Deployment with encrypted Maxl files
Hi All,
I'd like to know how encrypted maxl files work if I need to deploy them to different servers. This is, I create the maxl files to automate everytihng and I encrypt them in a test server. After deployment to a different production server, are the public/private keys going to work with no problem? Or I should re-encryp everything with new keys generated in the production server?
Thanks!
You need to create new
For Assistance you can use below Comments
You need to use the MaxL encryption tool to do this. The passwords stored in the MaxL Scripts can be encrypted from Version of Essbase 9.3 or higher.
To Encrypt the Scripts:
a) The following MaxL Shell invocation generates a public-private key pair that you can use to encrypt a MaxL script.
essmsh -gk
b) The following MaxL Shell invocation encrypts the input MaxL script, obscuring user name and password, and changing the file extension to .mxls.
essmsh -E scriptname.mxl PUBLIC-KEY
c) The following MaxL Shell invocation decrypts and executes the MaxL script.
essmsh -D scriptname.mxls PRIVATE-KEY
STEP 1: In the command prompt type:
C:\>essmsh -gk
STEP 2: In the command prompt, execute as below:
C:\>essmsh -E D:\Hyperion\MScript.mxl 29287,1495101497
Generates a Encrypted MaxL script file "MScript.mxls" based on the original MaxL script "MScript.mxl" in the location "D:\Hyperion".
STEP 3: Execute Encrypted MaxL script MScript.mxls
C:\>essmsh -D D:\Hyperion\MScript.mxls 1165863655,1495101497
Essbase MaxL Shell - Release 9.3.1 (ESB9.3.1.0.0B181)
Copyright (c) 2000, 2007, Oracle and/or its affiliates.
All rights reserved.
MAXL> login $key 8432115901043363023058112802217170696731 $key 46195519111827550
39099976036415811280221 on localhost;
Hope this helps
Similar Messages
-
Encrypted Maxl creating parition on Unicode applications
Hello,
I have an issue with encrypted MaxL scriptfailing to create a linked partition on Unicode Essbase applications.
If I use a non-encrypted MaxL (.mxl) the parition is created successfully.
If I usean encrypted MaxL (.mxls) the partitioin creation fails with this error:
ERROR - 1241162 - Unable to create partitions on Unicode servers from non-Unicode clients.
Other task run successfully in the mxls file (loading data, running calcs). Only fails on partition build.
I tried copying the non-encrypted partition definition into the mxls file just for kicks and it still fails.
This is on Linux
Any suggestions? SR is open.
Thanks Williams_SIIssue was the script encoding.
Although the '.mxl' script was encoded correctly to work with Unicode, the system generated script created through the encryption process did not copy that encoding.
Solution was to change the encoding on the '.mxls' script. -
How to Write BUFFER & Read TEXT with Encrypt file ?
I'm using Windows Phone 8.1 RT.
I have a issue :
- I write a BUFFER encrypted to file. After, I read file with TEXT. It's throw exception : No mapping for the Unicode character exists in the target multi-byte code page. (//ERROR 2)
- I write a TEXT encrypted to file. After, I read file with BUFFER. It's throw exception : The supplied user buffer is not valid for the requested operation. (//ERROR 1)
Code Write Buffer & Read Text.
//Write Textstring msg = EncryptText.Text;
//ERROR 1 - Use 1 or 2
await WriteTextAsync(this.file, msg);
//ERROR 1
//Read Buffer
string msg;
//ERROR 1 - Use 1 or 2
IBuffer buffer = await ReadBufferAsync(this.file);
StreamReader stream = new StreamReader(buffer.AsStream());
msg = stream.ReadToEnd();
//ERROR 1
Code Encrypt-Decypt.
public static string EncryptString(string msg)
var bufferMsg = CryptographicBuffer.ConvertStringToBinary(msg, BinaryStringEncoding.Utf8);
var bufferMsgEncrypted = Encrypt(bufferMsg);
var msgEncrypted = CryptographicBuffer.EncodeToBase64String(bufferMsgEncrypted);
return msgEncrypted;
}public static IAsyncAction WriteTextAsync(IStorageFile file, string msg)
return FileIO.WriteTextAsync(file, EncryptString(msg));
public static IBuffer Decrypt(IBuffer bufferMsg)
var key = CreateKey(KEY);
var aes = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);
var symetricKey = aes.CreateSymmetricKey(key);
var bufferMsgDecrypted = CryptographicEngine.Decrypt(symetricKey, bufferMsg, null);
return bufferMsgDecrypted;
}public static IAsyncOperation<IBuffer> ReadBufferAsync(IStorageFile file)
var buffer = FileIO.ReadBufferAsync(file);
Task<IBuffer> result = Task.Run<IBuffer>(async () =>
var Buffer = await buffer;
return Decrypt(Buffer);
return result.AsAsyncOperation();
Link demo code :
https://drive.google.com/file/d/0B_cS3IYO936_akE0cmI4bExJMjh0RU9qR3RvWDBWWElZWC1z/view?usp=sharingPlease provide a working app so this can be tested. You can upload to OneDrive and share a link here.
