Hash algorithm support in JDK 1.3 and 1.4 (Sha1 or MD5)

Hello,
I have a Netscape code signing certificate that support "SHA1WithRSA" as signature algorithm.
After signing my applet code using Netscape's signtool, I am able to successfully verify it and run it under JavaPlugIn 1.4.
But while running it under JavaPlugIn 1.3.1, it seems it is not recognized as a signed applet and therefore it fails.
Howerver, if I sign my applet code using another certificate that supports "MD5WithRSA" as signature algorithm, I can get it running under both 1.3.1 and 1.4.
It seems to me that JRE 1.3.1 only supports "MD5WithRSA" whereas 1.4 supports both.
Can anybody please confirm this?? Is it a bug in the JRE 1.3.1 ??
thanks

Can anybody please confirm this?? Is it a bug inthe
JRE 1.3.1 ??
nope it is not a bug
Hey, wait a minute, u got my attention. i was typing with sleep in my eyes. Sorry, forget the first post.
It was a bug , i think i remembered i did have a problem and i replaced the W with a w and it worked.i mean it is the capitalization. try MD5withRSA

Similar Messages

  • How to enable SHA-2 hashing algorithm support on windows 7

    Hello All,
    Please suggest how to invalidate SHA-1 and MD5 algorithm on windows 7 and how to enable SHA-2.
    As suggested by Microsoft, regarding the availability of SHA-2 hashing algorithm, security update KB2949927 is installed on windows 7.
    Thank You

    Hi,
    Please check if you have installed the below mentioned update:
    http://support.microsoft.com/kb/2973337/en-us
    After installing this update, SHA512 is enabled for TLSv1.2.
    IE shall also be using TLS internally. Hope that should resolve your problem.
    Please refer to the below link for a similar discussion and its solution posted there:
    https://social.technet.microsoft.com/Forums/office/en-US/857c6804-8ce1-4f09-b657-00554055da16/tls-12-and-sha512?forum=winserversecurity
    (Please mark as answer if it resolves your issue. Please upvote if it is helpful.)
    Regards,
    Rajesh

  • OID And Java Hash Algorithm Output Differences?

    Hi,
    Can anyone tell me why I am not able to recreate the OID ldap password hash algorithm? Or can anyone tell me why I get these subtle differences between my Java created message digest and the one that is read directly from the oracle ldap hint password field? They are both based on the same original word "test".
    OID Hint Password from ldap ==> {SHA}zrFqbho8VPUOnVvtyUb4c+RWF+k=
    Hash created based on input ==> {SHA}zrFqbho8VPUOP1vtyUb4c+RWF+k=
    Here is a little background. I am working on developing a custom forgot password feature for my web site using OID 10g R2 and Java. I am able to retrieve the oracle hint password from OID using Java JNDI as the orcladmin. This ldap password is a SHA message digest, or hash, that is base 64 encoded. Since it is a one way algorithm I can not decrypt. So instead I take the clear text password string provided by the user and create a message digest(SHA) and then encode in base 64 using Java 1.4.2 like so;
    MessageDigest md = MessageDigest.getInstance("SHA");
    md.update(clearTextPassword.getBytes());
    String userSuppliedPassword = new String(md.digest());
    BASE64Encoder base64encoder = new BASE64Encoder();
    String output = "{SHA}" + base64encoder.encode(userSuppliedPassword.getBytes());
    By the way, I have been able to work around this issue by performing the compare using JNDI search but was curious why this was happening. Thanks!

    Hi
    I am having similar issue. I have to save passwords in encrypted form to LDAP. But not working. I am prepending the encrypted password {SHA} so OID should not convert further.
    Any help is appreciated
    Thanks

  • ACE20 and hashing algorithm

    I have a secure website behind an Cisco ACE20 using A2(3.2). Everything is working great. Only that now I need to renew my certificate. When creating the CSR and sending it to my CA I get this warning:
    "Alert: Your CSR has been signed using the MD5 hashing algorithm. While the MD5 hashing algorithm is not optimal it will not prevent you from using this CSR to enroll for your SSL certificate. VeriSign best practices recommend that you use a different hashing algorithm for the signature. CSR Information"
    Anybody know if it is possible to use SHA instead of MD5 or what can I do in this case?

