : : : : at
  : : : : oracle/forms/uiClient/v1_4/engine/Runform.initClipboard
  : : : : at
  oracle/forms/uiClient/v1_4/engine/Runform.startRunform
  : : : : at oracle/forms/uiClient/v1_4/engine/Runform.run
  : : : : at java/lang/Thread.run
  : : : : com.ms.security.SecurityExceptionEx
  [oracle/forms/uiClient/v1_4/engine/Runform.initClipboard]:
  : : : : Clipboard access denied.:Clipboard access denied.
  : : : : Microsoft (R) VM for Java, 4.0 Release 4.79.0.2435
  : : : : ==============================================
  : : : : ? help
  : : : : c clear
  : : : : f run finalizers
  : : : : g garbage collect
  : : : : m memory usage
  : : : : q quit
  : : : : t thread list
  : : : : ==============================================
  : : : : Can any body help me, where I might have gone wrong,
  either
  : : in
  : : : : the development or deployment.
  : : : : I am also, running Oracle Application server 4.0.7 on the
  : : : : server, but I am not using the cartridge based deployment
  : of
  : : : : forms, beca, I could not find way to create Forms
  : : : : application/Cartridge in it. If any one about it please
  : help
  : : : me.
  : : : : Early response is highly appreciated.
  : : : : Thanking you in advance ..// Manohar Reddy //
  null

• UNABLE TO ACCESS SECURED EJB USING IIOP FROM JSP

  Following codes does not work with IIOP when called from jsp returns an
  com.sap.engine.services.iiop.CORBA.CORBAObject:com.sap.engine.services.iiop.server.portable.Delegate_1_1@8312b1 step2 RemoteException occurred in server thread; nested exception is: java.rmi.RemoteException: com.sap.engine.services.ejb.exceptions.BaseRemoteException: User Guest does not have access to method create(). at
  Following codes does not work with IIOP when called from a fat client returns an
  org.omg.CORBA.UNKNOWN:   vmcid: 0x0  minor code: 0 completed: Maybe
          at com.sun.corba.se.internal.core.UEInfoServiceContext.<init>(UEInfoServ
  iceContext.java:33)
          at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
          at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstruct
  orAccessorImpl.java:39)
          at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
  onstructorAccessorImpl.java:27)
          at java.lang.reflect.Constructor.newInstance(Constructor.java:274)
          at com.sun.corba.se.internal.core.ServiceContextData.makeServiceContext(
  Properties p = new Properties();
  p.put(Context.INITIAL_CONTEXT_FACTORY,
  "com.sun.jndi.cosnaming.CNCtxFactory");
  p.put(Context.PROVIDER_URL, "iiop://hostname:50007");
  p.put(Context.SECURITY_PRINCIPAL, "User");
  p.put(Context.SECURITY_CREDENTIALS, "pass");
  I have add java option to add IIOP filer
  -Dorg.omg.PortableInterceptor.ORBInitializerClass.com.sap.engine.services.iiop.csiv2.interceptors.SecurityInitializer
  Solution Required: Could you please detail me what steps in need to perform in order for me to access secure ejb using iiop protocol.
  FYI -- How ever ejb security works with P4 protocol, If required i can send you the test case ear.
  Thanks
  Vijay
  Following are the server side logs
  java.rmi.RemoteException: com.sap.engine.services.ejb.exceptions.BaseRemoteException: User Guest does not have access to method create().
       at test.TestEJBHomeImpl0.create(TestEJBHomeImpl0.java:91)
       at test._TestEJBHome_Stub.create(_TestEJBHome_Stub.java:214)
       at jsp_testIIOP1199698887113._jspService(jsp_testIIOP1199698887113.java:33)
       at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:544)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:186)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
  Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
       at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:608)
       at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:505)
       at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
       at test.TestEJBHomeImpl0.create(TestEJBHomeImpl0.java:89)
       ... 20 more
  ; nested exception is:
       java.lang.SecurityException: com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
       at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:608)
       at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:505)
       at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
       at test.TestEJBHomeImpl0.create(TestEJBHomeImpl0.java:89)
       at test._TestEJBHome_Stub.create(_TestEJBHome_Stub.java:214)
       at jsp_testIIOP1199698887113._jspService(jsp_testIIOP1199698887113.java:33)
       at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:544)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service(JSPServlet.java:186)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)

  That's the code that you need to execute but you should
  probably encapsulate that code in Custom Action.
  Orion has a EJB Tag Library that is free to distribute that
  does all that stuff you just set some attributes.
  Go to their site and look at their Tag Libraries.
  Also look for other Tag Libraries Freely Available for EJB Access.

• Stocks RMI example not working - Security Exception

  Hi,
  I was trying to run the "Stocks" RMI example that comes with
  Weblogic server(see
  http://www.weblogic.com/docs45/classdocs/API_rmi.html#clientside)
  I compiled and configured the appropriate files, and tried to
  load the sample applet (StockApplet.java) loaded on the
  StockApplet.html page (using Microsoft IE browser).
  However, the applet generated the following exception :
  java.lang.ExceptionInInitializerError: com/ms/security/SecurityExceptionEx
       at weblogic/common/internal/TengahClassLoaders.registerURL (TengahClassLoaders.java:51)
       at weblogic/rjvm/RJVMImpl.loadFromCluster (RJVMImpl.java:1106)
       at weblogic/jndi/WLInitialContextFactoryDelegate.newContext (WLInitialContextFactoryDelegate.java:247)
       at weblogic/jndi/WLInitialContextFactoryDelegate.getInitialContext (WLInitialContextFactoryDelegate.java:205)
       at weblogic/jndi/Environment.getContext (Environment.java:122)
       at weblogic/jndi/Environment.getInitialContext (Environment.java:105)
       at weblogic/rmi/Naming.getContext (Naming.java:225)
       at weblogic/rmi/Naming.lookup (Naming.java:67)
       at examples/rmi/stock/StockApplet.init (StockApplet.java:127)
       at com/ms/applet/AppletPanel.securedCall0 (AppletPanel.java)
       at com/ms/applet/AppletPanel.securedCall (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.run (AppletPanel.java)
       at java/lang/Thread.run (Thread.java)
  As you can see this looks like some sort of security exception. (StockApplet.java:127)
  in the above exception is the line where StockApplet calls Naming.lookup(). So
  I'm guessing it has something to do with it getting the Weblogic's RMI support
  classes to the local VM and deserializing and installing them, which generates
  a security exception.
  What needs to be done to make the example work properly?
  Thanks,
  Leonid Portnoy
  (In addition, two more types of exceptions are generated, which might be related
  to the cause of the above exception. These exceptions are :
  com.ms.security.SecurityExceptionEx[weblogic/rjvm/JVMID.setLocalID]: cannot connect
  to "testserver"
       at com/ms/security/permissions/NetIOPermission.check (NetIOPermission.java)
       at com/ms/security/PolicyEngine.deepCheck (PolicyEngine.java)
       at com/ms/security/PolicyEngine.checkPermission (PolicyEngine.java)
       at com/ms/security/StandardSecurityManager.chk (StandardSecurityManager.java)
       at com/ms/security/StandardSecurityManager.chkex (StandardSecurityManager.java)
       at com/ms/security/StandardSecurityManager.checkConnect (StandardSecurityManager.java)
       at java/net/InetAddress.getLocalHost (InetAddress.java)
       at weblogic/rjvm/JVMID.setLocalID (JVMID.java:59)
       at weblogic/rjvm/JVMID.localID (JVMID.java:43)
       at weblogic/rjvm/LocalRJVM.getID (LocalRJVM.java:143)
       at weblogic/rmi/extensions/BasicServerObjectReference.<init> (BasicServerObjectReference.java:44)
       at weblogic/rmi/extensions/BasicServerObjectAdapter.<init> (BasicServerObjectAdapter.java:43)
       at weblogic/rmi/extensions/BasicRequestHandler.<init> (BasicRequestHandler.java:30)
       at weblogic/rmi/extensions/BasicRequestDispatcher.<init> (BasicRequestDispatcher.java:42)
       at weblogic/rmi/internal/OIDManager.initializeDGCServer (OIDManager.java:267)
       at weblogic/rmi/internal/OIDManager.getReplacement (OIDManager.java:176)
       at weblogic/rmi/internal/OIDManager.replaceObject (OIDManager.java:84)
       at weblogic/rmi/server/UnicastRemoteObject.exportObject (UnicastRemoteObject.java:25)
       at examples/rmi/stock/StockApplet.init (StockApplet.java:110)
       at com/ms/applet/AppletPanel.securedCall0 (AppletPanel.java)
       at com/ms/applet/AppletPanel.securedCall (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.run (AppletPanel.java)
       at java/lang/Thread.run (Thread.java)
  and
  com.ms.security.SecurityExceptionEx[weblogic/jndi/Environment.getProperty]: Unable
  to access system property: weblogic.jndi.provider.rjvm
       at com/ms/security/permissions/PropertyPermission.check (PropertyPermission.java)
       at com/ms/security/PolicyEngine.shallowCheck (PolicyEngine.java)
       at com/ms/security/PolicyEngine.checkCallersPermission (PolicyEngine.java)
       at com/ms/security/StandardSecurityManager.chk (StandardSecurityManager.java)
       at com/ms/security/StandardSecurityManager.checkPropertyAccess (StandardSecurityManager.java)
       at java/lang/System.getProperty (System.java)
       at weblogic/jndi/Environment.getProperty (Environment.java:598)
       at weblogic/jndi/Environment.getProviderRJVM (Environment.java:691)
       at weblogic/jndi/WLInitialContextFactoryDelegate.getInitialContext (WLInitialContextFactoryDelegate.java:166)
       at weblogic/jndi/Environment.getContext (Environment.java:122)
       at weblogic/jndi/Environment.getInitialContext (Environment.java:105)
       at weblogic/rmi/Naming.getContext (Naming.java:225)
       at weblogic/rmi/Naming.lookup (Naming.java:67)
       at examples/rmi/stock/StockApplet.init (StockApplet.java:127)
       at com/ms/applet/AppletPanel.securedCall0 (AppletPanel.java)
       at com/ms/applet/AppletPanel.securedCall (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.run (AppletPanel.java)
       at java/lang/Thread.run (Thread.java)

  Can you post the Stock Applet and other source files...
  Jamal
  ([email protected])

• Signed applet throws security exceptions

  Since nobody seems to be reading the Signe Applet forum, I decided to try here:
  Hi all
  I have problems with signed applet (self-made cert), and after reading this forum I see this is more or less common.
  The problem that I am having is, that I can not use doPrivilege() and similar tricks, because applet needs to be Java 1.1 compatible.
  So, signing will have to work.
  Applet is signed using 1.5.0_06 jarsigner. Jarsigner verifies it OK.
  It works on JVM 1.5.0_06 but not on 1.4.2_08.
  Please help me make if work under any JVM.
  The error I get is:
  Java(TM) Plug-in: Version 1.4.2_08
  Using JRE version 1.4.2_08 Java HotSpot(TM) Client VM
  User home directory = C:\Documents and Settings\miha
  Proxy Configuration: Automatic Proxy Configuration
       URL: http://orion.nil.si/proxy.pac
  c:   clear console window
  f:   finalize objects on finalization queue
  g:   garbage collect
  h:   display this help message
  l:   dump classloader list
  m:   print memory usage
  o:   trigger logging
  p:   reload proxy configuration
  q:   hide console
  r:   reload policy configuration
  s:   dump system properties
  t:   dump thread list
  v:   dump thread stack
  x:   clear classloader cache
  0-5: set trace level to <n>
  java.security.AccessControlException: access denied (java.net.SocketPermission host.domain.dom resolve)
  TelnetWrapper PROXY: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:0 connect,resolve)
  java.lang.NullPointerException
       at net.propero.rdp.ISO.connect(ISO.java:123)
       at net.propero.rdp.MCS.connect(MCS.java:84)
       at net.propero.rdp.Secure.connect(Secure.java:153)
       at net.propero.rdp.Secure.connect(Secure.java:171)
       at net.propero.rdp.Rdp.connect(Rdp.java:498)
       at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:615)
       at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:222)
  FATAL: java.lang.NullPointerException: nullWhat is funny, is that I have two applets, and one works and the other one doesn't. It is like this:
  Applet A (signed) needs to connect to host1, fails and tries to connect through proxy using my proxy library (also signed - different JAR). Everything works.
  Applet B (signed) needs to connect to host1, fails and tries to connect through proxy using the same proxy library. It gets a security exception.
  All JARs are signed using the same key/certificate.
  Both applets try to connect to the same "host1".
  Both applets try to use the same proxy - which is different from "host1".
  The one thing that might make a difference, is that in the working applet, everything is within one thread, and in the broken applet, the proxy object is in the main applet thread, and this applet may open many windows, that all utilize the same proxy object - only they can't.
  When I tried to move the proxy object down to the child threads, I get the following exception:
  Exception in thread "Thread-1952" java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.misc)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
       at sun.applet.AppletSecurity.checkPackageAccess(Unknown Source)
       at sun.applet.AppletClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClassInternal(Unknown Source)
       at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:567)
       at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:211)It seems that I can only create the proxy object in the Applet.init() method, to avoid this exception.
  So to, summarize: I would prefer just one object for all threads that I will create, but then my applet behaves like it is not signed (at least under JVM 1.4.2_08). Java 1.5.0_06 doesn't have any problems with this.
  Regards, Miha Vitorovic

  The one thing that might make a difference, is that in the working applet, everything is within one thread, and in the broken applet, the proxy object is in the main applet thread, and this applet may open many windows, that all utilize the same proxy object - only they can't.
  When I tried to move the proxy object down to the child threads, I get the following exception:
  Exception in thread "Thread-1952" java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.misc)
       at java.security.AccessControlContext.checkPermission(Unknown Source)
       at java.security.AccessController.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPermission(Unknown Source)
       at java.lang.SecurityManager.checkPackageAccess(Unknown Source)
       at sun.applet.AppletSecurity.checkPackageAccess(Unknown Source)
       at sun.applet.AppletClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClass(Unknown Source)
       at java.lang.ClassLoader.loadClassInternal(Unknown Source)
       at net.propero.rdp.Rdesktop.main_nonstatic(Rdesktop.java:567)
       at net.propero.rdp.applet.RdpThread.run(RdpApplet.java:211)It seems that I can only create the proxy object in the Applet.init() method, to avoid this exception.
  So to, summarize: I would prefer just one object for all threads that I will create, but then my applet behaves like it is not signed (at least under JVM 1.4.2_08). Java 1.5.0_06 doesn't have any problems with this.
  Regards, Miha Vitorovic