Custom Authentication Provider and User Manage like SQLAuthenticator, How?
Hi everyone,
I faced a problem with login function of my portal (Webcenter Application). The Problem is:
- Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
- If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
- View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
Here are my work:
- I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
- I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
Here are my Code:
<?xml version="1.0" ?>
<MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
Package = "orkit"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate">
<MBeanAttribute
Name = "ProviderClassName"
Type = "java.lang.String"
Writeable = "false"
Default = ""orkit.OrkitVASPortalProviderImpl""
/>
<MBeanAttribute
Name = "Description"
Type = "java.lang.String"
Writeable = "false"
Default = ""WebLogic Simple Sample Audit Provider""
/>
<MBeanAttribute
Name = "Version"
Type = "java.lang.String"
Writeable = "false"
Default = ""1.0""
/>
<MBeanAttribute
Name = "LogFileName"
Type = "java.lang.String"
Default = ""SimpleSampleAuditor.log""
/>
</MBeanType>
package orkit;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.*;
public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
private String description;
private LoginModuleControlFlag controlFlag;
public OrkitVASPortalProviderImpl() {
System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
@Override
public IdentityAsserterV2 getIdentityAsserter() {
return null;
// Our mapping of users to passwords/groups, instead of being in LDAP or in a
// database, is represented by a HashMap of MyUserDetails objects..
public class MyUserDetails {
String pw;
String group;
// We use this to represent the user's groups and passwords
public MyUserDetails(String pw, String group) {
this.pw = pw;
this.group = group;
public String getPassword() {
return pw;
public String getGroup() {
return group;
// This is our database
private HashMap userGroupMapping = null;
public void initialize(ProviderMBean mbean, SecurityServices services) {
System.out.println("The Orkit VASPortal Provider is intializing......");
OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
// We would typically use the realm name to find the database
// we want to use for authentication. Here, we just create one.
userGroupMapping = new HashMap();
userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
userGroupMapping.put("system", new MyUserDetails("12341234",
"Administrators"));
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("Invalid control flag " + flag);
public AppConfigurationEntry getLoginModuleConfiguration() {
HashMap options = new HashMap();
options.put("usermap", userGroupMapping);
System.out.println("UserMap: " + options);
return new AppConfigurationEntry(
"orkit.OrkitVASPortalLoginModule",
controlFlag, options);
public String getDescription() {
return description;
public PrincipalValidator getPrincipalValidator() {
return new PrincipalValidatorImpl();
public AppConfigurationEntry getAssertionModuleConfiguration() {
return null;
// public IdentityAsserter getIdentityAsserter() {
// return null;
public void shutdown() {
* To change this template, choose Tools | Templates
* and open the template in the editor.
package orkit;
import orkit.OrkitVASPortalProviderImpl;
import java.io.IOException;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.LoginModule;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* This login module will be called by our Authentication Provider. It assumes
* that the option, usermap, will be passed which contains the map of users to
* passwords and groups.
public class OrkitVASPortalLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private HashMap userMap;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsBeforeCommit = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// Fetch user/password map that should be set by the authenticator
userMap = (HashMap) options.get("usermap");
* Called once after initialize to try and log the person in
public boolean login() throws LoginException {
// First thing we do is create an array of callbacks so that
// we can get the data from the user
Callback[] callbacks;
callbacks = new Callback[2];
callbacks[0] = new NameCallback("username: ");
callbacks[1] = new PasswordCallback("password: ", false);
try {
callbackHandler.handle(callbacks);
} catch (IOException eio) {
throw new LoginException(eio.toString());
} catch (UnsupportedCallbackException eu) {
throw new LoginException(eu.toString());
String username = ((NameCallback) callbacks[0]).getName();
System.out.println("Username: " + username);
char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
String password = new String(pw);
System.out.println("PASSWORD: " + password);
if (username.length() > 0) {
if (!userMap.containsKey(username)) {
throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
}else{
System.out.println("Contstainded Username");
String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
if (realPassword == null || !realPassword.equals(password)) {
throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
}else{
System.out.println("Everyitng OKIE");
} else {
// No Username, so anonymous access is being attempted
loginSucceeded = true;
// We collect some principals that we would like to add to the user
// once this is committed.
// First, we add his username itself
principalsBeforeCommit.add(new WLSUserImpl(username));
// Now we add his group
principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
return loginSucceeded;
public boolean commit() throws LoginException {
if (loginSucceeded) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
return true;
}and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
Can someome help.
