Custom ACL protecting jsp

Hi all,
I am attempting to create a custom ACL mechanism that incorporates a custom realm
to protect servlet resource. I would like it to work in the same manner as the WLPropertyRealm.
ie weblogic.allow.execute.weblogic.servlet.TestServlet=<groupname>.
From the docs it seems that a custom ACL must be defined as per the example of the
FrobImpl RMI object. However i can't see how this can be extended to protect a servlet
without programatically reading the group permission from a separate configuration
file.
Can the WLPropertyRealm syntax be reused in my custom acl?
any ideas.
-lucio

Thanks for the hint. Actually the problem was with JSP code and not folder structure.
I found and resolved the problem.
So the folder structure I explained above in my first post is now working perfectly.
Both of the following two import directives worked:
<%@ page import="bpm.*" %> OR <%@ page import="bpm.MyClass" %>
Duke is coming to both of you who gave time to my problem.
Now one problem is solved, I am facing another, please help again.
Now I want to convert, as learning practice, my custom class into a single jar file and use it instead of class files.
I did the following:
1. Removed the 'package bpm;' from MyClass.java.
2. Obtained myjar.jar from MyClass.class.
3. Deleted MyClass.class from bpm folder.
4. Placed myjar.jar in myapp/WEB-INF/lib
5. Removed the import directive <%@ page import="bpm.*" %> f rom myjsp.jsp
Now the JSP complains that 'cannot recognize class MyClass.'
This is my first time attempting to use jar files with JSP.
Please teach how this should be done.
Thanks.

Similar Messages

  • ACLs on JSP pages

    I'm trying to set up an ACL on a JSP page for the default WebLogic realm
    using a very simple example.
    I added the following lines to weblogic.properties file
    to specify an ACL on a particular JSP page.
    # ACL for JSP pages
    weblogic.allow.execute.weblogic.servlet./dummy.jsp=testuser
    However, when 'dummy.jsp' is accessed for the very first time
    since WebLogic server is brought up,
    the server just displays the page without any security check.
    'dummy.jsp' displays the current user which is retrieved by
    'Security.getCurrentUser()' method and I could find out the user is 'guest'
    when the server bypasses the security check.
    But it works just fine from the next time, that is, it does security check
    properly afterwards so that only user 'testuser' can view the JSP page.
    In other words, this problem occurrs only once while the server is running.
    The very first time the JSP page is accessed.
    I've also tried with servlets and EJBs, which didn't get me this problem.
    Actually I tested this using RDBMSRealm in the first place,
    but I went through the same problem.
    That's why I'm testing it with WLPropertyRealm now to simplify the test
    case.
    However I got stuck with the same problem again.
    Is this a WebLogic bug or am I missing something?
    Could anyone please help me out with this?
    Thanks in advance...
    Best regards,
    Sang

    Sorry, I forgot to specify my testing environment.
    WL5.1 with SP6.
    JDK1.3
    running on WinNT 4.0 with SP5
    Sang Y. Sung <[email protected]> wrote in message
    news:3a0f51c4$[email protected]..
    I'm trying to set up an ACL on a JSP page for the default WebLogic realm
    using a very simple example.
    I added the following lines to weblogic.properties file
    to specify an ACL on a particular JSP page.
    # ACL for JSP pages
    weblogic.allow.execute.weblogic.servlet./dummy.jsp=testuser
    However, when 'dummy.jsp' is accessed for the very first time
    since WebLogic server is brought up,
    the server just displays the page without any security check.
    'dummy.jsp' displays the current user which is retrieved by
    'Security.getCurrentUser()' method and I could find out the user is'guest'
    when the server bypasses the security check.
    But it works just fine from the next time, that is, it does security check
    properly afterwards so that only user 'testuser' can view the JSP page.
    In other words, this problem occurrs only once while the server isrunning.
    The very first time the JSP page is accessed.
    I've also tried with servlets and EJBs, which didn't get me this problem.
    Actually I tested this using RDBMSRealm in the first place,
    but I went through the same problem.
    That's why I'm testing it with WLPropertyRealm now to simplify the test
    case.
    However I got stuck with the same problem again.
    Is this a WebLogic bug or am I missing something?
    Could anyone please help me out with this?
    Thanks in advance...
    Best regards,
    Sang

  • How to use custom tag in jsp

    sir
    plz tell me how to use custom tag in jsp.plz describe it.
    i will be thankful to u

