Custom Authorisation Provider - MBeanMaker

Similar Messages

• Custom Authentication Provider and User Manage like SQLAuthenticator, How?

  Hi everyone,
  I faced a problem with login function of my portal (Webcenter Application). The Problem is:
  - Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
  - If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
  - View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
  Here are my work:
  - I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
  - I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
  Here are my Code:
  <?xml version="1.0" ?>
  <MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
             Package = "orkit"
             Extends = "weblogic.management.security.authentication.Authenticator"
             PersistPolicy = "OnUpdate">
      <MBeanAttribute
          Name        = "ProviderClassName"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;orkit.OrkitVASPortalProviderImpl&quot;"
  />
      <MBeanAttribute
          Name        = "Description"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;WebLogic Simple Sample Audit Provider&quot;"
  />
      <MBeanAttribute
          Name        = "Version"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;1.0&quot;"
  />
      <MBeanAttribute
          Name        = "LogFileName"
          Type        = "java.lang.String"
          Default     = "&quot;SimpleSampleAuditor.log&quot;"
  />
  </MBeanType>
  package orkit;
  import java.util.HashMap;
  import javax.security.auth.login.AppConfigurationEntry;
  import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
  import weblogic.management.security.ProviderMBean;
  import weblogic.security.provider.PrincipalValidatorImpl;
  import weblogic.security.spi.*;
  public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
      private String description;
      private LoginModuleControlFlag controlFlag;
      public OrkitVASPortalProviderImpl() {
          System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
      @Override
      public IdentityAsserterV2 getIdentityAsserter() {
          return null;
      // Our mapping of users to passwords/groups, instead of being in LDAP or in a
      // database, is represented by a HashMap of MyUserDetails objects..
      public class MyUserDetails {
          String pw;
          String group;
          // We use this to represent the user's groups and passwords
          public MyUserDetails(String pw, String group) {
              this.pw = pw;
              this.group = group;
          public String getPassword() {
              return pw;
          public String getGroup() {
              return group;
      // This is our database
      private HashMap userGroupMapping = null;
      public void initialize(ProviderMBean mbean, SecurityServices services) {
          System.out.println("The Orkit VASPortal Provider is intializing......");
          OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
          description = myMBean.getDescription() + "\n" + myMBean.getVersion();
          System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
          // We would typically use the realm name to find the database
          // we want to use for authentication. Here, we just create one.
          userGroupMapping = new HashMap();
          userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
          userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
          userGroupMapping.put("system", new MyUserDetails("12341234",
                  "Administrators"));
          String flag = myMBean.getControlFlag();
          if (flag.equalsIgnoreCase("REQUIRED")) {
              controlFlag = LoginModuleControlFlag.REQUIRED;
          } else if (flag.equalsIgnoreCase("OPTIONAL")) {
              controlFlag = LoginModuleControlFlag.OPTIONAL;
          } else if (flag.equalsIgnoreCase("REQUISITE")) {
              controlFlag = LoginModuleControlFlag.REQUISITE;
          } else if (flag.equalsIgnoreCase("SUFFICIENT")) {
              controlFlag = LoginModuleControlFlag.SUFFICIENT;
          } else {
              throw new IllegalArgumentException("Invalid control flag " + flag);
      public AppConfigurationEntry getLoginModuleConfiguration() {
          HashMap options = new HashMap();
          options.put("usermap", userGroupMapping);
          System.out.println("UserMap: " + options);
          return new AppConfigurationEntry(
