DPS allowing bogus binds?

Similar Messages

• DPS - uppercase/lowercase binds

  Hi:
  In DPS 6.3 running on RHEL 4. I see application binds coming in twice, once for uppercase, once for lowercase, see example. Is this default behavior and can it be stopped?
  [16/Jun/2009:22:00:11 -0400] - CONNECT - INFO - conn=2390216 client=54.xx.xx.xx:4679 server=lctsp1110.xxx.com:1389 protocol=LDAP
  [16/Jun/2009:22:00:11 -0400] - PROFILE - INFO - conn=2390216 assigned to connection handler cn=default connection handler, cn=connection handlers, cn=config
  [16/Jun/2009:22:00:11 -0400] - OPERATION - INFO - conn=2390216 op=0 BIND dn="*cn=fsmrs*,ou=dmz,ou=xxx,ou=services,dc=im-2,dc=com" method="SIMPLE" version=3
  [16/Jun/2009:22:00:11 -0400] - SERVER_OP - INFO - conn=2390216 op=0 BIND dn="*cn=FSMRS*,ou=DMZ,ou=xxx,ou=Services,dc=iM-2,dc=com" method="SIMPLE"" version=3 s_msgid=970 s_conn=pedr2:174717
  [16/Jun/2009:22:00:11 -0400] - SERVER_OP - INFO - conn=2390216 op=0 BIND RESPONSE err=0 msg="" s_conn=pedr2:174717
  [16/Jun/2009:22:00:11 -0400] - SERVER_OP - INFO - conn=2390216 op=0 BIND dn="cn=FSMRS,ou=DMZ,ou=xxx,ou=Services,dc=iM-2,dc=com" method="SIMPLE"" version=3 s_msgid=2 s_conn=pxnm31:175523
  [16/Jun/2009:22:00:11 -0400] - SERVER_OP - INFO - conn=2390216 op=0 BIND RESPONSE err=32 msg="" s_conn=pxnm31:175523
  [16/Jun/2009:22:00:11 -0400] - OPERATION - INFO - conn=2390216 op=0 BIND RESPONSE err=32 msg="" etime=0
  [16/Jun/2009:22:00:11 -0400] - OPERATION - INFO - conn=2390216 op=1 UNBIND
  [16/Jun/2009:22:00:11 -0400] - DISCONNECT - INFO - conn=2390216 reason="unbind"
  Second question is our proxy services internal and external clients. As in the example above, client connections always will go to default connection handler first and then get sent to a custom connection handler after a bind. Our default connection handler is set to use all data views (internal & external). So in the example above the first bind succeeds because it found the entry in the internal directory. The second bind fails because it searched in the external directory. Is proxy designed to send all client connections first to the default connection handler? Our default handler is ordered last on the list of handlers. My concern is that if an app id connects and gets sent to the wrong data view the bind will fail.
  Thanks for any assistance.

  When I check the DS log, the bind is coming across as anonymous, but when I check the DPS log, the bind is coming across as cn=bogus.
  I would expect when you bind as a user that doesn't exist in the directory, you'll get an error 32. To me, this is separate than allowing anonymous binds, which we do allow.
  The problem we have, is that a certain device prompts user to login, before they e-mail. They have to enter their uid, and then a password. If they enter their user id and a blank password, the DPS accepts the connection, and the client believes they are now logged in as the user specified, so their e-mail address is pulled from ldap and populated. This means anyone can spoof e-mail from anyone else. This is a relatively low level problem, in terms of e-mail spoofing, but a very large problem if you think about what other access a user could be granted. I.e. if we were using DPS to authenticate users for access to sensitive information.
  When I bind using a real LDAP entry, with a blank password, dps allows the connection, and forward me to a DS. Behind the scenes, it really doing anonymous auth to the back-end DS, but the client doesn't know that. When I try and bind with a real ldap dn, and a blank password, against the DS directly, I get an error 48. My question is, why doesn't DPS issue the same error code?
  BTW, I was able to use ldapsearch to bind as cn=bogus against the DPS, but not against the DS.

• Need to reduce the page size, not the file size (shrink the page to allow for binding)

  I need to reduce the image size (text is too large to allow for binding).

  What is the output device - it is best to set scaling there, or scale while printing from Acrobat. The only means to accomplish
  I need to reduce the image size (text is too large to allow for binding).
  Print to Adobe PDF printer.
  Define a page size in the Properties of the PDF Printer
  Print from Acrobat to PDF Printer with scaling in effect.

• Configure the Iplanet Directory server 5.0 not to allow NULL BINDs.

  How to restrict connection of user without authentication, via a ‘Null Bind’, what I can see in access log is connection of user BIND DN=”” which I don’t want. Is there any way to come over this?

  Recall my first reply:
  In iPlanet DS 5.0 (and several other LDAP servers), there is no way to totally disable anonymous binds.
  You are never going to get that message to disappear when running that tool against iPlanet DS 5.0.
  But, if it's any comfort, that particular piece of advice it's giving you is pretty silly.
  The claim that an anonymously-readable rootDSE equates to "improper configuration" is DAFT.
  I suggest you stop paying attention to this software, and begin planning your upgrade to newer LDAP server software.
  (Incidentally, some newer LDAP servers do allow you to disable anonymous binds, but I would still advise you to ignore that audit tool, and just decide for yourself what policies make the most sense for your case).

• Binding 2 Models in the Same component controller

  I'm using 2 Import Adaptive RFC Models. I want to bind both the models in the component controller of the same web dynpro component.
  But when I try to do model binding for the second model, it does not allow me to do so. If I try to bind the same model in a different project, it happens perfectly and works fine. That means the model i.e. the BAPI is perfectly ok.
  Can anyone please tell why is it not allowing to bind 2 models in the component controller of the same web dynpro component?

  Hi Satyadev,
     If I undersatand your description properly, you have 2 models nodes in a webdynpro component, and you want to bind these two together. If this is the question, then, yes you cant do the bindings declaralatively, you have to do it dynamically...
  Look at the code snippet below, it may help you...
  Suppose ChildNode1 and ChildNode2 are the model node in the context of the component controller. Then you can map these two nodes dynamically....
  wdContext.wdGetAPI().reset();
       IWDNodeInfo testNodeInfo1 = wdThis.wdGetAPI().getContext().getRootNode().getChildNode("ChildNode1", IWDNode.LEAD_SELECTION).getNodeInfo();
       IWDNodeInfo testNodeInfo2 = wdThis.wdGetAPI().getContext().getRootNode().getChildNode("ChildNode2", IWDNode.LEAD_SELECTION).getNodeInfo();
       testNodeInfo2.setMapping(testNodeInfo1, true);
       testNodeInfo2.addAttributesFromDataNode();
  Hope this helps,
  Please let me know if I have not understood your question properly...
  Regards,
  Vishnu Prasad Hegde

• Execute PL/SQL block with named binds from within java code?

  Hi guys,
  Is there any good way to execute my PL/SQL code, for example
  BEGIN         :x := :x+1; END;
  from my Java code? I need nothing complicated, just static code block with named binds.
  I have tried the Oracle exetnded JDBC (setXXXbyName methods):
    public static void main(String[] args){     try {     Class.forName("oracle.jdbc.driver.OracleConnection");     Connection conn=DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:xe","user","password"); String SQL="begin :x:=:x+1; end;"; OracleCallableStatement stmt; stmt=(OracleCallableStatement)conn.prepareCall(SQL); stmt.setIntAtName("x", 5); stmt.registerOutParameter("x", Types.INTEGER); stmt.execute(); System.out.println(stmt.getInt("x"));     } catch (Exception x) { x.printStackTrace();    }   }
  And get the java.sql.SQLException: operation not allowed: Ordinal binding and Named binding cannot be combined!
  Then i've tried SQLJ appoach:
    public static void main(String[] args){     try {     Class.forName("oracle.jdbc.driver.OracleConnection");     Connection conn=DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:xe","user","password");       Oracle.connect(conn);       System.out.println("Connected!");           int x=3;       #sql { BEGIN         :x := :x+1;       END; };           System.out.println("x=" + x);     } catch (Exception x) { x.printStackTrace();    }   }
  And x=3 had retuned... Although 4 expected.
  Then, I've set parameter sqlj.bind-by-identifier=true
  And result is another exception! java.sql.SQLException: Missing IN or OUT parameter at index:: 2
  Can you please mark my mistakes/point to correct solution?
  Thanks in advance,
  Alexey

