ASP application authenticating users using OID

Similar Messages

• Authenticating & Authorising using OID (LDAP)

  Has anyone successfully used OID to manage authentication & authorisation?

  <BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by Norbert Monfort ([email protected]):
  I need to have OC4J authenticate to an LDAP directory (Netscape's iPlanet). Where did you find how to write your custom UserManager? I haven't been able to find specs on how to write mine.
  Thanks!<HR></BLOCKQUOTE>
  There aren't any specs per se on how to write this - however, go to www.orionsupport.com and check out the user manager information (in several articles) and use this to figure out the functions you need to write (use the javax.naming.directory package to write the functions against the LDAP.) I wrote just a basic authentication against Active Directory (the user type name/password which authenticates or it doesn't) - no add user stuff - which works well for our purposes.
  Cheers
  Ray
  null

• Extract authenticated user using CustomLoginModule

  Hi All,
  I'm trying to extract the authenticated user in a variable using my
  CustomLoginModule. Please see if this will work:-
  Code snippet:
  NameCallback nameCallback = new NameCallback("User ID:");
  try
       callbackHandler.handle(new Callback[] {nameCallback});
  catch (Exception e)
       e.printStackTrace();
  //receives the user name
  userName = nameCallback.getName();
  Please let me know if i get it right
  Vaib

  Hi Eric,
  Please use the BASIC authentication method as follows:
  <web-app>
  <login-config>
  <auth-method>BASIC</auth-method>
  </login-config>
  </web-app>
  hope that helps!
  AMN

• OIDSchemaException: Unable to provision user using OID Java API

  Hello,
  I'm new to OID and am writing java code for User provisioning in OID.
  I went through the documents available and found that I have to have my Application Registered and Provisioning Configuration done for User Provisioning.
  Hope I did that correctly using the Oracle Directory manager console. But still when I try to create a user as follows, I'm getting OIDSchemaException.
  Configuration cfg = new Configuration ("us");
  UserFactory factory = UserFactoryBuilder.createUserFactory(getLdapConnection().getConnection(), cfg);
  ModPropertySet mpSet = new ModPropertySet();
  mpSet.addProperty("cn", user.getFirstName());
  mpSet.addProperty("sn", user.getLastName());
  mpSet.addProperty("uid", user.getUserName());
  mpSet.addProperty("userPassword", user.getUserPassword());
  IdmUser idmUser = factory.createUser(mpSet);
  The link provided for sample Code in http://docs.oracle.com/cd/B14099_19/idmanage.1012/b14087/orcl_ext.htm#sthref222
  is broken. Can you please help me by providing a sample java application with code. I can go through the samples and check if I'm doing anything wrong.
  Thank you,
  Sivakumar Manicka
  [email protected]

  Hi Fred,
  Thank you for your reply.
  This is the exact error.
  Does it means the xlsysadm password is wrong?
  If so where would the be changed?
  Response: AUTHENTICATION_ERROR
  Response Description: Invalid / Incorrect Admin Password
  Assigned to: System Administrator[XELSYSADM]
  Thanks.

• Is there a secure way to permit File Upload for authenticated users using HTTPS ?

  I'm concerned about potential web publishing exploits.
  I'm considering using a java servlet.

  Hi,
  The synergix-extensions work very well. I usually use a method which Jörgen Nisslon has written a vbscript (I'm planning on doing a similiar thing with PowerShell) that creates a password for each computer and stores it in a database. The password
  will then be presented with a hta front end.
  http://ccmexec.com/2012/06/generating-a-random-password-during-osd-and-save-it-in-sql/
  This is possible to run both in a task  sequence and by a regular basis, for instance every third month or so.
  Hope this helps you!
  /Johan
  Microsoft Certified Trainer
  MCSE: Desktop, Server, Private Cloud, Messaging
  Blog: http://365lab.net

• Disabling a single Enterprise User in OID

  Hi,
  Has anyone figured out how to disable, as oppose to just deleting, a single Enterprise user defined in OID? I would prefer to do it using PL/SQL ... but I can't seem to be able to even figure out how to do it with Enterprise Security Manager or the OID manager. Weird.
  I thought this would be simple :)
  Thanks,
  Jim

  Hi Jim,
  I'm going to have to do the same thing Jeff did and ask here for your documentation on authenticating users to OID. I would really appreciate it if you could send them to me at [email protected] I've gotten so close to having it work, but I think I'm still missing one piece and I keep going in circles.
  Thanks a lot!
  -Pete