Thanks in advance!
Hi ,
SQLAuthenticator is not yet supported with UCM 11g due to some JPS Provider limitations .
Currently there is an Enhancement request for this .
Thanks
Srinath
Similar Messages
-
Cannot Start Weblogic Server After adding Custom Authentication Provider
Hi,
I implemented a Custom authentication provider and configured it wih Weblogic 10.3 application server. Although I successfully added Authentication provider, I couldn't restart my server. I used MBeanMaker utility to package my Authentication provider and login module. Although the MBean Utility signalled some warnings and severe messages, it successfully packaged the files. When I look at the config.xml file after adding he authenticator it just adds three lines
( <sec:authentication-provider>
<sec:name>STOREDPROCEDURE</sec:name>
</sec:authentication-provider>
) Although there are some other attributes of the authenticator.
Please advice.
Here is some stack trace.
Best Regards,
Salim
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:47)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
####<Feb 3, 2009 12:22:42 AM EET> <Error> <Security> <localhost.localdomain> <DefaultServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1233613362036> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)You need to make sure that you nuke the whole directory that you are specifying to the MBean marker generator. For example, I use the following command to generate the provider jar file.
java -Dfiles=$PRJROOT/ERModel/classes -DMDF=$PRJROOT/ERModel/classes/MyCustomAuthenticator.xml -DMJF=$PRJROOT/ERModel/custom-auth-provider.jar -DtargetNameSpace=http://xmlns.oracle.com/oracleas/schema/11/adf/sampleapp/weblogic/providers -DpreserveStubs=true -DcreateStubs=true weblogic.management.commo.WebLogicMBeanMaker1c
I need to nuke the directory in the -Dfile option i.e. 'rm -rf $PRJROOT/ERModel/classes/' each time I generate the jar file. If you don't, the jar file generates without any error but you will get a runtime exception. -
How to remove custom authentication provider in weblogic server 11g
Hi ,
I am trying to remove the custom authentication provider in weblogic server 11g, It disappears when i delete it from list of authentication providers. But upon server restart it appears again.
Documentation for 10g says delete it from service administration but i couldn't find one in 11g. Please help me in removing the custom authentication provider
Thanks
SandeepYou can try editing the config.xml file and removing it there. (Re: After provider reorder I cannot login admin server console
If you are referring to a jar file - custom authenticators are usually placed in the <middleware-home>wlserver_10.3/server/lib/mbeantypes/ directory. -
Workshop 8.1 Calling EJB from Custom Authentication Provider
I am writing a custom authentication provider that runs on Weblogic Server 8.1 and also on Workshop 8.1. Everything is packaged into a jar file that I put into the mbeantypes directory. From the authentication provider I want to get an EJB home that is on another Weblogic 8.1 server.
Loading the home from the Weblogic server works great. But in Workshop I get a ClassCastException from the PortableRemoteObject.narrow() call.
This happens in Workshop even if I remove all my application jar files, so I am left with nothing but the startup classpath and the files in the mbeantypes directory. That is, I don't have any classes in two directories.
When I look at the class that I actually get back from the call to context.lookup( jndiName ), I get the same stub class back on the Weblogic Server and on the Workshop server. But only on Workshop do I have this casting problem.
Any ideas?
Thanks,
MarkIssue has been resolved.
The reason I've forgotten about Value Object that is being returned by Remoute method to put them into classpath of Authenticator Provider -
Doubt between RMAN and User Managed Backup
Friends,
OS: RHEL AS 3.0
DB: 9iR2
Currently we are taking user managed backup.
rman is in testing(learning) process.
Is it possible to take rman backup and user managed backup of a database one after another?
what i mean is.....suppose, if we configure rman for auto backup at 9pm daily. can i take user managed backup before 8pm or after 10pm?
Am i have to take any precaution's?
suppose, rman is failed can i restore the db with user managed backup?
thanksYes, it is possible to perform both user managed backups and RMAN backups.
It is a waste of resources, but it is possible.
You would need to make sure both backups do not overlap each other.
Whether you can restore your database with user managed backup depends completely on the quality of the user managed backup, and whether you have proper (and tested) restore procedures in place.
Sybrand Bakker
Senior Oracle DBA -
Is the recovery techniques for RMAN and user managed are different
Hi Gurus,
I want to know the exact difference b/w RMAN and user managed recovery.