Matt Small - Microsoft Escalation Engineer - Forum Moderator
If my reply answers your question, please mark this post as answered.
NOTE: If I ask for code, please provide something that I can drop directly into a project and run (including XAML), or an actual application project. I'm trying to help a lot of people, so I don't have time to figure out weird snippets with undefined
objects and unknown namespaces. -
How to use MDS deploying with EAR file
Hi everybody.
I would to use MDS in my web application in order to use customization across the sessions. I've performed every step to do this on JDeveloper (11.1.1.3.1). I've tested my application deploying directly from JDeveloper using Application menu > Deploy > "myApp" to "myApplicationServer" (in this way I can choose the repository with a window like this: http://i.stack.imgur.com/Kci9c.png). The repository was prevoiusly registered on the server. In this way my application works fine and they all lived happily ever after.
My problem occurs when I perform the deployment with "myApp to EAR" mode. When I try to install my EAR file in weblogic, it reply me with this error message:
An error occurred during activation of changes, please see the log for details.
+:oracle.mds.config.MDSConfigurationException:MDS-01335: namespace "/xliffBundles" mapped to metadata-store-usage "MAR_TargetRepos" but its definition was not found in MDS configuration.+
I've looked for a solution around the web (included this forum) and I think that I should modify something in adf-config.xml file (below).
Which steps I have to perform in order to install my application correctly with an EAR file?
Thanks in advance.
<?xml version="1.0" encoding="windows-1252" ?>
<adf-config xmlns="http://xmlns.oracle.com/adf/config"
xmlns:adf="http://xmlns.oracle.com/adf/config/properties"
xmlns:sec="http://xmlns.oracle.com/adf/security/config"
xmlns:ads="http://xmlns.oracle.com/adf/activedata/config">
<adf:adf-properties-child xmlns="http://xmlns.oracle.com/adf/config/properties">
<adf-property name="adfAppUID" value="BDO_GC_WEBAPP.bdogc"/>
</adf:adf-properties-child>
<!-- <ads:adf-activedata-config xmlns=
"http://xmlns.oracle.com/adf/activedata/config">
<latency-threshold>5000</latency-threshold>
<keep-alive-interval>10000</keep-alive-interval>
<max-reconnect-attempt-time>90000</max-reconnect-attempt-time>
<reconnect-wait-time>8000</reconnect-wait-time>
</ads:adf-activedata-config> -->
<sec:adf-security-child xmlns="http://xmlns.oracle.com/adf/security/config">
<CredentialStoreContext credentialStoreClass="oracle.adf.share.security.providers.jps.CSFCredentialStore"
credentialStoreLocation="../../src/META-INF/jps-config.xml"/>
<sec:JaasSecurityContext initialContextFactoryClass="oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass="oracle.adf.share.security.providers.jps.JpsSecurityContext"
authorizationEnforce="true"
authenticationRequire="true"/>
</sec:adf-security-child>
<adf-faces-config xmlns="http://xmlns.oracle.com/adf/faces/config">
<persistent-change-manager>
<persistent-change-manager-class>
oracle.adf.view.rich.change.MDSDocumentChangeManager
</persistent-change-manager-class>
</persistent-change-manager>
<taglib-config>
<taglib uri="http://xmlns.oracle.com/adf/faces/rich">
<tag name="column">
<attribute name="displayIndex">
<persist-changes>
true
</persist-changes>
</attribute>
<attribute name="frozen">
<persist-changes>
true
</persist-changes>
</attribute>
<attribute name="noWrap">
<persist-changes>
true
</persist-changes>
</attribute>
<attribute name="selected">
<persist-changes>
true
</persist-changes>
</attribute>
<attribute name="visible">
<persist-changes>
true
</persist-changes>
</attribute>
<attribute name="width">
<persist-changes>
true
</persist-changes>
</attribute>
</tag>
<tag name="table">
<attribute name="filterVisible">
<persist-changes>
true
</persist-changes>
</attribute>
</tag>
</taglib>
</taglib-config>
</adf-faces-config>
<adf-mds-config xmlns="http://xmlns.oracle.com/adf/mds/config">
<mds-config xmlns="http://xmlns.oracle.com/mds/config" version="11.1.1.000">
<cust-config>
<match path="/">
<customization-class name="oracle.adf.share.config.UserCC"/>
</match>
</cust-config>
</mds-config>
</adf-mds-config>
</adf-config>Any suggestion?
