[beginner] Creating a secure Java client
Hi all,
I have a Java application whose presentation tier is JSP, middle tier is EJB and it's secured with HTTPS.
Now I need to write a Java desktop application which connects to the EJB tier. How can I secure the communication between the Java application and the middle tier ?
If client uses Secure Sockets (SSL), can I use the same certificates that the web application uses ?
I'd like to use a central point of security both for the web client and for the desktop client.......
Any help ?
Thanks
Francesco
Pedja thanks for reply.
I still dont understand what is wrong with my example.
The first peace of the code i wrote (getting the reference to the remote interface object) works pretty well, and even more it is produced automatically by JDeveloper, so why we cant get a reference to the local interface object the same way?
Certanly we should use the local interface for getting access to the resource functioning under the same local jvm and i think it doesnt metter wich app server we really use wls or oas or others
Thanks. Alex.
Similar Messages
-
How to create command line java client
I have a java servlet FileClient.java and am invoking it thru POST method from the html file. How can I create command line java client so that I can execute this class file from windows command prompt.
e.g. java FileClient <argument>
TIA> .. there's also a "won't work".
I could post a sample...I know that you can instantiate and call aservlet,
or even write your own servlet container - butit's
still a local instance. He can't invoke his remote
servlet by calling its class on the client like he
suggested.HttpURLConnection in main.Only if his Servlet has a main method. Which wouldn't really make it a servlet anymore.
OP said he wants to invoke it from command-line using
java -cp . TheServletClass
He said he has a servlet called FileClient. And he can't invoke a servlet directly that way, without building a wrapper that starts it, making it more than a servlet, and it definitely won't execute on the server. That's my whole point. I never wanted to say you can't write a command-line program that invokes a servlet on a remote server. I do it myself after all.
I guess I should have expressed myself more clearly. -
Creating a simple java client for a session EJB local interface
Hi all
Is it possible to create a simple java client for a session ejb local interface with JDeveloper.
The problem is that it creates a test client for a remote interface only...
i.e.
MySessionEJB sessionEJB = context.lookup("MySessionEJB")
and once i try to adjust it manually for the local interface...
MySessionEJBLocal sessionEJB = (MySessionEJBLocal) context.lookup("MySessionEJBLocal") (MySessionEJBLocal - is the name of my local interface)
it generates the exception:
javax.naming.NotFoundException: SessionEJBLocal not found
at...........................(RMIClientContext.java:52)
There is still no problem with accessing the local interface object from the jsf project where i've added <ejb-local-ref> tag into the web.xml file.
but i need the possibility of testing the simple java client for the local interface to test business methods wich should return objects without indirect properties
Thanks in advance.
Alex.Pedja thanks for reply.
I still dont understand what is wrong with my example.
The first peace of the code i wrote (getting the reference to the remote interface object) works pretty well, and even more it is produced automatically by JDeveloper, so why we cant get a reference to the local interface object the same way?
Certanly we should use the local interface for getting access to the resource functioning under the same local jvm and i think it doesnt metter wich app server we really use wls or oas or others
Thanks. Alex. -
How to create a custom java client Security Policy File?
I have a stand-alone java client which invokes a .NET WSE 3.0 enabled web service. The web service SOAP header requires username token to be passed from my java client.
Could some one kindly provide a sample of a client-side Security Policy File?
Your help is very much appreciated.
MikeThis is still a workaround...
But if you put checks on all your forms to see if the user has accepted the terms (assumes there is an attribute tracking this) then you can redirect the user to the terms/conditions forms. Still not spoof-proof, but it would be bookmark proof. (and a pain if you have too many forms) -
Creating chart in java client/server app.
Currently, I'm developing a client/server java app. under windows. I want to create a chart (pie, bar) for graphically reporting, anybody can help me pls........? Thanks a lot
TriAKThere are some solutions...You can use the Java Chart() class or BarChart() from the J2sdk API.
(http://java.sun.com/applets/jdk/1.4/demo/applets/BarChart/example1.html)
Besides, you can use some already build class from some companies like ObjectPlanet.(www.objectplanet.com).
There is also another link(have a look at it) http://www.java4less.com/charts_e.htm
Another way is to build by your own using java.awt(It will be to most difficult in the manner of time consumed).
Finally, I will recommend you to create charts as html page integrate this application as Applet or html in general(Javascript,JSP).
I hope I gave you some ideas. -
A Short Recipe for Creating a secure Java Webserver
This is a short note describing how I was able to implement a Java server on a secure website. I am writing this because I hope the rest of you will be able to navigate the SSL minefield more easily than I was able to do.
I want to thank Brad Wetmore and Sean Mullan in the Sun Microsystems Java Security group. Without their help, I would never have been successful.