  Found another solution, this time working at least...
    public void testPLSQL() {
         String dynamicSQL=
              "declare\n" +
              "  v_CursorID  INTEGER;\n" +
              "  v_BlockStr  VARCHAR2(500);\n" +
              "  v_Dummy     INTEGER;\n" +
              "  v_x         String(18);\n" +
              "BEGIN\n" +
              "  v_CursorID := DBMS_SQL.OPEN_CURSOR;\n" +
              "  v_BlockStr :=?;" +
              "  DBMS_SQL.PARSE(v_CursorID, v_BlockStr, DBMS_SQL.V7);\n" +
              "  v_x:=?;"+
              "  DBMS_SQL.BIND_VARIABLE(v_CursorID, ':x', v_x,18);\n" +
              "  v_Dummy := DBMS_SQL.EXECUTE(v_CursorID);\n" +
              "  DBMS_SQL.VARIABLE_VALUE(v_CursorID, ':x', v_x);\n" +
              "  DBMS_SQL.CLOSE_CURSOR(v_CursorID);\n" +
              "  ?:=v_x;"+
              "  COMMIT;\n" +
              "EXCEPTION\n" +
              "  WHEN OTHERS THEN\n" +
              "    DBMS_SQL.CLOSE_CURSOR(v_CursorID);\n" +
              "    RAISE;\n" +
              "END DynamicPLSQL;";
           try {
                 Class.forName("oracle.jdbc.driver.OracleConnection");
                 Connection conn=DriverManager.getConnection("jdbc:oracle:thin:@localhost:1521:xe","user", "password");
                 System.out.println("Profit");
       String SQL="begin :x:=:x+1; end;";
       OracleCallableStatement stmt;
       stmt=(OracleCallableStatement)conn.prepareCall(dynamicSQL);
       stmt.setString(1, SQL);
       int x=3;
       stmt.setInt(2, x);
       stmt.registerOutParameter(3,     Types.INTEGER);
       stmt.execute();
       x=stmt.getInt(3);
       System.out.println(x);
       assertEquals(4, x);
           } catch (Exception ex) {
                ex.printStackTrace();
                assertTrue(false);
    }Now the only thing I need is to code some kind of preprocessor of SQL block, to prepare the dynamicSQL lair for SQL critter...
  Please please please show me something less complicated! :8}

• Binding multiple instance variables of multiple objects

  So I got this problem and cant figure out a solution. It seems to be a quite simple pattern but Im really new to jfx....
  Follows an imaginary code that kind of represents the problem in my real code:
  class A {
    public var vA: String;
    //...code that updates vA according to a specific logic
  class B {
    var seq: A[];
    public function addA(a: A) {
      insert a into seq;
    public function removeA....
    //how to monitor if one of the elements (OR logic) in seq have changed vA to say print the new value?
    //I mean, how can I bind each vA of each instance in seq to a trigger that will print the new value?
  }Note: The size of sequence increases/decreases as the user add or remove elements dynamically.
  This does not work since the bind dependencies in the for are not affected by varA:
  var newseq: String[] = bind for(a in seq) {a.varA} on replace {println(newseq)}This is not allowed by the compiler:
  var newseq: String[] on replace {println(newseq)};
  for(a in seq) {
    newseq[i] = bind a.varA; //incorrect syntax: seems that its not allowed to bind each individual sequence element through indexing
    i +=1;
  }Is there any obvious solution to this problem? Am I'm taking the wrong path?
  Thanks.

  OK, here is my latest version:
  class A
      public var vA: String on replace
          notifier(this);
      public-init var notifier: function (a: A): Void;
      public override function toString() { return vA; }
  class B {
      public-read var seq: A[] = for (i in [ 1 .. 10 ]) getA()
              on replace prevSeq[ lowIdx .. highIdx ] = usedSeq
          if (usedSeq == [])  // Delete operation
              delta = prevSeq[lowIdx].toString();
          else
              delta = usedSeq[0].toString();
      public-read var delta: String;
      public function add(): Void
          insert getA() into seq;
      public function remove(): Void
          def p = (Math.random() * (sizeof seq)) as Integer;
          delete seq[p];
      public function changeObj(): Void
          def p = (Math.random() * (sizeof seq)) as Integer;
          seq[p] = getA();
      public function changeVar(): Void
          def p = (Math.random() * (sizeof seq)) as Integer;
          def val = getVal();
          seq[p].vA = val;
          println(val);
      function getVal(): String
          def dt = DateTime {}
          return "{%1$tH:%1$tM:%1$tS:%1$tL dt.instant}"
      function getA(): A
          return A { vA: getVal(), notifier: updated }
      function updated(a: A): Void
          delta = "Value changed: {a.vA}";
  var b = B {}
  var scene: Scene;
  Stage
      title: "Sequence Update Observer"
      scene: scene = Scene
          width: 200
          height: 700
          content:
              VBox
                  layoutX: 20, layoutY: 20
                  spacing: 10
                  content:
                      Button { text: "Add", action: b.add }
                      Button { text: "Del", action: b.remove }
                      Button { text: "Change Obj", action: b.changeObj }
                      Button { text: "Change Var", action: b.changeVar }
                      Text
                          content: bind b.delta
                      ListView
                          items: bind b.seq
  }Note: when I change the value, the ListView doesn't change its content, as it is not aware either of any change.
  I haven't investigated to see how to compensate the issue, since that's not the main topic of the thread.

• Need Few help about Binding expression

  I am new to jsf.I need to display a list of options in a single select option and want to collect the selected value .
  But during binding(on Netbeans 5.5) as i have seen it allows to bind to only single expression.
  so what can i do?
  is there a better method to to that ? pls suggest

  I don't understand you clearly. What exactly are you requirements? Having a h:selectOneListbox working, right? What exactly are your problems? You want to select multiple values, I understood? If so, then use h:selectManyListbox.

• BInd objects on non-local rmiregistry?

  As I understand, every remote object should be registred on his own(local) rmiregistry.
  I use JNDI like this:
  /////////// Hashtable env = new Hashtable(); env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.rmi.registry.RegistryContextFactory" );
  env.put(Context.PROVIDER_URL, "rmi://localhost"); Context ctx = new InitialContext(env);
  String rmiurl = "rmi://192.168.0.48/1.IObj";
  Reference ref = new Reference("IObj", new StringRefAddr("URL", rmiurl)); ctx.rebind("JNDI_OBJ", ref); //////////
  and this works out. But only with my local rmiregistry.
  When I change PROVIDER_URL property I catch javax.naming.NoPermissionException. Is it possible to bind my objects on another rmiregistry.
  I will be very appreciated, if you help me. Thank you.

  The problem is the standard RMI initial context factory. With the standard RMI registry you are only allowed to bind to a local RMI registry. However you can use any Naming service to bind your object. This means you can use CAROL, JBossNS, or any other naming service of your liking. You just have to use the appropriate initial context factory in your initial context.
  Cliff

• Possibility for a workaround for binding a service in a remote registry

  Hi,
  I know that I�m not allowed to bind a local service in a remote registry because of security matters(everybody could unbind any service he wants).
  But is there a way to make this thing possible with a workaround?
  The problem is I have a main component(my Client) and one can add new components to that component. This adding should happen with RMI. But how can I let my client dynamically know where to look for the new services(components), that means at what IP ?
  I know that there is something like a Jini-like discovery for RMI:
  http://www.javaworld.com/javaworld/jw-11-2001/jw-1121-jinirmi.html
  but I�m afraid if I do it this way, I cannot use my codebase setting like I do now.
  Anybody good ideas for a problem like that?
  THX

  Hi,
  The tutorial I mentioned in the thread above works great!
  So if anybody wants a location neutral RMI-lookup, please use this tutorial!
  Even the codebase settings work with that tutorial!

• Can I charge for an app made in Creative Cloud DPS?