                  "orkit.OrkitVASPortalLoginModule",
                  controlFlag, options);
      public String getDescription() {
          return description;
      public PrincipalValidator getPrincipalValidator() {
          return new PrincipalValidatorImpl();
      public AppConfigurationEntry getAssertionModuleConfiguration() {
          return null;
  //    public IdentityAsserter getIdentityAsserter() {
  //        return null;
      public void shutdown() {
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package orkit;
  import orkit.OrkitVASPortalProviderImpl;
  import java.io.IOException;
  import java.util.*;
  import javax.security.auth.Subject;
  import javax.security.auth.callback.*;
  import javax.security.auth.login.*;
  import javax.security.auth.spi.LoginModule;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  * This login module will be called by our Authentication Provider. It assumes
  * that the option, usermap, will be passed which contains the map of users to
  * passwords and groups.
  public class OrkitVASPortalLoginModule implements LoginModule {
      private Subject subject;
      private CallbackHandler callbackHandler;
      private HashMap userMap;
      // Authentication status
      private boolean loginSucceeded;
      private boolean principalsInSubject;
      private Vector principalsBeforeCommit = new Vector();
      public void initialize(Subject subject, CallbackHandler callbackHandler,
              Map sharedState, Map options) {
          this.subject = subject;
          this.callbackHandler = callbackHandler;
          // Fetch user/password map that should be set by the authenticator
          userMap = (HashMap) options.get("usermap");
       * Called once after initialize to try and log the person in
      public boolean login() throws LoginException {
          // First thing we do is create an array of callbacks so that
          // we can get the data from the user
          Callback[] callbacks;
          callbacks = new Callback[2];
          callbacks[0] = new NameCallback("username: ");
          callbacks[1] = new PasswordCallback("password: ", false);
          try {
              callbackHandler.handle(callbacks);
          } catch (IOException eio) {
              throw new LoginException(eio.toString());
          } catch (UnsupportedCallbackException eu) {
              throw new LoginException(eu.toString());
          String username = ((NameCallback) callbacks[0]).getName();
          System.out.println("Username: " + username);
          char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
          String password = new String(pw);
          System.out.println("PASSWORD: " + password);
          if (username.length() > 0) {
              if (!userMap.containsKey(username)) {
                  throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
              }else{
                  System.out.println("Contstainded Username");
              String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
              if (realPassword == null || !realPassword.equals(password)) {
                  throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
              }else{
                  System.out.println("Everyitng OKIE");
          } else {
              // No Username, so anonymous access is being attempted
          loginSucceeded = true;
          // We collect some principals that we would like to add to the user
          // once this is committed.
          // First, we add his username itself
          principalsBeforeCommit.add(new WLSUserImpl(username));
          // Now we add his group
          principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
          return loginSucceeded;
      public boolean commit() throws LoginException {
          if (loginSucceeded) {
              subject.getPrincipals().removeAll(principalsBeforeCommit);
              principalsInSubject = true;
              return true;
          } else {
              return false;
      public boolean abort() throws LoginException {
          if (principalsInSubject) {
              subject.getPrincipals().removeAll(principalsBeforeCommit);
              principalsInSubject = false;
          return true;
      public boolean logout() throws LoginException {
          return true;
  }and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
  Can someome help.
  Thanks in advance!