For more detailed reading, see http://java.sun.com/javase/6/docs/technotes/tools/solaris/keytool.html#EXAMPLES
1. Generate a public/private keypair and certificate for a webserver using keytool. The name of my product is FIRMS (Fully Integrated Resort Management System). You will see "firms" a lot in what follows. Fill in your own data under the "-dname" parameter. Note that if you run keytool so that it prompts you for this information, the first thing keytool will ask you to provide is your First Name and Last Name, although this field is also referred to as the Common Name. In SSL/TLS, the Common Name is the hostname of the website you'll be setting up. It probably would have been better if keytool had prompted for "Common Name" instead of First Name and Last Name. Just keep this in mind if you go through the keytool prompts. If you use the "-dname" parameter, as I have done here, you will not have to go through keytool's prompts. Also, note that the "-dname" information I provided is for a very small business, not a larger corporation.
keytool -genkeypair -alias firms -keyalg RSA -dname "cn=www.firmsglobal.com, ou=FIRMSGlobal, o=James Morris, l=Scottsdale, st=Arizona, c=US" -keystore foo
2. Generate a CSR (Certificate Signing Request).
keytool -certreq -alias firms -file firmsglobal.csr -keystore foo
3. Send the CSR to a trusted Certificate Authority (CA). I used GoDaddy. When the CA website asks you to provide a key, open the ".csr" file, copy it, and paste it into the website text area. Be sure to copy and paste the entire ".csr" file. Depending on the CA you are using, they will ask you what kind of server you are using. In most cases, choose "other". It really doesn't matter. Be absolutely sure you save the keystore file "foo". Back it up. Whatever you do, do not modify it or delete it. Save it. Got that?
4. Eventually the CA will provide you with one or more "reply" files ending (most likely) in ".cer" or ".crt". You might have to go into a repository to get the right "cross" files and "intermediate" files.
5. You must import the files provided by the CA back into your original keystore file. Remember that file? That is the one you saved. Above, I called it "foo".
6. Use the following keytool commands to import the files back into your original keystore file "foo". My CA provided me with 1 root file, 1 cross file, and 1 intermediate file, as well as my "real" certification file, which is called "www.firmsglobal.com.crt". Look again in step 1 above. Note that I used the alias "firms" to generate the public/private keypairs. You must use the same alias when you import the "real" certification reply file from the CA into the keystore file "foo". Note that I can use any alias name I wish on the first three lines below, but the fourth line is the command that will replace the self-signed certificate I generated in step 1 with the "real" certification reply file from the CA. The alias used in the fourth line must always match the alias used in step 1. Note that it might not always be necessary to perform lines one through three.
keytool -importcert -alias root -trustcacerts -keystore foo -file valicert_class2_root.cer"
keytool -importcert -alias cross -trustcacerts -keystore foo �file gd_cross_intermediate.cer"
keytool -importcert -alias intermed -trustcacerts -keystore foo -file gd_intermediate.cer"
keytool -importcert -alias firms -trustcacerts -keystore foo -file "www.firmsglobal.com.crt"
7. Here is the Java code I use to read the keystore. The string "keystore" holds the name of the keystore file. The string "keystorepass" is a char[] that holds the keystore password. The string "keypassword" is a char[] that holds the private key password. I might have these two passwords reversed. I used the same password for the keystore and the private key, but this is not recommended.
try {
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(keystore), keystorepass);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keypassword);
SSLContext sslcontext = SSLContext.getInstance("SSLv3");
sslcontext.init(kmf.getKeyManagers(), null, null);
SSLServerSocketFactory ssf = sslcontext.getServerSocketFactory();
sslServerSocket = (SSLServerSocket) ssf.createServerSocket(securePortNumber);
} catch (Exception e) {
handleSocketException(e,"Server cannot listen on port ",securePortNumber);
};Whenever the user selects a file, you can call the setCurrentDirectory method on the JFileChooser, with the getParentFile() method to return the directory of the selected file.
For example :
JFileChooser chooser = new JFileChooser();
if (chooser.showOpenDialog(null) == JFileChooser.APPROVE_OPTION) {
File f = chooser.getSelectedFile();
if (f.isFile()) {
chooser.setCurrentDirectory(f.getParentFile()); -
Hi,
It depends upon your client program. You can use a java rmi based client or a web application. The good kick start to the problem would be to have a look into the java pet store example and converter example which is using RMI port for client access as well as web based access. Please review the examples shipped along with iAS and I'm sure that you will have a good idea on going about the coding.
Regards
Raj -
Trouble with vb server understanding a Java client
Hey
I'm creating coding a Java client for a game. We already have the game running with a vb server and client.