    I dont think you can chnage the signing method for CSRs on the ACE directly. But i would use something like OpenSSL to generate the CSR for SHA.
    http://gnuwin32.sourceforge.net/packages/openssl.htm
    openssl req -out c:\CSR.csr -new -newkey rsa:2048 -nodes -keyout c:\privateKey.key -sha1
    The above will load a wizard format questionare for your CSR parameters similar to the ACE.
    You can then upload your key, and cert when you get it to the ACE afterwards.
    ==========================
    http://www.rConfig.com 
    A free, open source network device configuration management tool, customizable to your needs!
    - Always vote on an answer if you found it helpful

  • SHA2 Algorithm support in Adobe Acrobat 9

    Hello,
    1) Does Acrobat 9 supports SHA2 Hash algorithms while signing PDF file?
    2) As per my understanding PDF is signed using below approach
        Step 1. Take the PDF contents
        Step 2. Calculate the Hash of the content
        Step 3. Then sign(Encrypt) the hash. (here again we calculate the hash)
      So we are hashing the content twice.
      If I use SHA1 algorithm in Step2 and SHA2 algorithm in Step3, Adobe 9 is able to verify the signature. But if i use SHA2 algorithm in Step1 & Step 2
      Adobe 9 is saying "Content altered....."
      Why so?
    Please help.
    Thanks in advance
    Priyanka

    SHA2 was only added in Acrobat 9.1.  Also, the Microsoft Base CSP is needed for SHA2 support - Base CSP is included in Vista and Windows 7, but in XP it needs to be downloaded as a seperate addon.
    How are you setting the values in your SecurityHandler?  Off the top of my head, I believe in order to use SHA2 to hash the content (your "Step 2") you need to use AES-256 as your encryption algorithm which required a different cryptVersion be set in your SecurityHandler structure.

  • Is it possible to change the hash algorithm when I renew the Root CA

    My Root CA is installed on a Windows Server 2008. The Hash algorithm of Root CA in my environment is MD5. I would like to renew the Root CA and change the Hash algorithm to SHA1. Is it possible to change it?
    Regards,
    Terry | My Blog: http://terrytlslau.tls1.cc

    Hi,
    The hashing
    algorithm chosen during the setup of a Certificate Authority determines how the certificates that the CA issues are digitally signed. It is a one
    algorithm per CA scenario, so if your environment requires multiple algorithms for compatibility, then you will need multiple PKI hierarchies (one for each
    algorithm.) Prior to Windows 2008, you had to rebuild the CA and decommision the entire PKI hierarchy to
    change the signing algorithm used. In Windows 2008 and 2008 R2, we allow you to
    change the algorithm and from that point forward it will digitally sign all new certificates with the updated
    algorithm.
    The
    Certificate
    Services Enhancements in Longhorn Server Whitepaper describing these steps can be found under the section
    Configuring the Cryptographic Algorithms used by the CA.
    Step 1: Verify the configuration of the CRL and AIA paths. Sometimes users will manually
    change these paths to not include the crl name suffix variable that distinguish multiple certificates on a CA. This is important because the process of changing the
    algorithm requires the renewal of the private key and results in administration of multiple CA certificates. When we publish multiple crt and crls, they will be identified as CAName and CAName(1.) You can verify these paths
    include the variables by checking the registry keys below:
    [HKLM\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CAname}
    CRLPublicationURLs = "1:%WINDIR%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n2:http://FCCA01.fourthcoffee.com/certenroll/%%3%%8%%9.crl\n10:ldap:///CN=%%7%%8,CN=%%2,CN=CDP,CN=Public
    Key Services,CN=Services,%%6%%10"
    CACertPublicationURLs = "1:%WINDIR%\system32\CertSrv\CertEnroll\%%1_%%3%%4.crt\n2:http://FCCA01.fourthcoffee.com/certenroll/%%1_%%3%%4.crt\n2:ldap:///CN=%%7,CN=AIA,CN=Public Key Services,CN=Services,%%6%%11"
    Step 2: Modify the CSP parameters to specify the new
    algorithm. The CSP may use the original CryptoAPI or Cryptography API:Next Generation - you can verify this by looking in the registry key
    HKLM\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CAname}\CSP.
    If you have the regvalues
    CNGPublicKeyAlgorithm and CNGHashAlgorithm then your CSP is using Next Generation.
    Change the
    algorithm from MD5 to SHA1 and was using Cryptography API: Next Generation. The original registry value was:
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CertSvc\Configuration\{CAname}\CSP]
    "ProviderType"=dword:00000000
    "Provider"="Microsoft Software Key Storage Provider"
    "HashAlgorithm"=dword:00008003
    "CNGPublicKeyAlgorithm"="RSA"
    "CNGHashAlgorithm"="MD5"
    "MachineKeyset"=dword:00000001
    we changed it to
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\CertSvc\Configuration\{CAname}\CSP]
    "ProviderType"=dword:00000000
    "Provider"="Microsoft Software Key Storage Provider"
    "HashAlgorithm"=dword:00008004
    "CNGPublicKeyAlgorithm"="RSA"
    "CNGHashAlgorithm"="SHA1"
    "MachineKeyset"=dword:00000001
    Step 3: Restart the CA service. You can do this in the CA MMC. Right Click on the
    CA and choose "Stop Service" and "Start Service".
    Step 4: Renew the CA certificate with new Private Key. Right click on the CA and
    choose "Renew CA certificate". Choose to renew the public and private key pair. On completion, this will result in the CA having two certificates. You will see that the old one has the MD5 for the Signature
    Hash Algorithm and that the new certificate uses SHA1.
    Hope this helps!
    Best Regards
    Elytis Cheng
    TechNet Subscriber Support
    If you are
    TechNet Subscription
    user and have any feedback on our support quality, please send your feedback
    here.
    Elytis Cheng
    TechNet Community Support