  Hi ,
  SQLAuthenticator is not yet supported with UCM 11g due to some JPS Provider limitations .
  Currently there is an Enhancement request for this .
  Thanks
  Srinath

• Cannot Start Weblogic Server After adding  Custom Authentication Provider

  Hi,
  I implemented a Custom authentication provider and configured it wih Weblogic 10.3 application server. Although I successfully added Authentication provider, I couldn't restart my server. I used MBeanMaker utility to package my Authentication provider and login module. Although the MBean Utility signalled some warnings and severe messages, it successfully packaged the files. When I look at the config.xml file after adding he authenticator it just adds three lines
  ( <sec:authentication-provider>
  <sec:name>STOREDPROCEDURE</sec:name>
  </sec:authentication-provider>
  ) Although there are some other attributes of the authenticator.
  Please advice.
  Here is some stack trace.
  Best Regards,
  Salim
  com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
  at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:47)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  ####<Feb 3, 2009 12:22:42 AM EET> <Error> <Security> <localhost.localdomain> <DefaultServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1233613362036> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified..
  weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
  at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
  at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
  at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
  at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
  at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
  at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)

  You need to make sure that you nuke the whole directory that you are specifying to the MBean marker generator. For example, I use the following command to generate the provider jar file.
  java -Dfiles=$PRJROOT/ERModel/classes -DMDF=$PRJROOT/ERModel/classes/MyCustomAuthenticator.xml -DMJF=$PRJROOT/ERModel/custom-auth-provider.jar -DtargetNameSpace=http://xmlns.oracle.com/oracleas/schema/11/adf/sampleapp/weblogic/providers -DpreserveStubs=true -DcreateStubs=true weblogic.management.commo.WebLogicMBeanMaker1c
  I need to nuke the directory in the -Dfile option i.e. 'rm -rf $PRJROOT/ERModel/classes/' each time I generate the jar file. If you don't, the jar file generates without any error but you will get a runtime exception.

• Custom authenticaion provider in WebLogic Administration Portal

  Hi all,
  I'm trying to integrate a custom authentication provider in WL Administration Portal. Our users (i.e. administrators) need to be able to easily define Visitor Entitlements.
  The goal is to present administrators with a user interface just like the one presented to you when you go to Users, Groups & Roles -> Visitor Entitlements -> <Any Role> -> Add Groups to role
  with the DefaultAuthenticator.
  I already implemented these interfaces in my authentication provider:
  weblogic.management.commo.StandardInterface weblogic.management.security.authentication.AuthenticatorMBean weblogic.management.security.authentication.GroupMemberListerMBean weblogic.management.security.authentication.UserReaderMBean weblogic.management.security.authentication.GroupRemoverMBean weblogic.management.security.authentication.MemberGroupListerMBean
  However, the Portal Administration Console only allows Predicate Entry, but does not display a Hierarchy Tree.
  Do I have to supply the classes doing the actual rendering myself, or do I just miss a required interface in my authentication provider?
  Anyone who can help me with that?
  I had this already posted in weblogic.developer.interest.portal, however that might have been the wrong place, so I'm cross-posting this item here.
  Cheers,
  Christian

  Hi All,
  Found the reason for the exception. I was implementing the generated the CustomAuthenticatorImpl class (generated through WebLogic MBeanMaker utility) as the provider class by implementing the AuthenticationProvider interface. Keeping them separate solved the issue.
  Able to create the jar without any issues and also no error or exception after restart.
  Thanks.

• Using Federated Security in BizTalk against custom Token Provider and Custom Token

  Hi,
  I as the topic states, I'm trying to get BizTalk to use a Custom Token Provider with custom tokens.
  So I thought this would be rather painless using ws2007FederationHttpBinding but got stuck. The problem is that the service expect soap action and a special structure (se example):
  Request:
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsc="common.namespace" xmlns:ws="securitytoken.namespace">
     <soapenv:Header>
        <wsc:AutHeader>      
  Containing Custom Auth header information tags, about 20 or so
        </wsc:AutHeader>
     </soapenv:Header>
     <soapenv:Body>
        <ws:SECSSecurityTokenCreate_V1_0InputArgs>
           <ws:SecurityTokenCreateRequest>
              <ws:securityToken><!-- signed SAML assertion --></ws:securityToken>
           </ws:SecurityTokenCreateRequest>
        </ws:SECSSecurityTokenCreate_V1_0InputArgs>
     </soapenv:Body>
  </soapenv:Envelope>
  Response:
  <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Body>
  <SECSSecurityTokenCreate_V1_0OutputArgs xmlns:ns2="common.namespace" xmlns="tokenservice,namespace">
  <SecurityTokenCreateResponse>
  <securityToken> <!-- THE Custom TOKEN --> </securityToken>
  </SecurityTokenCreateResponse>
  <ResponseState>
  <ns2:ErrorCode>0</ns2:ErrorCode>
  <ns2:Severity>0</ns2:Severity>
  <ns2:ComponentId>201</ns2:ComponentId>
  <ns2:StrErrorCode xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
  <ns2:Message>OK</ns2:Message>
  <ns2:NativeError xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
  <ns2:LogSequence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
  </ResponseState>
  </SECSSecurityTokenCreate_V1_0OutputArgs>
  </soap:Body> </soap:Envelope>
  Error Message in BizTalk, when I send message via ws2007FederationHTTPBinding to the SOAP service, as expected the soap structure dosent match the expected one from the server, most obvisly is the missing SOAP action and incorrect BODY element.
  System.ServiceModel.ProtocolException: The content type text/html; charset=iso-8859-1 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 521 bytes of the response were: '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
  <soap:Body>
  <soap:Fault>
  <soap:Code>
  <soap:Value>Server</soap:Value>
  </soap:Code>
  <soap:Reason>
  <!--1 or more repetitions:-->
  <soap:Text xml:lang="en">Missing operation for soapAction [null] and body element [{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityToken] with SOAP Version [SOAP 1.2]</soap:Text>
  </soap:Reason>
  </soap:Fault>
  </soap:Body>
  </soap:Envelope>'. ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
  at System.Net.HttpWebRequest.GetResponse()
  at System.Servi
  My plan to solve this is to try using beahviors added to the "inner" wcf binding that will help reconstruct the message from the standard form that I has, but I'm a bit vorried that I start to solve this and later on I'll have to add custom handling
  for token extraction and handling since the token should be placed in a custom header in the soap envelope with custom namespace =).
  So my question is, could this be solved via sw2007FederationHttpBinding or is an orchestration and some custom code for signing the path forward?
  Thanks in advance for any help or guidance!
  /Mattias

