Defining security-constraint for weblogic

          I'm working on declarative security using web.xml. Somehow I need to define the
          user names, password, etc. in which j_security_check relies on. I created a JAAS
          LoginModule which connects to me database and looks up users.
          How do I tell weblogic what to use when authenticating users? I'd imagine it's
          some weblogic.xml element, but I can't figure it out.
          thanks
          James
          

          James,
          If you use JAAS callback to go to your databse and authenticate a user say "A",
          this doesn't help becaase Weblogic has no idea who A is or what groups A belongs
          to.
          Once you use a realm, WLS knows exactly who A is and which groups he belongs to,
          then the declartive security in web.xml comes into play. For example if you restrict
          certain resources to a principal named "Administrators" and then map it to a group
          named "Administrators" in the realm. Once A is made a member of this group, he
          will be able to access the protected resources automatically.
          "James Leone" <[email protected]> wrote:
          >
          >I've read up on Realms and looked at the example for implementing a custom
          >realm.
          >
          >Are you telling me that all of that security stuff in web.xml not implemented
          >through JAAS, rather I need to implement the weblogic interfaces to create
          >my
          >own realm?
          >
          >If this is the case, what good is JAAS in a web application (more specifically
          >LoginModule and Callbacks)? It would make sense if weblogic itself implemented
          >the framework in JAAS, the I point it to my custom LoginModule (this
          >opposed to
          >implementing a proprietary realm).
          >
          >"Jawahar" <[email protected]> wrote:
          >>
          >>James,
          >>
          >>You should be using a security realm and not reading the database yourself.
          >>Read
          >>up on realms and set one up.
          >
          

Similar Messages

  • Setting security constraint for web App

    Hai all!
    I am new to bea and i am trying to set up security constraints for my webaplication..
    I want user to be authenticated before he access any of the pages in browser..
    All i did was adding following entries to web.xml
    <security-constraint>
              <web-resource-collection>
                   <web-resource-name>
                        webresources
                   </web-resource-name>
                   <url-pattern>
                   </url-pattern>
              </web-resource-collection>           
              <login-config>          
                   <auth-method>
                   BASIC
                   </auth-method>          
              </login-config>
         </security-constraint>
    But no such thing is happening,,
    I know i am doing wrong but donno where exactly i am wrong..
    Pls guide me in sequnece of steps regarding what to do to accomplish what i want..
    Thanks and Regards
    Manohar

    I guess you need to set the role that is allowed to log into your application.
    try this in web.xml:
         <security-constraint>
              <display-name>Whatever</display-name>
              <web-resource-collection>
                   <web-resource-name>resource</web-resource-name>
                   <description>Desc</description>
                   <url-pattern>/*</url-pattern>
                   <http-method>GET</http-method>
                   <http-method>POST</http-method>
              </web-resource-collection>
              <auth-constraint>
                   <description>desc</description>
                   <role-name>MyRole</role-name>
              </auth-constraint>
                   <user-data-constraint>
                   <transport-guarantee>NONE</transport-guarantee>
              </user-data-constraint>
         </security-constraint>
         <login-config>
              <auth-method>BASIC</auth-method>
         </login-config>
         <security-role>
              <description>desc</description>
              <role-name>MyRole</role-name>
         </security-role>
    and map the role with a group/user in weblogic.xml:
         <security-role-assignment>
              <role-name>MyRole</role-name>
              <principal-name>MyGroupOfUsers</principal-name>
         </security-role-assignment>
    Hope this helps.
    Xavi
    "Manohar" <[email protected]> wrote:
    >
    Hai all!
    I am new to bea and i am trying to set up security constraints for my
    webaplication..
    I want user to be authenticated before he access any of the pages in
    browser..
    All i did was adding following entries to web.xml
    <security-constraint>
              <web-resource-collection>
                   <web-resource-name>
                        webresources
                   </web-resource-name>
                   <url-pattern>
                   </url-pattern>
              </web-resource-collection>           
              <login-config>          
                   <auth-method>
                   BASIC
                   </auth-method>          
              </login-config>
         </security-constraint>
    But no such thing is happening,,
    I know i am doing wrong but donno where exactly i am wrong..
    Pls guide me in sequnece of steps regarding what to do to accomplish
    what i want..
    Thanks and Regards
    Manohar

  • Secure JSESSIONID for Weblogic running HTTP behind load balancers

    We run multiple Weblogic application servers behind a load balancer. We use an SSL accelerator to avoid encrypt/decrypt functions on the CPUs hosting Weblogic. Our Weblogic servers are running version 10.3.
    Here is my conundrum:
    1) For security purposes, we want the cookie JSESSIONDID to be secure.
    2) Weblogic doesn't seem to want to allow me to set this secure flag as there is no HTTPS on Weblogic.
    3) Network performance dictates that we don't want to run weblogic using https.
    Any suggestions to get JSESSIONID set as secure and http-only on a Weblogic server that is not running https?
    Thanks.