    Do you want to use taglibs or develop custom tags? Either way take a look at these:
    http://java.sun.com/j2ee/tutorial/1_3-fcs/doc/JSPTags.html
    http://www.stardeveloper.com/articles/display.html?article=2001081301&page=1
    http://www.onjava.com/pub/a/onjava/2000/12/15/jsp_custom_tags.html
    http://jakarta.apache.org/taglibs/tutorial.html
    http://www.ibm.com/developerworks/edu/j-dw-java-custom-i.html
    http://www.herongyang.com/jsp/tag.html

  • Can't set ACL for JSPs

    Hi,
              we are trying to set define ACL for weblogic security for JSP
              and could't manage to do it. In the online documentation there
              are examples for servlets but not for html or jsp files.
              How have to be defined the ACLs for jsp and html files ?
              Thanks in advance.
              GRIDSYSTEMS Bartolome Real Planells
              

    See http://www.weblogic.com/docs51/admindocs/properties.html#urlacl for
              details on setting ACLs on URLs...
              Bartolome Real Planells wrote:
              > Hi,
              >
              > we are trying to set define ACL for weblogic security for JSP
              > and could't manage to do it. In the online documentation there
              > are examples for servlets but not for html or jsp files.
              >
              > How have to be defined the ACLs for jsp and html files ?
              >
              > Thanks in advance.
              >
              > -------------------------------------------------------------------
              > GRIDSYSTEMS Bartolome Real Planells
              

  • Where can find  JHeadstart  customizing using Struts & JSP

    We can found the Tutorial-Customizing JHeadstart Applications , using MVC-Framework and UIX,
    but where we can find the tutorial-Customizing on Struts & JSP solution ?

    Dear Steven:
    As you mentioned in early:
    we will make a new version of this tutorial available through the supplement option which will then contains the same customizations as the MVC-UIX one.Whether this new version of Sruts-JSP tutorial is released now ? and whether have any supplement option for Jhs10g have been released ?
    thanks a lot !

  • Custom acl and permissions

    I would like to create a custom ACL that will provide additional permissions to grant/revoke on ACLs.
    For example, I would like to add a permission PROCESS that would allow users to trigger a particular process using that document. Obviously I would need to check that ACL in code before allowing the operation, but I would like to use a unfied security policy in the app.
    As far as I can figure out, I would need to create a custom version of ACCESSCONTROLLIST, but I cannot figure out how to add additional permissions. Any ideas? Thanks.

    i don't know if this still applies, but it should.
    check this archived thread:
    http://discussions.apple.com/thread.jspa?messageID=1535247

  • ACL on JSP

    I have a JSP within an application that I want the user to enter the weblogic system username/password before display (this page allows for application configuration for the system admin). I want to setup an ACL on this JSP, please offer help (I'm new to ACL).
              thanks
              

    Kiet Nguyen <[email protected]> wrote in message news:<[email protected]>...
              > ...I want the user to enter the weblogic system username/password
              > I want to setup an ACL on this JSP, please offer help (I'm new to ACL).
              Hi Kiet,
              I think this may help:-
              http://edocs.bea.com/wls/docs60/adminguide/config_web_app.html#configure-security
              Cheers
              Ricky Yin
              Consultant
              http://www.soft-trek.com.au
              

  • Protect JSP application

    How can I protect a JSP application published on server client?
    How can I be sure that the client(supose he can and want to understand my JSP code),
    does not try to sell the app again?
    Thank you.

    You can't.
    Anyone who can read the files on the server could copy them to some other medium and sell them.
    It's the same as with any other software, there's a measure of trust needed between supplier and customer.
    You could use some form of hardware dependent key that is referenced from each bean or servlet you use and causes it to fail if invalid, but that would not protect your JSPs which are after all plain text files and can be easily edited (that's the big plus of JSP after all).
    If your relationship with your customers is so poor that you can't trust them with source code (which is what JSPs are effectively) you may be better off changing your business model to either get other customers or get your customers to pay you not just for the software but also for hosting it.

  • WLS 6.0 - ACL & protecting servlet

    Hi!
    I'm using WLS 6.0 and w2k. I am running the RDBMSrealm with the exampleServer
    and trying to protect a servlet. (exampleWebApp/HelloWorldServlet) No matter what
    I write in the ACL, anybody can still access the servlet.
    Does anybody out there know how to protect a servlet using ACL...? I have tried
    to follow the "docs" with no luck.
    Thank you in advance,
    Rolle