-
Hi,
I need to encrypt a target ftp file with GPG and i think that calling an os script (remote) could serve.
But i dont know if that's the best solution.
There is any other way to do that?
Thanks in advance,
CarmeHi Carme,
If you are looking for a tool for PGP ,you can have a look at the links below
http://www.aedaptive.com/index.php/solutions
http://www.aedaptive.com/index.php/solutions/pgp-for-sap-netweaver
If you are planning to develop adapter module or want to evaluate which one is better ,please refer following posts .
/people/dijesh.tanna/blog/2008/09/15/sap-pi-integrating-macafee-e-business-server-with-sap-pi-70-for-pgp-encryptiondecryption
Encrypting a file using PGP
Thanks, -
Execute MAXL file with Workspace
Hi,
I like to know if exists a method for start a MAXL file (write with Essbase Maxl Editor) with command like:
alter system set variable ‘name_variable’ ‘new_value’;
from workspace or without go into Essbase.
Thanks a lot!Yeah, yeah, old thread. But just in case anyone runs across this, check out this related thread:
maxl run from workspace
Regards,
Cameron Lackpour -
Want to decode PGP encrypted edi files with oracle soa b2b 11.1.1.6.0
I am working on a scenario where the trading parter(TP) will publish the edi to our FTP server. These edi files are encrypted using PGP software( we have to provide them our public key for this).
I have never worked with encryption\ decryption before, but I understand the theory of cryptography.
Question 1: Can we install PGP on top of soa 11g server and configure the b2b to decode the file using our private key.
Question 2: If SOA 11g server do not support PGP, then shall i install PGP at the FTP server, and use java to decode the file(using the private key) to a new location and B2B can pick the decode file from here.
These are two strategy I have planed, please guide me which one is feasible\best , and if you know the steps to implement please do share it with me.
Thanks in advance.
Syam
Edited by: user12196358 on May 10, 2013 4:28 PMBoth options are feasible but for option#1 (PGP decryption at B2B/SOA), you have to write a java callout. B2B/SOA 11g does not support PGP out-of-box but it can be achieved using java callout. I would prefer option#2, personally as in this case, PGP decryption will be done out of SOA/B2B and hence it will be hot pluggable (can be removed in future, if required, without modifying SOA/B2B configuration).
Regards,
Anuj -
Deploying manually CC PKG file built with CC Packager. Not using any third party deployment tool. However after each 5 installations, the PKG files corrupt and cannot be use for a 6th installation. I have to build a new PKG file using CC packager. Why ?
http://helpx.adobe.com/creative-cloud/packager.html
http://forums.adobe.com/community/download_install_setup/creative_suite_enterprise_deploym ent -
Encrypted Maxl "Parse error near in" error
Hello,
I'm facing a "Parse error near in" error when trying to use encrypted Maxl scripts deploying Essbase Studio cubes.
The problem seems to be in the deploy command. If I do not use encrypted Maxl ( -D option ), the same deploy command works fine.
Look in the deploy command that I'm not using encryption for loging into Essbase Studio. Even using encryption the same error is issued.
Here is the log: ( I changed sensitive information for obvious reasons )
Essbase MaxL Shell - Release 11.1.2 (ESB11.1.2.1.0B347)
Copyright (c) 2000, 2011, Oracle and/or its affiliates.
All rights reserved.
MAXL> login $key 99999999999999999999999999 $key 99999999999999999999999999 on s01ubd01;
OK/INFO - 1051034 - Logging in user [ESBSAUH1@AD_Directory].
OK/INFO - 1241001 - Logged in to Essbase.
Essbase MaxL Shell - Release 11.1.2 (ESB11.1.2.1.0B347)
Copyright (c) 2000, 2011, Oracle and/or its affiliates.
All rights reserved.
MAXL> deploy outline from model 'cboPremioModelo2' in cube schema '\BI_SAUDE\Cubos\Premio\cboPremio'
with option delete_members login "xxx" identified by "yyyyy" on host "s01ubd01"
to application "Premio" database "Premio" using connection "Essbase" keep all errors on error ignore dataload write to default;
essmsh error: Parse error near in
essmsh timestamp: Wed Jul 04 12:52:03 2012
MAXL> logout;
User esbsauh1 is logged out
essmsh timestamp: Wed Jul 04 12:52:03 2012
MaxL Shell completedThere have been a number of MaxL bugs with encryption that produce 'Parse error near...' messages. If you login to Oracle Support and search the Knowledge Base on 'Parse error near' you will find them. I can't see anything specifically relating to 11.1.2.1 or a known defect in the release notes... ...I'd get a support ticket raised, if you haven't already.