    We run multiple Weblogic application servers behind a load balancer. We use an SSL accelerator to avoid encrypt/decrypt functions on the CPUs hosting Weblogic. Our Weblogic servers are running version 10.3.
    Here is my conundrum:
    1) For security purposes, we want the cookie JSESSIONDID to be secure.
    2) Weblogic doesn't seem to want to allow me to set this secure flag as there is no HTTPS on Weblogic.
    3) Network performance dictates that we don't want to run weblogic using https.
    Any suggestions to get JSESSIONID set as secure and http-only on a Weblogic server that is not running https?
    Thanks.

  • Oracle Identity Server Authenticator as Security Provider for Weblogic 10.3

    Hi,
    I am getting the following exception on weblogic server 10.1.3 console when accessing users and groups in security realm. This can be reproduced using the following steps.
    1. I have installed Oracle Identity Management 10.1.4 (Oracle SSO). I have installed Oracle SSO using the default port options. I tested accessing the Internet directory using orcladmin user and it is working with out any problems.
    2. Installed Oracle weblogic Server 10.1.3 and then installed ADF runtime. I verified the installation by accessing the admin server console and did not find any issues.
    3. Opened the Admin Console and then accessed the Security Realms and then selected myrealm. Then selected Providers and added Oracle Internet directory Authentication provider.
    4. configured the provider specific parameters like the host name and port number (389).
    Now when I select user and groups tab I am getting the following exception on weblogic adminserver command prompt console.
    Am I missing any steps in configuring Oracle Internet directory authenitcaiton provider for weblogic 10.3.1
    <Oct 13, 2009 8:33:21 PM EDT> <Error> <Console> <BEA-240003> <Console encountere
    d the following error weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090294]could not get connection
    at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3224)
    at weblogic.security.providers.authentication.LDAPAtnDelegate.listUsers(LDAPAtnDelegate.java:2248)
    at weblogic.security.providers.authentication.LDAPAuthenticatorImpl.listUsers(LDAPAuthenticatorImpl.java:178)
    at weblogic.security.providers.authentication.OracleInternetDirectoryAuthenticatorMBeanImpl.listUsers(OracleInternetDirectoryAuthenticatorMBeanImpl.java:221)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:437)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
    at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:268)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)
    at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:443)
    at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:314)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)
    at java.security.AccessController.doPrivileged(Native Method)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)
    at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1426)
    at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)
    at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1264)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1366)
    at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)
    at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
    at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
    at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)
    at javax.management.remote.rmi.RMIConnectionImpl_1031_WLStub.invoke(Unknown Source)
    at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:978)
    at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:544)
    at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)
    at $Proxy106.listUsers(Unknown Source)
    at com.bea.console.utils.security.UserUtils.getUsers(UserUtils.java:78)
    at com.bea.console.actions.security.users.UserTableAction.getCollection(UserTableAction.java:100)
    at com.bea.console.actions.security.ManagementBaseTableAction.execute(ManagementBaseTableAction.java:83)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:2044)
    at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:91)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2116)
    at com.bea.console.internal.ConsolePageFlowRequestProcessor.processActionPerform(ConsolePageFlowRequestProcessor.java:262)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:556)
    at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:853)
    at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:631)
    at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:158)
    at com.bea.console.internal.ConsoleActionServlet.process(ConsoleActionServlet.java:256)
    at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
    at com.bea.console.internal.ConsoleActionServlet.doGet(ConsoleActionServlet.java:133)
    at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1199)
    at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.executeAction(ScopedContentCommonSupport.java:686)
    at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.renderInternal(ScopedContentCommonSupport.java:266)
    at com.bea.portlet.adapter.scopedcontent.StrutsStubImpl.render(StrutsStubImpl.java:107)
    at com.bea.netuix.servlets.controls.content.NetuiContent.preRender(NetuiContent.java:292)
    at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:428)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:727)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)
    at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:146)
         at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395)
    at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361)
    at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:208)
    at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:162)
    at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:388)
    at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:258)
    at com.bea.netuix.servlets.manager.UIServlet.doGet(UIServlet.java:211)
    at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:196)
    at com.bea.netuix.servlets.manager.SingleFileServlet.service(SingleFileServlet.java:251)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    at com.bea.console.utils.MBeanUtilsInitSingleFileServlet.service(MBeanUtilsInitSingleFileServlet.java:47)
    at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:130)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    Caused by: java.lang.reflect.InvocationTargetException
    at weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactory.newInstance(LDAPAtnDelegate.java:3890)
    at weblogic.security.utils.Pool.newInstance(Pool.java:37)
         at weblogic.security.utils.Pool.getInstance(Pool.java:33)
    at weblogic.security.providers.authentication.LDAPAtnDelegate.getConnection(LDAPAtnDelegate.java:3219)
    ... 119 more
    Caused by: netscape.ldap.LDAPException: error result (49)
    at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4871)
    at netscape.ldap.LDAPConnection.simpleBind(LDAPConnection.java:1766)
    at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1264)
    at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1273)
    at netscape.ldap.LDAPConnection.bind(LDAPConnection.java:1562)
    at weblogic.security.providers.authentication.LDAPAtnDelegate$LDAPFactory.newInstance(LDAPAtnDelegate.java:3860)
    ... 122 more
    Thanks and Regards,
    S R Prasad