• Application-to-application authentication using Calendar Web Services

  Calendar Web Services
  Application-to-application authentication
  (Proxy authentication)
  Abstract:
  Application-to-application authentication allows services to trust other services without having to authenticate the end-user making use of these services. The Calendar Web Services offers an application-to-application authentication mechanism called “Proxy Authentication”.
  What is Proxy Authentication?
  The Calendar Web Services Proxy Authentication is a solution that was developed by the Oracle Calendar team and is similar to what SSO would be to the web. Proxy Authentication allows any application developed using the Calendar Web Services Toolkit to establish a trusted authentication link to the Calendar Server via the Calendar Web Services.
  What do I need to get Proxy Authentication going?
  -     The Calendar Web Services Toolkit 9.0.4.2.X (Calendarlet.jar)
  -     The Calendar Web Services 9.0.4.2.X (OCAS)
  -     The Calendar Server 9.0.4.2.X (Calserv)
  -     Oracle Internet Directory 9.0.4.X (OID)
  Your collaboration suite deployment MUST be configured in a way where the Calendar Server is connected to the OID (done by default). This is fundamental given that Proxy Auth is designed to extensively use the OID security schemes.
  How to configure Proxy Authentication?
  You must have:
  1.     Access to the OID administrator account.
  2.     Access to the ldap tools ($ORACLE_HOME/ldap/bin).
  3.     Access to the Oracle Calendar Server administrator password.
  OID Configuration
  Create an entry for your application product in OID
  The following entry needs to be created:
  - cn=OracleContext
  - cn=Products
  - cn=MyApplicationProduct
  The MyApplicationProduct.ldif will look like:
  dn: cn= MyApplicationProduct, cn=Products, cn=OracleContext
  objectClass: orclContainer
  objectClass: top
  The command to add the entry is
  ./ldapadd -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWROD -f ./MyApplicationProduct.ldif
  Where [HOSTNAME.COM] is the OID server hostname, [PASSWROD] is the password for the OID directory and [OIDPORT] is the OID port.
  Create an application entity for MyAppName in OID
  The following entry needs to be added to the OID:
  - cn=OracleContext
  - cn=Products
  - cn= MyApplicationProduct
  - orclApplicationCommonName=MyAppName
  The MyAppName.ldif will look like:
  dn: orclApplicationCommonName= MyAppName,
  cn= MyApplicationProduct, cn=Products,
  cn=OracleContext
  objectClass: orclApplicationEntity
  objectClass: top
  orclApplicationCommonName: MyAppName
  userpassword: test1
  The command to add the entry is
  ./ldapadd -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWORD -f ./MyAppName.ldif
  Ensure the entry is properly configured
  Perform an LDAP search to locate the entry's distinguished name:
  "orclApplicationCommonName= MyAppName,
  cn= MyApplicationProduct, cn=Products,
  cn=OracleContext"
  ./ldapsearch -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWROD
  -b "cn= MyApplicationProduct,cn=Products,cn=OracleContext"
  "objectclass=orclApplicationEntity" "c"
  Grant proxy privileges to the new application entity
  This creates an entry in OID:
  - dc=com
  - dc=oracle
  - dc=us
  - cn=OracleContext
  - cn=Products
  - cn=Calendar
  - cn=UserProxyPrivilege
  - uniquemember:
  orclApplicationCommonName= MyAppName,
  cn= MyApplicationProduct, cn=Products,
  cn=OracleContext
  From the $ORACLE_HOME/ocal/bin
  ./unioidconf -grantproxyprivilege \
  "orclApplicationCommonName= MyAppName,
  cn= MyApplicationProduct, cn=Products,
  cn=OracleContext"
  NOTE: you need the calendar server admin password.
  How to use Proxy Authentication?
  Once successfully done configuring your OID and Calendar Server, you must start the real work; coding. It is actually simple to implement.
  In your Java application, you will simply change the BasicAuth class with the ProxyAuth class. You then set the end-user identity, along with the proxy application name and proxy application password, you registered a moment ago.
  Ex:
  ProxyAuth auth = new ProxyAuth();
  auth.setApplicationName("orclApplicationCommonName=MyAppName, cn=MyApplicationProduct, cn=Products, cn=OracleContext");
  auth.setApplicationPassword(“test1”);
  auth.setName(myUserId);
  Your application will no longer need to pass the end-user’s password to the Calendar Web Services. From now on, it is your application’s responsibility to authenticate the end-user.
  Frederic Leblanc

  I found the solution:
  Using the CalendaringResponse.getReceiveBuffer() and getSendBuffer() methods, the soap request looks something like this:
  Sendbuffer: <?xml version='1.0' encoding='UTF-8'?>
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <SOAP-ENV:Header>
  <auth:ProxyAuth xmlns:auth="http://www.oracle.com/WebServices/Calendaring/Authentication/1.0/"><ApplicationName>orclApplicationCommonName=MyAppName,cn=MyApplicationProduct, cn=Products, cn=OracleContext</ApplicationName><ApplicationPassword>testpw1</ApplicationPassword><Name>king</Name></auth:ProxyAuth>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
  <cwsl:Search xmlns:cwsl="http://www.oracle.com/WebServices/Calendaring/1.0/"><CmdId>MySearchCommandID-1</CmdId><vQuery><From>VEVENT</From><Where>DTEND &gt;= '20061007T220000Z' AND DTSTART &lt;= '20061014T215900Z'</Where></vQuery></cwsl:Search>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>

• Problem configuring SOA suite to use OID for authentication

  We are in the process of rebuilding our environment to use the full SOA suite with our OID server for authentication (was previously just BPEL using AD directly), and have encountered several problems (below). We have rebuilt the OID server, and reinstalled the SOA suite into a clean ORACLE_HOME to no avail.
  We first rebuilt the OID server using the following steps (derived from Oracle® Internet Directory Administrator's Guide):
  1)     Create the Import and Export profiles for AD synchronization. We did this using the Directory Integration and Provisioning Server Administration tool under “Active Directory Configuration”
  2)     Modify the map file to specify the correct OU mappings between AD and OID.
  3)     Update the profile with the new map file using “dipassistant.bat mp”
  4)     Bootstrap the import profile using “dipassistant.bat bootstrap”
  5)     Start a new instance of the Integration server (odisrv) running on config set 1 (the config set containing the Active Directory import/export profiles) using “oidctl”
  6)     Set the Import profile to Enable. The OID server does not export changes to AD in our current configuration, so the Export profile is left on disable (and not bootstrapped)
  At this point it appears that the AD synchronizes correctly into our new OID server.
  Next we installed the SOA suite:
  1)     We ran “irca.bat” on our database server to create the ORABPEL, ORAESB, and ORAWSM schemas and associated integration repository structure.
  2)     After launching the SOA suite installer, we selected Advanced Install.
  3)     On the next screen, we selected J2EE Server, Web Server, and SOA Suite.
  4)     We then provided the credentials for our Oracle database, and the passwords for ORABPEL, ORAESB, and ORAWSM.
  5)     We configured our new AS instance as an administration instance, but did not opt to use from a separate HTTP server, and did not make this instance part of an OAS cluster topology.
  And finally, we configured our new SOA suite instance to use OID for authentication (using the instructions in Oracle® BPEL Process Manager Administrator's Guide section 2.1.3):
  1)     Used the configure_oid.bat command to seed OID with required users only.
  2)     Logged into the OracleAS Control Console
  3)     Chose the oc4j_soa instance, then Administration->Security->Identity Management
  4)     Configured the OID server using a non-ssl connection and the cn=orcladmin account.
  5)     When prompted, chose to reconfigure all applications in the oc4j_soa instance to OID, but not to use SSO for any of them.
  6)     Copied the contents of ORACLE_HOME\j2ee\home\config\jazn.xml to ORACLE_HOME\j2ee\oc4j_soa\config\jazn.xml
  7)     Restarted the application server.
  After this procedure, we encountered the following issues:
  1)     The BPEL console appears to authenticate users correctly out of OID, but no users have access to the default domain, including bpeladmin and oc4jadmin. All users receive a similar access denied message when attempting to log into the BPEL Admin Console.
  2)     We cannot upload a BPEL process to our new server via JDeveloper’s standard BPEL deployment mechanisms. The connection appears to be working properly and passes all tests, but on uploading a process we get a Java AccessDeniedException. ESB appears to be functioning properly, and accepts uploaded projects without issue.

  Bassman,
  We recently configured our SOA Suite to use OID and SSO. We had the same issues you are having, and we found the resolutions in a blog from Jaas Poot (http://blog.jpoot.com/category/oracle-appserver/oid-ldap/). For the BPEL domain access, this involved going to the data-sources.xml file and changing the database passwords from using ->pwForOrabpel for the orabpel schema and ->pwForOraesb for the oraesb schema to the real passwords; the blog explains more about this.
  The blog also covers the JDeveloper deployment issue, and another issue we encountered, where we couldn't access the BPEL Admin console. All of these were resolved following the steps in the blog.
  Hope this helps
  Candace

• Setup OID authenticated users for DB user globally identified users.