  It's a little tough to use sw2007FederationHttpBinding, I faced similar situation before. :(

• Custom authorization provider for WL7 problem (not getting all parameters from ContextHandler)

  I'm implementing a custom authorization provider for WebLogic 7.
  In my Access Decision isAccessAllowed method I need to check values of
  the parameters passed to an EJB method. Now, if an EJB method I have
  two parameters of the same type, for example int, when I get
  ContextElement array from ContextHandler and iterate through it to get
  names and values of the parameters I get the same value (value of the
  first int parameter) from both ContextElement's.
  Here is the code:
  String [] names = ch.getNames();
  for (int i = 0; i < names.length; i++)
  String name = names;
  System.out.println("name = " + name);//here it gets array of
  Strings, which contains two parameter names: "int","int",
  which are the types of EJB method parameters
  ContextElement[] ces= ch.getValues(names);
  for (int j = 0; j < ces.length; j++)
       ContextElement ce = ces[j];
       System.out.println(ce.getName()+ " = " + ce.getValue());
  //here if the value of the first int was 2 and the second 0,
  it would get 2 from both ContextElements (each of ContextElements will
  have name "int"
  If I try this with method parameters of different types, for example
  int with value 2 and long with value 0, then this code work fine -
  first ContextEleement has name int and value 2 and the second has name
  long and value 0.
  Thanks,
  -Oleg Kozlov.

  I'm implementing a custom authorization provider for WebLogic 7.
  In my Access Decision isAccessAllowed method I need to check values of
  the parameters passed to an EJB method. Now, if an EJB method I have
  two parameters of the same type, for example int, when I get
  ContextElement array from ContextHandler and iterate through it to get
  names and values of the parameters I get the same value (value of the
  first int parameter) from both ContextElement's.
  Here is the code:
  String [] names = ch.getNames();
  for (int i = 0; i < names.length; i++)
  String name = names;
  System.out.println("name = " + name);//here it gets array of
  Strings, which contains two parameter names: "int","int",
  which are the types of EJB method parameters
  ContextElement[] ces= ch.getValues(names);
  for (int j = 0; j < ces.length; j++)
       ContextElement ce = ces[j];
       System.out.println(ce.getName()+ " = " + ce.getValue());
  //here if the value of the first int was 2 and the second 0,
  it would get 2 from both ContextElements (each of ContextElements will
  have name "int"
  If I try this with method parameters of different types, for example
  int with value 2 and long with value 0, then this code work fine -
  first ContextEleement has name int and value 2 and the second has name
  long and value 0.
  Thanks,
  -Oleg Kozlov.