But we are going to convert over to Java.
Now the problem is that the vb server is unable to understand the Java client.
The vb server uses Asc (to convert characters to numbers) in the encoding/decoding which I'm unable to figure a Java version of this...
Currently using (int) to convert the characters in Java for its encoding/decoding but its not the same above numbers of 128.
This is the message using vb:
���������������������������������������
This is the same message using Java:
���?�?�????????????�????????�?����?���
So how would I have the same characters in Java?
Edited by: zammbi on Feb 29, 2008 9:18 PMSo I was just wondering if there is anyway to for the client to understand the vb server.Undoubtably. The question is " _What_ is/are the way(s) to for the client to understand the vb server."
Permit be to extrapolate some software design requirements from the stated business requirements.
1. The new java client must speak VB'eese to the existing VB server, because there are lots of VB clients in the wild, and we're (too lazy / not smart enough) to rewrite the whole shebang using a sane architecture, and what da 'ell, it's only some poxy game anyways.
2. You're unable to talk sense to the management, and if you did they'd just fire you and hire someone who makes the right noises at the appropiate times, and probably has a bra size to boot.
So the pragmatic question is: WTF is "VB'eese"?
A question one might reasonably ask MSDN or associate forums, as apposed to a java forum.
Dude, this ain't really a java question, though you might fluke and find a java programmer who can tell you exactly where to go.
</what-bluddy-bitterness>
Cheers. Keith. -
Sample java client not running--showing a strange error-- help urgently
Hi,
I have followed all the steps, given in JDevloper help, to create and deploy an EJB onto a 9ias server and I have been successful in creating the EJB and deploying it from the JDevloper machine to 9ias machine.My JDevloper is on one machine and 9ias is on another. After deploying when I am creating a sample java client, as given in the JDevloper help file, it gives a very strange error
java.lang.NullPointerException
void Samplemypackage1.MySessionEJB1Client.main(java.lang.String[])
Process exited with exit code 0.
I have tried a lot but it's not happening. Is it becuase
1. 9ias and JDevloper should be on the same machine
2. some configurational changes need to be done in the settings
3. jdk1.3.1 is not compatible with JDevloper.
I am enclosing the code snippet for your quick reference.
package Samplemypackage1;
import java.util.Hashtable;
//import javax.rmi.PortableRemoteObject;
import javax.naming.Context;
import javax.naming.InitialContext;
import mypackage1.MySessionEJB1;
import mypackage1.MySessionEJB1Home;
public class MySessionEJB1Client
public static void main(String [] args)
MySessionEJB1Client mySessionEJB1Client = new MySessionEJB1Client();
try
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.evermind.server.rmi.RMIInitialContextFactory");
env.put(Context.SECURITY_PRINCIPAL, "admin");
env.put(Context.SECURITY_CREDENTIALS, "admin");
env.put(Context.PROVIDER_URL, "ormi://9ias:23791/MySessionEJB1");
Context ctx = new InitialContext(env);
MySessionEJB1Home mySessionEJB1Home = (MySessionEJB1Home)ctx.lookup("MySessionEJB1");
MySessionEJB1 mySessionEJB1;
// Use one of the create() methods below to create a new instance
mySessionEJB1 = mySessionEJB1Home.create();
// Call any of the Remote methods below to access the EJB
System.out.println(mySessionEJB1.calc("om sri"));
catch(NullPointerException ne)
ne.printStackTrace();
catch(Throwable ex)
ex.printStackTrace();
When I tried to debug the program I found that the line " mySessionEJB1 = mySessionEJB1Home.create()" returns a null. I really fail to understand as to why it is happening.
Please help me.
ThankxThat's strange. home.create() should never return a null.
Do you see any exception trace on the server side?
Do you have the same version of oc4j.jar on client and server machine? Which version of Jdeveloper and 9iAs are you using?
Try copying oc4j.jar from the server machine to client machine and use that to connect to the bean.
HTH
Dhiraj -
Invoking a secure web service from a standalone java client
I am using stand alone java client to invoke a web service. This web service in turn invokes a jcs which is protected ( role based access ).
I am using a proxy at the client side for web service invocation
FileSubmission_Impl filesubmission_impl = new FileSubmission_Impl();
FileSubmissionSoap filesubmissionsoap = filesubmission_impl.getFileSubmissionSoap();
filesubmissionsoap.processFiles(...)
This works if there are no security constraints on any of the resources (@common:security).
I need to pass the username and password from the java client that will be authenticated and allowed to access the protected resources.
Please let me know as to how this can be achieved ( passing username and password from client )Paula,
I suppose you're using CFINVOKE (http://www.activsoftware.com/code_samples/code.cfm/CodeID/44/ColdFusion/Invoking_SOAP_Web_Services_with_ColdFusion_MX_CFINVOKE_Tag) or are you using a third party tool like CFX_SOAP (http://www.activsoftware.com/products/productdetail.cfm/id/1015)?
Are you working with WebAS 6.4 or 6.2?
It works with web services created with WebAS 6.4, but you should generate proxy classes. Check Thomas' weblog (second part of it)->https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1012. [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken]
The WSDL generated by this method is more standard than the one generated when you just Remote enable an FM and look at the webservice browser.
Th core of CF MX is Java and that engine is rather strict in standards.
Eddy -
Create a Secure Client for a Secure Web Service- is failing
Hi,
This is actually with reference to the webservice tutorial.I am trying the example on Create a Secure Client for a Secure Web Service and have followed all the steps mentioned,however I am getting the following error:
D:\JDev11gTp\jdk\bin\javaw.exe -client -classpath D:\Jdev11gTpInstance\mywork\WebServiceApplications\.adf;D:\Jdev11gTpInstance\mywork\WebServiceApplications\WebServiceProjects\classes;D:\JDev11gTp\webservices\lib\jaxws-api.jar;D:\JDev11gTp\webservices\lib\jws-api.jar;D:\JDev11gTp\webservices\lib\orawsmetadata.jar;D:\JDev11gTp\webservices\lib\wsclient.jar;D:\JDev11gTp\j2ee\home\lib\activation.jar;D:\JDev11gTp\j2ee\home\lib\ejb.jar;D:\JDev11gTp\j2ee\home\lib\jms.jar;D:\JDev11gTp\j2ee\home\lib\jta.jar;D:\JDev11gTp\j2ee\home\lib\mail.jar;D:\JDev11gTp\j2ee\home\lib\servlet.jar;D:\JDev11gTp\webservices\lib\jaxrpc-api.jar;D:\JDev11gTp\webservices\lib\wsserver.jar;D:\JDev11gTp\webservices\lib\wssecurity.jar;D:\JDev11gTp\webservices\lib\wsdl.jar;D:\JDev11gTp\webservices\lib\orasaaj.jar;D:\JDev11gTp\webservices\lib\saaj-api.jar;D:\JDev11gTp\webservices\lib\orawsdl.jar;D:\JDev11gTp\webservices\lib\orawsrm.jar;D:\JDev11gTp\webservices\lib\orawsrel.jar;D:\JDev11gTp\webservices\lib\jaxr-api.jar;D:\JDev11gTp\webservices\lib\orajaxr.jar;D:\JDev11gTp\webservices\lib\relaxngDatatype.jar;D:\JDev11gTp\webservices\lib\xsdlib.jar;D:\JDev11gTp\webservices\lib\mdds.jar;D:\JDev11gTp\webservices\lib\wsif.jar;D:\JDev11gTp\webservices\lib\fabric-common.jar;D:\JDev11gTp\webservices\lib\fabric-interceptors.jar;D:\JDev11gTp\jlib\jaxen.jar;D:\JDev11gTp\jlib\oraclepki.jar;D:\JDev11gTp\jlib\ojpse.jar;D:\JDev11gTp\jlib\jsr106.jar;D:\JDev11gTp\jlib\jsr105.jar;D:\JDev11gTp\jlib\osdt_xmlsec_jce.jar;D:\JDev11gTp\jlib\osdt_wss_jce.jar;D:\JDev11gTp\jlib\osdt_saml_jce.jar;D:\JDev11gTp\jlib\osdt_saml2_jce.jar;D:\JDev11gTp\jlib\osdt_core.jar;D:\JDev11gTp\jlib\osdt_cert.jar;D:\JDev11gTp\jlib\osdt_xmlsec.jar;D:\JDev11gTp\jlib\osdt_wss.jar;D:\JDev11gTp\jlib\osdt_saml.jar;D:\JDev11gTp\jlib\osdt_saml2.jar;D:\JDev11gTp\jlib\ojmisc.jar;D:\JDev11gTp\j2ee\home\lib\http_client.jar;D:\JDev11gTp\j2ee\home\jazncore.jar;D:\JDev11gTp\j2ee\home\oc4jclient.jar;D:\JDev11gTp\rdbms\jlib\xdb.jar;D:\JDev11gTp\j2ee\home\lib\javax77.jar;D:\JDev11gTp\lib\java\api\jsr173_api.jar;D:\JDev11gTp\lib\java\shared\sun.jaxb\2.0\jaxb-impl.jar;D:\JDev11gTp\lib\java\shared\sun.jaxb\2.0\jaxb-xjc.jar;D:\JDev11gTp\lib\java\shared\sun.jaxb\2.0\jaxb1-impl.jar;D:\JDev11gTp\j2ee\home\lib\oc4j-schemas.jar;D:\JDev11gTp\jlib\ojdl.jar;D:\JDev11gTp\jlib\ojdl2.jar;D:\JDev11gTp\jlib\fmw_audit.jar;D:\JDev11gTp\j2ee\home\lib\jmxri.jar;D:\JDev11gTp\j2ee\home\lib\jmx_remote_api.jar;D:\JDev11gTp\j2ee\home\lib\adminclient.jar;D:\JDev11gTp\j2ee\home\lib\jmxframework.jar;D:\JDev11gTp\j2ee\home\lib\jmxspi.jar;D:\JDev11gTp\j2ee\home\lib\xmlcfg.jar;D:\JDev11gTp\jlib\dms.jar;D:\JDev11gTp\jlib\orai18n.jar;D:\JDev11gTp\j2ee\home\lib\commons-digester.jar;D:\JDev11gTp\j2ee\home\lib\spring.jar;D:\JDev11gTp\lib\java\shared\oracle.wsm\11.1.1.0\wsm-policy-core.jar;D:\JDev11gTp\lib\java\shared\oracle.wsm\11.1.1.0\wsm-pmclient.jar;D:\JDev11gTp\lib\java\shared\oracle.wsm\11.1.1.0\wsm-pap.jar;D:\JDev11gTp\lib\java\shared\oracle.wsm\11.1.1.0\wsm-agent.jar;D:\JDev11gTp\lib\java\shared\oracle.wsm\11.1.1.0\wsm-secpol.jar;D:\JDev11gTp\lib\java\shared\oracle.javatools\11.1.1.0.0\javamodel-rt.jar;D:\JDev11gTp\lib\java\shared\oracle.javatools\11.1.1.0.0\javatools-nodeps.jar;D:\JDev11gTp\lib\java\shared\oracle.toplink\11.1.1.0.0\toplink-sdo.jar;D:\JDev11gTp\lib\java\api\jaxb-api.jar;D:\JDev11gTp\lib\xmlparserv2.jar;D:\JDev11gTp\lib\xml.jar;D:\JDev11gTp\jakarta-taglibs\commons-logging-1.0.3\commons-logging.jar -Dhttp.proxyHost=localhost -Dhttp.proxyPort=8099 -Dhttp.nonProxyHosts= -Dhttps.proxyHost=localhost -Dhttps.proxyPort=8099 -Dhttps.nonProxyHosts= HelloPolicyPortClient
Feb 1, 2008 5:13:43 PM oracle.j2ee.ws.common.context.ContextInterceptor init
INFO: Context provider properties file not found
Feb 1, 2008 5:13:44 PM oracle.wsm.audit.Auditor <init>
INFO: Created J2SE auditor for componentType=OWSM-AGENT busstop=D:\oracle\product\10.2.0\client_1\auditlogs\OWSM-AGENT filter=false auditor=oracle.security.audit.Auditor@143a083
Feb 1, 2008 5:13:44 PM oracle.wsm.audit.Auditor <init>
INFO: Created J2SE auditor for componentType=OWSM-PM-LIB busstop=D:\oracle\product\10.2.0\client_1\auditlogs\OWSM-PM-LIB filter=false auditor=oracle.security.audit.Auditor@15af049
SEVERE: WSM-04514 An MDS error occurred.
SEVERE: WSM-09012 No key, WSM-06002, was found in the resource bundle oracle.wsm.resources.policyvalidation.PolicyValidationMessageBundle.
javax.xml.ws.WebServiceException: oracle.fabric.common.PolicyEnforcementException: PolicySet Invalid: WSM-06002 PolicyReference Invalid policy reference
at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:466)
at oracle.j2ee.ws.client.jaxws.WsClientProxyInvocationHandler.invoke(WsClientProxyInvocationHandler.java:204)
at $Proxy28.sayHello(Unknown Source)
at HelloPolicyPortClient.main(HelloPolicyPortClient.java:35)
Caused by: oracle.fabric.common.PolicyEnforcementException: PolicySet Invalid: WSM-06002 PolicyReference Invalid policy reference
at oracle.integration.platform.common.InterceptorChainImpl.createPolicyEnforcementException(InterceptorChainImpl.java:217)
at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:104)
at oracle.j2ee.ws.client.mgmt.runtime.SuperClientInterceptorPipeline.handleRequest(SuperClientInterceptorPipeline.java:91)
at oracle.j2ee.ws.client.jaxws.DispatchImpl.handleRequest(DispatchImpl.java:309)
at oracle.j2ee.ws.client.jaxws.DispatchImpl.handleRequest(DispatchImpl.java:290)
at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:444)
... 3 more
Process exited with exit code 0.