Is the difference is too much or if we know the user managed recovery,can we do the recovery using the RMAN...
Regards,
pradeepuser6738165 wrote:
Hi Gurus,
I want to know the exact difference b/w RMAN and user managed recovery.
Is the difference is too much or if we know the user managed recovery,can we do the recovery using the RMAN...
Regards,
pradeepHi Pradeep and welcome to the forum
I'd suggest you to check the Oracle Documentation to find out the difference by yourself
RMAN Recovery Concepts
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14191/rcmconc2.htm#i1007882
Performing User-Managed Recovery
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14191/osrecov.htm#BABBBBBB
RMAN has great advantages over the User-Managed techniques. RMAN uses it's own RMAN commands to perform backup or recovery, while with user-managed backup and recovery you use SQL commands
By knowing the main backup and recovery concepts, you can perform both -
Using Federated Security in BizTalk against custom Token Provider and Custom Token
Hi,
I as the topic states, I'm trying to get BizTalk to use a Custom Token Provider with custom tokens.
So I thought this would be rather painless using ws2007FederationHttpBinding but got stuck. The problem is that the service expect soap action and a special structure (se example):
Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsc="common.namespace" xmlns:ws="securitytoken.namespace">
<soapenv:Header>
<wsc:AutHeader>
Containing Custom Auth header information tags, about 20 or so
</wsc:AutHeader>
</soapenv:Header>
<soapenv:Body>
<ws:SECSSecurityTokenCreate_V1_0InputArgs>
<ws:SecurityTokenCreateRequest>
<ws:securityToken><!-- signed SAML assertion --></ws:securityToken>
</ws:SecurityTokenCreateRequest>
</ws:SECSSecurityTokenCreate_V1_0InputArgs>
</soapenv:Body>
</soapenv:Envelope>
Response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<SECSSecurityTokenCreate_V1_0OutputArgs xmlns:ns2="common.namespace" xmlns="tokenservice,namespace">
<SecurityTokenCreateResponse>
<securityToken> <!-- THE Custom TOKEN --> </securityToken>
</SecurityTokenCreateResponse>
<ResponseState>
<ns2:ErrorCode>0</ns2:ErrorCode>
<ns2:Severity>0</ns2:Severity>
<ns2:ComponentId>201</ns2:ComponentId>
<ns2:StrErrorCode xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
<ns2:Message>OK</ns2:Message>
<ns2:NativeError xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
<ns2:LogSequence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
</ResponseState>
</SECSSecurityTokenCreate_V1_0OutputArgs>
</soap:Body> </soap:Envelope>
Error Message in BizTalk, when I send message via ws2007FederationHTTPBinding to the SOAP service, as expected the soap structure dosent match the expected one from the server, most obvisly is the missing SOAP action and incorrect BODY element.
System.ServiceModel.ProtocolException: The content type text/html; charset=iso-8859-1 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 521 bytes of the response were: '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Body>
<soap:Fault>
<soap:Code>
<soap:Value>Server</soap:Value>
</soap:Code>
<soap:Reason>
<!--1 or more repetitions:-->
<soap:Text xml:lang="en">Missing operation for soapAction [null] and body element [{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityToken] with SOAP Version [SOAP 1.2]</soap:Text>
</soap:Reason>
</soap:Fault>
</soap:Body>
</soap:Envelope>'. ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
at System.Net.HttpWebRequest.GetResponse()
at System.Servi
My plan to solve this is to try using beahviors added to the "inner" wcf binding that will help reconstruct the message from the standard form that I has, but I'm a bit vorried that I start to solve this and later on I'll have to add custom handling
for token extraction and handling since the token should be placed in a custom header in the soap envelope with custom namespace =).
So my question is, could this be solved via sw2007FederationHttpBinding or is an orchestration and some custom code for signing the path forward?
Thanks in advance for any help or guidance!
/MattiasIt's a little tough to use sw2007FederationHttpBinding, I faced similar situation before. :(
-
Slides for CCMS and User Management
Hello,
Can anyone recommend some helpful (SAP-owned, standard) .ppt-Slides or pdf.-Slides for the following points:
<b>CCMS
User Management und Disaster Recovery Mechanismen </b>
Thank you very much!
Regards
A. HenkeHi,
Take a look at service.sap.com/monitoring and service.sap.com/security
/Jesper -
Hi,
I have following question
User Managed backup
1)when i take user mananged backup i want to know whether DDL operation is permitted or not
2) when i take user mananged backup i want to know whether WE ADD/REMOVE TABLESPACE ??
Rman backup
1)when i take RMAN backup i want to know whether DDL operation is permitted or not
2) when i take Rman backup i want to know whether WE ADD/REMOVE TABLESPACE ??
RegardsHi,
Please go through the below links to get much familiar with user managed backup's and rman backup's.
Oracle9i User-Managed Backup and Recovery Guide
Release 2 (9.2)
http://download.oracle.com/docs/cd/B10501_01/server.920/a96572/toc.htm
Making User-Managed Backups
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14191/osbackup.htm
Oracle9i Recovery Manager (RMAN)
http://www.oracle-base.com/articles/9i/RecoveryManager9i.php
RMAN Backup Concepts (11g R1)
http://download.oracle.com/docs/cd/B28359_01/backup.111/b28270/rcmcncpt.htm
Overview of RMAN Backups (10g R2)
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14192/bkup001.htm
Oracle RMAN Backups: Pushing the "Easy" Button
http://www.oracle.com/technetwork/articles/havewala-rman-grid-089150.html
Hope this helps you understand clearly about both the user managed backups and rman backups. :)
Thanks,
Balaji K. -
I need to be able to access my email on my iPhone. I doesn't seem like this is an option when using thunderbird. Therefore, I need to switch my emails back to my original email provider.
I would like to know how to do that.
Or if you have a solution for checking my thunderbird account via my iPhone, I would be happy to do that. I looked for a thunderbird app for the iPhone but couldn't find one.
thank youIs your mail account set up as as POP account?
When you set up Thunderbird to access your mail using the POP protocol, it has an option to keep mail on the server for access though other clients or to remove it (either immediately or after a period of time).
''To stop the damage:'' You can change this setting on your account within Thunderbird. In Account Settings (app menu button or classic Tools menu), check Server Settings.
''To restore the removed messages:'' POP is a one-way protocol, so there isn't a way within Thunderbird to upload the mail back to the server without setting up a different kind of connection.
If your mail service allows an IMAP connection, that would create a new set of folders in Thunderbird, and by copying messages into the Inbox in Thunderbird you could sync them back to the server. (Not sure whether the dates will be 100% preserved in the process.)
Volunteers can describe this in more detail if you want to try it. -
Delegated Admin and User Management in WLP 9.2
Hi,
I've made Delegated Administrator role and a user for it. The user is Delegated Admin for our users and groups. Still that user cannot create new users, only new groups.
The error message that shows when creating new user is "The subject does not have access to the specified group".
What should I do to make it work ?
Regards,
TanjaUnfortunately, you've run into a bug in the product. See CR282051 in the WLP 9.2 release notes.
http://edocs.bea.com/wlp/docs92/relnotes/relnotes.html#wp1147925
If you have a support contract, you might be able contact BEA Support to see if a patch might be available. -
Schema and user management.
Hi,
I am planning to create multiple users for a particular schema.
Ex: I have a schema emp_db. will it be possible to create multiple users who access the same schema. I am planning to do an audit on the schema to know which user has done the modification.will it be possible to create multiple users who access the same schema. Yes, a schema objects can be accessed by several other users in the database. You need to grant privileges to the other users to have access to the objects from emp_db schema.
-
I have source and target structures like thais how to map
source structure: name
id
addr
description
details
dept
target structure: name
id
addr
deptsource structure: target structure:
1...1
name _____________ name
1...1
id _____________ id
1...1
addr _____________ addr
description <no mapping>
details <no mapping>
1.....1
dept _____________ dept
Thanks,
Varun -
Administration Portal user and group managent performace issue
Hi
I have implemented a custom IPlanet LDAP authentication provider which provides
a realization for the needed authentication, group and user management interfaces
(UserReader, UserEditor, GroupReader, GroupEditor).
The authentication provider itself seems to work fine, but I think I found a possible
performance problem in the WebLogic Administration Portal, when I studied the
authentication framework by remote debugging. Response times (with just one simultaneous
user) are quite long (over 8 seconds) with 40 groups on the same hierarchy level
on the Users, Groups and Roles tree. I'm developing with P4 processor and 1 Gb
ram (512 Mb allocated for WLS)
After little debugging I found out that every time a node in the group tree is
dlicked isMember() method of the authentication provider gets called n * (n -1)
times, where n is the number of visible groups in the hierachy tree. '
What happens is that for each group, the membership of all the other visible groups
is checked by the isMember(group, member, recursive), method call. Even the usage
of a membership cache in this point didn't speed up the rendering noticeably.