• How to remove custom authentication provider in weblogic server 11g

  Hi ,
  I am trying to remove the custom authentication provider in weblogic server 11g, It disappears when i delete it from list of authentication providers. But upon server restart it appears again.
  Documentation for 10g says delete it from service administration but i couldn't find one in 11g. Please help me in removing the custom authentication provider
  Thanks
  Sandeep

  You can try editing the config.xml file and removing it there. (Re: After provider reorder I cannot login admin server console
  If you are referring to a jar file - custom authenticators are usually placed in the <middleware-home>wlserver_10.3/server/lib/mbeantypes/ directory.

• Problem Deploying Custom Transformation Provider to Remote System

  Hello Experts,
  I have successfully created a custom XML Transformation Provider/transformer and deployed it to my local development system and to a remote sandbox system. We are using NWDI and the transformation provider is within the context of a DC.  However, I am deploying to both my local dev and the remote sandbox systems using the u201CQuick PAR Uploadu201D in NWDS.
  After deploying the same PAR to both my local portal and the remote sandbox systems I can see the new service is deployed in both portals (System Administation -> Support -> Runtime -> etc..).  I can also see the service registered successfully in the portal registryu2014again, in both systems.
  Everything works fine on my local dev when I run code to retrieve and apply the custom transformer to source XML.  The new transformer is also available when creating an XML iView.   However, I cannot retrieve or use the new transformer (u201Cno such transformeru201D errors) using the same code on the remote sandbox system.  Also, the new transformer is not available when using the XML iView wizard.
  It seems the custom transformation provider is deploying successfully on the remote system, but the transformer is not.
  Both systems are ostensibly identical, NW 7.0 EP SPS14.  The credentials Iu2019m using when performing the Quick PAR Upload have Administrator/Super Admin Role privileges.  (I even tried uploading the PAR directly into the portal using the Admin Console to see if that made a differenceu2026it did not).
  Any ideas why a transformer would not be available after a custom transformation provider deploys without any apparent errors to the remote system?
  Thanks for your time!

  Hi,
  I presume this issue is not that common.
  Any ideas on where to look (logs) for results after a PAR is deployed to the server?  I do not see any errors in the defaultTrace related to the deployment and I've looked through other logs, too.  In any case, the "custom" transformation provider service appears in the portal, but I still don't see the tranformer itself.
  Thanks again,
  Dave

• Custom security provider exception

  Good day, colleagues. I want to raise an old topic.
  I use custom security provider exceptions:
  -AccountExpiredException
  -AccountLockedException
  However, the login() method only captures FailedLoginException
  try
    CallbackHandler pwcall = new weblogic.security.URLCallbackHandler(user, pass.getBytes("UTF-8"));
    subject = weblogic.security.services.Authentication.login(pwcall);
    weblogic.servlet.security.ServletAuthentication.runAs(subject, request);
  catch (javax.security.auth.login.LoginException e) {
    e.printStackTrace();
  javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User ...
    at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:240)
    at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
    at java.security.AccessController.doPrivileged(Native Method)
  I found similar questions IdentityAssertion custom exception, FailedLoginException asked many years ago for WLS 9.2
  Their solution (wlp.propogate.login.exception.cause=true) does not work for WLS 10.3.
  How to propagate original LoginException?
  Or exception message only.

  I did it! look closely to source code:
  javax.security.auth.login.LoginContext:875
  if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
    // if REQUISITE, then immediately throw an exception
    if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) {
         if (firstRequiredError == null)
              firstRequiredError = le;
    } else {
         throwException(firstRequiredError, le);
  } else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
    // mark down that a REQUIRED module failed
    if (firstRequiredError == null)
         firstRequiredError = le;
  } else {
    // mark down that an OPTIONAL module failed
    if (firstError == null)
         firstError = le;
  javax.security.auth.login.LoginContext:922
  // we went thru all the LoginModules.
  if (firstRequiredError != null) {
    // a REQUIRED module failed -- return the error
    throwException(firstRequiredError, null);
  } else if (success == false && firstError != null) {
    // no module succeeded -- return the first error
    throwException(firstError, null);
  } else...
  I set Control flag: OPTION to DefaultAuth (was REQUIRED)
  and order it after my LoginModule. (restart required!)
  Now I catch my exceptions %)

• Where to upload custom JACC provider jar for AS9.1 (Glassfish V2 Beta 1)?