    The problem has been resolved after providing OID admin user creadential with cn=orcladmin instead of orcladmin. The Security:090294 is related to OID credentials.
    Regards,
    S R Prasad

  • How we can define storage capacity constraint for SAP APO SNP(trading company)

    Hi
    can any one advise how we can define storage capacity constraint in SAP APO SNP.Typically businesss scenario its a trading company  sources from different sources and deliver to the distribution centres,its typically sourcing optimization using SNP optimizer.How we can define capacity constraint for a source?
    Thanks

    Hello Poorna
    I suggest you to refer this thread which will be helpful.
    Storage capacity as hard constraint in SNP optimizer
    and this is one very informative document too.
    http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b004ab38-d73f-2d10-9d86-81f014034235?overridelayout=t…
    Hope this will help
    Thank you
    Satish Waghmare

  • Different time constraint for  0081-military service infotype and subty

    Hello
    I need as follows:
    To enable entry for each desired valid Subty.
    To enable ONLY ONE entry for each Subty.
    Time constraint T is not allowed for 0081 so I used
    Time constraint Z and I'm trying to maintain T591A.
    But I don't find the expected entry which offer me to
    define time constraint for each Subty.
    Instead,  I have only the field "ObjId".
    (Are there other IT which behave the same ?)
    Regards
    Zeev Gavish

    hi allan,
    cud u plz help me how to sort out this problem actually in mu company the same scenario is here need to be display pe51 form instead of standard hrforms.....
    plz help me how will i replace this "hrforms with pe51"..

  • url-pattern for extension mapping in security-constraint not working

    I'm trying to use extension mapping in a <security-constraint> configuration,
    According to:
    http://download.oracle.com/otn-pub/jcp/servlet-3_1-fr-eval-spec/servlet-3_1-final.pdf?AuthParam=1429824454_de04222eab1b8…
    Section 12.2:
    A string beginning with a ‘*.’ prefix is used as an extension mapping.
    But WebLogic does not take in consideration my configuration. If I use path mapping exact mapping it work.
    My configuration is:
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Unsecured</web-resource-name>
            <url-pattern>*.wsdl</url-pattern>
            <url-pattern>*.xsd</url-pattern>
        </web-resource-collection>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>HttpAuth</web-resource-name>
            <url-pattern>/ws/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>ws-user</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>INTEGRAL</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>Test1</realm-name>
    </login-config>
    <security-role>
        <role-name>ws-user</role-name>
    </security-role>
    WebLogic Server 12c (12.1.3)
    Has anybody used extension mapping with security-constraint? Is that a WebLogic issue?

    Hi nikita,
    I have delt with the same problem before. As you say, most JSF actions all get posted back to the original page, and the faces servlet internally redirects according to the navigation rules and actions. This can mean the URL seen by the browser does not always correspond to the actual JSP (wrapped by JSF) that produced the content.
    Generally adding the "<redirect/>" tag to all your navigation rules (in faces-config.xml) remedies this, so the actions are still posted back to the original page, but then the JSF servlet sends an http-redirect to the browser before invoking the new page. This way, the URL is always in sync, and the security constraints defined in your web descriptor always get invoked properly.
    regards,
    tony

  • ORA-00001: unique constraint during "Configure Database Security Store for OIM Domain"

