Custom session validator

Hi All!
Is it possible to create custom session validation mechanism in coherence, which checks session availability in third party system (Siebel in our case) and provides data caching assigned to this session from external Web Services?
Thank you very much :)

Coherence supports HTTP Session Caching via Coherence*Web.
In terms of doing something similar for some other session context such as Siebel it may or may not be doable depending upon the nature of
the session object you are caching. You probably would need to use standard Coherence API mechanisms and application logic to manage the session state
and relate it to other entities.

Similar Messages

Issue in keeping the InfoView session valid using Custom JSP Open Document

Hi
We are using OpenDocument URL in custom JSP to show BO Web Intelligence Document. The documents are opening fine but some of our WebI documents have links to other WebI document, when the link is clicked it takes to Info View Login Page.
If I login and logout once from InfoView then the WebI document links work fine.
Can you please guide me on how to make the session valid for WebI internal links? Do I need to create a Cookie or use URL Encoding?
Following is the sample JSP code:
<%@ page import="com.crystaldecisions.sdk.exception.SDKException" %>
<%@ page import="com.crystaldecisions.sdk.framework.CrystalEnterprise" %>
<%@ page import="com.crystaldecisions.sdk.framework.IEnterpriseSession" %>
<%@ page import="com.crystaldecisions.sdk.framework.ISessionMgr" %>
<%@ page import="com.crystaldecisions.sdk.occa.infostore.IInfoStore" %>
<%@ page import="com.crystaldecisions.sdk.occa.security.ILogonTokenMgr"%>
<%
try{
String systemName = "ServerName";
String userName = "user";
String password = "pass";
String authType = "secEnterprise";
IEnterpriseSession enterpriseSession=null;
if (enterpriseSession == null)
ISessionMgr enterpriseSessionMgr = CrystalEnterprise.getSessionMgr();
enterpriseSession = enterpriseSessionMgr.logon(userName, password, systemName, authType);
ILogonTokenMgr logonTokenMgr = enterpriseSession.getLogonTokenMgr();
String defaultToken = logonTokenMgr.createWCAToken("",20,10);
response.sendRedirect("http://boServer:port/OpenDocument/opendoc/openDocument.jsp?iDocID=16894&token="+defaultToken);
catch(Exception e)
e.printStackTrace();
%>

Thanks Aasavari for responding. My problem is solved.
I need not create any cookie or create token using getLogonToken
Some of the URLs in the webi documents were incorrect and so Info View was taking to the Info View Login page.
But I am surprised though why info view not complain about incorret and rather takes to the login page.
Thanks for your help again.

IPlanet 6.0 Session Validation

Hi,
We are using iPlanet 6.0 web server on windows 2000 environment. The session validation is done using custom SAF, created as .dll file. Now, the problem we are facing currently is,
*1. http://www.test.com/sample/xxx/a.htm*
*2. http://www.test.com/example/yyy/b.htm*
If I use the first URL, the web server calls the custom SAF dll file and checks whether the session is valid or expired. If the session is expired, it will redirect the users back to login page.
Whereas, if I use the second URL,the session validation is not done. The web server just serves the client requested page.
Hence, I understand the session validation is done only for the pages that reside under */sample/* directory located under wwwroot.
The question is, where is this path to check for session validation is mentioned.
Any help is highly appreciated...
Thanks in advance,

WS6.0 docs are located in http://docs.sun.com/app/docs/coll/S1_ipwebsrvree60_en
Info about Session manager :
http://docs.sun.com/source/816-5689-10/sess.htm
Can you send your server.xml and other configuration files in <ws-install-root>/<instance>/config directory?
Can you migrate to 7.0 update 2 if possible?
You can download it fro free from http://www.sun.com/software/products/web_srvr/home_web_srvr.xml