  Hello,
  as I do have some issues with SOAPMessage object on AS9.0U1 as described here: http://forum.java.sun.com/thread.jspa?threadID=5162508
  I'm also trying to duplicate this issue on AS9.1 (Glassfish V2 Beta 1). At the first I need to deploy our custom JACC provider. I've provided correct setup in admin console Configuration -> Security -> JACC providers, I've also switched to use this provider and as I'm used to, I've uploaded JACC provider jar file to the domains/domain1/lib directory. The problem is, it's not working since starting AS9.1 complains about not found class of my provider. As I said, this is exactly how it's working for me on AS9.0U1. Anyway, I've tried to upload the jacc provider jar file to domains/domain1/lib/ext, but then starting AS9.1 complains about missing javax/security/jacc/PolicyContextException. Whole error message in the server log looks like:
  [#|2007-04-20T10:12:52.015+0200|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=10;_ThreadName=main;com.objectsecurity.openpmf.jacc.Policy;|SEC1143: Loading policy provider com.objectsecurity.openpmf.jacc.Policy.|#]
  [#|2007-04-20T10:12:52.031+0200|WARNING|sun-appserver9.1|javax.enterprise.system.stream.err|_ThreadID=10;_ThreadName=main;_RequestID=822161e0-8f06-433a-b052-fb42afffb14a;|java.lang.reflect.InvocationTargetException
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.sun.enterprise.server.PELaunch.main(PELaunch.java:272)
  Caused by: java.lang.NoClassDefFoundError: javax/security/jacc/PolicyContextException
       at java.lang.Class.forName0(Native Method)
       at java.lang.Class.forName(Class.java:164)
       at com.sun.enterprise.security.PolicyLoader.loadPolicy(PolicyLoader.java:133)
       at com.sun.enterprise.security.SecurityLifecycle.onInitialization(SecurityLifecycle.java:96)
       at com.sun.enterprise.server.ApplicationServer.onInitialization(ApplicationServer.java:240)
       at com.sun.enterprise.server.ondemand.OnDemandServer.onInitialization(OnDemandServer.java:93)
       at com.sun.enterprise.server.PEMain.run(PEMain.java:316)
       at com.sun.enterprise.server.PEMain.main(PEMain.java:260)
       ... 5 more
  Please note that com.objectsecurity.openpmf.jacc.Policy is a Policy provider of our own JACC provider.
  My question is: where exactly to upload JACC provider jar file in order to have it working correctly?
  Thanks!
  Karel

  Did you solve this problem? I've been spinning my head over this. I reinstalled my jdk, reinstalled glassfish, and updated my java.policy file and I still get the same problem.

• How to use getContent() method in custom JSP Provider to display a HTML Pag

  Hi,
  If anybody knows how to use getContent() method to use in custom jsp providers (developed by ourselves) so that it can be used to retrieve a jsp page (a simple html page) ..
  I want the code in the provider java file to for the getContent method...
  Pls. get back to me asap....if any body has implemented a custom jsp provider...as it's urgent...
  I have alreday placed the JSP file in the directory structure /etc/opt/SUNWps/desktop/default/channel_dir..But still the jsp is not being displayed..
  Pls get me the getContent() method code to retrive the JSP file..
  satyabrata

  Hi,
  You don't have to do anything in the custom JSPProvider's getContent method except the call {  return super.getContent(request,response); } . If all you want is just to show your jsp, then create a channel from the default JSPProvider, and edit the property contentPage of that channel from samplecontent.jsp to your jsp name, save the changes and login again. You should see your JSP.
  Sanjeev.

• Unable to load your custom module provider's module-factory-class

  I am having a problem while I deploy my application. it gives me following error:
  Unable to load your custom module provider's module-factory-class com.bea.p13n.descriptor.module.ConfigModuleFactory
  Dont know how to resolve it. the class is in p13n_system.jar file, I have added that jar as a library in deployment but still it shows the same error.
  Added it in classpath as well but same error. (Dont know exactly how to add in class path, i have added just in "Start Server" tab's classpath)
  Any help will be greatly appreciated

  Below link might be helpful.
  http://kr.forums.oracle.com/forums/thread.jspa?threadID=1049509&tstart=0
  Regards,
  Anandraj
  http://weblogic-wonders.com/

• Unable to create or update the Custom Data Provider WIS 10853

  Hi,
  I have created the universe in designer then I created QAAWS. In the web intelligence tool, clicked for new document and then chosen web services under other data sources. After giving webservices detailed, I encountered the following error.
  Error from Personal Datasource : Unable to create or update the Custom Data Provider: invalid information retrieved while trying to get the structure. (CDS 105109). (WIS 10853)
  Can anyone help abt this problem? I wud very thankful for them.

  Hi,
  Can you post the wsdl URL. It would be of great help if we could have a look at the wsdl schema. Not all schemas are supported at the moment and hence the error. You can have a look at the limitations section in the documentation guide.
  Regards
  Rahul

• Building an Admin Console Extension for a Custom Security Provider

  I am looking for an example or a description how to build an Administration Console extension for a custom Authentication Provider.
  Especially the creation page for the provider is interesting because I am not able to create and register the required Authentication Provider MBean.
  The call “mbeanHome.getMBeanServer().createMBean(className,objectname)” always throws the following Exception “javax.management.ReflectionException: The MBean class could not be loaded by the default loader repository”
  Even if I try the class “weblogic.security.providers.authentication.IPlanetAuthenticator”, that is part of the bea distribution, the same exception is thrown.
  It seams that the Problem has something to do with class loaders?
  When I use the standard admin console pages to create and configure my provider everything works fine.
  The only example “kennedy0208.zip” I found in the net does not deal with the creation of the MBean.
  It only customizes the edit pages for the provider and at that point the MBean has already been created by the standard admin pages.
  Maybe the author discovered the same Problems and gave up!?
  What makes me wondering is that I have to put my MBean Classes to my console extension war file to be able to import the packages in my jsp.
  If I not put the classes to my war the compiler throws an exception because he can’t resolve the package.
  Because I moved my provider implementation jar to the directory “WLHOME\server\lib\mbeantypes” as described in the bea documentation it should run without putting the classes to the war!?!
  I am very surprised that the bea documentation does not provide any example about this topic.

  Found it. Cut and paste error. I still had one of their example class
  names in my code. Oops.

• Deploying a custom reporting provider in Oracle Service Bus

  Hi All,
  I am new to OSB. From the reporting documentation I understand that we can register a custom reporting provider which will be called by the Report actions in the service bus. I have written a reporting handler which implements "com.bea.wli.reporting.ReportingDataHandler" and a listener class which extends "weblogic.application.ApplicationLifecycleListener" class. In the listener class I register my report handler class with the ReportingDataManager.
  I understand that the listener class has to packaged and deployed in the WLS. Can someone help me explaining how this should be done.
  I tried deploying it as a jar but my tests do not reveal that the Report action in OSB did call my report handler. I have followed the instructions as given in http://edocs.bea.com/wls/docs90/programming/lifecycle.html yet I am not successful. I have also disabled the default JMS reporting provider.
  What needs to be done after deploying the listener? How does the OSB make use of the new listener?
  Any pointers in right direction will help me a lot.
  Thanks,
  Abarajithan.
  Edited by: user5120225 on 27-May-2009 21:00

  What needs to be done after deploying the listener? How does the OSB make use of the new listener?Did you enable reporting in your application/OSB? operational settings for the proxy contains check box (in sbconsole) Reports which should be enabled
  and also we have to put reporting action in our pipeline. Is the reporting provider not receiving events/reports even after this ?
  thanks
  Manoj