  • HTTPS SSL Certificate Signed using Weak Hashing Algorithm

    I am support one client for,  whom falls under Security  scans mandatory for new implementation of ASA 5520 device .  The client uses Nessus Scan and  the test results are attached
    The Nessus scanner hit on 1 Medium vulnerabilities, Could you pls review the statement and provide work around for the same.
    Nessus Scanner reports
    Medium Severity Vulnerability
    Port : https (443/tcp)
    Issue:
    SSL Certificate Signed using Weak Hashing  Algorithm
    Synopsis :
    The SSL certificate has been signed using  a weak hash algorithm.
    Description :
    The remote service uses an  SSL certificate that has been signed using
    a cryptographically weak hashing  algorithm - MD2, MD4, or MD5. These
    signature algorithms are known to be  vulnerable to collision attacks.
    In theory, a determined attacker may be  able to leverage this weakness
    to generate another certificate with the same  digital signature, which
    could allow him to masquerade as the affected  service.
    See also :
    http://tools.ietf.org/html/rfc3279
    http://www.phreedom.org/research/rogue-ca/
    http://www.microsoft.com/technet/security/advisory/961509.mspx
    http://www.kb.cert.org/vuls/id/836068
    Solution :
    Contact the Certificate Authority to have the certificate  reissued.
    Plugin Output :
    Here is the service's SSL certificate  :
    Subject Name:
    Common Name: xxxxxxxxxx
    Issuer Name:
    Common Name: xxxxxxxxxx
    Serial Number: D8 2E 56 4E
    Version: 3
    Signature Algorithm: MD5 With RSA  Encryption
    Not Valid Before: Aug 25 11:15:36 2011 GMT
    Not Valid After:  Aug 22 11:15:36 2021 GMT
    Public Key Info:
    Algorithm: RSA  Encryption
    Public Key: 00 AA AB 57 9C 74 FF E9 FB 68 E1 BF 69 90 8E D2 65 7F  DF 40
    D6 F6 29 E7 35 5E 16 FB 76 AA 03 3F 47 07 5A D0 6D 07 E0 EC
    06 7E  D4 9A 43 C6 B3 A6 93 B7 76 CC 58 31 25 36 98 04 30 E6
    77 56 D7 C3 EE EF 7A  79 21 5E A0 78 9B F6 1B C5 E6 2A 10 B5
    CB 90 3D 6D 7C A0 8D B1 B8 76 61 7F  E2 D1 00 45 E2 A1 C7 9F
    57 00 37 60 27 E1 56 2A 83 F5 0E 48 36 CC 61 85 59  54 0C CB
    78 82 FB 50 17 CB 7D CD 15
    Exponent: 01 00 01
    Signature: 00 24 51 24 25 47 62 30 73 95 37 C4 71 7E BD E4 95 68 76 35
    2E AF 2B 4A 23 EE 15 AF E9 09 93 3F 02 BB F8 45 00 A1 12 A9
    F7 5A 0C E8  4D DB AE 92 70 E4 4C 24 10 58 6B A9 87 E1 F0 12
    AE 12 18 E8 AB DF B9 02 F7  DA BE 3C 45 02 C4 1E 81 44 C2 74
    25 A2 81 E7 D6 38 ED B9 66 4C 4A 17 AC E3  05 1A 01 14 88 23
    E8 9F 3B 5C C5 B8 13 97 27 17 C3 02 5F 6E 7C DB 4C D3 65  B5
    C5 FC 94 62 59 04 E7 7E FB
    CVE :
    CVE-2004-2761
    BID :
    BID 11849
    BID  33065
    Other References :
    OSVDB:45106
    OSVDB:45108
    OSVDB:45127
    CWE:310
    Nessus Plugin ID  :
    35291
    VulnDB ID:
    69469
    and try with configure the ssl encryption method with " ssl encryption 3des-sha1 aes128-sha1 aes256-sha1 rc4-md5" but it throws the same issue.
    Here is ASA log
    7|Oct 19 2011 01:59:34|725010: Device supports the following 4 cipher(s).
    7|Oct 19 2011 01:59:34|725011: Cipher[1] : DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[2] : AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[3] : AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[4] : RC4-MD5
    7|Oct 19 2011 01:59:34|725008: SSL client production:xxxxxxxxx/2587 proposes the following 26 cipher(s).
    7|Oct 19 2011 01:59:34|725011: Cipher[1] : ADH-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[2] : DHE-RSA-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[3] : DHE-DSS-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[4] : AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[5] : ADH-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[6] : DHE-RSA-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[7] : DHE-DSS-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[8] : AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[9] : ADH-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[10] : ADH-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[11] : EXP-ADH-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[12] : ADH-RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[13] : EXP-ADH-RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[14] : EDH-RSA-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[15] : EDH-RSA-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[16] : EXP-EDH-RSA-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[17] : EDH-DSS-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[18] : EDH-DSS-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[19] : EXP-EDH-DSS-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[20] : DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[21] : DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[22] : EXP-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[23] : EXP-RC2-CBC-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[24] : RC4-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[25] : RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[26] : EXP-RC4-MD5
    7|Oct 19 2011 01:59:34|725012: Device chooses cipher : DES-CBC3-SHA for the SSL session with client production:xxxxxxxx/2586
    6|Oct 19 2011 01:59:34|725002: Device completed SSL handshake with client production:xxxxxxxxx/2586
    6|Oct 19 2011 01:59:34|725007: SSL session with client production:xxxxxxxx/2586 terminated.
    6|Oct 19 2011 01:59:34|302014: Teardown TCP connection 3201 for production:xxxxxxx/2586 to identity:xxxxxx/443 duration 0:00:00 bytes 758 TCP Reset-I
    6|Oct 19 2011 01:59:34|302013: Built inbound TCP connection 3202 for production:xxxxxxxxxxx/2587 (xxxxxxxxx/2587) to identity:xxxxxx/443 (xxxxxxx/443)
    6|Oct 19 2011 01:59:34|725001: Starting SSL handshake with client production:xxxxxxxxxxx/2587 for TLSv1 session.
    7|Oct 19 2011 01:59:34|725010: Device supports the following 4 cipher(s).
    7|Oct 19 2011 01:59:34|725011: Cipher[1] : DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[2] : AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[3] : AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[4] : RC4-MD5
    7|Oct 19 2011 01:59:34|725008: SSL client production:xxxxxxxxx/2587 proposes the following 26 cipher(s).
    7|Oct 19 2011 01:59:34|725011: Cipher[1] : ADH-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[2] : DHE-RSA-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[3] : DHE-DSS-AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[4] : AES256-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[5] : ADH-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[6] : DHE-RSA-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[7] : DHE-DSS-AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[8] : AES128-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[9] : ADH-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[10] : ADH-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[11] : EXP-ADH-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[12] : ADH-RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[13] : EXP-ADH-RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[14] : EDH-RSA-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[15] : EDH-RSA-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[16] : EXP-EDH-RSA-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[17] : EDH-DSS-DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[18] : EDH-DSS-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[19] : EXP-EDH-DSS-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[20] : DES-CBC3-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[21] : DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[22] : EXP-DES-CBC-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[23] : EXP-RC2-CBC-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[24] : RC4-SHA
    7|Oct 19 2011 01:59:34|725011: Cipher[25] : RC4-MD5
    7|Oct 19 2011 01:59:34|725011: Cipher[26] : EXP-RC4-MD5
    7|Oct 19 2011 01:59:34|725012: Device chooses cipher : DES-CBC3-SHA for the SSL session with client production:xxxxxxxxxx/2587
    6|Oct 19 2011 01:59:34|725002: Device completed SSL handshake with client production:xxxxxxxxx/2587
    H