    Hi Guru's,
    I am following the below steps for OIM 11.1.2.1 with SOA 11.1.1.7 Installation and facing below error during step "Configure Database Security Store for OIM Domain".
    Installed Database 11.2.0.3
    Installed RCU (Here I used two versions.
         RCU 11.1.2   - Used IDAM prefix for (Metadata Services, OPSS, OIM)
         RCU 11.1.1.7 - Used SOA prefix for(Metadata Services,SOA Infrastructure, User Messaging service)
    Installed JDK 7 (Java 1.7)
    Installed WL 10.3.6 (MW_HOME-/u01/Middleware/fmw, WL_HOME=/u01/Middleware/fmw/wlserver_10.3)
    Installed FMW 11.1.2.1 for OIM. (ORACLE_HOME=Oracle_IDM1)
    Installed FMW 11.1.1.7 for SOA (ORACLE_HOME=Oracle_SOA1)
    WL Domain creation.  (Domain Name – idam_domain1)
    Configure Database Security Store for OIM Domain.
    Internal Exception: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (IDAM_OPSS.IDX_JPS_RDN_PDN) violated
    Also followed the below bug solution, but issue still occurs.
    Bug 16690836 : CONFIGURE DATABASE SECURITY STORE (CONFIGURESECURITYSTORE.PY) SCRIPT IS FAILING
    @ 1. Delete the Schemas using RCU.
    @ 2. Recreate the OAM schemas.
    @ 3. Reinstall the WLS and OAM software.
    @ 4. Run config.sh to create a new domain.
    @ 5. Run setDomainEnv.sh from user_projects/domains/<Domain_name>/bin
    @ 6. Run the configureSecurityStore.py from same window.
    Not sure if anyone tried with different steps that fixed the issue? Could you please help.
    Thanks
    VG

    Hi Gurus, I got the solution from Oracle. SOA 11.1.1.7.0 shouldn't be used with Identity Management 11.1.2.1.0(11GR1-PS1) version. Identity Management 11.1.2.1.0(11GR1-PS1) is bundled with SOA 11.1.1.6.0. When used this SOA version, Installation went smooth. Thanks VG

  • [svn] 1053: Basic and custom security-constraint samples were added to the team app mainly for the doc team to have a reference .

    Revision: 1053
    Author: [email protected]
    Date: 2008-04-01 11:35:28 -0700 (Tue, 01 Apr 2008)
    Log Message:
    Basic and custom security-constraint samples were added to the team app mainly for the doc team to have a reference. The custom authentication sample uses the new ChannelSet.login and ChannelSet.logout methods.
    Modified Paths:
    blazeds/branches/3.0.x/apps/team/WEB-INF/flex/remoting-config.xml
    blazeds/branches/3.0.x/apps/team/WEB-INF/flex/services-config.xml
    Added Paths:
    blazeds/branches/3.0.x/apps/team/features/security-constraints/
    blazeds/branches/3.0.x/apps/team/features/security-constraints/README.txt
    blazeds/branches/3.0.x/apps/team/features/security-constraints/securityConstraint_Basic.m xml
    blazeds/branches/3.0.x/apps/team/features/security-constraints/securityConstraint_Custom. mxml
    Removed Paths:
    blazeds/branches/3.0.x/apps/team/features/remoting/remoting_AMF_SecurityConstraint_Basic. mxml

    Congrats to Carmelo!
     Windows Phone and Windows Store Apps Technical Guru - February 2015  
    Carmelo La Monica
    Windows Phone 8: control Nokia Maps (Part 3)
    JH: "Part 3 of the series how to work with the Nokia maps control. As the previous articles this one contains a lot of code snippets and some pictures. Good work!"
    Ed Price: "A great topic, a fantastic breakdown of sections with clear descriptions, and a nice mix of code formatting and helpful images! Another stellar article from Carmelo! Great job including the link back at the end to the portal
    article!"
    Ed Price, Azure & Power BI Customer Program Manager (Blog,
    Small Basic,
    Wiki Ninjas,
    Wiki)
    Answer an interesting question?
    Create a wiki article about it!

  • N80: WLAN problem: "Define access pts. for secure ...

    Nokia N80 (black)
    Firmware: 3.0617.0.6
    I have problems getting on the WLAN. Here is a step-by-step description of what I do:
    First:
    1) "Connect." -> "Conn. mgr" -> "Availab. WLAN"
    2) Mark "HQ" WLAN
    3) "Options" -> "Define access point"
    4) Answer "Yes" to "Define internet access point for WLAN network "HQ"?
    5) Get the message: "Define access pts. for secure WLAN networks in 'Access points' in conn. settings."
    Then:
    6) "Tools" -> "Settings" -> "Connection" -> "Access points"
    7) "Options" -> "New access point" -> "Use default settings"
    8) Write "HQ" in the "Connection name" field.
    9) "Data bearer": "Wireless LAN"
    10) "WLAN netw. name": "HQ"
    11) "Network status": "Public"
    12) "WLAN netw. mode": "Infrastructure"
    13) "WLAN security mode": "WPA/WPA2" (the WLAN is using "WPA-PSK")
    14) "WLAN securoty settings" sub-menu:
    - "WPA mode": "Pre-shared key"
    - Pre-shared key": the correct one (verified with laptop connection)
    - "TKIP encryption": I have tried both "Allowed" and "Not allowed".
    15) Homepage: "None".
    When I go back and go through steps 1-5 again, I get the exact same message.
    What am I doing wrong? Can someone give please me a _really_ detailed step-by-step guide for how to do this?
    I have been able to use gcalsync (www.gcalsync.com) with the same "HQ" WLAN, but then it is gcalsync that asks for SSID and key. So: The WLAN works, I just don't understand how to set it up.
    I will be very, very grateful if someone can help me with this. Thank you.