You don't mention platform, but I've also run into a bug running 'deploy' in 11.1.2.1 on a 64-bit Windows environment and there was a Unix bug too, but they both caused crashes so probably aren't your problem. -
Deploying with UAC enabled on Win7 client
Hi,
We want to enable the UAC on Windows 7 client. But I have problem deploying applications. We are in a AD domain.
How can I deploy applications in "Administrator UAC disabled mode" to not have problems ?
Thank you for your helpcarrela,
Yep, I copy all of my source files first.
We've tried most every option we can think of, and it's the most reliable and the simplest (as far as being able to apply the same deployment methodology across the board).
Unfortunately, not every installer is a straight-up MSI. Also, you don't always want to re-package every application, because then it's your responsibility to support it, not the vendor's.
We have 600+ bundles and have made multiple passes through them all as we have changed methodologies several times.
You do have the option of uploading your large bundles to the repository, and then letting ZENworks handle deploying the files to your users in the background, but I prefer not to throw such huge items into the repository as it can take a very long time for it to compress and encrypt the files, plus, once you throw an item into the black box, the only way to modify it is to hang on to the source files and re-upload the entire thing if you want to make any changes.
You are correct about dynamic administrator working only if you copy the files locally, and I can tell you that we are an Active Directory environment and have had no problems with dynamic administrator accounts. All they are is a local account on the box that gets created/deleted on the fly by the ZENworks service (incidentally, this is why you see the "Interactive Services Detection" dialog when any installer with a UI is launched in the dynamic administrator space, because the ZENworks service is running as the SYSTEM account (session 0)).
Jacob -
Powershell script monitor with encrypted password
I have created a powershell script based monitor in my management pack and everything is ok but I can't get my credentials work inside the script. I want to open pssession to another computer with my credentials. I have triple checked that my pssession is
working because I can access it from powershell console.
This works perfectly at local server from PSconsole:
$EncryptedPassword ="01000000d08c9ddf0115d1118c7a00c04fc297eb01000000534b2....etc...etc..."
$pw = convertto-securestring -String $EncryptedPassword
$cred = new-object System.Management.Automation.PSCredential -argumentlist "MyDOMAIN\MyACCOUNT",$pw
$s = New-PSSession -ComputerName "MyServer" -Port MyPort -Credential $cred
But when I run the same lines inside my management pack the convertto-securestring
does nothing, it just wont convert the encrypted password to secure string!
I have tried this plain text method and it works
inside my management pack, but I don't want to use it because you can see the password in plain text:
ConvertTo-SecureString -String "myPlainTextPassword" -AsPlainText -Force
This is the $error variable, so it's basically says that I don't have anything in the password secure string variable because the convertion did not work for some reason:
The argument is null. Provide a valid value for the argument, and then try running the command again. Cannot process argument transformation on parameter 'Credential'. PromptForCredential Exception calling ".ctor" with "2" argument(s):
"Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." The system cannot find the file specified. Exception calling "SecureStringToBSTR"
with "1" argument(s): "Value cannot be null. Parameter name: s" The system cannot find the file specified. Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null. Parameter name: s"
The system cannot find the file specified.
So is there some known issue with SCOM Agent / management pack when you are dealing with convertto-securestring
function with encrypted passwords?
I used these methods to encrypt the password: Technet article about encryptionI got it to work!
<TypeDefinitions>
<EntityTypes>
<ClassTypes>
<ClassType ID="MyClass" Accessibility="Public" Abstract="false" Base="Windows!Microsoft.Windows.LocalApplication" Hosted="true" Singleton="false" Extension="false"
/>
</ClassTypes>
</EntityTypes>
<SecureReferences>
<SecureReference ID="MyRunAsAccountProfile" Accessibility="Public" Context="System!System.Entity" />
</SecureReferences>
<ScriptBody>param (
[string]$Username,
[string]$Password
$API = new-object -comObject "MOM.ScriptAPI"
$PropertyBag = $API.CreatePropertyBag()
$cred = New-Object System.Management.Automation.PSCredential -Argumentlist @($Username,(ConvertTo-SecureString -String $Password -AsPlainText -Force))
$s = New-PSSession -ComputerName "myserver" -Credential $cred
Invoke-Command -Session $s -ScriptBlock { $service = Get-Service -Name Spooler}
$invcom = Invoke-Command -Session $s -ScriptBlock { $service.status}
Remove-PSSession -Id $s.Id
if ($invcom.Value -ne "Running") {
$PropertyBag.AddValue("State","ERROR")
$outputLongLine = "Spooler Service is not running on target server!"
