Auth 7, PHP, with SSL
We are having problems with an Authorware 7 file accessing a
php file on a
server that is running in an SSL environment (using HTTPs).
. The php file runs just fine when accessed directly via a
URL
http://..../___.php).
. When Authorware tries to call the same php file (using
ReadURL), it
doesn't return any information and acts as though either it
cannot find the
php file or cannot read it.
. The same authorware file and php work fine on our other
servers
The is the configuration on the server where the problem
exists:
. Server 2004
IIS
using client certificate (put turned this off and still same
problem)
SSL
PKI
We have checked that IIS has given full permission to the
user.
The php file has full permissions to the user.
One thing we made sure of is that the php file is being
called with the full
https path as https://..../____.php.
Any ideas on what needs to be reset for the server? othere
permissions?
security?
Or is there something different that may need to be done in
Authorware to
call the php file when running in an SSL environment.
Any ideas would be helpful.
Julia
It is certainly possible that I'm not calling it correctly
except that the
only parameter I'm sending it is just to clear the cache. So
there isn't any
$_POST or $_Get in the php. It is a simple Select statement.
Also, this same PostURL works just fine on another server
without SSL.
Julia
This is the POSTURL command I'm using:
phpResult :=PostURL(phpPath^"filename.php",
"nocache="^SystemSeconds,60 )
--where phpPath is the netLocation (https://.....)
"Amy Blankenship *AdobeCommunityExpert*"
<[email protected]>
wrote in message news:[email protected]...
> Are you certain you're calling it the way you think
you're calling it?
When
> I've seen that problem it always means I called the
script with wrong
> parameters and it didn't work properly?
>
> Thanks;
>
> Amy
>
> "Julia" <[email protected]> wrote in message
> news:[email protected]...
> > Thank you Amy for the tip to use PostURL, but it
has not solve the
> > problem.
> > The only change is that now the php script (or the
browser) return what
I
> > sent the php file. It still acts as though the php
script did not
execute.
> >
> > Julia
> >
> >
> >
> > "Amy Blankenship *AdobeCommunityExpert*"
> > <[email protected]>
> > wrote in message
news:[email protected]...
> >> When Authorware uses ReadURL it does not
involve the browser. So if
> >> Authorware needs anything the browser has, such
as, oh, I don't
know...a
> >> certificate...? the call won't work. PostURL
always goes through the
> >> browser. If you can, try rephrasing the call as
PostURL and
reformatting
> >> the PHP page to match.
> >>
> >> HTH;
> >>
> >> Amy
> >>
> >> "Julia" <[email protected]> wrote in
message
> >> news:[email protected]...
> >> > Hello Erik,
> >> >
> >> > In answer to your questions:
> >> >
> >> > 1. Our Authroware file doesn't require a
user/pass to access it.
> >> >
> >> > 2.When I just enter the https URL into the
browser directly to the
PHP
> >> > file, the php file DOES output a result -
exactly the info it
should.
> >> > Only when Authroware calls that php does
no result get returned. If
the
> >> > php file was having problems with the
database or something else, it
> > would
> >> > at least return an error. But nothing is
returned suggesting the php
> > file
> >> > is not found or not executing.
> >> >
> >> > One thing I have found is an IOstatus of
5006 being returned. The
> >> > IOMessage returns "Error undefined." Do
you know what a 5006 means?
> >> >
> >> > Thank you,
> >> > Julia
> >> >
> >> >
> >> > "Erik **AdobeCommunityExpert**"
<[email protected]> wrote
in
> >> > message
news:[email protected]...
> >> >> I've had varying results with https
but nothing I can conclusively
> >> >> suggest as I've only had to deal with
that but a few times.
> >> >>
> >> >> I would start trying to access various
https URLs. Just do a ReadURL
> >> >> to
> >> >> whatever https URLs you can find and
see if you can read any of
them?
> >> >>
> >> >> Many such URLs require a login, which
I don't think you'll be able
to
> > do
> >> >> via Authorware's ReadURL function...
Yours doesn't require a
user/pass
> > to
> >> >> access, does it? If so, how do you
work around that?
> >> >>
> >> >> If you just enter that https URL into
the browser, does your PHP
file
> >> >> output a result? If not, have it do
that so you can see if it's the
> > read
> >> >> that's failing or if the data you're
sending to result in an output
> > (the
> >> >> only output?) is not making it there
in the first place.
> >> >> Know what I mean...?
> >> >> Erik
> >> >>
> >> >> Julia wrote:
> >> >>> We are having problems with an
Authorware 7 file accessing a php
file
> > on
> >> >>> a server that is running in an SSL
environment (using HTTPs).
> >> >>> . The php file runs just fine when
accessed directly via a URL
> >> >>> (
http://..../___.php).
> >> >>> . When Authorware tries to call
the same php file (using ReadURL),
it
> >> >>> doesn't return any information and
acts as though either it cannot
> > find
> >> >>> the php file or cannot read it.
> >> >>> . The same authorware file and php
work fine on our other servers
> >> >>>
> >> >>> The is the configuration on the
server where the problem exists:
> >> >>> . Server 2004
> >> >>> IIS
> >> >>> using client certificate (put
turned this off and still same
> >> >>> problem)
> >> >>> SSL
> >> >>> PKI
> >> >>>
> >> >>> We have checked that IIS has given
full permission to the user.
> >> >>> The php file has full permissions
to the user.
> >> >>> One thing we made sure of is that
the php file is being called with
> > the
> >> >>> full https path as
https://..../____.php.
> >> >>>
> >> >>>
> >> >>> Any ideas on what needs to be
reset for the server? othere
> > permissions?
> >> >>> security?
> >> >>> Or is there something different
that may need to be done in
> >> >>> Authorware
> >> >>> to call the php file when running
in an SSL environment.
> >> >>>
> >> >>> Any ideas would be helpful.
> >> >>> Julia
> >> >>
> >> >> --
> >> >> Erik Lord
> >> >>
http://www.capemedia.net
> >> >> Adobe Community Expert - Authorware
> >> >>
http://www.adobe.com/communities/experts/
> >>
>
>>>
> >> >>
http://www.awaretips.net -
samples, tips, products, faqs, and links!
> >> >> *Search the A'ware newsgroup archives*
> >> >>
http://groups.google.com/group/macromedia.authorware
> >> >
> >> >
> >>
> >>
> >
> >
>
>
Similar Messages
-
Using the Auth pear package with php 4 and oracle
Hi all.
I was wondering if anybody out there has had any success (or else) using the Auth Pear package with php 4 and Oracle.
I'm trying to do just that but can't get it to work.
I've found lots of examples on the web for mysql but none for oracle...
Feedback on your experiences with this would be most appreciated.
Thanks in advance.
RobHi cj.
Thanks for your advice. I came across those documents but discarded them as they didn't deal with the Auth pear package I was intending on using. I didn't want to look at other alternatives as the focus of my project was primarily on migrating existing data from a mysql setup to an oracle setup. And quickly.
I hadn't found any documentation out there on using Auth with Oracle. All examples available on the web were mysql specific.
I eventually got round to gutting the code from the package and finding the fix to my problem.
Just for info, Auth expects by default an auth table containing two fields username and password. That's lowercase table and field names.
If the table name or field names to be used differ from these then they must be explicitly defined when calling Auth. Doing so resolved my problem.
My mysql db had all lowercase naming, while my oracle db has all uppercase naming throughout.
It is important to note that the Auth package uses the table and field names quoted, thus referring to the table and fields in a case sensitive way.
So for an uppercase table and fields setup the call has to be :
$options = array(
'dsn' => "$dsn_for_my_oracledb",
'table' => 'AUTH',
'usernamecol' => 'USERNAME',
'passwordcol' => 'PASSWORD',
'db_fields' => '*',
$a = new Auth("DB", $options , "loginFunction");I hope this helps anybody trying to use this package with oracle. It worked great for me.
Pear Auth package documentation:
http://www.pear.php.net/manual/en/package.authentication.auth.intro.php
Regards,
Robert -
LDAP setup with SSL - Can't use tls auth type
I'm trying to configure Solaris 10 to use ldap against my OpenLDAP server with SSL but whenever I try to set the authentication as tls:simple, it gives me an error :
# ldapclient mod -a authenticationMethod=tls:simple
Cannot specify LDAP port with tls
# ldapclient mod -a authenticationMethod=tls
Unable to set value: invalid authenticationMethod (tls)
Any ideas how to get this to work - I can do an ldapsearch if I supply a -H ldaps://ldapserver:636 so my certs in /var/ldap are good.