    Hi Ramkumar,
    The report is complaining that the Certificate Authority who signed the ID certificate presented by the ASA used a weak hashing algorithm. First, you need to determine who signed the certificate.
    If the certificate is self-signed by the ASA, you can generate a new certificate and use SHA1 as the hashing algorithm. To do this, the ASA needs to be running a software version that is at least 8.2(4) (8.3 and 8.4 software also support SHA1).
    If the certificate is signed by an external CA, you need to contact them and ask them to sign a new certificate for you using SHA instead of MD5.
    The links you posted have more information on this as well. Hope that helps.
    -Mike

  • Java API's supported in the Jdeveloper, IAS, and RDBMS product components

    If there are any technical errors or "mistatement of the facts" in this posting, please let me know about them ..
    This article is being delivered in Draft form and may contain
    errors. Please use the MetaLink "Feedback" button to advise
    Oracle of any issues related to this article.
    PURPOSE
    This article describes the "Enterprise Java Beans" (EJB), "Java Server Pages"
    (JSP) and servlets Application Programming Interfaces (API) supported by the
    Oracle products, Jdeveloper, Internet Application Server (IAS) and the Oracle
    RDBMS release 2 and release 3, also known as Version 8.1.6 and 8.1.7,
    respectively.
    SCOPE & APPLICATION
    All parties interested in the Java API's supported by these products.
    Java API's supported in the Jdeveloper, IAS, and RDBMS product components
    JDEVELOPER
    JDEVELOPER is Oracle's Java development tool designed for coding / development,
    testing / debugging, and deployment of Java Applications to the IAS and
    RDBMS platforms.
    With the java software api's being in a constant state of evolution, each new
    release of Jdeveloper adds support for the "then current" version of the java
    software api's, if it does not already have it implemented.
    JDEVELOPER SERVLET API JSP API EJB API
    VERSION VERSION VERSION VERSION
    3.2.X.X 2.2 1.1 1.1
    3.1.X.X 2.1 1.0 1.0
    NOTE :
    Sun Microsystems and their advisory teams (Oracle is on it) is working on
    "draft" specifications for the next version of all of these API's
    EJB -------> http://java.sun.com/products/ejb/index.html
    JSP -------> http://java.sun.com/products/jsp/index.html
    Servlets --> http://java.sun.com/products/servlet/?frontpage-javaplatform
    It is anticipated that future releases of Jdeveloper will continue to be
    upgraded to include support for the next version of each api.
    To obtain the latest information on Oracle's Internet Development Suite (IDS)
    of tools, please review the "Internet Developer Suite" information located
    on Oracle's technet web site at :
    http://technet.oracle.com/products/index.htm
    IAS
    IAS is Oracle's next evolution of the web server and application server
    product technology superceeding the Web Application Server (WAS) and Oracle
    Application Server (OAS) product lines.
    IAS SERVLET API JSP API EJB API EJE VERSION
    VERSION VERSION VERSION VERSION SUPPORTED
    9I(1.0.2) 2.2 1.1 1.1 817
    8i(1.0.1-NT) 2.0 1.0 1.0 816
    8i(1.0.0-UNIX) 2.0 1.0 1.0 816
    The IAS product contains two Java Virtual Machines (JVM) within it's
    architecture.
    They are called :
    1) APACHE JSERV servlet engine
    2) ORACLE ENTERPRISE JAVA ENGINE (EJE)
    APACHE JSERV servlet engine
    The APACHE JSERV servlet engine is an EXISTING product licensed from the
    apache group which supports the servlet api 2.0.ONLY.
    The APACHE JSERV product does not support ANY JSP's unless the customer
    installs a third party jsp engine.
    The IAS 8i/9i which has the APACHE JSERV product embedded in it, comes with
    Oracle's JSP engine (OJSP) already integrated into it. OJSP supports JSP's up
    to the specific JSP engine version documented in the Oracle Universal