$PropertyBag.AddValue("Description", $outputLongLine)
else {
$PropertyBag.AddValue("State","OK")
$outputLongLine = "Spooler is Running on target server."
$PropertyBag.AddValue("Description", $outputLongLine)
$PropertyBag</ScriptBody>
<Parameters>
<Parameter>
<Name>Username</Name>
<Value>$RunAs[Name="MyRunAsAccountProfile"]/Domain$\$RunAs[Name="MyRunAsAccountProfile"]/UserName$</Value>
</Parameter>
<Parameter>
<Name>Password</Name>
<Value>$RunAs[Name="MyRunAsAccountProfile"]/Password$</Value>
</Parameter> -
Problem in using socket streams with encryption and decryption
Hi,
I am developing a client/server program with encryption and decryption at both end. While sending a message from client it should be encrypted and at the receiving end(server) it should be decrypted and vice versa.
But while doing so i got a problem if i use both encryption and decryption at both ends. But If i use only encryption at one (only outputstream) and decryption at other end(only inputstream) there is no problem.
Here is client/server pair of programs in which i am encrypting the outputstream of the socket in client side and decrypting the inputstream of the socket in server side.
serverSocketDemo.java
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.util.*;
import java.util.zip.*;
class serverSocketDemo
public static void main(String args[])
try
{ //server listening on port 2000
ServerSocket server=new ServerSocket(2000);
while (true)
Socket theConnection=server.accept();
System.out.println("Connecting from local address : "+theConnection.getLocalAddress());
System.out.println("Connection request from : "+theConnection.getInetAddress());
//Input starts from here
Reader in=new InputStreamReader(getNetInStream(theConnection.getInputStream()),"ASCII");
StringBuffer strbuf=new StringBuffer();
int c;
while (true)
c=in.read();
if(c=='\n' || c==-1)
break;
strbuf.append((char)c);
String str=strbuf.toString();
System.out.println("Message from Client : "+str);
in.close();
theConnection.close();
catch(BindException e)
System.out.println("The Port is in use or u have no privilage on this port");
catch(ConnectException e)
System.out.println("Connection is refused at remote host because the host is busy or no process is listening on that port");
catch(IOException e)
System.out.println("Connection disconnected");
catch(Exception e)
public static BufferedInputStream getNetInStream(InputStream in) throws Exception
// register the provider that implements the algorithm
Provider sunJce = new com.sun.crypto.provider.SunJCE( );
Security.addProvider(sunJce);
// create a key
byte[] desKeyDataDec = "This encryption can not be decrypted".getBytes();
DESKeySpec desKeySpecDec = new DESKeySpec(desKeyDataDec);
SecretKeyFactory keyFactoryDec = SecretKeyFactory.getInstance("DES");
SecretKey desKeyDec = keyFactoryDec.generateSecret(desKeySpecDec);
// use Data Encryption Standard
Cipher desDec = Cipher.getInstance("DES");
desDec.init(Cipher.DECRYPT_MODE, desKeyDec);
CipherInputStream cin = new CipherInputStream(in, desDec);
BufferedInputStream bin=new BufferedInputStream(new GZIPInputStream(cin));
return bin;
clientSocketDemo.java
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.util.*;
import java.util.zip.*;
class clientSocketDemo
public static void main(String args[])
try
Socket theConnection=new Socket("localhost",2000);
System.out.println("Connecting from local address : "+theConnection.getLocalAddress());
System.out.println("Connecting to : "+theConnection.getInetAddress());
//Output starts from here
OutputStream out=getNetOutStream(theConnection.getOutputStream());
out.write("Please Welcome me\n".getBytes());
out.flush();
out.close();
theConnection.close();
catch(BindException e)
System.out.println("The Port is in use or u have no privilage on this port");
catch(ConnectException e)
System.out.println("Connection is refused at remote host because the host is busy or no process is listening on that port");
catch(IOException e)
System.out.println("Connection disconnected");
catch(Exception e)
public static OutputStream getNetOutStream(OutputStream out) throws Exception
// register the provider that implements the algorithm
Provider sunJce = new com.sun.crypto.provider.SunJCE( );
Security.addProvider(sunJce);
// create a key
byte[] desKeyDataEnc = "This encryption can not be decrypted".getBytes();
DESKeySpec desKeySpecEnc = new DESKeySpec(desKeyDataEnc);
SecretKeyFactory keyFactoryEnc = SecretKeyFactory.getInstance("DES");
SecretKey desKeyEnc = keyFactoryEnc.generateSecret(desKeySpecEnc);
// use Data Encryption Standard
Cipher desEnc = Cipher.getInstance("DES");
desEnc.init(Cipher.ENCRYPT_MODE, desKeyEnc);
CipherOutputStream cout = new CipherOutputStream(out, desEnc);
OutputStream outstream=new BufferedOutputStream(new GZIPOutputStream(cout));
return outstream;
Here is client/server pair in which i use both encrypting outpustream and decrypting inputstream at both ends.