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=srv_login,ou=LDAPusers,dc=unix_srv,dc=energy.ge.com
NS_LDAP_BINDPASSWD= {NS1}c53708877bc6
NS_LDAP_SERVERS= 10.10.1.14:636
NS_LDAP_SEARCH_BASEDN= dc=unix_srv,dc=energy.ge.com
NS_LDAP_SEARCH_REF= FALSE
NS_LDAP_SERVER_PREF= 10.10.1.14:636
NS_LDAP_CACHETTL= 0
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,dc=unix_srv,dc=energy.ge.com?sub
NS_LDAP_SERVICE_SEARCH_DESC= shadow:ou=People,dc=unix_srv,dc=energy.ge.com?sub
NS_LDAP_SERVICE_SEARCH_DESC= group:ou=Group,dc=unix_srv,dc=energy.ge.com?one
Thanks,
JayWhen using TLS you have to specify the FQN for the LDAP server and the port is ALWAYS 636.
Also, you need to setup up your client to use FQN as well (/etc/hosts). -
How to configure sso with SSL step by step
Purpose
In this document, you can learn how to configure SSO with SSL. After user have certificate installed in browser, he can login without input username and password.
Overview
In this document we will demonstrate:
1. How to configure OHS support SSL
2. How to Register SSO with SSL
3. Configure SSO for certificates
Prerequisites
Before start this document, you should have:
1. Oracle AS 10g infrastructure installed (10.1.2)
2. OCA installed
Note:
1. “When you install Oracle infrastructure, please make sure you have select OCA.
2. How Certificate-Enabled Authentication Works:
a. The user tries to access a partner application.
b. The partner application redirects the user to the single sign-on server for authentication. As part of this redirection, the browser sends the user's certificate to the login URL of the server (2a). If it is able to verify the certificate, the server returns the user to the requested application.
c. The application delivers content. Users whose browsers are configured to prompt for a certificate-store password may only have to present this password once, depending upon how their browser is configured. If they log out and then attempt to access a partner application, the browser passes their certificate to the single sign-on server automatically. This means that they never really log out. To effectively log out, they must close the browser.
Enable SSL on the Single Sign-On Middle Tier
The following steps involve configuring the Oracle HTTP Server. Perform them on the single sign-on middle tier. In doing so, keep the following in mind:
l You must configure SSL on the computer where the single sign-on middle tier is running.
l You are configuring one-way SSL.
l You may enable SSL for simple network encryption; PKI authentication is not required. Note though that you must use a valid wallet and server certificate. The default wallet location is ORACLE_HOME/Apache/Apache/conf/ssl.wlt/default.
1. Back up the opmn.xml file, found at ORACLE_HOME/opmn/conf
2. In opmn.xml, change the value for the start-mode parameter to ssl-enabled. This parameter appears in boldface in the xml tag immediately following.
<ias-component id="HTTP_Server">
<process-type id="HTTP_Server" module-id="OHS">
<module-data>
<category id="start-parameters">
<data id="start-mode" value="ssl-enabled"/>
</category>
</module-data>
<process-set id="HTTP_Server" numprocs="1"/>
</process-type>
</ias-component>
3. Update the distributed cluster management database with the change: ORACLE_HOME/dcm/bin/dcmctl updateconfig -ct opmn
4. Reload the modified opmn configuration file:
ORACLE_HOME/opmn/bin/opmnctl reload
5. Keep a non-SSL port active. The External Applications portlet communicates with the single sign-on server over a non-SSL port. The HTTP port is enabled by default. If you have not disabled the port, this step requires no action.
6. Apply the rule mod_rewrite to SSL configuration. This step involves modifying the ssl.conf file on the middle-tier computer. The file is at ORACLE_HOME/Apache/Apache/conf. Back up the file before editing it.
Because the Oracle HTTP Server has to be available over both HTTP and HTTPS, the SSL host must be configured as a virtual host. Add the lines that follow to the SSL Virtual Hosts section of ssl.conf if they are not already there. These lines ensure that the single sign-on login module in OC4J_SECURITY is invoked when a user logs in to the SSL host.
<VirtualHost ssl_host:port>
RewriteEngine on
RewriteOptions inherit
</VirtualHost>
Save and close the file.
7. Update the distributed cluster management database with the changes:
ORACLE_HOME/dcm/bin/dcmctl updateconfig -ct ohs
8. Restart the Oracle HTTP Server:
ORACLE_HOME/opmn/bin/opmnctl stopproc process-type=HTTP_Server
ORACLE_HOME/opmn/bin/opmnctl startproc process-type=HTTP_Server
9. Verify that you have enabled the single sign-on middle tier for SSL by trying to access the OracleAS welcome page, using the format https://host:ssl_port.
Reconfigure the Identity Management Infrastructure Database
Change all references of http in single sign-on URLs to https within the identity management infrastructure database. When you change single sign-on URLs in the database, you must also change these URLs in the targets.xml file on the single sign-on middle tier. targets.xml is the configuration file for the various "targets" that Oracle Enterprise Manager monitors. One of these targets is OracleAS Single Sign-On.
1. Change Single Sign-On URLs
Run the ssocfg script, taking care to enter the command on the computer where the single sign-on middle tier is located. Use the following syntax:
UNIX:
$ORACLE_HOME/sso/bin/ssocfg.sh protocol host ssl_port
Windows:
%ORACLE_HOME%\sso\bin\ssocfg.bat protocol host ssl_port
In this case, protocol is https. (To change back to HTTP, use http.) The parameter host is the host name, or server name, of the Oracle HTTP listener for the single sign-on server.
Here is an example:
ssocfg.sh https login.acme.com 4443
2. Restart OC4J_SECURITY instance and verify the configuration
To determine the correct port number, examine the ssl.conf file. Port 4443 is the port number that the OracleAS installer assigns during installation.
If you run ssocfg successfully, the script returns a status 0. To confirm that you were successful, restart the OC4J_SECURITY instance:
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=OC4J_SECURITY
Then try logging in to the single sign-on server at its SSL address:
https://host:ssl_port/pls/orasso/
3. Back up the file targets.xml:
cp ORACLE_HOME/sysman/emd/targets.xml ORACLE_HOME/sysman/emd/targets.xml.backup
4. Open the file and find the target type oracle_sso_server. Within this target type, locate and edit the three attributes that you passed to ssocfg:
· HTTPMachine—the server host name
· HTTPPort—the server port number
· HTTPProtocol—the server protocol
If, for example, you run ssocfg like this:
ORACLE_HOME/sso/bin/ssocfg.sh http sso.mydomain.com:4443
Update the three attributes this way:
<Property NAME="HTTPMachine" VALUE="sso.mydomain.com"/>
<Property NAME="HTTPPort" VALUE="4443"/>
<Property NAME="HTTPProtocol" VALUE="HTTPS"/>
5.Save and close the file.
6. Reload the OracleAS console:
ORACLE_HOME/bin/emctl reload
7. Issue these two commands:
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=HTTP_Server
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=OC4J_SECURITY
Registering mod_osso
1. This command sequence that follows shows a mod_osso instance being reregistered with the single sign-on server.
$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path $ORACLE_HOME
-config_mod_osso TRUE
-mod_osso_url https://myhost.mydomain.com:4443
2. Restarting the Oracle HTTP Server
After running ssoreg, restart the Oracle HTTP Server:
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=HTTP_Server
Configuring the Single Sign-On System for Certificates
1. Configure policy.properties with the Default Authentication Plugin
Update the DefaultAuthLevel section of the policy.properties file with the correct authentication level for certificate sign-on. This file is at ORACLE_HOME/sso/conf. Set the default authentication level to this value:
DefaultAuthLevel = MediumHighSecurity
Then, in the Authentication plugins section, pair this authentication level with the default authentication plugin:
MediumHighSecurity_AuthPlugin = oracle.security.sso.server.auth.SSOX509CertAuth
2. Restart the Single Sign-On Middle Tier
After configuring the server, restart the middle tier:
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=HTTP_Server
ORACLE_HOME/opmn/bin/opmnctl restartproc process-type=OC4J_SECURITY
Bringing the SSO Users to OCA User Certificate Request URL
The OCA server reduces the administrative and maintenance cost of provisioning a user certificate. The OCA server achieves this by authenticating users by using OracleAS SSO server authentication. All users who have an Oracle AS SSO server account can directly get a certificate by using the OCA user interface. This reduces the time normoally requidred to provision a certificate by a certificate authority.
The URL for the SSO certificate Request is:
https://<Oracle_HTTP_host>:<oca_ssl_port>/oca/sso_oca_link
You can configure OCA to provide the user certificate request interface URL to SSO server for display whenever SSO is not using a sertificate to authenticate a user. After the OracleAS SSO server authenticates a user, it then display the OCA screen enabling that user to request a certificate.
To link the OCA server to OracleAS SSO server, use the following command:
ocactl linksso
opmnctl stoproc type=oc4j instancename=oca
opmnctl startproc type=oc4j instancename=oca
You also can use ocactl unlinksso to unlink the OCA to SSO.I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
on a URL that looks like this :
http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
and gives the error :
( Forbidden
You don't have permisission to access /sso/auth on this server at port 7777)
when I manually change the URL to :
https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
the SSO works correctly.
The question is :
How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
Any ideas ?
Thanks in advance -
HOWTO: Setting up Server-Side Authentication with SSL
This howto covers the configuration of server-side SSL authentication for both Net8 and IIOP (JServer) connections. It documents the steps required to set up an SSL encrypted connection; it does not cover certificate authentication.
It is worthwhile noting that although the setup of SSL requires the installation of certificates, these certificates do not have to be current, only valid. For some reason, in order to enable SSL connections, it is necessary to set up valid certificate file on the server whether you intend to use certificate authentication or not.
NOTE: I have been unable to determine whether or not the above statement is entirely correct. If anyone can confirm or disprove it, please let me know.
The steps described below must all be carried out from the same logon account. They have been tested on both 816 and 817 databases, but will probably work for all versions, including 9i (unless there have been some drastic changes in 9i that I'm not aware of).
1. Log on to the database server with an administrative login.
Configure the database and listener to run under the current login account (Control Panel -> Services). It is not necessary to restart these services at this time.
2. Create an Oracle wallet and set up the required certificates
(i) Open the Oracle Wallet Manager:
Start -> Programs -> [Oracle Home] -> Network Administration -> Wallet Manager
(ii) Create a new wallet (Wallet -> New).
(iii) When prompted, elect to generate a certificate request.
(iv) On the request form, the only field that matters is the Common Name. Enter the fully qualified domain name (FQDN) of the database server (i.e. the name with which the database server will be referenced by clients).
(v) Export the certificate request to file (Operations -> Export Certificate Request).
(vi) Obtain a valid server certificate from an authorised signing authority. It will also be necessary to download the signing authoritys publicly available trusted root certificate. Certificates can be obtained from Verisign (http://www.verisign.com/)
(vii) Install the trusted root certificate obtained in (vi) into the wallet (Operations -> Import Trusted Certificate). Either paste the contents of the certificate file, or browse to the file on the file system.
(viii) Install the server certificate obtained in (vi) into the wallet (Operations -> Import User Certificate). Either paste the contents of the certificate file, or browse to the file on the file system.
(ix) Save the wallet (Wallet -> Save). The wallet will be saved to the [user home]\Oracle\Wallets directory.
3. Configure the listener for SSL.
(i) Open the Oracle Net8 Assistant:
Start -> Programs -> [Oracle Home] -> Network Administration -> Net8 Assistant
(ii) Select Net8 Configuration -> Local -> Profile.
(iii) From the drop-down list at right, select Oracle Advanced Security. Select the SSL tab.
(iv) Select the Server radio button.
(v) In the wallet directory field, enter the location of the wallet created in step 2, e.g. C:\WINNT\Profiles\oracleuser\ORACLE\WALLET
(vi) Uncheck the Require Client Authentication checkbox.
(vii) Select Net8 Configuration -> Listeners -> [listener name].
(viii) Add a new address:
Protocol: TCP/IP with SSL
Host: [database server FQDN] (e.g. oraserver)
Port: 2484
(ix) Add a second new address:
Protocol: TCP/IP with SSL
Host: [database server FQDN] (e.g. oraserver)
Port: 2482
Check the Dedicate this endpoint to IIOP connections checkbox.
(x) Save the Net8 configuration (File p Save Network Configuration).
(xi) Restart the listener service.
4. Configure the database to accept SSL connections.
(i) Open the database inti.ora file (\admin\[SID]\pfile\init.ora or equivalent).
(ii) At the bottom of the file, uncomment the line that reads
mts_dispatchers = "(PROTOCOL=TCPS)(PRE=oracle.aurora.server.SGiopServer)"
(iii) Save the file and restart the database service.
5. Test the SSL confi guration using the Net8 Assistant.
(i) Open the Oracle Net8 Assistant.
(ii) Select Net8 Configuration -> Local -> Service Naming.
(iii) Add a new net service (Edit p Create).
Net service name: [SID].auth (e.g. iasdb.auth)
Protocol: TCP/IP with SSL
Host: [database server] (e.g. oraserver)
Port: 2484
Service Name/SID: [SID] (e.g. iasdb.orion.internal)
Note: at the end of the net service configuration, click Finish, not Test. The test can hang if run from the wizard.
(iv) Test the connection (Command -> Test Service). If the only error to appear is username/password denied, the test has succeeded.
nullDear Alex,
Thank you for reaching the Small Business Support Community.
I would first suggest you to uncheck the "Perfect Forward Secrecy" setting on the RVS4000 and if see if there is some similar setting enabled, then disable it, on the other side. If still the same thing happens, then go to RVS4000, VPN Advanced settings, and disable the "Aggressive Mode" so it becomes "Main mode" and use the same on the other end of the tunnel.
Just in case and as a VPN configuration guide, below is a document called "IPSec VPN setup" if it helps somehow;
http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=587
Besides my suggestions I would advise you to contact your ISP to make sure there is no IPSec traffic restrictions and/or if there is something in particular they require to make this happen and please do not hesitate to reach me back if there is any further assistance I may help you with.
Kind regards,
Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer
*Please rate the Post so other will know when an answer has been found. -
How to configure OC4J using RMI/IIOP with SSL
Any help?
I just mange configure the OC4J using RMI/IIOP but base on
But when I follow further to use RMI/IIOP with SSL I face the problem with: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
p/s: I use self generate keystore which should be ok as I can use it for https connection.
Any one can help?
Below is the OC4J log:
D:\oc4j\j2ee\home>java -Djavax.net.debug=all -DGenerateIIOP=true -Diiop.runtime.debug=true -jar oc4j.jar
05/02/23 16:43:16 ================ IIOPServerExtensionProvider.preInitApplicationServer
05/02/23 16:43:38 ================= IIOPServerExtensionProvider.postInitApplicationServer
05/02/23 16:43:38 ================== config = {SEPS={IIOP={ssl-port=5556, port=5555, ssl=true, trusted-clients=*, ssl-client-server-auth-port=5557, keystore=D:\\oc4j\\j2ee\\home\\server.keystore, keystore-password=123456, truststore=D:\\oc4j\\j2ee\\home\\server.keystore, truststore-password=123456, ClassName=com.oracle.iiop.server.IIOPServerExtensionProvider, host=localhost}}}
05/02/23 16:43:38 ================== server.getAttributes() = {threadPool=com.evermind.server.ApplicationServerThreadPool@968fda}
05/02/23 16:43:38 ================== pool: null
05/02/23 16:43:38 ====================== In startServer ...
05/02/23 16:43:38 ==================== Creating an IIOPServer ...
05/02/23 16:43:38 ========= IIOP server being initialized
05/02/23 16:43:38 SSL port: 5556
05/02/23 16:43:38 SSL port 2: 5557
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(IIOP_CLEAR_TEXT, 5555, null)
05/02/23 16:43:43 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = IIOP_CLEAR_TEXT port = 5555 )
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL, 5556, null)
05/02/23 16:43:44 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL port = 5556 )
05/02/23 16:43:45 ***
05/02/23 16:43:45 found key for : mykey
05/02/23 16:43:45 chain [0] = [
Version: V1
Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: SunJSSE RSA public key:
public exponent:
010001
modulus:
b1239fff 2ae5d31d b01a0cfb 1186bae0 bbc7ac41 94f24464 e92a7e33 6a5b0844
109e30fb d24ad770 99b3ff86 bd96c705 56bf2e7a b3bb9d03 40fdcc0a c9bea9a1
c21395a4 37d8b2ce ff00eb64 e22a6dd6 97578f92 29627229 462ebfee 061c99a4
1c69b3a0 aea6a95b 7ed3fd89 f829f17e a9362efe ccf8034a 0910989a a8573305
Validity: [From: Wed Feb 23 15:57:28 SGT 2005,
To: Tue May 24 15:57:28 SGT 2005]
Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
SerialNumber: [ 421c3768]
Algorithm: [MD5withRSA]
Signature:
0000: 34 F4 FA D4 6F 23 7B 84 30 42 F3 5C 4B 5E 18 17 4...o#..0B.\K^..
0010: 73 69 73 A6 BF 9A 5D C0 67 8D C3 56 DF A9 4A AC sis...].g..V..J.
0020: 88 AF 24 28 C9 39 16 22 29 81 01 93 86 AA 1A 5D ..$(.9.")......]
0030: 07 89 26 22 91 F0 8F DE E1 4A CF 17 9A 02 51 7D ..&".....J....Q.
0040: 92 D3 6D 9B EF 5E C1 C6 66 F9 11 D4 EB 13 8F 17 ..m..^..f.......
0050: E7 66 58 9F 6C B0 60 7C 39 B4 E0 B7 04 A7 7F A6 .fX.l.`.9.......
0060: 4D A5 89 E7 F4 8A DC 59 B4 E7 A5 D4 0A 35 9A F1 M......Y.....5..
0070: A2 CD 3A 04 D6 8F 16 B1 9E 6F 34 40 E8 C0 47 03 ..:[email protected].
05/02/23 16:43:45 ***
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Client, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3779
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:45 SGT 2005 until Tue May 24 15:57:45 SGT 2005
05/02/23 16:43:45 adding as trusted cert:
05/02/23 16:43:45 Subject: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Issuer: CN=Server, OU=Bar, O=Foo, L=Some, ST=Where, C=UN
05/02/23 16:43:45 Algorithm: RSA; Serial number: 0x421c3768
05/02/23 16:43:45 Valid from Wed Feb 23 15:57:28 SGT 2005 until Tue May 24 15:57:28 SGT 2005
05/02/23 16:43:45 trigger seeding of SecureRandom
05/02/23 16:43:45 done seeding SecureRandom
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): getEndpoint(SSL_MUTUALAUTH, 5557, null)
05/02/23 16:43:45 com.sun.corba.ee.internal.iiop.GIOPImpl(Thread[Orion Launcher,5,main]): createListener( socketType = SSL_MUTUALAUTH port = 5557 )
05/02/23 16:43:45 matching alias: mykey
matching alias: mykey
05/02/23 16:43:46 ORB created ..com.oracle.iiop.server.OC4JORB@65b738
05/02/23 16:43:47 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:47 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc [email protected]7
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ClientDelegate(Thread[Orion Launcher,5,main]): invoke(ClientRequest) called
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): process: dispatching to scid 2
05/02/23 16:43:48 com.oracle.iiop.server.OC4JORB(Thread[Orion Launcher,5,main]): dispatching to sc com.sun.corba.ee.internal.corba.ServerDelegate@9300cc
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Entering dispatch method
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Consuming service contexts, GIOP version: 1.2
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Has code set context? false
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Dispatching to servant
05/02/23 16:43:48 com.sun.corba.ee.internal.corba.ServerDelegate(Thread[Orion Launcher,5,main]): Handling invoke handler type servant
05/02/23 16:43:48 NS service created and started ..org.omg.CosNaming._NamingContextExtStub:IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 NS ior = ..IOR:000000000000002b49444c3a6f6d672e6f72672f436f734e616d696e672f4e616d696e67436f6e746578744578743a312e30000000000001000000000000007c000102000000000c31302e312e3231342e31310015b3000000000031afabcb0000000020d309e06a0000000100000000000000010000000c4e616d65536572766963650000000004000000000a0000000000000100000001000000200000000000010001000000020501000100010020000101090000000100010100
05/02/23 16:43:48 Oracle Application Server Containers for J2EE 10g (9.0.4.0.0) initialized
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Server getConnection(119e583[Unknown 0x0:0x0: Socket[addr=/127.0.0.1,port=1281,localport=5556]], SSL)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): host = 127.0.0.1 port = 1281
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Listener,5,main]): Created connection Connection[type=SSL remote_host=127.0.0.1 remote_port=1281 state=ESTABLISHED]
com.sun.corba.ee.internal.iiop.MessageMediator(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): Creating message from stream
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, handling exception: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, SEND TLSv1 ALERT: fatal, description = unexpected_message
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, WRITE: TLSv1 Alert, length = 2
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeSocket()
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ReaderThread(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): IOException in createInputStream: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.d(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.readFully(MessageBase.java:520)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.messages.MessageBase.createFromStream(MessageBase.java:58)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.MessageMediator.processRequest(MessageMediator.java:110)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.IIOPConnection.processInput(IIOPConnection.java:339)
05/02/23 16:45:14 at com.sun.corba.ee.internal.iiop.ReaderThread.run(ReaderThread.java:63)
05/02/23 16:45:14 Caused by: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.b(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
05/02/23 16:45:14 at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
05/02/23 16:45:14 ... 6 more
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.IIOPConnection(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): purge_calls: starting: code = 1398079696 die = true
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called close()
05/02/23 16:45:14 JavaIDL Reader for 127.0.0.1:1281, called closeInternal(true)
05/02/23 16:45:14 com.sun.corba.ee.internal.iiop.ConnectionTable(Thread[JavaIDL Reader for 127.0.0.1:1281,5,main]): DeleteConn called: host = 127.0.0.1 port = 1281Good point, I do belive what you are referring to is this:
Any client, whether running inside a server or not, has EJB security properties. Table 15-2 lists the EJB client security properties controlled by the ejb_sec.properties file. By default, OC4J searches for this file in the current directory when running as a client, or in ORACLE_HOME/j2ee/home/config when running in the server. You can specify the location of this file explicitly with the system property setting -Dejb_sec_properties_location=pathname.
Table 15-2 EJB Client Security Properties
Property Meaning
# oc4j.iiop.keyStoreLoc
The path and name of the keystore. An absolute path is recommended.
# oc4j.iiop.keyStorePass
The password for the keystore.
# oc4j.iiop.trustStoreLoc
The path name and name of the truststore. An absolute path is recommended.
# oc4j.iiop.trustStorePass
The password for the truststore.
# oc4j.iiop.enable.clientauth
Whether the client supports client-side authentication. If this property is set to true, you must specify a keystore location and password.
# oc4j.iiop.ciphersuites
Which cipher suites are to be enabled. The valid cipher suites are:
TLS_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_MD5
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_RC4_40_MD5
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
nameservice.useSSL
Whether to use SSL when making the initial connection to the server.
client.sendpassword
Whether to send user name and password in clear form (unencrypted) in the service context when not using SSL. If this property is set to true, the user name and password are sent only to servers listed in the trustedServer list.
oc4j.iiop.trustedServers
A list of servers that can be trusted to receive passwords sent in clear form. This has no effect if client.sendpassword is set to false. The list is comma-delimited. Each entry in the list can be an IP address, a host name, a host name pattern (for example, *.example.com), or * (where "*" alone means that all servers are trusted. -
Php with mysqli, mbstring and xsl extensions
I don't understand why php isn't build with mysqli and mbstring extensions since mysql4 is installed and there are a lot of languages that need multibytes strings. Here is a PKGBUILD that enable them. I also added xsl extension to use xsl files with php.
# $Id: PKGBUILD,v 1.51 2004/12/16 22:03:19 judd Exp $
# Maintainer: dorphell <[email protected]>
# Contributor: Benoit Chesneau <[email protected]>
pkgname=php
pkgver=5.0.3
pkgrel=2
pkgdesc="A high-level scripting language"
url="http://www.php.net"
backup=(etc/php.ini)
depends=('openssl' 'libjpeg' 'freetype2' 'libpng' 'pam'
'gdbm' 'libxml2' 'openldap' 'ncurses' 'curl' 'libxslt')
makedepends=('apache' 'mysql' 'imap' 'postgresql' 'bzip2' 'smtp-server'
'gd' 'fam' 'sqlite3' 'unixodbc')
source=(http://www.php.net/distributions/$pkgname-$pkgver.tar.gz php.ini)
md5sums=('bf89557056ce34d502e20e24071616c7' 'd5b9b37fbb746f0967d795763106735a')
build() {
cd $startdir/src/$pkgname-$pkgver
./configure --with-apxs2 --prefix=/usr --sysconfdir=/etc
--with-layout=PHP
--with-ttf --enable-mailparse --with-config-file-scan-dir=/etc
--enable-bcmath=shared --enable-calendar=shared --enable-ftp=shared
--enable-gd-native-ttf --enable-magic-quotes --enable-posix=shared
--enable-session --enable-shared --enable-shmop=shared --with-imap
--with-imap-ssl --with-ncurses --with-readline --with-sqlite=shared
--enable-sysvsem=shared --enable-sysvshm=shared --enable-track-vars
--enable-trans-sid --enable-safe-mode --enable-sockets=shared
--enable-xml --with-bz2=shared --with-curl --with-mime-magic
--with-unixODBC=shared
--enable-dba --without-db2 --without-db3 --with-inifile --with-flatfile
--with-gdbm --with-freetype-dir=/usr --with-gd=shared --enable-exif
--with-jpeg-dir=/usr --with-mysql=/usr --with-mysqli=/usr/bin/mysql_config
--with-ldap=shared
--with-mysql-sock=/tmp/mysql.sock --with-openssl --with-gettext
--with-pear=/usr/share/pear --with-dom --with-dom-xslt
--with-pgsql=shared --with-pgsql-sock=/tmp/pgsql.sock
--with-png-dir=/usr --with-regex=php --with-zlib --with-fam=shared
--with-xsl
--enable-mbstring=all --enable-mbregex
# fixes a build error in sqlite support
ln -s main/php_config.h ./config.h
make || return 1
mkdir -p $startdir/pkg/usr/lib/apache
# cp config_vars.mk config_vars.old
# sed "s|^INSTALL_IT.*$|INSTALL_IT = apxs -i -a -S LIBEXECDIR=$startdir/pkg/usr/lib/apache -n php4 libs/libphp4.so|" config_vars.old >config_vars.mk
sed -i "s|-i -a -n php5|-i -n php5|g" Makefile
make INSTALL_ROOT=$startdir/pkg EXTENSION_DIR=/usr/lib/php install
cp ../php.ini $startdir/pkg/etci suggest filing a feature request through the bug tracker.