By placing a break point in the isMember() method and studying the call stack,
one can see that all the isMember() calls are made during the rendering performed
by the ControlTreeWalker. For example if there is 40 groups visible in the tree,
the isMember() method gets called 1600 times. This seems quite heavy. With a
small number of groups per hierarchy level this problem might not be serious,
but in case where there would be over 30 000 customer companies using the portal
and each having their own user groups, it could be an issue.
The problem does not occur with WebLogic console and browsing of groups and users
(using the same authentication provider) is fast with it. When a user is selected
from the user list and the Groups tab is checked, the Possible Groups and Current
Groups list boxes will get populated. When debugging this sequence, one can see
that only the listGroups() method of the authentication provider is called once
per list box and the order of method calls is of order n (rather than n^2 which
is the case with the Administrator Portal).
Has anyone had similar problems with Administrator Portal's performance?
VilleVille,
You're correct about the performance degradation issue. This is being
addressed in SP2.
Thanks,
Phil
"Ville" <[email protected]> wrote in message
news:[email protected]...
>
Hi
I have implemented a custom IPlanet LDAP authentication provider whichprovides
a realization for the needed authentication, group and user managementinterfaces
(UserReader, UserEditor, GroupReader, GroupEditor).
The authentication provider itself seems to work fine, but I think I founda possible
performance problem in the WebLogic Administration Portal, when I studiedthe
authentication framework by remote debugging. Response times (with justone simultaneous
user) are quite long (over 8 seconds) with 40 groups on the same hierarchylevel
on the Users, Groups and Roles tree. I'm developing with P4 processor and1 Gb
ram (512 Mb allocated for WLS)
After little debugging I found out that every time a node in the grouptree is
dlicked isMember() method of the authentication provider gets called n *(n -1)
times, where n is the number of visible groups in the hierachy tree. '
What happens is that for each group, the membership of all the othervisible groups
is checked by the isMember(group, member, recursive), method call. Eventhe usage
of a membership cache in this point didn't speed up the renderingnoticeably.
>
By placing a break point in the isMember() method and studying the callstack,
one can see that all the isMember() calls are made during the renderingperformed
by the ControlTreeWalker. For example if there is 40 groups visible inthe tree,
the isMember() method gets called 1600 times. This seems quite heavy.With a
small number of groups per hierarchy level this problem might not beserious,
but in case where there would be over 30 000 customer companies using theportal
and each having their own user groups, it could be an issue.
The problem does not occur with WebLogic console and browsing of groupsand users
(using the same authentication provider) is fast with it. When a user isselected
from the user list and the Groups tab is checked, the Possible Groups andCurrent
Groups list boxes will get populated. When debugging this sequence, onecan see
that only the listGroups() method of the authentication provider is calledonce
per list box and the order of method calls is of order n (rather than n^2which
is the case with the Administrator Portal).
Has anyone had similar problems with Administrator Portal's performance?
Ville -
Hello
I have implemented a custom authentication provider using a
database. The login module works fine. It check the username and
password, add the user as a WLSUser-principal and add the groups
relatated to the user as WLSGroup-principals to the subject. I
am able to start the WLS only using my authentication provider,
but if i want to login into the console i get following
SecurityException:
java.lang.SecurityException: Invalid Subject: principals=
[system, Administrators]
at weblogic.security.service.SecurityServiceManager.seal
(SecurityServiceManager.java:893)
at weblogic.security.service.RoleManager.getRoles
(RoleManager.java:269)
at
weblogic.security.service.AuthorizationManager.isAccessAllowed
(AuthorizationManager.java:608)
at
weblogic.servlet.security.internal.WebAppSecurity.hasPermission
(WebAppSecurity.java:370)
at
weblogic.servlet.security.internal.SecurityModule.checkPerm
(SecurityModule.java:125)
at
weblogic.servlet.security.internal.FormSecurityModule.checkUserPe
rm(FormSecurityModule.java:328)
at
weblogic.servlet.security.internal.SecurityModule.beginCheck
(SecurityModule.java:179)
at
weblogic.servlet.security.internal.FormSecurityModule.checkA
(FormSecurityModule.java:167)
at
weblogic.servlet.security.internal.ServletSecurityManager.checkAc
cess(ServletSecurityManager.java:185)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet
(WebAppServletContext.java:2960)
at weblogic.servlet.internal.ServletRequestImpl.execute
(ServletRequestImpl.java:2466)
at weblogic.kernel.ExecuteThread.execute
(ExecuteThread.java:152)
at weblogic.kernel.ExecuteThread.run
(ExecuteThread.java:133)
Seems to me, that the default role manager does not map the
group Administrators to the role Admin, which is allowed to
access the resource console. So, what i do wrong? Must i set
additional credentials to the subject? Or must i use a special
Principal class? Who can help me?