serverSocketDemo.java
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.util.*;
import java.util.zip.*;
class serverSocketDemo
private Cipher desEnc,desDec;
serverSocketDemo()
try
// register the provider that implements the algorithm
Provider sunJce = new com.sun.crypto.provider.SunJCE( );
Security.addProvider(sunJce);
// create a key
byte[] desKeyData = "This encryption can not be decrypted".getBytes();
DESKeySpec desKeySpec = new DESKeySpec(desKeyData);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey desKey = keyFactory.generateSecret(desKeySpec);
desEnc = Cipher.getInstance("DES");
desEnc.init(Cipher.ENCRYPT_MODE, desKey);
desDec = Cipher.getInstance("DES");
desDec.init(Cipher.DECRYPT_MODE, desKey);
catch (javax.crypto.NoSuchPaddingException e)
System.out.println(e);
catch (java.security.NoSuchAlgorithmException e)
System.out.println(e);
catch (java.security.InvalidKeyException e)
System.out.println(e);
catch(Exception e)
System.out.println(e);
startProcess();
public void startProcess()
try
ServerSocket server=new ServerSocket(2000);
while (true)
final Socket theConnection=server.accept();
System.out.println("Connecting from local address : "+theConnection.getLocalAddress());
System.out.println("Connection request from : "+theConnection.getInetAddress());
Thread input=new Thread()
public void run()
try
//Input starts from here
Reader in=new InputStreamReader(new BufferedInputStream(new CipherInputStream(theConnection.getInputStream(), desDec)),"ASCII");
StringBuffer strbuf=new StringBuffer();
int c;
while (true)
c=in.read();
if(c=='\n'|| c==-1)
break;
strbuf.append((char)c);
String str=strbuf.toString();
System.out.println("Message from Client : "+str);
catch(Exception e)
System.out.println("Error caught inside input Thread : "+e);
input.start();
Thread output=new Thread()
public void run()
try
//Output starts from here
OutputStream out=new BufferedOutputStream(new CipherOutputStream(theConnection.getOutputStream(), desEnc));
System.out.println("it will not be printed");
out.write("You are Welcome\n".getBytes());
out.flush();
catch(Exception e)
System.out.println("Error caught inside output Thread : "+e);
output.start();
try
output.join();
input.join();
catch(Exception e)
theConnection.close();
catch(BindException e)
System.out.println("The Port is in use or u have no privilage on this port");
catch(ConnectException e)
System.out.println("Connection is refused at remote host because the host is busy or no process is listening on that port");
catch(IOException e)
System.out.println("Connection disconnected");
catch(Exception e)
public static void main(String args[])
serverSocketDemo server=new serverSocketDemo();
clientSocketDemo.java
import java.io.*;
import java.net.*;
import java.security.*;
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.util.*;
import java.util.zip.*;
class clientSocketDemo
private Cipher desEnc,desDec;
clientSocketDemo()
try
// register the provider that implements the algorithm
Provider sunJce = new com.sun.crypto.provider.SunJCE( );
Security.addProvider(sunJce);
// create a key
byte[] desKeyData = "This encryption can not be decrypted".getBytes();
DESKeySpec desKeySpec = new DESKeySpec(desKeyData);
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
SecretKey desKey = keyFactory.generateSecret(desKeySpec);
desEnc = Cipher.getInstance("DES");
desDec = Cipher.getInstance("DES");
desEnc.init(Cipher.ENCRYPT_MODE, desKey);
desDec.init(Cipher.DECRYPT_MODE, desKey);
catch (javax.crypto.NoSuchPaddingException e)
System.out.println(e);
catch (java.security.NoSuchAlgorithmException e)
System.out.println(e);
catch (java.security.InvalidKeyException e)
System.out.println(e);
catch(Exception e)
System.out.println(e);
startProcess();
public void startProcess()
try
final Socket theConnection=new Socket("localhost",2000);
System.out.println("Connecting from local address : "+theConnection.getLocalAddress());
System.out.println("Connecting to : "+theConnection.getInetAddress());
Thread output=new Thread()
public void run()
try
//Output starts from here
OutputStream out=new BufferedOutputStream(new CipherOutputStream(theConnection.getOutputStream(), desEnc));
out.write("Please Welcome me\n".getBytes());
out.flush();
catch(Exception e)
System.out.println("Error caught inside output thread : "+e);
output.start();
Thread input=new Thread()
public void run()
try
//Input starts from here
Reader in=new InputStreamReader(new BufferedInputStream(new CipherInputStream(theConnection.getInputStream(), desDec)),"ASCII");
System.out.println("it will not be printed");
StringBuffer strbuf=new StringBuffer();
int c;
while (true)
c=in.read();
if(c=='\n' || c==-1)
break;
strbuf.append((char)c);
String str=strbuf.toString();
System.out.println("Message from Server : "+str);
catch(Exception e)
System.out.println("Error caught inside input Thread : "+e);
input.start();
try
output.join();
input.join();
catch(Exception e)
theConnection.close();
catch(BindException e)
System.out.println("The Port is in use or u have no privilage on this port");
catch(ConnectException e)
System.out.println("Connection is refused at remote host because the host is busy or no process is listening on that port");
catch(IOException e)
System.out.println("Connection disconnected");
catch(Exception e)
public static void main(String args[])
clientSocketDemo client=new clientSocketDemo();