As for why such features may not be compiled in is that whoever maintains the package may have never had the need to have such features in php or experienced any issue because of it. You will experience this with many distros so I suggest not getting accusatory and simply request the feature through the proper channels.
Each persons needs and experience are different and that is why developers write their code to encompass as many features as their users request. How robust a package needs to be in arch is up to people like you giving the crucial feedback.
(btw i don't see why your request would not be granted. I suggest the feature request though because i know the maintainer of the PHP package is not a frequent visitor to this forum but he will get your request if you make to the bug tracker) -
Complete working code for Gmail POP3 & SMTP with SSL - Java mail API
Finally, your code-hunt has come to an end!!!!
I am presenting you the complete solution (with code) to send and retrieve you mails to & from GMAIL using SMTP and POP3 with SSL & Authenticaion enabled. [Even starters & newbies like me, can easy try, test & understand - But first download & add JAR's of Java Mail API & Java Activation Framework to Netbeans Library Manager]
Download Java Mail API here
http://java.sun.com/products/javamail/
Read Java Mail FAQ's here
http://java.sun.com/products/javamail/FAQ.html
Download Java Activation Framework [JAF]
http://java.sun.com/products/javabeans/jaf/downloads/index.html
Also, The POP program retrieves the mail sent with SMTP program :) [MOST IMPORTANT & LARGELY IN DEMAND]okey.. first things first... all of your thanks goes to the following and not a s@!te to me :)
hail Java !!
hail Java mail API !!
hail Java forums !!
hail Java-tips.org !!
hail Netbeans !!
Thanks to all coders who helped me by getting the code to work in one piece.
special thanks to "bshannon" - The dude who runs this forum from 97!!I am just as happy as you will be when you execute the below code!! [my 13 hours of tweaking & code hunting has paid off!!]
Now here it is...I only present you the complete solution!!
START OF PROGRAM 1
SENDING A MAIL FROM GMAIL ACCOUNT USING SMTP [STARTTLS (SSL)] PROTOCOL OF JAVA MAIL APINote on Program 1:
1. In the code below replace USERNAME & PASSWORD with your respective GMAIL account username and its corresponding password!
2. Use the code to make your Gmail client [jsp/servlets whatever]
//Mail.java - smtp sending starttls (ssl) authentication enabled
//1.Open a new Java class in netbeans (default package of the project) and name it as "Mail.java"
//2.Copy paste the entire code below and save it.
//3.Right click on the file name in the left side panel and click "compile" then click "Run"
import javax.mail.*;
import javax.mail.internet.*;
import java.util.*;
public class Main
String d_email = "[email protected]",
d_password = "PASSWORD",
d_host = "smtp.gmail.com",
d_port = "465",
m_to = "[email protected]",
m_subject = "Testing",
m_text = "Hey, this is the testing email.";
public Main()
Properties props = new Properties();
props.put("mail.smtp.user", d_email);
props.put("mail.smtp.host", d_host);
props.put("mail.smtp.port", d_port);
props.put("mail.smtp.starttls.enable","true");
props.put("mail.smtp.auth", "true");
//props.put("mail.smtp.debug", "true");
props.put("mail.smtp.socketFactory.port", d_port);
props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
props.put("mail.smtp.socketFactory.fallback", "false");
SecurityManager security = System.getSecurityManager();
try
Authenticator auth = new SMTPAuthenticator();
Session session = Session.getInstance(props, auth);
//session.setDebug(true);
MimeMessage msg = new MimeMessage(session);
msg.setText(m_text);
msg.setSubject(m_subject);
msg.setFrom(new InternetAddress(d_email));
msg.addRecipient(Message.RecipientType.TO, new InternetAddress(m_to));
Transport.send(msg);
catch (Exception mex)
mex.printStackTrace();
public static void main(String[] args)
Main blah = new Main();
private class SMTPAuthenticator extends javax.mail.Authenticator
public PasswordAuthentication getPasswordAuthentication()
return new PasswordAuthentication(d_email, d_password);
END OF PROGRAM 1-----
START OF PROGRAM 2
RETRIVE ALL THE MAILS FROM GMAIL INBOX USING Post Office Protocol POP3 [SSL] PROTOCOL OF JAVA MAIL APINote:
1.Log into your gmail account via webmail [http://mail.google.com/]
2.Click on "settings" and select "Mail Forwarding & POP3/IMAP"
3.Select "enable POP for all mail" and "save changes"
4.In the code below replace USERNAME & PASSWORD with your respective GMAIL account username and its corresponding password!
PROGRAM 2 - PART 1 - Main.java
//1.Open a new Java class file in the default package
//2.Copy paste the below code and rename it to Mail.java
//3.Compile and execute this code.
public class Main {
/** Creates a new instance of Main */
public Main() {
* @param args the command line arguments
public static void main(String[] args) {
try {
GmailUtilities gmail = new GmailUtilities();
gmail.setUserPass("[email protected]", "PASSWORD");
gmail.connect();
gmail.openFolder("INBOX");
int totalMessages = gmail.getMessageCount();
int newMessages = gmail.getNewMessageCount();
System.out.println("Total messages = " + totalMessages);
System.out.println("New messages = " + newMessages);
System.out.println("-------------------------------");
//Uncomment the below line to print the body of the message. Remember it will eat-up your bandwidth if you have 100's of messages. //gmail.printAllMessageEnvelopes();
gmail.printAllMessages();
} catch(Exception e) {
e.printStackTrace();
System.exit(-1);
END OF PART 1
PROGRAM 2 - PART 2 - GmailUtilities.java
//1.Open a new Java class in the project (default package)
//2.Copy paste the below code
//3.Compile - Don't execute this[Run]
import com.sun.mail.pop3.POP3SSLStore;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.util.Date;
import java.util.Properties;
import javax.mail.Address;
import javax.mail.FetchProfile;
import javax.mail.Flags;
import javax.mail.Folder;
import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Multipart;
import javax.mail.Part;
import javax.mail.Session;
import javax.mail.Store;
import javax.mail.URLName;
import javax.mail.internet.ContentType;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeBodyPart;
import javax.mail.internet.ParseException;
public class GmailUtilities {
private Session session = null;
private Store store = null;
private String username, password;
private Folder folder;
public GmailUtilities() {
public void setUserPass(String username, String password) {
this.username = username;
this.password = password;
public void connect() throws Exception {
String SSL_FACTORY = "javax.net.ssl.SSLSocketFactory";
Properties pop3Props = new Properties();
pop3Props.setProperty("mail.pop3.socketFactory.class", SSL_FACTORY);
pop3Props.setProperty("mail.pop3.socketFactory.fallback", "false");
pop3Props.setProperty("mail.pop3.port", "995");
pop3Props.setProperty("mail.pop3.socketFactory.port", "995");
URLName url = new URLName("pop3", "pop.gmail.com", 995, "",
username, password);
session = Session.getInstance(pop3Props, null);
store = new POP3SSLStore(session, url);
store.connect();
public void openFolder(String folderName) throws Exception {
// Open the Folder
folder = store.getDefaultFolder();
folder = folder.getFolder(folderName);
if (folder == null) {
throw new Exception("Invalid folder");
// try to open read/write and if that fails try read-only
try {
folder.open(Folder.READ_WRITE);
} catch (MessagingException ex) {
folder.open(Folder.READ_ONLY);
public void closeFolder() throws Exception {
folder.close(false);
public int getMessageCount() throws Exception {
return folder.getMessageCount();
public int getNewMessageCount() throws Exception {
return folder.getNewMessageCount();
public void disconnect() throws Exception {
store.close();
public void printMessage(int messageNo) throws Exception {
System.out.println("Getting message number: " + messageNo);
Message m = null;
try {
m = folder.getMessage(messageNo);
dumpPart(m);
} catch (IndexOutOfBoundsException iex) {
System.out.println("Message number out of range");
public void printAllMessageEnvelopes() throws Exception {
// Attributes & Flags for all messages ..