URGENT---EJB 3.0--Toplink essential - loading custom session customizer

Dear all,
I am a newbie to EJB as well as JPA...for some reason i need to write a custom session customizer
i config the persistence.xml with the following property:
<property name = "toplink.session.customizer" value = "customizer.MyCustomizer"/>
My EJB project structure:
Application1
->EJB_Project1
->customizer
->MyCustomizer.java
->bean
->BeanARemote.java
->BeanBRemote.java
->META-INF
->persistence.xml
when i want to test the EJB project..the following exception occur...
==============================================================
Exception Description: ClassNotFound: [customizer.MyCustomizer] specified in [toplink.session.customizer] property.
Internal Exception: oracle.classloader.util.AnnotatedClassNotFoundException:
Missing class: customizer.MyCustomizer
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0
Code-Source: /C:/Oracle10-1-3-11/toplink/jlib/toplink-essentials.jar
Configuration: <code-source> in /C:/Oracle10-1-3-11/jdev/system/oracle.j2ee.10.1.3.39.14/embedded-oc4j/config/server.xml
This load was initiated at oracle.persistence:1.0 using the Class.forName() method.
The missing class is available from the following locations:
1. Code-Source: /G:/JDeveloper/jdev/mywork/Application1/EJB_Project1/classes/ (from <ejb> in unknown)
     This code-source is available in loader current-workspace-app.root:0.0.0.
     This is the current thread's context loader, and it appears that Class.forName() was used to load the dependent class.
     If a loader was not explicitly passed to Class.forName(), try passing the result of calling Thread.currentThread().getContextClassLoader().
==============================================================
the application server cannot load the class but it can locate where the class is...
why???
i futher check if the problem is related to parent-child class-loader mechanism
in the code, i call the Class.getClassLoader() in order to obtain which classloaders
my session customizer and JPA EntityManager (implied for the whole toplink essential?) were loaded by...
result: for custom session customizer..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
5th classLoader == system.root:0.0.0
6th classLoader == default.root:0.0.0
result: for JPA EntityManager..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
it seems the EntityManager is loaded in 'higer level' class loader, so it can't access
class load in 'lower level' class loader ..
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0But something strange is that the exception message saying the loader is oracle.persistence:1.0 ???
Could anybody help me......?
what is the solution...?
i have searching in the web for days but can't find solution !!!
Thank you very much ...
** My development environment:
JDeveloper: 10.1.3.1
window xp sp2
sun java sdk 5 update 9

i have futher check if the problem is related to class loading
i call the Class.getClassLoader() in order to obtained which classloaders
my session customizer and EntityManager were loaded...
obtain the following result: for my session customizer..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
5th classLoader == system.root:0.0.0
6th classLoader == default.root:0.0.0
for EntityManager..
top classloader == jre.bootstrap:1.5.0_09
2nd classLoader == jre.extension:0.0.0
3rd classLoader == api:1.4.0
4th classLoader == oc4j:10.1.3
it seems the entity manager is loaded in 'higer level' class loader, so it can't access
class load in 'lower level' class loader ..
Dependent class: oracle.toplink.essentials.internal.security.PrivilegedAccessHelper
Loader: oracle.persistence:1.0But something strange is that the exception message saying the loader is oracle.persistence:1.0 ????
Could anybody help me......?
what is the solution...?
Thank you ...

Clearing custom session variable in 5.0

I have set a custom session variable in a method called in the OnAfterLogin PEI.
Do I need to ckear this session variable on logout? If so, how do I do that?
Or does the session variable clear on its own if teh session is abandoned or killed on logout?
I just want to make sure I am not leaking any memory and do proper housekeeping.
Thanks!
Vanita
Staples

Sam,
It appears that you are one of the few installations that actually used a display/formatting page under 4.x. Under 5.0 you have the option of going directly to the source of the card or gatewaying the card. Those are your only two options to my knowledge. I suppose that the answer might rest on using docfetch but this would require a custom CWS.
Good Luck
Phil Orion

IsolatedClientSession (10.1.3) vs. custom session broker

Hi, Doug.
You may still remember the design of the custom session broker originated from you in our project.
Basically, we dynamically partition the classes during the session initiation time such that all the read-only classes (reference data) are put to a shared server session and all the non-read-only classes (transactional data) to a database session. A custom client session broker is constructed based on two sessions, the shared server session and a private database session whose life only spans a single transaction. The main idea here is that, the transactional data is volatile, and should not been cached in the shared session cache.
Now, with TopLink_10.1.3 available, I noticed that there is a new type of session called isolated client session, and that a class can be configured to be isolated. In my understanding, this solves the exactly same problem as the custom session broker.
I did some investigation to see whether it is possible for replace the custom session broker by the isolated client session. However, I got a run time exception:
Isolated Data is not currently supported within a Client Session Broker.
My questions is:
Is the isolated data to be supported by the client session broker soon?
Or you have other suggestions?
Thanks.
Zhonghua

Thanks for your response.
Yes, you are right, and it is not entirely necessary for us to use SessionBroker any more. I already did some experiments in this regard.
But, there are two downsides here:
(1) The existing code and configuration are tied to the SessionBroker, and lots of changes would be required.
(2) SessionBroker does provide us some flexibility in case we do need to use multiple databases in the future.
Therefore, if TopLink will support isolated classes in the client SessionBroker soon, it would be better for us to just wait for a future release.