Thanks in advance & greetings
Dirk FellensteinI have solved it. The Problem was that the two Principal implementations, one that
implements WLSGroup and one that implements WLSUser, need a common principal base
class. The principal validator class, method getPrincipalBaseClass() must then return
the common principal base class.
"Dirk Fellenstein" <[email protected]> wrote:
>
Hello
I have implemented a custom authentication provider using a
database. The login module works fine. It check the username and
password, add the user as a WLSUser-principal and add the groups
relatated to the user as WLSGroup-principals to the subject. I
am able to start the WLS only using my authentication provider,
but if i want to login into the console i get following
SecurityException:
java.lang.SecurityException: Invalid Subject: principals=
[system, Administrators]
at weblogic.security.service.SecurityServiceManager.seal
(SecurityServiceManager.java:893)
at weblogic.security.service.RoleManager.getRoles
(RoleManager.java:269)
at
weblogic.security.service.AuthorizationManager.isAccessAllowed
(AuthorizationManager.java:608)
at
weblogic.servlet.security.internal.WebAppSecurity.hasPermission
(WebAppSecurity.java:370)
at
weblogic.servlet.security.internal.SecurityModule.checkPerm
(SecurityModule.java:125)
at
weblogic.servlet.security.internal.FormSecurityModule.checkUserPe
rm(FormSecurityModule.java:328)
at
weblogic.servlet.security.internal.SecurityModule.beginCheck
(SecurityModule.java:179)
at
weblogic.servlet.security.internal.FormSecurityModule.checkA
(FormSecurityModule.java:167)
at
weblogic.servlet.security.internal.ServletSecurityManager.checkAc
cess(ServletSecurityManager.java:185)
at
weblogic.servlet.internal.WebAppServletContext.invokeServlet
(WebAppServletContext.java:2960)
at weblogic.servlet.internal.ServletRequestImpl.execute
(ServletRequestImpl.java:2466)
at weblogic.kernel.ExecuteThread.execute
(ExecuteThread.java:152)
at weblogic.kernel.ExecuteThread.run
(ExecuteThread.java:133)
Seems to me, that the default role manager does not map the
group Administrators to the role Admin, which is allowed to
access the resource console. So, what i do wrong? Must i set
additional credentials to the subject? Or must i use a special
Principal class? Who can help me?
Thanks in advance & greetings
Dirk Fellenstein
Maybe you are looking for
-
Hello, I am creating a swing view for my ADF application (quite new for me, swing...) and I'd like to know how I can use localization for items such as frame title, menu item names, etc. I'm using JDeveloper 11.1.1.3.0
-
My iTunes have an error (-42110)
Since my Itunes was updated to the new version, my computadorar shows me the following message: There was an unknown error (-42110) I uninstalled it but still showing the same error
-
How to bridge my bigpond st536 to my airport extreme?
I have just received my bigpond st536 single port modem and am trying to connect it to my airport extreme so my other apples can use connection. Have read that the connection can be bridged but can not find a means of doing so on the st536 connection
-
Do we have a function in oracle to select not null columns at the begining
Hi, I have 8 columns. Some of them might be null. I want to display all 8 columns in my result. Not null columns will be first and null at the end. Here is a sample data : Employee table : Employee_id Emp_fname emp_lname emp_mname dept salary em
-
Problem in Views!!!!!
hi all of you...... i have a problem regarding views, if any one can help........Thanks. I have 2 view name Emp1 and Emp2 respectively....... I want to know, if any one performs DML operations (insert, update, delete) on Emp1 Emp2 should automaticall