  We want to use DPS to create cookbooks for iPad that come out once every few months. They'll be separate books, and we want to be able to charge for them through the Apple store. Will the creative cloud version of DPS allow this? Are there any fees that Adobe take other than the CC monthly fee?
  The Adobe documentation doesn't seem to cover this, so any help is greatly appreciated!
  Thanks,
  Magnus

  Absolutely. And I'll go so far as to say that if you're charging for them you might just have a better chance of getting them approved.
  I just replied to you on my blog but for the lurkers....if you're going to take on a project like this it's best to find similar projects that have been approved already so you can be prepared to appeal a rejection.

• Rabbitmq binding exchange to exchange

  looking for a way to secure my websites messaging system so that users only get data they should have access to. With this in mind, I thought of a system where I have a master topic exchange which my server will send all messages to.
  The web site holds a sessionId for each user. When a user is authenticated, another exchange is created with a name of sessionId. The client side user is allowed to bind to all exchanges other then the master. Since sessionID's are unique it would be very
  hard to guess another users sessionID and bind to get their messages.
  each message will have a routing key of sessionID.destination. The client side will know all of the potential destinations.
  To help visualize:
  -> SessionID Exchange -> client
  Server -> master Exchange | -> SessionID Exchange -> client
  -> SessionID Exchange -> client
  My question is two fold. Is it possible to bind an exchange to an exchange in rabbitmq? Also, has someone set up a system like this one previously? Rather, does anyone with experience on this topic already have a working system which I may use?
  Thanks in advanced.

  Yes it is possible to bind and exchange to and exchange. You can even have different types of exchanges. You need to used
  channel.exchangeBind() instead of channel.queueBind(). But it works in a similar way.
  I have a topic exchange bound to a fanout exchange in my system. I make sure to send a routing key with the messages sent to the fanout exchange. Its no effect at the fanout exchange level but when it gets routed to the topic exchange the routing key is
  then used to determine which queues it is sent to.

• DPS question from authormrsh:)

  hello.
  I am an author of a book at the AppStore but i had to hire a design company to generate the app. Does this DPS allow me to turn my ideas and drawings into an app?

  DPS is not really for books and Apple will reject the app if your app has just text and pitcures. But personally have seen many transform books into an interactive apps, having many interactive features in the app like, slideshows, panos 360, videos, audios, html, hyperlinks, scrollable frames, image sequence etc. If you can build such interactivities(Which DPS does) into your app, then DPS might be your solution too.
  *Tip: The whole idea on an app is for the user to be able to interact and play around with the application. So when designing your content, a more of an app UI design should help.

• Adobe DPS and Videos

  Does the updated Adobe DPS allow for videos to be embedded in the version of the publication that is meant for web sites/viewing on a MAC/PC?

  DPS was recently integrated with CCM wherein you can publish as many Built in Single Edition App as you want. But to be able to built multi issue app, and a lot more publishing solution you need the Pro or Enterprise. Go through this buying guide comparisonfor more clarity. Please note, DPS integration with CCM is not a complete publishing solution. DPS with CCM is an addtional benifit for CCM users in a way.
  Infact if you do just Demo alone with the Adobe Content Viewer, you don't need DPS at all. You just need Indesign CS5/CS5.5/CS6
  But if you are publishing live apps to appstore, you need DPS to be able to do that. And depending on what type of content is published live, you either need DPS single edition/CCM/Pro/Enterprise.
  If you are to publish just one single issue/app, Single Edition or CCM will suffice
  If you are to publish mutiple Built in Single isssue app you need CCM
  If you are to publish multiple multi-isssue apps you need the Pro or Enterprise

• Can a DPS app support printing?

  DPS apps are a great way to provide tablet/electronic content with all the benefits that are inherent in that medium. But sometimes, you just need/want to take content with you..or share it in-hand with others (think shopping lists, reviews, how-tos, etc.)  Most tablets have a Print API; can an app built withAdobe DPS access that API? If so, anyone point me to an iTunes Store  example?
  Thanks.

  As a substitute for that, DPS allows the reader to share any article with other but the app has to be built using either Professional or entreprise edition and it can be shown on normal computer where of course can take a snapshot and printed.
  To take a snapshot from the iPad press the On/Off button + the home button
  mohd.