Can anyone please give any clue as to why this error is coming?
Thanks.Hi
Please refer to this thread
Re: Can I create a login/password protection in Muse for a HTML5 page or two? -
Apparent gap in java applet security on client machine
I know about signing applets, and both the new and original security models for applets. For my purposes, the original security model for applets is just about perfect. My applets do not need access to the client machine hardware, nor do they need to access any machine other than that which provides them to the client (at least at present).
What I have been told is that it is not possible for a server of any kind (DB, servlets, &c.) to authenticate an applet. The claim was made that all the security was designed for client security and that a developer's only option is to trust the client machine.
I can exchange information among my servers over SSL, and secure communications between by servers and applet clients. However, what is there to prevent a bad guy from breaking into a client machine and then capturing and modifying the applet I am relying on to protect the client's sensitive data? Signing the applet tells the user that the applet has not been modified from what I have produced, and so the user should feel confident enough to run it. But what if the applet and related web page is cached, and someone who has, legitimately or not, access to the machine and tries to use the cached copy for inappropriate purposes?
If my servers can not verify that the applet code accessing them is mine, rather than a variant created to mimic my applet, then that certainly creates a risk for my code, but doesn't it also create a security risk for the client? After all, it is the client's sensitive data I am trying to protect, and I can envision a situation in which a bogus applet mascerades as mine and sends that sensitive data to a bad guy's machine; all this while giving the user the illusion that his data is safe.
The gap here is either in my understanding of this technology or a gap in java security, so I'll put the question another way also. Is it possible for a server (e.g. an application server such as Tomcat or Sun's application server) to verify that the applet code used to try to connect with them is in fact the applet code that was signed on and served from the same machine and not malicious code masceraing as my code? If so, how does that work, and how does the programmer do it?
Thanks,
Tedthe jar file reqiured is jmf.jar this jar file will there in
jmf_home/lib
for example in my mechine
C:\Program Files\JMF2.1.1e\lib this jar file contain all the file reqired to run the application
i think you may need some of the dll files also to run see
if reqiured the then it may throw exception
java.lang.UnsatisfiedLinkError then put respective dll file to workiing folder or the system32 folder -
Failure to create Web Service using Java client
Attempting to create a WebService using a Java client (partial code follows):
String xml = "<custId xmlns=\"http://samples.otn.com\">" + 101 + "</name>";
//Context ic = new InitialContext();
Locator lctr = new Locator("default", "bpel");
IDeliveryService dservice = (IDeliveryService)lctr.lookupService(IDeliveryService.SERVICE_NAME);
NormalizedMessage nm = new NormalizedMessage();
nm.addPart("payload", xml);
However - get the following error message:
E:\OraBPELPM_1\jdk\bin\javaw.exe -client -classpath E:\OraBPELPM_1\integration\jdev\jdev\mywork\Workspace1\BPELProcess1\output;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel-common.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel-thirdparty.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\bpm-infra.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\bpm-services.jar -Dhttp.proxyHost=ges-proxy.oracle.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=jpa*.jp.oracle.com|jpe*.jp.oracle.com|*.oracle.co.jp|144.23.230.118|144.23.230.110|psh*.peoplesoft.com|*.us.oracle.com|ex*.oracle.com|es0*.oracle.com|localhost|127.0.0.1 BusinessProcess.TestBPEL
java.lang.Exception: Failed to create "ejb/collaxa/system/DomainManagerBean" bean; exception reported is: "javax.naming.NoInitialContextException: Need to specify class name in environment or system property, or as an applet parameter, or in an application resource file: java.naming.factory.initial
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:640)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:280)
at javax.naming.InitialContext.lookup(InitialContext.java:347)
at com.oracle.bpel.client.util.BeanRegistry.lookupDomainManagerBean(BeanRegistry.java:218)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:83)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:47)
at com.oracle.bpel.client.Locator.<init>(Locator.java:65)
at BusinessProcess.TestBPEL.main(TestBPEL.java:19)
at com.oracle.bpel.client.util.BeanRegistry.lookupDomainManagerBean(BeanRegistry.java:232)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:83)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:47)
at com.oracle.bpel.client.Locator.<init>(Locator.java:65)
at BusinessProcess.TestBPEL.main(TestBPEL.java:19)
Exception in thread "main" Process exited with exit code 1.
The line: Locator lctr = new Locator("default", "bpel");
is the point of the error -
What is the problem here. I have seen several similar issues on the forum but I have not foound one that iindicated a solution to the problem.
THANKS - Ken CooperApplied the suggested code and am getting following errors:
E:\OraBPELPM_1\jdk\bin\javaw.exe -client -classpath E:\OraBPELPM_1\integration\jdev\jdev\mywork\Workspace1\BPELProcess1\output;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel-common.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\orabpel-thirdparty.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\bpm-infra.jar;E:\OraBPELPM_1\integration\jdev\jdev\lib\ext\bpm-services.jar -Dhttp.proxyHost=ges-proxy.oracle.com -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=jpa*.jp.oracle.com|jpe*.jp.oracle.com|*.oracle.co.jp|144.23.230.118|144.23.230.110|psh*.peoplesoft.com|*.us.oracle.com|ex*.oracle.com|es0*.oracle.com|localhost|127.0.0.1 BusinessProcess.TestBPEL
java.lang.Exception: Failed to create "ejb/collaxa/system/DomainManagerBean" bean; exception reported is: "javax.naming.NoInitialContextException: Cannot instantiate class: com.evermind.server.rmi.RMIInitialContextFactory [Root exception is java.lang.ClassNotFoundException: com.evermind.server.rmi.RMIInitialContextFactory]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:652)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.init(InitialContext.java:219)
at javax.naming.InitialContext.<init>(InitialContext.java:195)
at com.oracle.bpel.client.util.BeanRegistry.lookupDomainManagerBean(BeanRegistry.java:216)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:83)
at com.oracle.bpel.client.Locator.<init>(Locator.java:126)
at com.oracle.bpel.client.Locator.<init>(Locator.java:97)
at BusinessProcess.TestBPEL.main(TestBPEL.java:30)
Caused by: java.lang.ClassNotFoundException: com.evermind.server.rmi.RMIInitialContextFactory
at java.net.URLClassLoader$1.run(URLClassLoader.java:199)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:187)
at java.lang.ClassLoader.loadClass(ClassLoader.java:289)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:274)
at java.lang.ClassLoader.loadClass(ClassLoader.java:235)
at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:219)
at com.sun.naming.internal.VersionHelper12.loadClass(VersionHelper12.java:42)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:649)
... 8 more
at com.oracle.bpel.client.util.BeanRegistry.lookupDomainManagerBean(BeanRegistry.java:232)
at com.oracle.bpel.client.auth.DomainAuthFactory.authenticate(DomainAuthFactory.java:83)
at com.oracle.bpel.client.Locator.<init>(Locator.java:126)
at com.oracle.bpel.client.Locator.<init>(Locator.java:97)
at BusinessProcess.TestBPEL.main(TestBPEL.java:30)
Error occurs at the bold line below - same location as before:
Properties props = new Properties();
props.setProperty("orabpel.platform", "oc4j_10g");
props.setProperty("java.naming.factory.initial",
"com.evermind.server.rmi.RMIInitialContextFactory");
props.setProperty("java.naming.provider.url", "ormi://localhost/orabpel");
props.setProperty("java.naming.security.principal", "admin");
props.setProperty("java.naming.security.credentials", "welcome");
props.setProperty("dedicated.rmicontext", "true");
Locator lctr = new Locator("default", "oracle", props);
Thanks - Ken -
Creating multiple stateful session beans from a java client. (EJB 3.0)
I'm having difficulties with the following:
To access the ShoppingCartBean, I have to put the following annotation in my standalone java client:
@EJB
private static ShoppingCartRemote shoppingCartBean;
The static must be there, thus only one ShoppingCartBean will exist within my java client. But as the ShoppingCartBean is a stateful session bean, I want to be able to get different beans of the same type.
What is the correct way to do this in EJB 3.0?Great question. Because Home interfaces have been removed for the EJB 3.0 simplified
API, stateful session bean creation happens as a side-effect of injection. However, the
same is true of EJB 3.0 business interface lookups. The easiest way to create additional
stateful session beans is to lookup the same dependency that was declared via your
@EJB annotation.
E.g.,
// Assuming the declaring class is pkg1.ShoppingCartClient.java
InitialContext ic = new InitialContext();
ShoppingCartRemote scr1 = (ShoppingCartRemote)
ic.lookup("java:comp/env/pkg1.ShoppingCartClient/shoppingCartBean");
Note that the name relative to java:comp/env is the default associated with your
@EJB annotation since the name() attribute wasn't used. Alternatively, you
could have used :
@EJB(name="scb") private static ShoppingCartRemote shoppingCartBean;
InitialContext ic = new InitialContext();
ShoppingCartRemote scr1 = (ShoppingCartRemote) ic.lookup("java:comp/env/scb");
Yet another alternative is to declare the @EJB at the class-level. This just defines
the dependency without any injection, which is fine if you want to create a bunch of
them via lookup anyway.
@EJB(name="scb", beanInterface=ShoppingCartRemote.class)
public class .... { -
HI Team,
while starting the node manager in wls 8.1 and java1.4
we are facing this issue plz help on this immediately.
+ CLASSPATH=/srvrs/bdv/patches/CR210310_81sp4.jar:/usr/java14/lib/tools.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic_sp.jar:/srvrs/bdv/bea/weblogic81/server/lib/weblogic.jar::/srvrs/bdv/bea
+ export CLASSPATH
+ export PATH
+ set -x
+ [ 5555 != ]
+ [ 142.182.112.123 != ]
+ /usr/java14/bin/java -Xms32m -Xmx32m -Dweblogic.security.SSL.enforceConstraints=off -Djava.security.policy=/srvrs/bdv/bea/weblogic81/server/lib/weblogic.policy -Dweblogic.nodemanager.javaHome=/usr/java14 -DListenAddress=142.182.112.123 -DListenPort=5555 weblogic.NodeManager
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <NodeManager: for information on command line options, try "java weblogic.NodeManager -h">
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Starting NodeManager >
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenAddress to 142.182.112.123..>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting listenPort to 5,555..>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Setting java home to '/usr/java14'>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Effective values of properties :
ListenAddress=142.182.112.123
ListenPort=5555
ListenerType=secureSocket
SavedLogsDirectory=NodeManagerLogs
NativeVersionEnabled=true
TrustedHosts=nodemanager.hosts
StartTemplate=../../server/lib/unix/nodemanager.sh
ReverseDnsEnabled=false
ScavangerDelaySeconds=180
PIDFileReadRetryCount=0
WeblogicHome=null
bea.home=null
JavaHome=/usr/java14
PropertiesVersion=8.1
>
<Sep 15, 2013 7:35:26 AM EDT> <Info> <NodeManager> <Saving logs in'NodeManagerLogs'>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading private key and certificate chain from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoIdentity.jks. KeyStore type = jks, Using keystore passphrase = true, Alias = DemoIdentity>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /srvrs/bdv/bea/weblogic81/server/lib/DemoTrust.jks. KeyStore type = jks, Using keystore passphrase = true>
<Sep 15, 2013 7:35:31 AM EDT> <Info> <[email protected]:5555> <Reading trusted CAs from the keystore /usr/java14/jre/lib/security/cacerts. KeyStore type = jks, Using keystore passphrase = false>
SecureSocketListener: Could not setup context and create a secure socket on 142.182.112.123:5555 : java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.
java.security.cert.CertificateParsingException: PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11
at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:52)
at weblogic.nodemanager.internal.SecureSocketListener.run(SecureSocketListener.java:57)
at weblogic.nodemanager.internal.GenericListener.startListener(GenericListener.java:16)
at weblogic.nodemanager.NodeManager.startSecureSocketListener(NodeManager.java:461)
at weblogic.nodemanager.NodeManager.init(NodeManager.java:305)
at weblogic.nodemanager.NodeManager.run(NodeManager.java:511)
at weblogic.NodeManager.main(NodeManager.java:31)
Thanks,
EswarHi,
Did you find a solution to this? We are running into the same issue since upgrading to Weblogic 9.2.3 for WebCT Vista 8.0.4.
Thanks,
Ron
Maybe you are looking for
-
hi guys, The user is not able to clear the GRIR account using MR11 and F.13. Please advise as to what could be the reason and how it could be resolved. thanks srikanth.
-
To create 5 different files in target for each record in the sender file
Hi SapAll, i have got a a requirement where pi need to create 5 different files with data of each record from the sender side. Its an file to file scenario suppose there are 5 rows in a file , then in target side i need to create 5 diff with each one
-
Controlling Apple Chess from the command line
Hello is it possible to control Apple Chess with the command line? I would like to get two computers to play against each other over a wireless connection, either airport of bluetooth. Any other suggestions would be great! Thanks, Tim
-
Maildrop, Airdrop - so unreliable
These are good ideas, but in practical they bring more troubles than benefit. On 100 mbps internet line mail attachment is being uploaded o iCloud 100 kb/s (sometimes faster but usually like that). If I upload it on ftp, it lasts 30 sec, on iCloud 3
-
Tile path Resolution by Servlet ?
Hey guys! Just stumbled across a small problem. I'm using struts tiles for showing 2 presentation layers "viewA" and "viewB" in a project "WebProject". Since both Tiles "viewA" and "viewB" use[b] the same Servlets in the project "WebProject", the ser