Cannot assign custom security manager to repository

Similar Messages

• Custom Security Manager or Security Event Interception from WebLogic Console

  Hello,
  I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
  Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
  I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
  I use Weblogic Server 6.0 sp2
  serge

  Hi Daniel,
  > a custom security manager for the standard CM Repository
  And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
  The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
  > java.lang.NoSuchMethodException: MySecurityManager.<init>
  This exception only complains about a missing constructor!? Have you implemented a default constructor?!
  > If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
  The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
  There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
  Hope it helps
  Detlev

• Access to IPortalComponentRequest in custom security manager

  Hi All,
  I am implementing a custom security manager. For my requirements, I need IPortalComponentRequest object in the security manager class. Can anyone give me a clue to get the request object in security manager implementation.
  Regards,
  Yoga

  Hi Romano,
  I tried this. Its returning mysapsso2 cookie and authentication_schema cookie. But not retuning any custom cookies added to the response from any other application.
  What I have tried to achieve is:
  1. When a user login and authentication suceeds, I will add a custom cookie to the response.
  2. Get the custom cookie added in the security manager class and do manipulations to check whether the user is authenticated.
  Using the method you have suggested, I was not able to get any custom cookies added in other applications.
  I tried the code using resource context(resource context obtained form IUser) as suggested in other threads,
  HttpServletRequest request = (HttpServletRequest) resourceContext.getObjectValue("http://sapportals.com/xmlns/cm/httpservletrequest");
  But this API returns null.
  Any way to achieve?
  Regards
  Yoga

• I cannot set new security manager.

  How to set new security manager if there is one that is installed. It always raises an exception.

  this is not really a JMS question.
  anyway - you can't change a SecurityManager after it has been instatiated. what you can do is run the JVM with the -Dsecuritymanager= propert.y

• Results Table (2.2.2) export missing Security Manager filters

  Hello OEID forum,
  I'm working with the Results Table portlet (v2.2.2), and notice that my exports are not including security filters which we have added in a custom Security Manager.
  When I trace through the ResultsExportPortlet (doExport method) and AbstractExport classes (source included in the endeca-results-export-portlet.war) I seem to see 2 different implementations:
  1. For MDEX 7...
  This code will craft the request to the MDEX web service. I don't see it calling the Security Manager anywhere.
  2. For MDEX 6...
  This code will eventually call com.endeca.portal.data.DataSource.execute, which I believe will call the Security Manager.
  Can anyone confirm that this is correct? So Results Table export for MDEX 7 will not invoke the Security Manager, while the MDEX 6 implementation will?
  Thanks,
  Jerome

  Hi Jerome,
  Thanks for your post. It's worthwhile raising a Service Request for this, so it can be investigated.
  Best
  Brett

• GRC 5.3 - Management Report Error: Cannot assign an empty string to host..

  Good day Kiran Kandepalli and Others.
  I have successfully executed the background jobs -
  Full User, Role, Profile Synchronization & a
  Full Batch Risk Analysis
  When I run the Management Reports I receive the following error -
  Error while executing the Job:Cannot assign an empty string to host variable 10.
  Has anybody had this error message before?
  When I check table VIRSA_CC_PRMVL, variable 10 is set to No in Nullable collumn.

  Hi Sahad,
  Thanks for your response.  I have checked the usr02 table and logs and do not see any empty fields or strings.  This process worked for 5.2 but fails in 5.3.  Here is the excerpt from the log for the Management Report run.  It seems to fail consistenly at a certain point.  If I knew what the batch job was looking for in host variable 10 I might be able to resolve the problem.  It seems to fail when it starts to report on users.
  Thanks.
  Dan.
  INFO: -
  Scheduling Job =>935----
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BgJob run
  INFO: --- Starting Job ID:935 (RISK_ANALYSIS_BATCH) - tst
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BgJob setStatus
  INFO: Job ID: 935 Status: Running
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BgJob findJobHistory
  FINEST: --- @@@@@@@@@@@ Find the Job History -
  1
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BgJob updateJobHistory
  FINEST: --- @@@@@@@@@@@ Updating the Job History -
  1@@Msg is tst started :threadid: 0
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
  INFO: -
  Background Job History: job id=935, status=1, message=tst started :threadid: 0
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis performBatchSyncAndAnalysis
  INFO: --- Batch Sync/Analysis/Mgmt Report started ---
  Jan 23, 2009 8:04:16 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis runBkgMgmReport
  INFO: --- Running the Background Management Report -
  Jan 23, 2009 8:04:39 AM com.virsa.cc.xsys.mgmbground.dao.MgmStats execute
  INFO: Start insert int cc_mgriskd all violations.... 1232726679108
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.bg.BatchRiskAnalysis runBkgMgmReport
  WARNING: Exception in Management Report Job: Cannot assign an empty string to host variable 10.
  com.sap.sql.log.OpenSQLException: Cannot assign an empty string to host variable 10.
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:85)
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:124)
       at com.sap.sql.types.VarcharResultColumn.setString(VarcharResultColumn.java:57)
       at com.sap.sql.jdbc.common.CommonPreparedStatement.setString(CommonPreparedStatement.java:511)
       at com.sap.engine.services.dbpool.wrappers.PreparedStatementWrapper.setString(PreparedStatementWrapper.java:355)
       at com.virsa.cc.xsys.mgmbground.dao.MgmStats.execute(MgmStats.java:314)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.runBkgMgmReport(BatchRiskAnalysis.java:1182)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1430)
       at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
       at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
       at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
       at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
       at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
       at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
       at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
       at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
       at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
       at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:321)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
       at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.bg.BgJob run
  WARNING: *** Job Exception: Cannot assign an empty string to host variable 10.
  com.sap.sql.log.OpenSQLException: Cannot assign an empty string to host variable 10.
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:85)
       at com.sap.sql.log.Syslog.createAndLogOpenSQLException(Syslog.java:124)
       at com.sap.sql.types.VarcharResultColumn.setString(VarcharResultColumn.java:57)
       at com.sap.sql.jdbc.common.CommonPreparedStatement.setString(CommonPreparedStatement.java:511)
       at com.sap.engine.services.dbpool.wrappers.PreparedStatementWrapper.setString(PreparedStatementWrapper.java:355)
       at com.virsa.cc.xsys.mgmbground.dao.MgmStats.execute(MgmStats.java:314)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.runBkgMgmReport(BatchRiskAnalysis.java:1182)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1430)
       at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:402)
       at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:264)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:240)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:80)
       at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:436)
       at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1225)
       at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
       at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
       at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
       at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
       at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
       at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:321)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:713)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:666)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
       at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.bg.BgJob setStatus
  INFO: Job ID: 935 Status: Error
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.bg.BgJob updateJobHistory
  FINEST: --- @@@@@@@@@@@ Updating the Job History -
  2@@Msg is Error while executing the Job:Cannot assign an empty string to host variable 10.
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.bg.dao.BgJobHistoryDAO insert
  INFO: -
  Background Job History: job id=935, status=2, message=Error while executing the Job:Cannot assign an empty string to host variable 10.
  Jan 23, 2009 8:04:49 AM com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob scheduleJob
  INFO: -
  Complted Job =>935----

• Management Report - Cannot assign an empty string to host variable 10

  We ran a Management Report for the first time after completing the User/Role/Profile Full Sync and the user/Role/Profile Batch Risk Analysis.  The job failed with the following error:
  Oct 16, 2008 12:13:29 PM com.virsa.cc.xsys.bg.BatchRiskAnalysis runBkgMgmReport
  WARNING: Exception in Management Report Job: Cannot assign an empty string to host variable 10.
  com.sap.sql.log.OpenSQLException: Cannot assign an empty string to host variable 10.
  We are on GRC 5.3 support pack 4.  Has anybody encountered this error? What does host variable 10 refer to?

  I checked our USOBT_C table and we have a lot of empty values. If this is allowed to be empty in SAP and this is the table that is uploaded into CC, why would all the fields in CC tables then be defined as NOT NULL?  We suspect that since we had uploaded USOBT_C under 5.2 and if this had been an issue before, it may have been corrected when we upgraded to 5.3 but then the old data is still in our system. Is there an easy way to get around or correct this?
  Thanks.

• Unable to assign all security roles to a user with a new custom security role

  Dear All,
  Happy New Year.!
  I have a query regarding the assignment of Security Roles to new users in CRM. Normally we assign the security roles to new users via an Admin user who has 'System Administrator' security role assigned to him/her. This works perfectly fine, and we can assign
  any desired security role to the new user.
  However, in our case, we need to delegate the user creation rights to some of the client partners. We do not want to give them access to all the Administration functions; hence we created a new Security Role, lets say 'Support User Role'. We have provided
  'Create', 'Append', 'Append To', and 'Assign' rights on 'User' entity for this new security role. With this security role, we are able to create new users now, but we are only able to assign 'Agent' security role, not any other security roles.
  For example, if user 'x' has Security Role defined as 'Support User Role'. If 'x' tries to add a new user 'y', then 'x' is only able to assign 'Agent' security role to 'y', but not any other security role. As per business requirement, 'x' should be able
  to assign some other security roles, including 'Support User Role', to new user 'y'.
  I believe that there is something missing in Security Role configuration, which is causing the above problem. We compared both 'Support User Role' and 'System Administrator' security roles, but not able to figure out which minimum rights we can provide to
  'Support User Role' so that users with this security role can only add new users (with any security role), and that they are not having access on any other Administration features as well.
  Appreciate any help that you can provide on the above issue.
  Thanks in anticipation.

  Hi,
  Can you check if you have organization level Read access for Securitity Role and Organization level Assign access for Security role.
  Refer:-
  http://www.magnetismsolutions.com/blog/paulnieuwelaar/2013/04/22/permissions-required-to-manage-roles-in-dynamics-crm-2011
  Hope this helps!!!
  Thanks,
  Prasad
  Make sure to "Vote as Helpful" and "Mark As Answer",if you get answer of your question

• SSRS Custom Security / Sql Server Data Tools / SQL Management Studio?

  We are planning on implementing custom security for SSRS via IAuthenticationExtension and IAuthorizationExtension.
  Once we switch SSRS from Windows security to our own custom security (based upon external user table in sql), how will that affect:
  1. Publishing reports from SSDT for VS2013
  2. Connecting / Managing SSRS from SQL Mgmt Studio
  SSRS 2014
  scott

  Hi scott_m,
  According to your description, you want to know effect when using custom Authentication and Authorization. Right?
  In Reporting Services, for deploying a report from SSDT to report server, it requires the current user has permission to create reports. It's has nothing to do with the Authentication and Authorization. For managing SSRS in SSMS, it's directly accessing
  the report server database. It will not call the web service, the custom Authentication and Authorization will not effect managing.
  For the internal working of Authentication and Authorization in Reporting Services, please refer to links below:
  Authorization in Reporting Services
  Authentication in Reporting Services
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
  "In Reporting Services, for deploying a report from SSDT to report server, it requires the current
  user has permission to create reports."
  Simon, How does SSDT know who the current user is when custom authentication is enabled in SSRS?
  thanks
  scott

• Cannot find security providers when using a security manager.

  Hi all,
  I've done stuff with JAAS and JSSE before, but this is the first time I've combined the two :o)
  I have some code for an application server and I'm using SSL sockets in order to communicate with the outside world. These all work fine, no problems at all.
  However, I want to control what code is executed on the server using the security framework. When I load my server using a security manager and custom security policy it seems that my app can no longer find the security providers.
  Exception in thread "SSLServer" java.lang.RuntimeException: Could not generate DH keypair
       at com.sun.net.ssl.internal.ssl.DHKeyExchange.generateKeyPair(DHKeyExchange.java:137)
       at com.sun.net.ssl.internal.ssl.ServerHandshaker.getEphemeralDHKeys(ServerHandshaker.java:132)
       at com.sun.net.ssl.internal.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:707)
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:292)
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:253)
       at com.essar.hikesoft.server.netio.SSLConnectionServer.run(SSLConnectionServer.java:126)
       at java.lang.Thread.run(Thread.java:595)I start my app as follows:
  java -Djava.security.manager -Djava.security.policy==security.policy -classpath... and I have the following lines in my security.policy file
  permission java.security.SecurityPermission "insertProvider.*";
  permission java.security.SecurityPermission "putProviderProperty.*";I know that the providers are defined in the java.security file, do I have to implement my own Security manager in order to load these providers? Or have I missed something else?
  Am currently chewing through the docs at http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-spec.doc6.html but any further assistance greatly appreciated!

  That seems to have cured it cheers - sure I copied the double '=' from somewhere, thought it was wierd at the time.
  Now to solve the odd MySQL errors :-)
  Thanks for your help.

• CVI_EI003 - No customer assigned, you cannot transfer customer data

  Hi experts,
  I have a problem sync BP, when i'm trying to do it BDOC is returning CVI_EI003 - No customer assigned, you cannot transfer customer data.
  I have checked all customizing for CVI, and it's fine.
  https://help.sap.com/saphelp_crm60/helpdata/en/72/1298956c744f4399fe372367646757/content.htm
  I have also checked note: 931239 and its related note 436843.
  But i cannot find the problem and also the solution.
  Could you please help me??
  Thanks in advance,
  Muchas gracias

  Hello Gracias,
  Can you apply notes 609766 and 757955?
  thanks
  Willie

• Security Manager - Cannot add 877 router

  Hi,
  I have 3.1.1 SP3 security manager. I added IPS 28xx routers but I cant add 877 routers to it. It gives the error message below. Do you know the workaround for this?
  My 877 router has C870-ADVIPSERVICESK9-M), Version 12.4(22)T
  Failed to communicate with the device. Cause: IOSIPS Error getting SequenceRequest : Unbuffered entity enclosing request can not be repeated.
  User =
  Passwd =
  Host = 10.5.5.5
  Port = 443
  TLS = true
  Conn tout = 120000
  Read tout = 180000
  Cert Mgmt = true
  Please contact Cisco Technical Assistance Center.

  I think this may be a known bug with the version you're running - I recall that at one point 877's weren't supported, and it seems that you're running a pretty old version. I would suggest upgrading to 3.2.2 if possible. (But, of course, after following appropriate procedure, going through TAC, etc.)

• Cisco Security Manager Local RBAC Authentication Radius assign user role

  Is it possible to use Cisco Security Manager with local RBAC, authenticate the user to Radius and retrieve it's role from Radius. Getting the authentication to work isn't the problem, but is it also possible to return the role the user has (i.e. Super Admin) via Radius, without having to create all the users one-by-one in the local CSM database with the correct role.
  Can i use a certain Cisco-AV-Pair attribute to return the user role via Radius?

  I just got asked to look at the same situation by one of our security people.
  We have exactly the same problem but it reports a username of "*****" and we are running CSM 4.7 (upgraded last week)

• Cannot start OC4J instance after specifying default java.security.manager

  Hi All,
  I am using OracleiAS 10.1.3.4 and trying to make use of the new User and Role APIs introduced in 10.1.3.1.
  While trying to get an object of IdentityStore using the following code, I got this error -
  java.security.PrivilegedActionException: oracle.security.idm.ConfigurationException: java.security.AccessControlException: access denied (oracle.security.jazn.JAZNPermission getOC4JIntegrationData)
  oidFactory = (IdentityStoreFactory) AccessController.doPrivileged(
  new PrivilegedExceptionAction()
  public Object run() throws IMException
  IdentityStoreFactoryBuilder builder =
  new IdentityStoreFactoryBuilder();
  return builder.getIdentityStoreFactory();
  I then tried specifying the default security manager in start JAVA options for my oc4j instance - Djava.security.manager. I also verified that my java policy file is present under $ORACLE_HOME/j2ee/oc4j_soa/config/java2.policy. But the issue is - once I put this default secirity manager in startup options in opmn.xml, the oc4j instance does not get started, it gives following error -
  08/12/30 02:58:22 Start process
  Dec 30, 2008 2:58:24 AM com.evermind.server.XMLDataSourcesConfig parseRootNode
  INFO: Legacy datasource detected...attempting to convert to new syntax.
  08/12/30 02:58:29 WARNING: Application.setConfig Application: default is in failed state as initialization failed.
  java.lang.ExceptionInInitializerError
  08/12/30 02:58:29 Error initializing server: Application: default is in failed state as initialization failed
  08/12/30 02:58:32 Fatal error: server exiting
  Any idea ? Any pointers please ?
  Thanks,
  Ankit

  Ankit,
  Check your syntax for the datasource. If you migrated from file-based to OID, then you should look at this link:
  http://download.oracle.com/docs/cd/E12524_01/relnotes.1013/e12523/oc4j.htmThere is a known issue when migrating from file-based to OIM\OID. Navigate to:
  12.2 JAZNMigration Tool Does Not Migrate ADFPrincipal Type Correctly
  -Michael

• Cannot access Exchange Mgmt Shell - user "Domain\Administrator" isn't assigned to any management roles

  This is a new domain-joined Server 2012 member server with no data. Domain Administrator account is in the Organization Management group. Domain functional level is Server 2012.
  Setup /m:RecoverServer fails because "...server roles are already installed..."
  Uninstall fails because the "mailbox database contains one or more mailboxes..." which I can't delete.

  Hi,
  I recommend you refer to the following article to troubleshoot the issue:
  https://social.technet.microsoft.com/wiki/contents/articles/14874.error-the-user-domain-localusersadministrator-isnt-assigned-to-any-management-roles-on-exchange-2010-management-console.aspx
  we may try to propagate the RBAC permissions for the user again! procedure is as below:
  1.
  Open Windows Powershell as  “Run As Administrator”
  2.
  Load the setup Snapin with the command: Add-Pssnapin *Setup*
  3.
  Run the commands one after the other to propagate the RBAC to the user who is logged on to the Exchange Server.
  a. Install-CannedRbacRoleAssignments  –InvocationMode Install
  b.
  Install-CannedRbacRoles
  c.
  Install-CannedRbackRoleAssignmentsRAP
  d.
  Install-CannedAddressLists
  Thanks.
  Niko Cheng
  TechNet Community Support