    Hi Chrlov,
    An example of my set up based on my old Linksys router.
    1. Go to Menu > Tools > Settings > Connection > Access points.
    2. Select Options > New access point > Use default settings.
    3. Give a name to 'Connection name'. In my case, 'Home WLAN'.
    4. Change 'Data bearer' to 'Wireless LAN'.
    5. Change 'WLAN netw. name' to the SSID I had set up on my Linksys router. In my case, some thing like 'gen1xxxxhomewireless' (this is not the real one, censored by me. LOL)
    6. Since my SSID is hidden, I change 'Network status' to 'Hidden'.
    7. My Linksys had WEP set up (and that it is permanent). So I leave 'WLAN netw. mode' and 'WLAN security mode' as 'Infrastructure' and 'WEP' respectively.
    8. I set up WEP security settings in 'WLAN security sett.'
    a. Since I'm using key 3, I change 'WEP key in use' to '#3'.
    b. I leave 'Authentication type' as the default of 'Open'.
    c. I key in all 4 keys in 'WEP key settings'. Since I'm using 64-bit hexadecimal key, I set 'WEP encryption' to '64 bits' and 'WEP key format' to 'Hexadecimal'.
    Hope this is a good reference.
    Good luck and cheers. ^_^;

  • [svn] 1433: adding 'console' security constraint to MBeanServerGateway remote object for MBean tests and ds-console , used when running on Websphere with administrative security enabled.

    Revision: 1433
    Author: [email protected]
    Date: 2008-04-28 13:13:12 -0700 (Mon, 28 Apr 2008)
    Log Message:
    adding 'console' security constraint to MBeanServerGateway remote object for MBean tests and ds-console, used when running on Websphere with administrative security enabled. Should call setCredentials("bob","bob1") to use this RO.
    Modified Paths:
    blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/remoting-config.mods.xml
    blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/services-config.mods.xml

    Hi,
    It seems that you were using Hyper-V Remote Management Configuration Utility from the link
    http://code.msdn.microsoft.com/HVRemote, if so, you can refer to the following link.
    Configure Hyper-V Remote Management in seconds
    http://blogs.technet.com/jhoward/archive/2008/11/14/configure-hyper-v-remote-management-in-seconds.aspx
    By the way, if you want to perform the further research about Hyper-V Remote Management Configuration Utility, it is recommend that you to get further
    support in the corresponding community so that you can get the most qualified pool of respondents. Thanks for your understanding.
    For your convenience, I have list the related link as followed.
    Discussions for Hyper-V Remote Management Configuration Utility
    http://code.msdn.microsoft.com/HVRemote/Thread/List.aspx
    Best Regards,
    Vincent Hu

  • The security patches of WebLogic are intended for PeopleSoft WLS version?

    Hi, I need to apply some security patches for a WebLogic 8.1 SP2 environment. But I don't know if BEA supports the PeopleSoft WLS version or PeopleSoft release its own security patches.
    Someone knows about this?

    BEA has provided several security advisory patch sets to PeopleSoft, which they apparently test in their labs and then redistribute to PeopleSoft users. It is difficult for me to determine whether the patch you are referring to contains all of the BEA security releases for WLS 8.1 SP2.
    I recommend that you contact PeopleSoft and ask for their advice. If possible, I would also recommend that you consider upgrading your WLS version instead of applying a temporary patch, subject to the limitations of what PeopleSoft will support.
    My final bit of advice would be to make sure your vendor (PeopleSoft) has tested any patch before you apply it to a production system.
    Cheers!