  I keep reading that you can setup Globally Identified users in Oracle database that
  are authenticated by OID. But it does not seem to work and I cannot find explicit
  directions for setting this up. I assume there must be some OID/SSO site
  configuration I am not aware of.
  We have an AS 10g app, a DB 9.2, and Forms 10g application. I created an OID
  user, Created a Globally Identified User in DB, but when I log into SSO, setup my
  RAD with password "doesnotmatter", then the database login comes up with
  invalid Username/Password.
  Whats not right?
  We have to use OID to get Case Sensitive Passwords and we can get it to login
  to a normal user account with a valid matching password. However, passwords
  must be expired every 30-90 days and the change in OID during login does not
  go through to the DB account. OID does care but I can't have DB accounts sitting
  around with passwords that never expire and OID can't change them. I'd rather
  have DB accounts that cannot be logged into.
  Any else sucessfully implemented OID and Globally Identified DB users or found a
  way to change DB Password after login/change password to OID?

  Have you configured enterprise user security for your database? If not, that would be the first step to take.
  The credentials stored in the RAD must match the SSO/OID user's credentials. There is no automatic way of doing that, so the user (or admin) has to set this up.
  So, the steps to follow are:
  1. Configure DB for EUS.
  2. Create OID user. Assuming you have mapped the shared schema to the users container, there is not need to create a DB user (for the OID user).
  3. If you want a one-to-one mapping, then you need to create a map the schema to the OID user (using Enterprise Security Manager).
  4. Create the RAD and add the SSO user's credentials.
  5. Test the above steps by accessing the Form using the RAD.
  Sanjay
  I keep reading that you can setup Globally Identified
  users in Oracle database that
  are authenticated by OID. But it does not seem to
  work and I cannot find explicit
  directions for setting this up. I assume there must
  be some OID/SSO site
  configuration I am not aware of.
  We have an AS 10g app, a DB 9.2, and Forms 10g
  application. I created an OID
  user, Created a Globally Identified User in DB, but
  when I log into SSO, setup my
  RAD with password "doesnotmatter", then the database
  login comes up with
  invalid Username/Password.
  Whats not right?
  We have to use OID to get Case Sensitive Passwords
  and we can get it to login
  to a normal user account with a valid matching
  password. However, passwords
  must be expired every 30-90 days and the change in
  OID during login does not
  go through to the DB account. OID does care but I
  can't have DB accounts sitting
  around with passwords that never expire and OID can't
  change them. I'd rather
  have DB accounts that cannot be logged into.
  Any else sucessfully implemented OID and Globally
  Identified DB users or found a
  way to change DB Password after login/change password
  to OID?

• How i get user info from ldap using java after authenticating user with SSO

  Hi
  I have one jsp/bean application as a partner application with SSO.
  It works fine.
  Now i need to get other attributes of user from LDAP who has logged into the application through SSO.
  using SSO java APIs i only get username, userDN, subscriber info.
  To get user's other attribute i have to user LDAP APIs for that i have to create on Directory Context, for the same i need userpassword.
  so here i my question, how do i get user password after he has logged in thro SSO.
  regards..
  and thanking u in advance
  samir

  Valentina,
  there's no way to get the password value from the directory (it's one way). Of course you can get the hashed (MD4,MD5,SHA-1) base64 encoded value (i.e. the value you see in OiD) but not the 'password'.
  --Olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

• How to use an authenticated user for a proxy call

  Dear all,
  I am currently working on a JEE application where the user needs to authenticate (for this I have configured the web.xml).
  Now inside this application I need to do a proxy call to a PI webservice.
  I would like to use the user credentials of the already logged in user in order to call the proxy.
  What I don't want to do is to use a service user for the proxy call.
  The code I am trying to call looks something like this:
       private IntegratedConfigurationIn getPort() throws Exception{
            IntegratedConfigurationIn port = null;
            try {
                 IntegratedConfigurationInService service = null;
                 service = new IntegratedConfigurationInService();
                 port = (IntegratedConfigurationIn) service.getIntegratedConfigurationIn_Port();
                BindingProvider bp = (BindingProvider)port;
                bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, user);
                bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
                if (url.length() != 0)
                     bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
            catch (Exception ex){
                 ex.printStackTrace();
            return port;
  The examples I found to retrieve the userdata pointed to codes similar to this one:
  public HttpServletRequest getHttpRequest() throws Exception {
            // Get runtime context
            Properties props = new Properties();
            props.put("domain", "true");
            Context initialContext = new InitialContext(props);
            ApplicationWebServiceContext wsContext = (ApplicationWebServiceContext) initialContext
                      .lookup(" /wsContext/ApplicationWebServiceContext");
            HttpServletRequest req = wsContext.getHttpServletRequest();
            return req;
  com.sap.security.api.IUser sapUser = com.sap.security.api.UMFactory.getAuthenticator().getLoggedInUser(getHttpRequest(), null);
            IUser ep5User = com.sapportals.wcm.util.usermanagement.WPUMFactory.getUserFactory().getEP5User(sapUser);
  Now I don't know how to bring it togehter and how to use an authenticated user for the BindingProvider.
  I would appreciate any hints or ideas.

  Peter,
  from the first screenshot, what I understood is that, you are calling an inbound PI web service that is intended to create an integrated configuration object (this is used for whole lot of other reason completely) but not actually calling a development web service.
  For this, you would have to generate your client classes from the WSDL provided by the PI developer for that particular service. Once you get those client classes generated, you could used the method provided in the other screenshot to extract the user and password and call the intended web service.
  Vijay Konam

• Configuring Oracle Application Server to use a user friendly url

  Hi All,
  I am having trouble configuring the apache httpd.conf file within an applicaton server to be able to use user-friendly urls for the infrastructure identity management tools server. I also need this for security reasons as well as hardware reasons - loadbalancing.
  At the moment I have a standard setup, whereby the sso application server is using port 7777. I would like the user not to enter the port, but to enter just a standard url, like http://login.<company>.com.au, so that if the user needs to modify oid using the oiddas web application, they can enter something like http://login.<company>.com.au/oiddas/ rather than http://<machine host name>:7777/oiddas/. This would also be used by portal for sso logins.
  From the standard installation, Apache was configured as follows:
  Port 7777
  Listen 7777
  ServerName <machine host name>
  DocumentRoot <root document folder>
  Now reading the documentation from the Oracle Application Server Installation notes for the Http Server, they document how to do this (in the loadbalancer section - this will eventually be used in the hardware setup):
  Port 80
  Listen 7777
  Listen 80
  # Virtual Hosts
  # This section is mandatory for URLs that are generated by
  # the PL/SQL packages of the Oracle Portal and various other components
  # These entries dictate that the server should listen on port
  # 7777, but will assert that it is using port 80, so that
  # self-referential URLs generated specify www.oracle.com:80
  # This will create URLs that are valid for the browser since
  # the browser does not directly see the host server.oracle.com.
  NameVirtualHost <machine ip>:7777
  <VirtualHost <nameofmachine>:7777>
  ServerName login.<company>.com.au
  Port 80
  </VirtualHost>
  # Since the previous virtual host entry will cause all links
  # generated by the Oracle Portal to use port 80, the server.company.com
  # server needs to listen on 80 as well since the Parallel Page
  # Engine will make connection requests to Port 80 to request the
  # portlets.
  NameVirtualHost <machine ip>:80
  <VirtualHost <nameofmachine>:80>
  ServerName login.<company>.com.au
  Port 80
  <VirtualHost>
  Note that I used slightly different names for the url's rather than the oracle names www.oracle.com and server.oracle.com
  Now after applying this, I noticed not only could I not go to the oiddas from the original machine name, but also couldnt go there from the new machine name.
  Also I was not even able to go to the standard index page whereby you can go to the enterprise manager for the application server, from either names.
  The following urls provide me with "The Page Cannot Be Displayed" error message:
  http://login.<company>.com.au:7777/
  http://<nameofmachine>:7777/
  The following urls provide me with "Page Under Construction" error message:
  http://login.<company>.com.au/
  http://<nameofmachine>/
  Could someone please tell me why this is the case, considering I am using the installation procedures Oracle has published within the Oracle Http Server Admistrators Guide (http://download-west.oracle.com/docs/cd/B14099_19/web.1012/b14007/netconf.htm#sthref379).
  Cheers
  Rodney