Want the Customer specific validations at the time of asset posting

Dear all,
I want to implement Customer specific validations at the time of asset posting(ABZON , F-90 , F-91).Please tell which user-exit should I use??
AINT0004 is working only for ABZON.
AINT0001 is not as per my requirements!!
Regards,
Amiya

Hi Amiya ,
u can achieve thru Validations / Substitutions OB28. But u have limitations in the implementations of Logic .
regards
Prabhu

Help with jsp session validation

i've build up a page that only users wil 'administrator' as the session is variable can access. if they don't they will be directed to the login page.
However, I'm getting a null pointer exception.
my code is as follows:
<%@ page import="java.io.*"%>
<%
     if (session.getAttribute("id").equals(null) || !(session.getAttribute("id").equals("administrator")))
          response.sendRedirect("adminlogin.htm");
%>
Error Message:
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException
root cause
java.lang.NullPointerException
any pros please help? i know it's something to do with my jsp session validation. thanks in advance.

one more thing, with regrads to the solution evnafets provided. I tried it out on all my pages that requires administrator rights and found that the code only redirects when it's not expecting any parameters. Else, it just display an error message there. Is there a way around this? Or I should let let my end user suffer?
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException
     at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:248)
     at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
     at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:405)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:380)
     at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:508)
     at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:533)
     at java.lang.Thread.run(Thread.java:534)
root cause
java.lang.NullPointerException
     at org.apache.jsp.view_jsp._jspService(view_jsp.java:177)
     at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:136)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:204)
     at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:289)
     at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:240)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:260)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2396)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
     at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
     at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:405)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:380)
     at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:508)
     at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:533)
     at java.lang.Thread.run(Thread.java:534)

Custom Session Manager in SJS EWS 6.1, not IWSSessionManager

Now that the IWSSessionManager is deprecated in Enterprise Web Server 6.1, and their is no other persistant server-server session storing Session Managers shipped with Sun Web Server Enterprise 6.1 (file based storage does not count), I would like to know if anyone knows how to configure a custom session manager into the sun-web.xml file (not using IWSSessionManager).
I want to create my own session manager using JGroups multicast, or even JDBC as the persistant store. And I want to be able to use it with the next major version of Enterprise Web Server in addition to the current 6.1 version.
We own Enterprise Application Server, and I also see in GlowFish that a CUSTOM session manager can be configured. So I am betting the SJS Enterprise Web Server also has the same capabilities, but it is not published in the documentation.
Anyone have the real scoop on this matter?
-RG

In the previous post,
I meant GlassFish, not GlowFish.

Servlet/jsp & custom sessions

          Our app is using custom sessions with most of the data stored in
          ejbeans. We can't really use http sessions
          as multiple 'http' sessions may end up using the same set of beans which
          make up our own 'application defined'
          session. As the set of beans making up one session are typically located
          on the same host, we'd like to make sure
          that all requests using them are processed on the respecting host.
          I understand now that performing some kind of 'servlet-chaining' in
          order to forward a request to the correct host
          is a bad idea. Our current solution is to wrap the processing of the
          request into a ejbean which is made available
          throughout the cluster by adding a reference into the jndi tree (using
          the beans allows us to ensure that sessions time
          out when necessary.) What i don't like about this approach is that there
          is no way to write a simple servlet or jsp
          pages as direct access to the servlet interface is lost (a copy of the
          servlet-related data could be sent to the bean
          on remote host, but that's expensive and ends up in something similar to
          servlet-chaining.)
          Does any know of possibilities to solve this problem a little bit more
          elegantly? Essentially i'd like to run servlet and
          jsp pages on top of our 'application defined' sessions, efficiently
          working in a cluster.
          Thanks a lot for any suggestions,
          roman


          thank's for your reply!
          the whole thing is not really related to ejb, i'm just using it as a
          workaround.
          it's actually a gross misuse of ejb...
          the main issue is that i'd like to be able to write jsp pages and store
          per-session
          information in a object other than the HttpSession. i cannot use the
          HttpSession
          because one session in our application does not necessarily correspond
          to one http
          session.
          so far the solution is trivial; i just keep keep a reference to the
          session data
          in the jndi tree. for each request, i can find the data with one jndi
          lookup. it
          even works on a cluster by using remote objects and a replicated jndi
          tree (thank
          you, weblogic!)
          but, for efficiency, i'd also like to process each request on the same
          host where
          the session data is stored... how can i do that without servlet
          chaining?
          roman
          Prasad Peddada wrote:
          >
          > It is not quite clear to me what you are trying to do here.
          >
          > What type of ejbs are you talking about?
          >
          > Roman Puttkammer wrote:
          >
          > > Our app is using custom sessions with most of the data stored in
          > > ejbeans. We can't really use http sessions
          > > as multiple 'http' sessions may end up using the same set of beans which
          > > make up our own 'application defined'
          > > session. As the set of beans making up one session are typically located
          > > on the same host, we'd like to make sure
          > > that all requests using them are processed on the respecting host.
          > >
          > > I understand now that performing some kind of 'servlet-chaining' in
          > > order to forward a request to the correct host
          > > is a bad idea. Our current solution is to wrap the processing of the
          > > request into a ejbean which is made available
          > > throughout the cluster by adding a reference into the jndi tree (using
          > > the beans allows us to ensure that sessions time
          > > out when necessary.) What i don't like about this approach is that there
          > > is no way to write a simple servlet or jsp
          > > pages as direct access to the servlet interface is lost (a copy of the
          > > servlet-related data could be sent to the bean
          > > on remote host, but that's expensive and ends up in something similar to
          > > servlet-chaining.)
          > >
          > > Does any know of possibilities to solve this problem a little bit more
          > > elegantly? Essentially i'd like to run servlet and
          > > jsp pages on top of our 'application defined' sessions, efficiently
          > > working in a cluster.
          > >
          > > Thanks a lot for any suggestions,
          > > roman

SWS 7.0U1 Custom Session Store

Is there a way to write a custom session store for SWS 7.0U1? The documentation seems to state that there is a way and the DTD shows a type of 'custom' as an accepted type, but there doesn't seem to be any other information about it. If I attempt write something implementing the SessionDataStore that comes in the examples directories the IWSHttpSession class seems to be not available to build again.
Is it where I have to go back and write against the even more deprecated IWS 6.0 Session Manager codebase and plug my own Session Manager in there if I don't want an in-memory, File or JDBC based Session Manager or Session Store?
-steve

Yes, that document. Under where it says :
"File Session Manager
The file is another file-system-based session manager provided with Web Server. For session persistence, file can use a file to which each session is serialized. You can also create your own persistence mechanism."
I was assuming that the "You can also create your own persistence mechanism." meant something along the lines of being able to look at the FileStore.java example code and then create a MemcachedStore.java and possibly somehow use the 'custom' type as defined in the DTD (sun-web-app_2_5-0.dtd) for persistence-manager and possibly a class definition and that _store would be used by the Session Manager to store off the sessions. The problem is that when compiled against the webserv-rt.jar that comes with SWS7.0U1 it says that IWSHttpSession is unavailable.
So now I'm assuming that you pretty much just have to go and create a MemcachedSessionManager along with a MemcachdSession and plug it in there utilizing the deprecated IWS 6.0 mechanism.
-steve

How to make custom data validation on standard form.

Hi,
I have some little OAF experience. I have extended VO so far but I am still newbie.
I need to make custom data validation on standard form.
I Oracle Credit Management module on "Create Credit Application: Applicant" form I need
to validate chosen currency against customer setup (whether there is customer profile amount for the currency).
The page is /oracle/apps/ar/creditmgt/application/webui/ARCMCREDITAPPPAGE
There are controllers on the page:
oracle.apps.ar.creditmgt.application.webui.creditAppContentFooterCO 115.14.15104.2
oracle.apps.ar.creditmgt.application.webui.creditApplicationPageCO 115.6
oracle.apps.ar.creditmgt.application.webui.creditAppRegion2CO 115.13.15104.2
oracle.apps.ar.creditmgt.application.webui.creditApplicationCO 115.8.15104.3
oracle.apps.ar.creditmgt.application.webui.creditAppRegion1CO 115.28.15104.4
oracle.apps.ar.creditmgt.application.webui.creditAppBusBackCO 115.6
oracle.apps.ar.creditmgt.application.webui.OCMApplicantInfoRNCO 115.4
creditApplicationPageCO is pageLayout controller.
Please direct me how to achieve it.
Which controller should I extend (if any)?
How to get values from the page (customer site id, currency) and how to run custom sql in my CO class ?
Regards,
Marcin

Hi Marcin,
You have to find your GO button is handled in which standard controller, (if you click on the about this page, you should be able to identify the controller,
or you can download all the controller .class files and decompile and check the logic).
Then extend that controller(which has the Go button logic, you can see how it has been handled.),
The usual way to check is
if(pageContext.getParameter('<Go button name>') !=null)
Since you want to validate first your custom validation, in the extended controller ProcessFormRequest
dont call the super.processFormRequest unless your validation is success.
Call the super at the end.
Inside your extended controller you have to find your AM and then your required ViewObject to get the user entered values.
Thanks,
With regards,
Kali.
OSSi.

Custom password validation

hi,
I am trying to write a custom java file for password validation. when we load it and compile using adadmin the class file is not getting generated.
also, i would like to know how to customize the message that appears.
example PASSWORD-INVALID. I would like to use explanatory message. Where do i define these strings.
package oracle.apps.fnd.security;
import oracle.apps.fnd.common.VersionInfo;
// Referenced classes of package oracle.apps.fnd.security:
// PasswordValidation
public class AppsPasswordValidationCUS
implements PasswordValidation
public String getErrorStackApplicationName()
return "FND";
public String getErrorStackMessageName()
return m_errorStackMessageName;
public boolean validate(String username, String password)
if(password ==null || password.length() == 0 || username == null || username.length() == 0)
m_errorStackMessageName = "PASSWORD-INVALID";
return false;
if(password.length() < 6)
m_errorStackMessageName = "PASSWORD-INVALID-LENGTH";
return false;
if(!validateLettersAndDigits(password))
m_errorStackMessageName = "PASSWORD-INVALID-LETTER-NUMBER";
return false;
if(!validateNoUsername(username, password))
m_errorStackMessageName = "PASSWORD-INVALID-USERNAME";
return false;
if(!validateNoRepeats(password))
m_errorStackMessageName = "PASSWORD-INVALID-REPEATS";
return false;
return true;
private boolean validateLettersAndDigits(String p_password)
boolean flag = false;
boolean flag1 = false;
for(int i = 0; i < p_password.length(); i++)
if(Character.isLetter(p_password.charAt(i)))
flag = true;
if(Character.isDigit(p_password.charAt(i)))
flag1 = true;
return flag && flag1;
private boolean validateNoUsername(String p_username, String p_password)
return p_password.toUpperCase().indexOf(p_username.toUpperCase()) == -1;
private boolean validateNoRepeats(String p_password)
for(int i = 1; i < p_password.length(); i++)
if(p_password.charAt(i) == p_password.charAt(i - 1))
return false;
return true;
private String m_errorStackMessageName;
}

Hi Colin,
We are able to update the password in OIM user profile now. However, after the process is done in java code, it is not redirecting to OAM Password change success page which will have a Back button. Also, we are seeing a Bug Report form page with the content given below:
Bug Report Form
An error has occurred while executing the application.
Your browser doesn't support sending mail automatically!
Please send E-Mail to <a =""></a> with the following information:
Your Name
Organization
E-Mail Address
Phone Number
Comment
Make sure to append the following traceback in the mail.
Traceback Traceback is unavailable.
Product Lost Password ManagementVersion
Platform Linux
Any clue as when we will witness this?
-Mahendra.

Custom Session(?) Attribute

I am developing channels that connect to another application (e.g. a database). if the user sucessfully connects to the application an application Session is returned. What I want to do is populate a userSession-wide attribute(?) with the value fo the session such that any Channel would do a getAttribute("appSession") and either have the appSession or null returned.
How would/might I achieve this? If I define an attribute (appSession) for each Channel it doesn't that it would be referencing the same attribute. Could I do it with a sess.setProperty(), getProperty()? The session is actually an App Session object.

IF you are using a custom authentication module then there are two api calls, setUserSessionProperty and getUserSessionProperty, that allows you to add the user session to be later used by channels.
Altnernatively you can define a custom attribute in the iwtUser component. e.g ( iwtUser-AppSession) and set your app session value in this attribute.
This attribute can then be used by all channels or other components. However this attribute value will remain once the user logged off and you have to reset the value next time the user logs in ..
HTH ..

10.1.3, Session Edior, Specifying custom session event listener

When in 9.0.4.4, we can specify custom sesson event listener in session editor.
Using 10.1.3 mapping workbench/session editor, I haven't found a way of doing it. Is this supported?
Thanks.
Haiwei

Never mind. After adding jar to the classpath, I now can specify custom sesson event listener in the session editor. Thanks.

Custom session validator

Similar Messages

Maybe you are looking for