  • How to Define Workbook / Business Ares Security Correctly for new Users

    Hi All,
    Please could you help me understand the Security Model for Workbooks and business Areas as I believe I am very close to understanding it, but missing something important.
    Background Information:
    We are using the predefined Oracle Business Areas (Payables, Receivables, Purchasing & General Ledger) to build our reports on. These are the steps I am taking to try and assign a new user & responsibility access to the existing report.
    1. I create the Report in Discoverer Desktop under the ‘General Ledger Responsibility’ logged in as myself – assume report name = ‘Report_1’.
    2. I create a new Responsibility in Oracle Apps called ‘Discoverer Resource Coordinators’.
    3. I create a new User in Oracle Apps called ‘Joe Bloggs’ and assign the responsibility ‘Discoverer Resource Coordinators’ to the Joe.
    4. Logged in as myself in Discoverer Desktop, Responsibility ‘General Ledger’ I Share the Report (Report_1) to the new Responsibility I just created ‘Discoverer Resource Coordinators’.
    5. In Discoverer Administration, Security, I assign the new Responsibility ‘Discoverer Resource Coordinators’ to the predefined Oracle Business Areas (Payables, Receivables, Purchasing & General Ledger).
    6. In Discoverer Administration I set privileges so that the Responsibility ‘Discoverer Resource Coordinators’ can do all tasks, query data, administer. .etc. etc..
    7. I therefore believe everything has been done and attempt to Login and run the report under Joe Bloggs, but am unable to retrieve any data.
    Help… what am I missing!
    Thanks,
    Lance
    Message was edited by:
    Lance

    Dear All,
    This has now been adjusted according to your recommendations but to no avail.
    Myself and Lance have ensured that this new responsibility has unlimited access to all the existing Business areas to eliminate joins within folders not being recognised, we have also ensured that the workbooks that have been created are shared with the correct responsibility.
    I have thoroughly tested this set up by logging in as this new responsibility within Disco. Client to try and retrieve data in a new Workbook, but even for the simplest of queries this fails.
    It seems that there may be a problem with the Responsibility linking to the EUL, could this be due to the new responsibility being created after the Current EUL was set up?
    Does anyone have any information or knowledge where this could happen?
    Regards
    Si

  • Unable to securely request for a page

    Question:
    a) I'm unable to securely request for my webpage : https://127.0.0.1:8443/Blah , instead I get the following Error:
    Firefox can't establish a connection to the server at localhost:8443.
    The site could be temporarily unavailable or too busy. Try again in a few
    moments.
    If you are unable to load any pages, check your computer's network
    connection.
    If your computer or network is protected by a firewall or proxy, make sure
    that Firefox is permitted to access the Web.
    On Internet Explorer I simply get:
    Internet Explorer cannot display the webpage
    b) How do I know which SSL Implementation my tomcat is making use of: JSSE/APR
    Details:
    web.xml
    <?xml version="1.0"?>
    <!DOCTYPE web-app PUBLIC
    "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
    "http://java.sun.com/dtd/web-app_2_3.dtd">
    <web-app
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
    id="Your_WebApp_ID"
    version="2.5">
    <description>The standard web descriptor for the email client</description>
    <servlet>
    <servlet-name>AuthenticateUser</servlet-name>
    <servlet-class>MailBoxController</servlet-class>
    </servlet>
    <servlet-mapping>
    <servlet-name>AuthenticateUser</servlet-name>
    <url-pattern>/ControlPanel</url-pattern>
    </servlet-mapping>
    <welcome-file-list>
    <welcome-file>login.jsp</welcome-file>
    </welcome-file-list>
    <error-page>
    <error-code>401</error-code>
    <location>/authenticationFailed.jsp</location>
    </error-page>
    <context-param>
    <param-name>serverName</param-name>
    <param-value>Gmail</param-value>
    </context-param>
    <context-param>
    <param-name>port</param-name>
    <param-value>993</param-value>
    </context-param>
    <context-param>
    <param-name>ip</param-name>
    <param-value>imap.gmail.com</param-value>
    </context-param>
    <session-config>
    <session-timeout>30</session-timeout>
    </session-config>
    <listener>
    <listener-class>Logger</listener-class>
    </listener>
    <security-constraint>
    <web-resource-collection>
    <url-pattern>/*</url-pattern>
    <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
    <role-name>administrator</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    <login-config>
    <auth-method>BASIC</auth-method>
    </login-config>
    <security-role>
    <role-name>administrator</role-name>
    </security-role>
    </web-app>
    tomcat-users.xml :
    <tomcat-users>
    <role rolename="administrator"/>
    <user username="admin" password="system123#" roles="administrator"/>
    </tomcat-users>
    Following tag was added in web.xml in conf of tomcat :
    <-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
    <Connector
    protocol="org.apache.coyote.http11.Http11NioProtocol"
    port="8443" maxThreads="200"
    scheme="https" secure="true" SSLEnabled="true"
    keystoreFile="C:/Users/.keystore" keystorePass="changeit"
    clientAuth="false" sslProtocol="TLS"/>
    Can anybody please help me with my problem. Am I going wrong with configuring SSL?
    Thanks
    Krutika