Message[] msgs = folder.getMessages();
// Use a suitable FetchProfile
FetchProfile fp = new FetchProfile();
fp.add(FetchProfile.Item.ENVELOPE);
folder.fetch(msgs, fp);
for (int i = 0; i < msgs.length; i++) {
System.out.println("--------------------------");
System.out.println("MESSAGE #" + (i + 1) + ":");
dumpEnvelope(msgs);
public void printAllMessages() throws Exception {
// Attributes & Flags for all messages ..
Message[] msgs = folder.getMessages();
// Use a suitable FetchProfile
FetchProfile fp = new FetchProfile();
fp.add(FetchProfile.Item.ENVELOPE);
folder.fetch(msgs, fp);
for (int i = 0; i < msgs.length; i++) {
System.out.println("--------------------------");
System.out.println("MESSAGE #" + (i + 1) + ":");
dumpPart(msgs[i]);
public static void dumpPart(Part p) throws Exception {
if (p instanceof Message)
dumpEnvelope((Message)p);
String ct = p.getContentType();
try {
pr("CONTENT-TYPE: " + (new ContentType(ct)).toString());
} catch (ParseException pex) {
pr("BAD CONTENT-TYPE: " + ct);
* Using isMimeType to determine the content type avoids
* fetching the actual content data until we need it.
if (p.isMimeType("text/plain")) {
pr("This is plain text");
pr("---------------------------");
System.out.println((String)p.getContent());
} else {
// just a separator
pr("---------------------------");
public static void dumpEnvelope(Message m) throws Exception {
pr(" ");
Address[] a;
// FROM
if ((a = m.getFrom()) != null) {
for (int j = 0; j < a.length; j++)
pr("FROM: " + a[j].toString());
// TO
if ((a = m.getRecipients(Message.RecipientType.TO)) != null) {
for (int j = 0; j < a.length; j++) {
pr("TO: " + a[j].toString());
// SUBJECT
pr("SUBJECT: " + m.getSubject());
// DATE
Date d = m.getSentDate();
pr("SendDate: " +
(d != null ? d.toString() : "UNKNOWN"));
static String indentStr = " ";
static int level = 0;
* Print a, possibly indented, string.
public static void pr(String s) {
System.out.print(indentStr.substring(0, level * 2));
System.out.println(s);
}END OF PART 2
END OF PROGRAM 2
P.S: CHECKING !!
STEP 1.
First compile and execute the PROGRAM 1 with your USERNAME & PASSWORD. This will send a mail to your own account.
STEP 2.
Now compile both PART 1 & PART 2 of PROGRAM 2. Then, execute PART 1 - Main.java. This will retrive the mail sent in step 1. njoy! :)
In future, I hope this is added to the demo programs of the Java Mail API download package.
This is for 3 main reasons...
1. To prevent a lot of silly questions being posted on this forum [like the ones I did :(].
2. To give the first time Java Mail user with a real time working example without code modification [code has to use command line args like the demo programs - for instant results].
3. Also, this is what google has to say..
"The Gmail Team is committed to making sure you always can access your mail. That's why we're offering POP access and auto-forwarding. Both features are free for all Gmail users and we have no plans to charge for them in the future."
http://mail.google.com/support/bin/answer.py?answer=13295
I guess bshannon & Java Mail team is hearing this....
Again, Hurray and thanks for helping me make it!! cheers & no more frowned faces!!
(: (: (: (: (: GO JCODERS GO!! :) :) :) :) :)
codeace
-----Thanks for the reply,
I did checked by enabling session debuging and also checked pop settings it's enabled for all
mails, I tried deleting some very old messages and now the message count is changed to 310.
This may be the problem with gmail.
Bellow is the output i got,
DEBUG: setDebug: JavaMail version 1.4ea
DEBUG: getProvider() returning javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Sun Microsystems, Inc]
DEBUG POP3: connecting to host "pop.gmail.com", port 995, isSSL false
S: +OK Gpop ready for requests from 121.243.255.240 n22pf5432603pof.2
C: USER [email protected]
S: +OK send PASS
C: PASS my_password
S: +OK Welcome.
C: STAT
S: +OK 310 26900234
Custom output: messageCount : 310
C: QUIT
S: +OK Farewell. -
Update PHP with IMAP (installing SugarCRM on 10.5.4)
I have seen parts of this covered before for 10.4.x but i am now trying to include c-client on 10.5.4.
see http://discussions.apple.com/thread.jspa?messageID=4598819�
I get sugar installed fine but on OSX when i try and set up mail it gives me this error:-
Inbound Email cannot function without the IMAP c-client libraries enabled/compiled with the PHP module. Please contact your administrator to resolve this issue.
*so far i have done the following.*
sudo mkdir -p /SourceCache
cd /SourceCache
sudo curl -O ftp://ftp.cac.washington.edu/imap/c-client.tar.Z
sudo tar xzf c-client.tar.Z
cd imap-200XX (folder will represent the latest version)
sudo make oxp
mkdir /usr/local/imap/include
mkdir /usr/local/imap/lib
cd c-client/
cp *.h /usr/local/imap/include
cp *.c /usr/local/imap/lib
cp c-client.a /usr/local/imap/lib
cd /usr/local/imap/lib
ln c-client.a libc-client.a
# i hate renaming when it might be needed in its real name.
i need to make mysql headers available too as trying to build php now brings up errors...
see here.
http://docs.info.apple.com/article.html?artnum=306782
I think the mysql headers (or client libs) must be installed to make php with the same configure command that it was installed with
I have downloaded the same version of mysql that 10.5 uses mysql-5.0.45.tar.gz and have expanded that into the /SourceCache - it configures and makes without erros but i am unable to build php with the mysql statements included - see below
cd /SourceCache
get php-5.2.6.tar.gz from your local mirror
cd cd /SourceCache/php-5.2.6
sudo ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --with-apxs2=/usr/sbin/apxs --with-ldap=/usr --with-kerberos=/usr --enable-cli --with-zlib-dir=/usr --enable-trans-sid --with-xml --enable-exif --enable-ftp --enable-mbstring --enable-mbregex --enable-dbx --enable-sockets --with-iodbc=/usr --with-curl=/usr --with-config-file-path=/etc --sysconfdir=/private/etc --with-openssl --with-xmlrpc --with-xsl=/usr --with-pear --with-imap=/usr/local/imap --with-mysql-sock=/var/mysql --with-mysqli=/usr/bin/mysql_config --with-mysql=/SourceCache/mysql/mysql-5.0.45
I added my --with-imap=/usr/local/imap statement to include the libc-client c-client kit..
BUT i can only get it to build without the mysql statements.. do i really need mysql built in... it was in the original php configure script so i want to keep as much like the original as possible so i do not break things.
The build (with out mysql statmens) also throws up these few errors.. which is strange as these were in the build line from a info.php script i ran against the server...
Notice: Following unknown configure options were used:
--disable-dependency-tracking
--enable-trans-sid
--with-xml
--enable-dbx
Referances
my main source of info was from here...
http://discussions.apple.com/thread.jspa?messageID=4598819�
looks like apple have come up against this before but is for an earlier version of MySQL so i would not install it.
http://docs.info.apple.com/article.html?artnum=306782
http://discussions.apple.com/thread.jspa?messageID=7828379It sounds like you need to download the MySQL headers. Yes you do need MySQL.
Here's how I solved this problem. I used this thread as my basis:
http://discussions.apple.com/message.jspa?messageID=6112771
My updated instructions are located below with sources. I had to complete these steps again today. You had better get good at this, because Leopard updates may force you to repeat these steps. I completed this stuff back in Dec and here I am again. I did not have to re-download, but that means that I am using older versions of these programs/modules. BTW - the older stuff still works for SugarCRM. You may be using more updated files if you are downloading/have downloaded newer stuff, make sure to adjust these instructions for the newer updated files and folders.
BTW - I just realized that you may be on a workstation, you may need to change the "/usr/lib" and "/usr/include" to "/usr/local/lib" and "/usr/local/include" respectively.
Good luck!
It took me a while to get this going, but I was able to install SugarCRM on Mac OS X using the following threads as my guideline. My major problem was missing MySQL Headers preventing PHP 5 from being compiled.
MySQL headers were missing from the Mac OS X Server distribution and I needed to get these before starting (see thread: http://lists.apple.com/archives/macos-x-server/2007/Nov/msg00277.html). Then, I followed the steps to download and compile PHP 5 with IMAP. Followed the steps to compile PHP5 and then once I recompiled PHP, Apache did not work, so I recompiled Apache.
If you can not compile PHP and it stops at searching for the MySQL headers, you can download them here (see thread: http://lists.apple.com/archives/macos-x-server/2007/Nov/msg00277.html).
As per the thread, you can download the headers from here:
(Follow instructions in ReadMe)
download and unpack from:
http://www.opensource.apple.com/darwinsource/other/MySQL-43.binaries.tar.gz
sudo tar -xzvf MySQL-43.root.tar.gz -C /
Follow steps for recompiling php and IMAP in THIS thread from David Shauger1 (Thanks David)
To install the IMAP extensions do this (as root):
sudo mkdir -p /SourceCache
cd /SourceCache
You may not need to download new c-client - look in /SourceCache for prior downloads (this note is for me)
sudo curl -O ftp://ftp.cac.washington.edu/imap/c-client.tar.Z
sudo tar xzf c-client.tar.Z
sudo mv imap-2006k imap-2006h
cd imap-2006h
sudo make oxp
cd c-client
sudo cp *.h /usr/include
sudo cp *.c /usr/lib
sudo cp c-client.a /usr/lib/libc-client.a
Then, download recompile the latest version of PHP 5 following these instructions:
http://downloads.topicdesk.com/docs/UpdatingPHP_on_OS_XServer.pdf
You may not need to download a new PHP - look in /SourceCache for a previous download (this note is for me)
mkdir -p /SourceCache
cd /SourceCache
curl -O http://us3.php.net/distributions/
php-5.2.6.tar.gz
tar xzpf php-5.2.6.tar.gz
cd /SourceCache/php-5.2.6
sh
CFLAGS=-DBIND8COMPAT
export CFLAGS
php configuration command:
sudo ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --with-apxs2=/usr/sbin/apxs --with-ldap=/usr --with-kerberos=/usr --enable-cli --with-zlib-dir=/usr --enable-trans-sid --with-xml --enable-exif --enable-ftp --enable-mbstring --enable-mbregex --enable-dbx --enable-sockets --with-iodbc=/usr --with-curl=/usr --with-config-file-path=/etc --sysconfdir=/private/etc --with-mysql-sock=/var/mysql --with-mysqli=/usr/bin/mysql_config --with-mysql=/usr --with-openssl --with-xmlrpc --with-xsl=/usr --without-pear --with-imap --with-imap-ssl
make
make install
exit
Finally, follow steps for recompiling apache
Read entire thread (http://discussions.apple.com/thread.jspa?messageID=5676677&tstart=0)
1. Download the Apache2 source from http://httpd.apache.org/download.cgi (latest version is 2.2.9) and extract it.
2. Open Terminal and go to that directory. If you extract sources into your Downloads folder, type "cd ~/Downloads/httpd-2.2.9" and hit return
3. Type "./configure --enable-layout=Darwin --enable-mods-shared=all" and hit return
4. Wait for the process to complete and then type "make" and return
5. Wait for the process to complete and then type "sudo make install" and return -
Compiling PHP with SOAP/Iconv/OpenSSL support
Hi,
I'm not sure if this is the best place for this but the other topics seem even less related.
I'm trying to compile PHP with SOAP and SSL on a Mac for use with Salesforce.com (it works without any issues on Gentoo and RedHat). Anytime I try to connect I get an invalid SOAP header error. It seems to be happening because the Salesforce SOAP server requires SSL connections and I don't have SSL enabled, but it's hard to backtrace. Regardless, I can't get SSL or iconv support working.
I've installed OpenSSL both from Macports and from source using the default ./config options, neither method worked. It may be related to some issues I'm having getting iconv working as well (which I also can't seem to get right, it's installed via Macports).
Here's my PHP configure, if anyone can let me in on what I'm doing wrong that would be great!!! Thanks in advance!
root# MACOSXDEPLOYMENTTARGET=10.5 \
CFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe -no-cpp-precomp" \
CCFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe" \
CXXFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -g -Os -pipe" \
LDFLAGS="-arch ppc -arch ppc64 -arch i386 -arch x86_64 -bindatload"
root# ./configure \
--prefix=/usr \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--with-apxs2=/usr/sbin/apxs \
--with-config-file-path=/etc \
--sysconfdir=/private/etc \
--enable-cli \
--with-curl=/opt/local \
--enable-ftp \
--enable-mbstring \
--enable-mbregex \
--enable-sockets \
--with-ldap=/usr \
--with-kerberos=/usr \
--with-mime-magic=/etc/apache2/magic \
--with-zlib-dir=/usr \
--with-xmlrpc \
--with-xsl=/usr \
--with-iconv=shared,/opt/local \
--with-openssl=shared,/opt/local \
--with-gd \
--with-png-dir=/usr/X11R6 \
--with-xpm-dir=/usr/X11R6 \
--with-jpeg-dir=/opt/local \
--enable-exif \
--with-freetype-dir=/opt/local \
--with-t1lib=/opt/local \
--enable-pdo \
--with-pdo-mysql \
--with-mysql-sock=/var/mysql \
--with-mysqli=/usr/bin/mysql_config \
--with-mysql=/usr/local/mysql \
--with-iodbc=/usr \
--with-curl \
--with-config-file-path=/etc \
--sysconfdir=/private/etc \
--enable-soap
Message was edited by: mkenney - bad grammarmkenney wrote:
Hi,
I'm not sure if this is the best place for this but the other topics seem even less related.
Welcome to Apple Discussions:
Use our Unix forum here:
http://discussions.apple.com/forum.jspa?forumID=735
(yes, it's a tad hidden )
Message was edited by: nerowolfe -
Problem POP with SSL for hosted domain !
Hi Sun!
With default domain, i can use POP with SSL but for hosted domain, I can't use POP with SSL and received a message +-ERR [AUTH] Authentication failed!+
In file PopProxyAService.cfg on MMP server, I uncomment line default:HostedDomains yes but it's not work
Please help me solve this problem!
./imsimta version
Sun Java(tm) System Messaging Server 7u2-7.02 64bit (built Apr 16 2009)
libimta.so 7u2-7.02 64bit (built 02:28:03, Apr 16 2009)
Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
SunOS SMSG 5.10 Generic_138889-08 i86pc i386 i86pc
Thanks!I have found problem!
Hosted domain that can not be used IMAPs and POPs because I have moved from other mail systems
When I created another account on this hosted domain, this user can use POPs and IMAPs normal. But old users can't use POPs IMAPs
I don't know why old users can't use POPs and IMAPs ?
Error log in front-end MMP:
[07/Apr/2010:08:37:15 +0700] SMSG PopProxy[8284]: General Notice: (id 1943) User [email protected] user access denied
[07/Apr/2010:08:37:15 +0700] SMSG PopProxy[8284]: General Notice: (id 1943) badguy xx.xx.xx.xx now has 3 badness
[07/Apr/2010:08:37:18 +0700] SMSG PopProxy[8284]: General Error: (id 1943) client socket IO error: Error 0 (0) -
Problem with SSL Activated on SSO Login
Hi Guys,
One of my applications has recently hit a few problems when SSL was activated on several environments. My application requires you to login using a SSO username and password before you can use the application. Before SSL was implemented, when you pressed the main menu button the page would redirect to the login server and the SSO login would remember your details and log you in again and then take you to the 1st page with a new session id. However, with SSL implemented, when the main menu button is pressed it redirects you to the login server but this time it asks you to enter your username and password. This is a problem as every time authentication is required on my application, it will keep telling you to login even if you have already done so before.
For extra information, the main menu button (which is a navigation bar entry) redirects you to a piece of javascript which is used to take you back to the 1st page depending on what page you are on.
I am also using the latest version of APEX.
Any help is much appreciated as I am not sure where to go with this problem.
Also is it a problem with the SSL setup or my application?
Thanks
-MarkI have tried to pass the cookie through the URL to the login server but this does nothing.I can't imagine what you mean by that or what exactly you did.
it just takes me to the login page and resets the session id after i have logged in again!What do you mean by "reset"?
How can I make cookies be accepted by SSL?Have you constructed an experiment to prove that this is the problem?
Is there something i can put in the application itself?Definitely not.
Scott -
Weblogic app server wsdl web service call with SSL Validation error = 16
Weblogic app server wsdl web service call with SSL Validation error = 16
I need to make wsdl web service call in my weblogic app server. The web service is provided by a 3rd party vendor. I keep getting error
Cannot complete the certificate chain: No trusted cert found
Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure
Validation error = 16
From the SSL debug log, I can see 3 verisign hierarchy certs are correctly loaded (see 3 lines in the log message starting with “adding as trusted cert”). But somehow after first handshake, I got error “Cannot complete the certificate chain: No trusted cert found”.