    Installer (OUI) for the 8.1.7 RDBMS or the IAS products. It is also documented
    in the product's release notes.
    Oracle ENTERPRISE JAVA ENGINE (EJE)
    The EJE formerly known as :
    1) Oracle 8i Java Virtual Machine (JVM)
    2) JSERVER component,
    3) Aurora JVM
    was originally releas ed in the RDBMS 8.1.5 database with jdk 1.1.6 based java
    support.
    The currently supported versions of the Oracle 8i RDBMS, versions 2 and 3,
    also known as Version 8.1.6 and 8.1.7, respectively, provides a jdk 1.2.1
    based java virtual machine support.
    "EJE" Version 816
    This EJE, found in rdbms 8.1.6 and IAS 8i, contains support for the ejb
    api 1.0, corba, and java stored procedures.
    "EJE" Version 817
    This EJE, found in rdbms 8.1.7 and IAS 9i, contains support for the ejb,
    corba, and java stored procedures as well as the Oracle Servlet Engine (OSE)
    which provides support for the servlets 2.2 api and JSP 1.1 api.
    Note :
    EJB support in the "EJE" Version 817 has been upgraded to comply with the EJB
    1.1 api specification which includes "entity beans" support.
    What is the bottom line ??
    1) Servlets deployed to the APACHE JSERV must comply with servlet api 2.0.
    2) Servlets 2.1 or higher are only supported in EJE's OSE component found in
    the rdbms 817 or ias 9i products. Servlets api 2.0 can also run in the OSE.
    References
    1) "Oracle9i Application Server Technical White Paper" located at :
    http://technet.oracle.com/products/ias/pdf/9ias_102.pdf
    2) "Whats New? Oracle8i JVM Accelerator, Oracle Servlet Engine, OracleJSP ..."
    located at :
    http://technet.oracle.com/products/oracle8i/pdf/504.pdf
    3) "Oracle8i Release 3 New Features Summary" located at :
    http://technet.oracle.com/products/oracle8i/pdf/8iR3_nfs.pdf
    null

    which jvm is used by jserv ?? EJE or a separate jdk ?
    The Jserv servlet engine is running in a separate jdk JVM external to the EJE jvm which is embedded within the "database" component of ias and the RDBMS.
    See the reference below for more details ...
    if jserv only support old apis, why it is in oracle's products ?
    i would assume that the oracle servlet engine was under development when ias 8i was released and became available in time for the ias 9i and rdbms 817 products.
    looking back in history leads me to believe ias 8i was a migration path to get to ias 9i or rdbms 817.
    Based upon the long history of new releases of every oracle product being upgraded with new features, it's reasonable to assume that these products will continue to evolve.
    when I deploy a jsp how to deploy in the right servlet container ("EJE") ?
    as documented in the reference below, you can deploy JSP's to either the apache jserv jvm or the EJE since the ORACLE JSP engine functionality is in both jvm's.
    there are many posts where you can see that people have deploy in jserv and they have problems because they don't use the right container (servlet 2.0 instead of
    servlet 2.2) http://technet.oracle.com:89/ubb/Forum2/HTML/006349.html
    when ias 8i came out this was clearly an issue since servlet support was at api 2.0, and the current servlet api was probably at 2.1.
    oracle clearly made every effort to get ias 9i released quickly to supply a servlet 2.1 and 2.2 capable engine to resolve this issue.
    since ias 9i and rdbms 8.1.7 are available this is no longer an issue.
    The reference below explains the architecture and understanding it would eliminate a lot of "deploy to the wrong ias 9i component" issues.
    so why jserv is bundled with oracle 8i/9ias since EJE support the right api version ?
    if in ias 9i release , oracle had removed the jserv component without any advance warning, many customers would have been very upset since oracle makes every attempt to give advance notice before removal of functionality.
    References
    1) "Oracle9i Application Server Technical White Paper" located at :
    http://technet.oracle.com/products/ias/pdf/9ias_102.pdf