    I did add these lines:
    <Connector
         protocol="org.apache.coyote.http11.Http11NioProtocol"
         port="8443" maxThreads="200"
         scheme="https" secure="true" SSLEnabled="true"
         keystoreFile="C:/Users/Krutika Ravi/.keystore" keystorePass="changeit"
         clientAuth="false" sslProtocol="TLS"/>
    to the web.xml contained in conf folder of tomcat.
    But didn't fiddle with server.xml -
    After un-commenting
    <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
    maxThreads="150" scheme="https" secure="true"
    clientAuth="false" sslProtocol="TLS" />
    in server.xml contained in conf folder I get the following exceptions
    Jul 25, 2012 11:11:41 PM org.apache.catalina.core.AprLifecycleListener init
    INFO: Loaded APR based Apache Tomcat Native library 1.1.24 using APR version 1.4
    .6.
    Jul 25, 2012 11:11:41 PM org.apache.catalina.core.AprLifecycleListener init
    INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], ra
    ndom [true].
    Jul 25, 2012 11:11:43 PM org.apache.catalina.core.AprLifecycleListener initializ
    eSSL
    INFO: OpenSSL successfully initialized (OpenSSL 1.0.1c 10 May 2012)
    Jul 25, 2012 11:11:43 PM org.apache.coyote.AbstractProtocol init
    INFO: Initializing ProtocolHandler ["http-apr-8080"]
    Jul 25, 2012 11:11:43 PM org.apache.coyote.AbstractProtocol init
    INFO: Initializing ProtocolHandler ["http-apr-8443"]
    Jul 25, 2012 11:11:43 PM org.apache.coyote.AbstractProtocol init
    SEVERE: Failed to initialize end point associated with ProtocolHandler ["http-ap
    r-8443"]
    java.lang.Exception: Connector attribute SSLCertificateFile must be defined when
    using SSL with APR
    at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:484)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
    a:610)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:9
    81)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardService.initInternal(StandardService
    .java:559)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.j
    ava:814)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:624)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:649)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:450)
    Jul 25, 2012 11:11:43 PM org.apache.catalina.core.StandardService initInternal
    SEVERE: Failed to initialize connector [Connector[HTTP/1.1-8443]]
    org.apache.catalina.LifecycleException: Failed to initialize component [Connecto
    r[HTTP/1.1-8443]]
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
    at org.apache.catalina.core.StandardService.initInternal(StandardService
    .java:559)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.core.StandardServer.initInternal(StandardServer.j
    ava:814)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:624)
    at org.apache.catalina.startup.Catalina.load(Catalina.java:649)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
    java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
    sorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:281)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:450)
    Caused by: org.apache.catalina.LifecycleException: Protocol handler initializati
    on failed
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:9
    83)
    at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
    ... 12 more
    Caused by: java.lang.Exception: Connector attribute SSLCertificateFile must be d
    efined when using SSL with APR
    at org.apache.tomcat.util.net.AprEndpoint.bind(AprEndpoint.java:484)
    at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.jav
    a:610)
    at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:429)
    at org.apache.catalina.connector.Connector.initInternal(Connector.java:9
    81)
    ... 13 more
    Jul 25, 2012 11:11:43 PM org.apache.coyote.AbstractProtocol init
    INFO: Initializing ProtocolHandler ["ajp-apr-8009"]
    Jul 25, 2012 11:11:43 PM org.apache.catalina.startup.Catalina load
    INFO: Initialization processed in 2945 ms
    Jul 25, 2012 11:11:43 PM org.apache.catalina.core.StandardService startInternal
    INFO: Starting service Catalina
    Jul 25, 2012 11:11:43 PM org.apache.catalina.core.StandardEngine startInternal
    INFO: Starting Servlet Engine: Apache Tomcat/7.0.29
    Jul 25, 2012 11:11:43 PM org.apache.catalina.startup.HostConfig deployWAR
    INFO: Deploying web application archive C:\Junkyard\apache-tomcat-7.0.29\webapps
    \Blah.war
    Jul 25, 2012 11:11:44 PM org.apache.catalina.loader.WebappClassLoader validateJa
    rFile
    INFO: validateJarFile(C:\Junkyard\apache-tomcat-7.0.29\webapps\Blah\WEB-INF\lib\
    javax.servlet-5.1.12.jar) - jar not loaded. See Servlet Spec 2.3, section 9.7.2.
    Offending class: javax/servlet/Servlet.class
    Logger Contructor
    Servlet Context has been initialized
    Jul 25, 2012 11:11:45 PM org.apache.catalina.startup.HostConfig deployDirectory
    INFO: Deploying web application directory C:\Junkyard\apache-tomcat-7.0.29\webap
    ps\docs
    Jul 25, 2012 11:11:45 PM org.apache.catalina.startup.HostConfig deployDirectory
    INFO: Deploying web application directory C:\Junkyard\apache-tomcat-7.0.29\webap
    ps\examples
    Jul 25, 2012 11:11:46 PM org.apache.catalina.startup.HostConfig deployDirectory
    INFO: Deploying web application directory C:\Junkyard\apache-tomcat-7.0.29\webap
    ps\host-manager
    Jul 25, 2012 11:11:46 PM org.apache.catalina.startup.HostConfig deployDirectory
    INFO: Deploying web application directory C:\Junkyard\apache-tomcat-7.0.29\webap
    ps\manager
    Jul 25, 2012 11:11:46 PM org.apache.catalina.startup.HostConfig deployDirectory
    INFO: Deploying web application directory C:\Junkyard\apache-tomcat-7.0.29\webap
    ps\ROOT
    Jul 25, 2012 11:11:46 PM org.apache.coyote.AbstractProtocol start
    INFO: Starting ProtocolHandler ["http-apr-8080"]
    Jul 25, 2012 11:11:46 PM org.apache.coyote.AbstractProtocol start
    INFO: Starting ProtocolHandler ["ajp-apr-8009"]
    Jul 25, 2012 11:11:46 PM org.apache.catalina.startup.Catalina start
    INFO: Server startup in 2728 ms
    Edited by: 948555 on Jul 25, 2012 10:42 AM