Here is how I load trustStore and keyStore in my java program:
System.setProperty("javax.net.ssl.trustStore",”cacerts”);
System.setProperty("javax.net.ssl.trustStorePassword", trustKeyPasswd);
System.setProperty("javax.net.ssl.trustStoreType","JKS");
System.setProperty("javax.net.ssl.keyStoreType","JKS");
System.setProperty("javax.net.ssl.keyStore", keyStoreName);
System.setProperty("javax.net.ssl.keyStorePassword",clientCertPwd); System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump","true");
Here is how I create cacerts using verisign hierarchy certs (in this order)
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignClass3G5PCA3Root.txt -alias "Verisign Class3 G5P CA3 Root"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediatePrimary.txt -alias "Verisign C3 G5 Intermediate Primary"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediateSecondary.txt -alias "Verisign C3 G5 Intermediate Secondary"
Because my program is a weblogic app server, when I start the program, I have java command line options set as:
-Dweblogic.security.SSL.trustedCAKeyStore=SSLTrust.jks
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=strong
That SSLTrust.jks is the trust certificate from our web server which sits on a different box. In our config.xml file, we also refer to the SSLTrust.jks file when we bring up the weblogic app server.
In addition, we have working logic to use some other wsdl web services from the same vendor on the same SOAP server. In the working web service call flows, we use clientgen to create client stub, and use SSLContext and WLSSLAdapter to load trustStore and keyStore, and then bind the SSLContext and WLSSLAdapter objects to the webSerive client object and make the webservie call. For the new wsdl file, I am told to use wsimport to create client stub. In the client code created, I don’t see any way that I can bind SSLContext and WLSSLAdapter objects to the client object, so I have to load certs by settting system pramaters. Here I attached the the wsdl file.
I have read many articles. It seems as long as I can install the verisign certs correctly to web logic server, I should have fixed the problem. Now the questions are:
1. Do I create “cacerts” the correct order with right keeltool options?
2. Since command line option “-Dweblogic.security.SSL.trustedCAKeyStore” is used for web server jks certificate, will that cause any problem for me?
3. Is it possible to use wsimport to generate client stub that I can bind SSLContext and WLSSLAdapter objects to it?
4. Do I need to put the “cacerts” to some specific weblogic directory?
---------------------------------wsdl file
<wsdl:definitions name="TokenServices" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
<wsp:Policy wsu:Id="TokenServices_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="true"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="xsd0.xsd" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="xsd1.xsd" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ITokenServices_GetUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetUserTokenResponse"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserTokenResponse"/>
</wsdl:message>
<wsdl:portType name="ITokenServices">
<wsdl:operation name="GetUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetUserToken" message="tns:ITokenServices_GetUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetUserTokenResponse" message="tns:ITokenServices_GetUserToken_OutputMessage"/>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserToken" message="tns:ITokenServices_GetSSOUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserTokenResponse" message="tns:ITokenServices_GetSSOUserToken_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="TokenServices" type="tns:ITokenServices">
<wsp:PolicyReference URI="#TokenServices_policy"/>
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="GetUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetSSOUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TokenServices">
<wsdl:port name="TokenServices" binding="tns:TokenServices">
<soap12:address location="https://ws-eq.demo.i-deal.com/PhxEquity/TokenServices.svc"/>
<wsa10:EndpointReference>
<wsa10:Address>https://ws-eq.demo.xxx.com/PhxEquity/TokenServices.svc</wsa10:Address>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
----------------------------------application log
adding as trusted cert:
Subject: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x641be820ce020813f32d4d2d95d67e67
Valid from Sun Feb 07 19:00:00 EST 2010 until Fri Feb 07 18:59:59 EST 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x250ce8e030612e9f2b89f7054d7cf8fd
Valid from Tue Nov 07 19:00:00 EST 2006 until Sun Nov 07 18:59:59 EST 2021
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Cipher: SunPKCS11-Solaris version 1.6 for algorithm DESede/CBC/NoPadding>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Cipher for algorithm DESede>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 28395435>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 22803607>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 14640403>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - 12.29.210.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 16189141>I received a workaround by an internal message.
The how to guide is :
-Download the wsdl file (with bindings, not the one from ESR)
-Correct it in order that the schema corresponds to the answer (remove minOccurs or other things like this)
-Deploy the wsdl file on you a server (java web project for exemple). you can deploy on your local
-Create a new logicial destination that point to the wsdl file modified
-Change the metadata destination in your web dynpro project for the corresponding model and keep the execution desitnation as before.
Then the received data is check by the metadata logical destination but the data is retrieved from the correct server. -
when Update to 10.7.2 ,I cannot access to any site with ssl connection and fail to open safari and keychain, unless restart computer and login in with Guest account.
OS:10.7.2
Macbook Pro 2010-mid 13inchI also have the same problem, however if I use Firefox or Opera sites with ssl connection work fine. Still, I can't use Google Chrome (ssl), Safari (ssl), the Mac app store (generally), or the iTunes store (generally). Both the iTunes store, Safari and the app store won't respond, and Chrome displays this error: (net::ERR_TIMED_OUT). The problem persists regardless of what network I'm using. Also, when trying to access the keychain or iCloud, the process will not start (will hang). I didn't have these problems at all before updating to 10.7.2.
Sometimes rebooting helps, and sometimes not. If the problem disappears by rebooting, then it only lasts a few minutes before it reappears. It is very frustrating, especially since there doesn't seem to be any obvious or consistent way of which to fix it.
I'm also using a Macbook Pro 13-inch mid 2010. -
Crystal Reports export and print fails with SSL / https but works with http
Windows 2008 Server, 32-bit (IIS7)
ASP.NET 2.0
Ajax 1.0
Crystal Reports version 10.5.3700.0
http: printing works, export works
https: printing not working, only export to MS Excel and MS Word work.
I am able to generate reports using both http and https, and the toolbar icons are all showing. However, I am unable to print or export properly with SSL.
Printing prompts me with a select printer window, and then a window 'Retrieving Page 1' follow by two messages from Crystal Print Control both stating:
A communication error occured. Printing will be stopped.
Exporting generates various errors depending on which export method is being selected (however Excel and Word work over https).
I've found the same problem on this site and other forums, but never a resolution to get exporting and printing to work with SSL. Will someone please provide me assistance or possibly relay what settings they're using if they have Crystal Reports export or printing working over SSL in IIS7? Everything works fine when I change the address from https to http.
Please let me know if I can help by providing further information. We've gone through a great deal of possible solutions with code and I'm currently looking in to IIS settings again.
Thank you.Thanks Ludek. I got it by searching KB number.
Unfortunately, it didn’t fix my problem even my IE (IE8 and IE 9) has correct setting. I double check my version. PrintControl.CAB is version 10.2.0.1146. we use VS 2005 Crystal report and VB .NET. It works fine on HTTP. But when we use HTTPS (SSL Certificate from go daddy).
1: Crystal report export
Export to MS Excel, Word: pop us “File download”, then click “Save”. It says “Internet Explorer cannot download ReportView.aspx from my site. Internet Explorer was not able to open this internet site. the requested site is either unavailable or cannot be found. Please try it again later”
Export to RPt, Rich text format: It says “Internet Explorer cannot download ReportView.aspx from my site. Internet Explorer was not able to open this internet site. the requested site is either unavailable or cannot be found. Please try it again later”
Export to PDF : nothing happened.
2: Print:
Pop up dialog to select printer, click “Print” “. Shows windows “Crystal Report Viewer” and pop us error message box. Title is “Crystal Print Control”. Message is “An communication error occurred. Printing will be stopped”. Click “OK” and pop up error message box again.
Please advise.
Thank you very much!
Maybe you are looking for
-
[Solved] "slim: failed to execute login command" after awesomewm updat
Hi, i updated some weeks ago via pacman -Syu, where also awesome wm was updated from 3.4.* to 3.5.* so I updated my rc.lua as it is told on their wiki, but i cant login with my rc.lua anymore i got the failed to execute login command error from slime
-
Dynamic action - Cache server data
APEX 4.2.2 Is there a way to cache server side data in a global (page/document level) Javascript vector (bunch of key-value pairs) (associative array, array of objects or some such)? This way the data can be used by subsequent dynamic actions' Javasc
-
What does this mean? iPhoto[207] have info and image but no ref
Bought a MacBook about 8 weeks ago. Had to reload it from scratch yesterday (Mac OS DVD's) after numerous issues surface (files disappearing, random crashes, etc.) Disk Repair/fsck didn't work. Today I imported a bunch of pictures from a CD, went to
-
Using copy express for user settings
I am in the process of setting up 10 company databases on one system. The same users will have access to all of the databases (over 100 users). We have laboriously entered form settings for every possible form under the manager user in one of the d
-
Camera to video switch is missing
I got my iPhone 4 just last week and in the camera it had a switch in the bottom right hand corner to switch from using camera to video. Now the switch is missing and I would like to know how to fix it??