**** I know that the CInput tries to read some header stuff thats why i used two threads for input and output.
Waiting for the reply.
Thank you.Do not ever post your code unless requested to. It is very annoying.
Try testing what key is being used. Just to test this out, build a copy of your program and loop the input and outputs together. Have them print the data stream onto the screen or a text file. Compare the 1st Output and the 2nd Output and the 1st Input with the 2nd Input and then do a static test of the chipher with sample data (same data which was outputted), then do another cipher test with the ciphertext created by the first test.
Everything should match - if it does not then follow the steps below.
Case 1: IO Loops do not match
Case 2: IO Loops match, but ciphertext 1st run does not match loop
Case 3: IO Loops match, 1st ciphertext 1st run matches, but 2nd run does not
Case 4: IO Loops match, both chiphertext runs do not match anything
Case 5: Ciphertext runs do not match eachother when decrypted correctly (outside of the test program)
Problems associated with the cases above:
Case 1: Private Key is changing on either side (likely the sender - output channel)
Case 2: Public Key is changing on either side (likely the sender - output channel)
Case 3: Private Key changed on receiver - input channel
Case 4: PKI failure, causing private key and public key mismatch only after a good combination was used
Case 5: Same as Case 4 -
Need To Open An Encrypted PDF File That I Created. No Password.
I have Acrobat 8. I created a document and then tried to put security on it. Now I cannot even open the document. It gives me the message: "You do not have access rights to the encrypted document." I never entered a password or anything. I need to get this document reopened. Also, I pasted some JPEG signatures into the document. My reason for security measures was to make sure nobody could edit the document and right click and save as the signature JPEG. First thing first- getting the document opened. Then let me know how to just make it so that someone can only read and print the document and not be able to edit any typewriter insertions. PLEASE HELP!!!!
Hi Dom,
Let's start with Certificate Security is not the same as Password Security. If you had encrypted the PDF file using Password Security, then whatever password you used to lock the document you would use to unlock the document. It's pretty straight forward, and in the cryptography world it would be know as symmetrical security in that you use the same key (password) to lock and unlock the file. Think of it as using a key to lock your front door to your house when you leave and the exact same key to unlock the door when you return, that's what symmetrical security is.
Certificate security is a totally different beast. Certificate Security uses asymmetrical encryption meaning there are two different keys involved, a public key and its corresponding private key. When these keys are generated there is a voodoo that goes on that gives these two keys a symbiotic relationship in that (and this is the basic tenet of asymmetrical encryption) what one key locks only its corresponding other key can unlock. Either key can lock (really encrypt) something and only its corresponding other key can unlock (decrypt) it once it's been locked. Of these two seemingly magical keys one is designated as a private key that only the key owner has access to, and the other is designated as a public key that the whole world has access to. If you lock something with your private key then only its corresponding public key can unlock it, and yes that means that not even the private key can unlock it. You can also lock something using the public key in which case only the corresponding private key can successfully unlock it.
When you encrypt (think of that as "lock") a PDF file using Certificate Security you are encrypting the file using one or more public keys. That is, you encrypt the file for a list of recipients where each recipient has provided you with their public key and they in turn will decrypt the document using their private key. The number of recipients is theoretically limitless, but practically there is a limit in that each recipient you include will cause the file size to grow a little and at some point you'd make the file size too large for the computer to handle, but for the sake of our discussion think unlimited number of recipients. When you encrypted the file you were asked to select a recipient. If you don't also select yourself as a recipient then you end up locking yourself out of the file, and that's exactly what happened in your case. I see from above that you are using version 8, but I believe it was version 9 where we added the warning to make sure to add yourself as a recipient so as to not lock yourself out of the file (I can't remember if it was version 8 or 9, but since you didn't mention that warning I'll assume that we didn't add the warning until 9).