  • How to use security roles in Weblogic server?

    Hello Gurus,
    I am new to Weblogic server and I am trying to investigate how to make
    use of security roles in weblogic server (5.1.0). Can anyone point me
    to some documentation. Specifically, I am looking for instance level,
    and method level security and how to use it.
    Thanks for taking your time to read this e-mail.
    Thank You all in advance,
    Hari.

    You should read the security information in the Servlet 2.2 specification
    that WL 5.1 implements:
    http://java.sun.com/products/servlet/download.html
    Chapter 11 deals with declarative and programmatic security, and includes a
    section on roles:
    11.4 Roles
    A role is an abstract logical grouping of users that is defined by the
    Application Developer or
    Assembler. When the application is deployed, these roles are mapped by a
    Deployer to security
    identities, such as principals or groups, in the runtime environment.
    A servlet container enforces declarative or programmatic security for the
    principal associated with
    an incoming request based on the security attributes of that calling
    principal. For example,
    1. When a deployer has mapped a security role to a user group in the
    operational environment. The
    user group to which the calling principal belongs is retrieved from its
    security attributes. If the
    principal's user group matches the user group in the operational environment
    that the security
    role has been mapped to, the principal is in the security role.
    2. When a deployer has mapped a security role to a principal name in a
    security policy domain, the
    principal name of the calling principal is retrieved from its security
    attributes. If the principal is
    the same as the principal to which the security role was mapped, the calling
    principal is in the
    security role.
    Cameron Purdy
    http://www.tangosol.com
    "Hari" <[email protected]> wrote in message
    news:[email protected]..
    Hello Gurus,
    I am new to Weblogic server and I am trying to investigate how to make
    use of security roles in weblogic server (5.1.0). Can anyone point me
    to some documentation. Specifically, I am looking for instance level,
    and method level security and how to use it.
    Thanks for taking your time to read this e-mail.
    Thank You all in advance,
    Hari.

Maybe you are looking for

  • Tcode in user decision step

    Dear experts, I have a user decision step. Before the approver can approve or reject the workitem i need to show a tocde screen to him. Say for example CN25. My workitem will be generated only after initiator makes changes in that tcode. I want appro

  • Client Export ended with errors

    Hi All, It is very urgent.  Please help! I'm doing client export a Prod client and will import to a Dev client.  I run the export SCC8 in background.  The export job (SAP_ALL profile) was completed successfully in SM37.  However in SCC3, I received e

  • ESPN HD GLITCHING

    I have my entire home theater run through a Pioneer 1021 receiver via HDMI.  The only problem I have is that ESPN HD (channel 570 here) is super glitchy about 85% of the time it's on.  No other channel has this problem (HD or not).  I've tried numero

  • Error on installing oracle apps 11i on RHES3 _URGENT!   HELP~

    Hi can anyone help on how to resolve i error i get when i install the oracle application 11.5.10.2 on RHES3. i follow and applied all required patches but i received an error: FINISHED INSTALL PHASE : 9i RDBMS : Fri Aug 22 03:03:28 PHT 2008 There was

  • The internal workings implicitly popping from Navigation Controller

    I'm just curious to how a Navigation Controller is working when you pop out from a child view to a parent view. The reason I'm asking is because I have this kind of set up: App Delegate: Creates Nav Controller and inits it with a Root View Root View: