Can programmatic security work without declarative security?

Similar Messages

• Can my server work without smart array controller

  I have HP Proliant ML570 server with P400 smart array controller card. I suspect smart array controler is not working. Can I remove array controler card and continue to work without any raid config. Please suggest.

  Hi:
  I recommend you also post your question in the HP Business Support Forum -- ML Servers section.
  http://h30499.www3.hp.com/t5/ProLiant-Servers-ML-DL-SL/bd-p/itrc-264

• Can an iPhone work without a data plan, like an iPod?

  If I purchase a new iPhone 4S, I want to give my old iPhone 4 to my daughter to use as an iPod touch.  Will it work the same as an iPod touch just without a data plan, not being used as a cellphone, just an electronic device?

  Being already activated, the old iPhone 4 should still work as an iPod even if the data and cell plan are cancelled. If it deactivates for some reason, you'll need a valid SIM to reactivate, though you still shouldn't need a cell plan. You can ask for confirmation in the iPhone forum, just in case I'm missing some recent change or detail.
  Regards.

• Can an application work without the Java environment?

  Is there anyway I can take an application that I have developed on my computer to my friend without installing the Java environment on his computer. If there is, what is the easiest way to do it?

  or put your application in an applet and show it with a html site.
  otherwise: no

• Can Oracle Portal work without Oracle HTTP Server ?.

  Hi,
  We are developing on Oracle Portal 10.1.4.
  We are trying to use IPlanet Web Server instead of Oracle HTTP server. In such a case can Portal run with IPlanet Web server. alone ?.
  Can we eliminate Oracle HTTP Server altogether ?.
  Thanks and Regards,
  Panai.

  Third party HTTP Servers can be used with the OracleAS Proxy Plug-in. I have not done any tests with them however. The documentation states that it will enable you to integrate Sun ONE Web Server Enterprise Edition on UNIX and Windows systems, or the Microsoft Internet Information Server (IIS) on Windows systems.
  Oracle Portal is tightly integrated with Oracle Web Cache. This might limit the usability of the OracleAS Proxy plugin.
  More info is available in the documentation :
  http://download-uk.oracle.com/docs/cd/B32110_01/web.1013/b28948/proxy.htm#sthref1166

• Can time machine work without going wireless?

  i have time machine but not airborne (wireless).  Will time machine work through a direct cable line to my backup drive?

  As long as your backup drive is connected to your router by Ethernet cable and the drive is mounted then Time Machine will backup to it.

• Can I publish work without a Creative Commons licence? Why/why not? All I am doing is teaching general knowledge.

  This is a problem as the work I am posting isn't copyrightable. It is free to use, general knowledge. What do I do?

  "The Ipad is on a short cable to my projector."
  Get a longer cable?

• Programmatic security using isCallerInRole(roleName) doesn't work

  Hi,
  I am developing an EJB application on WebAS 6.40 SP16 and try to use declarative and programmatic security combined. I have conducted the following steps to map a UME group to an j2ee ejb role:
  - Mapped a new Security Role (SR_ProductAdmin) to the UME Administrators group using the Visual Administrator(Services/Security Provider/Security Roles).
  - Mapped the Security Role to an EJB Application Security Role in ejb-j2ee-engine.xml
  <ejb-j2ee-engine>
    <security-permission>
      <security-role-map>
        <role-name>ProductAdmin</role-name>
        <server-role-name>SR_ProductAdmin</server-role-name>
      </security-role-map>
    </security-permission>
  </ejb-j2ee-engine>
  - Added the role in ejb-jar.xml/Assembly/security-role
  - Enforced descriptive security in ejb-jar.xml/Assembly/method-permission on my EJB. This works as expected, only members of the administrators group can access the EJB.
  - Added another role mapped to the J2EE Security Role "all" and added it to  ejb-jar.xml/Assembly/method-permission to allow some methods of the EJB to be invoked by everyone, security checking is based on parameters and done programmatically at runtime.
  - I have mapped the ProductAdmin in ejb-jar.xml/Enterprise Beans/session beans/security-role-ref as described in the Developer Studio manual.
  <security-role-ref>
    <role-name>ProductAdminInternal</role-name>
    <role-link>ProductAdmin</role-link>
  </security-role-ref>
  - I should be able to check the role of the caller using the Context.isCallerInRole(String roleName) but it always returns false for roleName="ProductAdminInternal". In the same context I can invoke Context.getCallerPrincipal().getName() and get (correctly) the user name "Administrator".
  Thanks in advance,
  Stefan

  Hi Frank,
  When using the Must value authentication worked but when using the Auth value it didn't.
  Now I've found what the problem was.
  I had to define the users and role in %JDEV_HOME%\j2ee\home\config\system-jazn-data.xml. I had setup my users in several jazn files but this one. It's pretty hard to find in which xml file you have to define users and roles. I don't understand either why switching from Must to Auth makes the authentication using different jazn files...
  Now I have to test in an OC4J standalone instance.
  Thanks,
  Seb.

• Toplink app works without oc4j,fails with security excp. in oc4j[SOLVED]

  OS: Windows XP
  jdk version: 1.5.0.04 (installed normally with windows installer, no tampering)
  JDeveloper version: 10.1.3.2.0 (base installation)
  I'm new to JDeveloper and I'm working on SRDemo application from online ADF tutorial under JDeveloper. After 6th chapter I tried to run the app with embedded oc4j. After a login to app i got a toplink exception caused by a security exception. I've tried toplink part of the application with a standalone client it works without this strange problem. Also other toplink tutorials that i have work without oc4j.
  The exception is this:
  Note: some messages were in Turkish, so I (partly) translated them, they may not match original english messages
  [TopLink Info]: 2007.07.06 10:52:31.312--ServerSession(29560314)--Thread(Thread[HTTPThreadGroup-4,5,HTTPThreadGroup])--TopLink, sürüm: Oracle TopLink - 10g Release 3 (10.1.3.1.0) (Build 061004)
  [TopLink Config]: 2007.07.06 10:52:31.328--ServerSession(29560314)--Connection(27524709)--Thread(Thread[HTTPThreadGroup-4,5,HTTPThreadGroup])--connected(DatabaseLogin(
       platform=>Oracle10Platform
       user name=> "SRDEMO"
       data source url=> "jdbc:oracle:thin:@localhost:1521:XE"
  [TopLink Severe]: 2007.07.06 10:52:31.343--ServerSession(29560314)--Thread(Thread[HTTPThreadGroup-4,5,HTTPThreadGroup])--Local Exception Stack:
  Exception[TOPLINK-7107] (Oracle TopLink - 10g Release 3 (10.1.3.1.0) (Build 061004)): oracle.toplink.exceptions.ValidationException
  Exception message: Error in decrypting .....
  Caused by: java.security.NoSuchAlgorithmException: Algorithm DES not available      at oracle.toplink.exceptions.ValidationException.errorDecryptingPassword(ValidationException.java:587)
       at oracle.toplink.internal.security.JCEEncryptor.decryptPassword(JCEEncryptor.java:94)
       at oracle.toplink.sessions.DatasourceLogin.prepareProperties(DatasourceLogin.java:296)
       at oracle.toplink.sessions.DatasourceLogin.connectToDatasource(DatasourceLogin.java:147)
       at oracle.toplink.internal.databaseaccess.DatasourceAccessor.connect(DatasourceAccessor.java:197)
  ...(the stack goes on followed by below causes)
  Caused by: java.security.NoSuchAlgorithmException: Algorithm DES not available
       at javax.crypto.SunJCE_b.a(DashoA12275)
       at javax.crypto.SecretKeyFactory.getInstance(DashoA12275)
       at oracle.toplink.internal.security.JCEEncryptor$Synergizer.getMultitasker(JCEEncryptor.java:104)
       at oracle.toplink.internal.security.JCEEncryptor.decryptPassword(JCEEncryptor.java:74)
       ... 117 more
  Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: DES, provider: SunJCE, class: com.sun.crypto.provider.DESKeyFactory)
       at java.security.Provider$Service.newInstance(Provider.java:1155)
       at sun.security.jca.GetInstance.getInstance(GetInstance.java:220)
       ... 121 more
  Caused by: java.lang.SecurityException: class "com.sun.crypto.provider.DESKeyFactory"'s signer information does not match signer information of other classes in the same package
       at java.lang.ClassLoader.checkCerts(ClassLoader.java:775)
       at java.lang.ClassLoader.preDefineClass(ClassLoader.java:487)
       at java.lang.ClassLoader.defineClass(ClassLoader.java:614)
       at oracle.classloader.PolicyClassLoader.defineClass(PolicyClassLoader.java:2241)
       at oracle.classloader.PolicyClassLoader.findLocalClass(PolicyClassLoader.java:1462)
       at oracle.classloader.SearchPolicy$FindLocal.getClass(SearchPolicy.java:167)
       at oracle.classloader.SearchSequence.getClass(SearchSequence.java:119)
       at oracle.classloader.PolicyClassLoader.internalLoadClass(PolicyClassLoader.java:1674)
       at oracle.classloader.PolicyClassLoader.loadClass(PolicyClassLoader.java:1635)
       at oracle.classloader.PolicyClassLoader.loadClass(PolicyClassLoader.java:1620)
       at java.security.Provider$Service.getImplClass(Provider.java:1172)
       at java.security.Provider$Service.newInstance(Provider.java:1129)
       ... 122 more
  This happens when i run toplink project inside oc4j, with a normal java client outside oc4j it works.
  The strange thing is the root cause of the problem (the exception complaining about signer) . If the root cause of this problem was really correct system wide, neither security code samples nor the standalone client that i tried would have worked.
  Only similiar issue I've found on the net is a problem that occured under eclipse due to a bug in previous versions of jce, but it seems this is no longer an issue.
  No one other than me seems to have this problem, so this implies a problem with my system, but the root exception about signer information (which is not correct) says there is something wrong with toplink/oc4j runtime or there is some subtle bug.
  I am trying to download another jdk1.5 version to see if this is a subtle bug of java-1.5.0.04 and oc4j, but either sun servers or my isp has a problem because the download is in the order of bytes and fails all the time.
  I think there can be a problem with the java2.policy file under oc4j config dir, but i don't know if it is really used and necessary or not.
  I don't know much about oc4j config so i need some help to proceed. thanks in advance
  Message was edited by:
  identityunknown

  Sorry, I tried something that I should have tried before posting, that gives another information about my problem.
  when i use standalone oc4j using start_oc4j.bat under jdev/bin, I also get the same security exception stack (nothing deployed to server) during server initialization. the default java command in start_oc4j.bat is this:
  OC4J_OPTS=
  VM_OPTS=-XX:MaxPermSize=256m
  JAVA_COMMAND="%JAVA_HOME%\bin\java.exe" %VM_OPTS% -jar oc4j.jar %OC4J_OPTS%
  if I change the command to this:
  OC4J_OPTS=
  VM_OPTS=-XX:MaxPermSize=256m -Xbootclasspath/p:"%JAVA_HOME%\jre\lib\ext\sunjce_provider.jar"
  JAVA_COMMAND="%JAVA_HOME%\bin\java.exe" %VM_OPTS% -jar oc4j.jar %OC4J_OPTS%
  and put sunjce_provider.jar on boot classpath I don't get that exception and oc4j initializes normally. My new questions are:
  1. what is the reason for this behavior
  2. how can I specify boot classpath option for embedded oc4j and/or JDeveloper

• How can you securely erase my eMacs HDD without the use of a disk drive?

  I want to get rid of my eMac, it runs fine and would be a waste if I just threw it out, but the disk drive doesn't work, how can I securely delete the HDD to get all personal info off of it so I could either sell it or give it away while still working? I also, surprisingly after nearly 15 years, have misplaced the original startup discs.

  Well, you didn't state that in your original post. Sorry for the misunderstanding. Here's an option for you:
  Open Accounts preferences and click on the lock icon to authenticate. Create a new user account by clicking on the Add [-] button. Be sure to configure this account with Administrator status. Log out of your account and log into the new account. Now delete your account. Be sure to select the last option that completely removes your account. If there is a sub-option to Securely Erase then select that option. If not then see Mac OS X 10.4 Help: Removing files from your computer. Note the option for securely erasing free space. It's time consuming but will assure none of your files can be accessed. If you aren't concerned about your data's security then you can skip any options to securely erase free space.

• HT5312 I've forgotten the security questions. It made me to cannot purchase app. How can I buy it without the security questions?

  I've forgotten the security questions. It made me to cannot purchase the general app. How can I buy it without the security questions? Please.

  You will have to reset the security questions with new ones.   See this document ...
  Rescue email address and how to reset Apple ID security questions

• I don't remember the answers to my security questions and now I can't buy anything. How can I reset them without respond them previously?

  I don't remember the answers to my security questions and now I can't buy anything. How can I reset them without respond them previously?

  You need to ask Apple to reset your security questions. To do this, click here and pick a method; if that page doesn't list one for your country or you're unable to call, fill out and submit this form.
  (116595)

• My iPhone says I can't buy thing without entering security questions which I have forget and I can't change rescue email without my security questions????

  My iPhone says I can't buy thing without entering security questions which I have forget and I can't change rescue email without my security questions????

  Then you aren't looking closely enough.
  https://discussions.apple.com/message/21396255#21396255
  https://discussions.apple.com/message/22492054#22492054
  https://discussions.apple.com/message/21098869#21098869
  https://discussions.apple.com/message/20648647#20648647
  Shall I go on?
  Anyways, his question was already answered, AND there are DOZENS of threads where the same question is answered previously.

• HT3702 I have a ipod 4th generation and on my itunes it keeps asking me for my security cards # but i dont have it is there a way i can get that number without the card itself

  i have a ipod 4th generation; and on my itunes it keeps asking me for my itunes security card # but i dont have it. Is there a way i can get that number without the card itself?

  So I tryed to download it on the apple website but it keeps saying that there is an error.
  What does the error message say? (Precise text, please.)

• Can SSM work without BI Platform?

  Hallo Gurrus,
  Can SSM be installed and work without BI Platform?
  Thank you for your help in Advance.
  Kind Regards
  Tairq

  Hi Tariq,
  Sure, Strategy Management does not need a BW platform to run on. Current versions are built on NWCE, and use its own Application Server to manage measures, dimensions and security.
  BW only comes into play if you want to integrate into Strategy Management Key-Figure data, Characteristic Values and Hierarchies from BW queries/cubes. This is quite easy to do, and makes sense if you want to take advantage of already existing BW data.
  But there is no dependency here. There are many ways to bring data to Strategy Management anyway, including its own Entry&Approval interface, where business users can establish a simple yet effective workflow to enter ACTUAL and TARGET data for their scorecard measures.
  Hope this helps!
  BR,
  Ricardo Vieira