Unless you added yourself at the time you encrypted the file there is no going back to add yourself later because if you can't open the file you can't edit the file. You are locked out forever. You could ask the person that you included as a recipient to see if they can open the file and remove security, but you would have had to make them a document owner when you encrypted the file. If you restricted their editing capabilities then they won't be able to remove security, but at least you could see the contents of the file.
I know this has all been a bit geeky, and I haven't gone into how to procure a public/private key pair, but I don't want to dump too much data on you in one post. If you need more information let me know and I'll be glad to provide it.
Steve -
Office365(Click to Run) Deployment with MDT Offline Media
Hi,
I have a scenario where i have to deploy Office365 using click to run with MDT offline media. Now the problem is with configuration.xml file in which we specify the source path of office files.
Here in this scenario as i have to deploy client machines with offline media, so in this case what will be the path in the config.xml file?
For testing purpose, after downloading the office source files, placed the setup.exe,config.xml file and office source folder in a same folder. Here is the config.xml file that i am using
<Configuration>
<Add SourcePath=" " OfficeClientEdition="32" >
<Product ID="O365ProPlusRetail">
<Language ID="en-us" />
</Product>
</Add>
</Configuration>
In source path, i leave it blank,so that it will use the office source files which was saved in the same folder.
Then in MDT server, created a new application for Office365.In command line used the command :- setup.exe /config configuration.xml
Created a new task sequence for OS deployment and added the step install application for installation of Office365.
After creating a selection profile for the deployment, created a offline media for deployment of client machine.
Now while i am running the offline media on the bare-metal machine, after OS installation the deployment got stuck at step install Office 365. Got error message pop up, according to which internet connection needed during installation process so that the
click to run set-up will download the office source files, It means this will not use the previously downloaded file which was saved in the same folder.
So this is what my problem is.. How can i customize the configuration.xml file so that i can install office 365 with offline media.
Regards
Pallavi<Add SourcePath=" "
....In source path, i leave it blank,so that it will use the office source files which was saved in the same folder.
As per
https://technet.microsoft.com/en-us/library/jj219426.aspx#BKMK_AddElement
SourcePath indicates the installation source path from which to install Office when you run the Office Deployment Tool in
configure mode. If you don’t specify SourcePath in
configure mode, Setup will look in the current folder for the Office source files. If the Office source files aren’t found in the current folder, Setup will look on Office 365 for them
So, for the /configure mode, you should remove the Sourcepath element completely - do not specify as <space>
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
How do I access my encrypted User Account files from my Back Up hard drive? Time Machine was used to create the back up disk; File Vault was used to encrypt the files.
Thanks. I will try going through TM. Since my Simpletech is on the way out, I'll be plugging in a new external hard drive (other than the back-up drive) and trying to restore the library to the new drive. Any advice or warning if this is NOT the right thing to do?
Meanwhile, that is a great tip to do an alternate back-up using a different means. It's been tough to figure out how to "preserve access" to digital images and files for posterity, knowing the hardware will always fail/obsolesce sooner or later, and that "clouds" are only as good as their consistent and reliable accessibility. Upping the odds with redundancy will help dull the edge of my "access anxiety", though logically, it can never relieve it. Will look into
Carbon Copy Cloner.
Maybe you are looking for
-
Clean install Mountain Lion on Mac mini Server (Mid 2011)
Hi. I am trying to do a clean install of ML on a Mac Mini Server. This is just a test machine, so not interested in any backups, etc. The machine is a Mid 2011 Mac Mini, and had Lion Server on it to start with (has been re-installed, reimaged, etc mu
-
How do i control the order of the messages. Suppose if i add messages 1,2,3 ..., it displays in random order. It is not displaying the messages in the order it is added . Is there any attribute ? or is there any otherway to acheive the ordering . If
-
Does Oracle 9i supports Win ME. If not, when will it be available . Can this be done in Win ME, to operate 9i. Open c:\windows\win.ini, search for [Compatibility95] and add the line Jrew=0x00080000 Thanks, Manish.
-
Suppressing printing of blank page
Dear all, My report consists of 3 distinct sub reports. The first two sub reports should be printed as portrait on A-4 sheet while the third one should be printed as landscape A-4 . I have put the first two sub reports layout in the main section with
-
I am looking for software to create PHP website's, i've heard about BBEdit but i don't know if it is the best or someting. Can someone give me any advice on this topic ? Greetz, Matija.