  Hi Rondey,
  Ik think that I can see your probleem.
  Just change the following line at your httpd.conf, then restart the component.
  First of all if the port is installed with nr. 7777. then the listen process will be on port 7778
  the second thing is just try to do the following steps
  ((Port 80 to Port 7777)))
  Listen 7778
  %%%% In loadbalancer section %%%%%%
  just add the following lines
  Listen 80
  Listen 8103
  Listen 8102
  NameVirtualHost *
  NameVirtualHost *:8103 or 80
  If you want to use this ports (8103 or 8102) for other site (url), then
  <VirtualHost *:80>
  ServerName <machine ip> or (host name)
  Hear from U,
  Regards,
  Hamdy

• OID and Authenticated Users

  Is there a way to tell if a user has authenticated with OID? Example a shadow group of OID users that the person becomes a member of automatically when the user logs in and then looses membership when their session expires or they log out? I am running into cases where I want access to things granted based solely on authenticated or not but I have yet to find a way to do inside of BI Publisher's permissions structure other than the use of such a group. I noticed the AUTHENTICATED_USERS group but tests revealed that it is not working as required. Any sugestions?

  BIP authorization model is user -> roles -> folders -> reports. When integrated with LDAP-compliant directory (such as OID), a BIP role translates to a directory group and vice versa: http://download.oracle.com/docs/cd/E12844_01/doc/bip.1013/e12188/T421739T475591.htm
  The case of reports that need to be restricted to the specific user group implies that you create this particular group (say Sales) in the directory and BIP makes it a role. So now you've got role "Sales" in BIP, you assign folders A, B and C to that role and publish reports for Sales to those folders.
  The case of reports that need to be available to all authenticated users is a little harder. If you only need online reports (no Excel Analyzer or Online
  Analyzer), you may be in luck. BIP standalone gives all authenticated users a built-in role that allows them to view online reports (and do nothing else). BIP enterprise - not sure. A more 'portable' solution is to create a group Everyone in the directory and add users to it. This will get tedious for a lot of users but you can do it with a script. Perhaps there's a better solution - inquire in the BIP forum (BI Publisher

• How to let SAP user use SSO to access Application in DMZ?

  Hi All,
  Our J2EE application is running on a system in DMZ which can not be connected with LDAP. So I am wondering if it's possible to let SAP user use SSO to access our application.
  After talking with my colleague I think the only way is to import SSO public key to our WebAS and create user in UME and then assign user to the corresponding public key, but anybody know where to download SSP verification file or is it allowed to download and import into another system at all?
  Regards,
  Bin

  Hi,
  Take a look at this example, it uses property nodes to select tha
  active plot and then changes the color of that plot.
  If you want to make the number of plots dynamic you could use a for
  loop and an array of color boxes.
  I hope this helps.
  Regards,
  Juan Carlos
  N.I.
  Attachments:
  Changing_plot_color.vi ‏38 KB

• Word 2007 - Save as Pdf gives error - This file is in use by another application or user

  I have MS Office 2007 Small Business.
  For months I have been using the "Save as PDF/XPS" option to save my word documents as PDF files.
  All of a sudden, when I click on the publish button within the "save as PDF dialog", I get the error:
  "This file is in use by another application or user."
  - I have tried creating a new word document and I still get this error when I try to save-as pdf. 
  - I have tried opening a document that previously was able to be saved-as-a-pdf, and it no longer works either.
  - I have tried saving from other office applications (excel, powerpoint) that also get errors now.
  I have not personally installed any new software that I recall between when this worked and stopped working for me.
  As far as I can tell there have been no updates explicitly for save-as-pdf in office.
  Is anyone else seeing this problem all-of-a-sudden?
  Thanks.
  jlk

  I just encountered this problem while trying to save a pdf from Excel 2007.  I had recently updated to Adobe Reader 9.1.
  I received the same error message you're reporting here when I went to Word 2007 and tried to save a pdf file from it as well. 
  I uninstalled Adobe Reader 9.1. 
  Reinstalled the Office 2007 pdf plug-in
  Successfully created pdf files from word and from Excel (which is what I needed to do in the first place).
  I then reinstalled Adobe Reader 9.1 so I could read the PDF files I had just created in Excel and word.
  I then tried to create pdf files from word and excel.  Error messages are back and I'm unable to create pdf's from word or excel.
  So.. why does Office 2007 pdf plugin not work when Adobe Reader 9.1 is installed?
  Frankly I'm getting tired of uninstalling Adobe Reader 9.1 every time I need to create a pdf file in Word or Excel.
  Bry