    The problem is the "guest" servlet/jsp should have permission to execute
    "system" EJBs.
    But it is not allowed now in 5.1 sp9 and 6 sp2. But it is allowed in 5.1 sp6-8.
    mj
    ramesh wrote:
    hi Minjiang,
    Check the output of your your AdminRealm servlet :
    http://Localhost:7001/AdminRealm
    It clearly shows who has permissions to do what on what .....
    Hope it helps.
    Ramesh
    "minjiang" <[email protected]> wrote in message
    news:[email protected]..
    weblogic.allow.execute.weblogic.servlet=everyone
    weblogic.allow.execute.weblogic.servlet.*.jsp=everyone,guest
    If you chance these two lines, you can see the difference.
    Any my problem is not i cannot protect my serlvet, but my servlet openingto
    everyone, and the servlet itself cannot access my EJBs, which are underanother
    ACL. This only occurs ont WLS 5.1 sp9.
    mj
    Joachim Hering wrote:
    Hi!
    I have stumbled across the exact same problem trying to protect
    a JSP with ACLs. It seems, that the documentation - although
    generally quite good - lacks a bit of information here.
    Any help would be greatly appreciated,
    Joachim.
    "Roland Egedi" <[email protected]> wrote:
    Hi!
    I'm using WLS 6.0 and w2k. I am running the RDBMSrealm with the
    exampleServer
    and trying to protect a servlet. (exampleWebApp/HelloWorldServlet) No
    matter what
    I write in the ACL, anybody can still access the servlet.
    Does anybody out there know how to protect a servlet using ACL...? I
    have tried
    to follow the "docs" with no luck.
    Thank you in advance,
    Rolle

  • Accessing custom classes from JSP

    Hi Guys,
    I am having some problems accessing my custom classes from my JSP.
    1) I've created a very simple class, SimpleCountingBean that just has accessors for an int. The class is in the package "SimpleCountingBean". I compiled this class locally on my laptop and uploaded the *.class file to my ISP.
    2) I've checked my classpath and yes, the file "SimpleCountingBean/SimpleCountingBean.class" is located off of one of the directories listed in the classpath.
    3) When I attempt to use this class in my JSP, via the following import statement:
    import "SimpleCountingBean.*"
    I get the following compile error
    java.lang.NoClassDefFoundError: SimpleCountingBean/SimpleCountingBean
    I'm pretty sure that my classpath is properly setup because when I purposely garble the import statement, I get the "package not found" compile error.
    Do I need to upload some other files in addition to the class file? Any suggestions would of course be appreciated.
    Sonny.

    Trying to get some clearer view.. so don't mind..
    So you uploaded all your .jsp files into your account which is:
    home/sonny
    and it compiles and work. But custom classes doesn't seems to be working, where did you place your classes?
    From my knowledge of tomcat, classes are normally placed in, in this case:
    home/sonny/web-inf/classes
    Maybe it differs from windows enviroment to *nix enviroment.. well, I'm just saying out so if its not the case.. don't mind me.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • Urgent-how to access custom tag from jsp tag

    I have a problem accessing a custom tag from a jsp expression.
    Details: I have a custom tag that returns a string variable. I need to access that variable from jsp expression <%%>.
    Can any body help me?

    Tags don't "return" values as in the normal sense.
    They can only support TEI (Tag Extra Information) that just stuffs a declared variable into the page's state.
    For example, if the tag class had a public method called getValue(), you could do the following:
    <xmp:mytag id="foo"/>
    <%
    out.println("value is " + foo.getValue());
    %>

  • How to use ApplicationModule custom methods in JSP?

    I have an ApplicationModule for which I have defined several custom methods (in the ApplicationModuleImpl class). I wish to invoke these methods from a JSP. I'm having trouble getting a scriptable reference to the application module object in the JSP. I can get data from the view objects using the jbo:xxx data tags, but I can't get any sort of reference to the application module object that would allow me to invoke the methods. I have tried editing the application module to expose the methods as client methods, but still can't get a reference to them.
    My main questions:
    1. Is there a way to invoke the custom methods somewhere between the jbo:ApplicationModule tag and the jbo:ReleasePageResources tag?
    2. Is there a way to declare and use the application module without using the jbo:ApplicationModule tag? Would I ever benefit from doing this?

    Alan, here's how to call a custom method String getSomeInfo() that I've created on my application module, MyModule in this example. Also, in this example the id parameter in the ApplicationModule tag is "am" (<jbo:ApplicationModule id="am"...):
    First, edit your application module. In the app module editor, go to the Client Methods tab and move getSomeInfo into the selected list.
    Next, edit your JSP to call your custom method.
    <% MyModule myAm = (MyModule)am.useApplicationModule(); String someInfo = myAm.getSomeInfo(); %>
    You also have to add the correct import statements to the page tag in your JSP:
    <%@ page contentType="text/html;charset=windows-1252" import="oracle.jbo.*, MyModule.common.*"%>
    Hope this helps
    Blaise

  • Custom loading image JSP dynpage

    Hello,
    Wa have created a jsp dynpage, and want to show a custom loading image. I other applications (appintegrator) we have succesfully changed the loading image by exporting the theme that we are currently using, change the loading_ani.gif image and re-importing the theme. This change has no effect on the loading image of the JSP dynpage, it is still the one supplied by SAP. I checked the url of this image and got the following https://host:port/htmlb/mimes/common/loading/loading_ani.gif, so I tried changing the loeding image that is stored in the htmlb par file, but there was no visible result when loading the application, or when loding the direct url of this image. Can anyone tell me where I can change the loading image of the JSP dynpages?
    Kind Regards
    Timon Van Soom

    Juhi Bhatnagar
    Greetings!!!
    May i know , what is the procedure need to be followed to replace the default Loading ICON with our custom image.
    2. Does our custome image should be a image file (like jpg, png) or its like a command
    Kindly share the procedure for this...
    Appreciate your response in advance'
    Thanks

  • Where to set the classpath for custom classes in jsp

    Hi,
    we have created our custom classes in and ported in contentDB and that classes are internally using some jar files. Previously we have set the classpath of all the jar files provided in CDB devkit in the orion-web.xml but if are opening the explorer.jsp or any other jspx of contentDB we are getting the classcastexception and page is not opening.
    Is there any problem in setting the classpath. Please if any one knows abt this, reply as soon as possible.
    thanks,
    swapna soni.

    I think it is Oracle 10g Release 2... since when I click the top OAS link in the Enterprise Manager Console, it took me to 'Enterprise Manager 10g Grid Control Release 2' this page.
    And...10g Application Server Control Release 10.1.2.0.1, I think 2.0.1 means Release 2.
    Thanks and let me know if you need something else.

  • Passing params to custom tag from jsp

    Hi all, I have a problem passing params back to my custom tag. The tag handler has a "getPageNumber()" method which returns a value. Initially the value is set and if a link is clicked it passes that param to the tag handler. I am trying to get this value from the tag handler to update the value on the link parameter.
    Something like this:
    // processed tag
    <a href="mypage.jsp?page=1">Next page</a>
    // clicking "Next Page"
    <a href="mypage.jsp?page=2">Next page</a>
    // jsp
    <taglib:tag param="<%=getPageNumber()%>"  />
    // in tag lib
    private pagenumber=1;
                pagenumber++;
    getPageNumber(){
    return pagenumber;
    setPageNumber(int pagenumber){
       this.pagenumber=pagenumber
    }I'm not sure if this is the best way to do this or if what I am trying to do is even possible.
    Any advice would be greatly appreciated.
    Thanks :)

    Hi all, I have a problem passing params back to my custom tag. The tag handler has a "getPageNumber()" method which returns a value. Initially the value is set and if a link is clicked it passes that param to the tag handler. I am trying to get this value from the tag handler to update the value on the link parameter.
    Something like this:
    // processed tag
    <a href="mypage.jsp?page=1">Next page</a>
    // clicking "Next Page"
    <a href="mypage.jsp?page=2">Next page</a>
    // jsp
    <taglib:tag param="<%=getPageNumber()%>"  />
    // in tag lib
    private pagenumber=1;
                pagenumber++;
    getPageNumber(){
    return pagenumber;
    setPageNumber(int pagenumber){
       this.pagenumber=pagenumber
    }I'm not sure if this is the best way to do this or if what I am trying to do is even possible.
    Any advice would be greatly appreciated.
    Thanks :)

Maybe you are looking for

  • My ipod is disabled and says connect to itunes  but when i do it says unlock the with the password

    my ipod says ipod is disabled connect to itunes but when I connect it to itunes it says unlock ipod with password but I cant do that

  • Using conditional breaks

    Hello all, I am currently working on a form that has a fixed layout, meaning everything is placed in a Positioned subform. I have to do this because at the bottom of the page there is a table that lists approvers of the form. The aprovers need to pro

  • Copy credit memo refenced to invoice one time

    Hi gurus, When i create credit memo with reference to an Invoice, the system allows create several credit memos referenced to 1 invoice. Requirement: We need the system allows the creation only for one time (the first time). Thanks

  • Images look soft in webpage

    When I insert my images into the webpage template and they turn soft, even when they were very sharp to begin with. This also happens in Pages. Has anyone experienced this? And does anyone know how to prevent this from happening? When I set up a phot

  • OS X Yosemite - Ilustrator and Photoshop problems.

    I have a MacBook Pro, just over a year old. Updated to OS X Yosemite last week. Since updating Illustrator and Photoshop run much slower. Fonts don't show up in Illustrator, photoshop cursor flickers whenever I try do anything like there isn't enough