  • 2007 US Daylight Savings change time zone support in JDK 1.3

    Sun has supported the 2007 US Daylight Savings change in recent versions of its JDKs 1.4 and 1.5. It has made partial Daylight Savings changes to JDK 1.3, but it's not a complete implementation like in 1.4 and 1.5, because there is no support for past/future Daylight Savings rules, only a single current set of Daylight Savings rules per time zone.
    Our Java application (running in the America/New_York time zone) seems to be doomed, because the likelihood of upgrading to JDK 1.4/1.5 seems slim (we have to upgrade a third-party product first and success is seeming more and more remote), and Sun claims to be unable to fully implement the Daylight Savings change in JDK 1.3.
    If any Sun Java staff can explain the reasons for being unable to implement the change in 1.3 (or at least some kind of workaround that an individual JVM user could enable), please fill me in. Any pointers on cleanly setting up a custom workaround would be valuable too.
    If there are other Java users in the same situation, please fill me in on your own plans if you can. Is anybody trying to pressure Sun or other vendors for a solution? Is anybody writing their own custom workaround?
    More details....
    What we really need is for the default TimeZone in JDK 1.3 (America/New_York on our machines) to work regardless of whether the date/time being checked is pre-2007 or post-2007. In particular, getOffset and inDaylightTime should work for both 2006 dates and 2007 dates. The JDK should return the correct values for 2006 dates, as well as the correct values for the 2007 US DST extension dates (03/12/2007-04/02/2007 and 10/29/2007-11/05/2007). This would enable parsing and formatting using SimpleDateFormat to work correctly as well. The TimeZone and SimpleDateFormat APIs are used throughout our application.
    JDK 1.3.1_19 has an interesting workaround that depends on the current system time. Prior to Jan 1 2007, it will handle 2006 dates correctly but 2007 dates wrong. After Jan 1 2007, it will handle 2007 dates correctly but 2006 dates wrong. Either way, it is always wrong for some dates.
    JDK 1.4.2_13 and 1.5.0_09 both handle 2006 and 2007 dates correctly.
    If JDK 1.3 will never work for 2006 and 2007 dates, then I am contemplating two workarounds:
    1. Set the default TimeZone to a custom implementation as soon after JVM startup as possible.
    2. Avoid the default TimeZone entirely, changing our application code to rely on explicit custom TimeZones.
    Prior related Java Forum topics:
    * http://forum.java.sun.com/thread.jspa?forumID=31&threadID=645874 (Java Essentials - Java Programming) winds up referencing the JDK 1.4 patch as a solution, and there is some discussion about how future/historic dates affect applications
    * http://forum.java.sun.com/thread.jspa?forumID=481&threadID=735038 (Deploying - Java Upgrade) just talks about 1.4 and 1.5 patches
    * http://forum.java.sun.com/thread.jspa?forumID=481&threadID=717268 (Deploying - Java Upgrade) also just talks about 1.4 and 1.5 patches
    * http://forum.java.sun.com/thread.jspa?forumID=37&threadID=703214 (Specifications - Java Virtual Machine (JVM)) also just talks about 1.4 and 1.5
    Related Sun Java Bug Database bugs:
    * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6471271 reports the same issue with 1.3.1_19 that I am seeing and the reporter makes the same clarification, that past/future dates don't work at all still. Sun seems to indicate that it will not fix this in 1.3.1, and the 1.3.1_19 "hack" is it for 1.3.1.
    * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6391777 refers to updates in 1.3.1_18 to address Australia DST changes, and also indicates that past/future dates (or "historic" dates) won't work at all. It gives a little more rationale behind the difficulty of implementing this for 1.3.1.
    * http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4257314 refers to the fixes in 1.4 to support historic DST dates.
    Other articles:
    * Sun Java article http://java.sun.com/developer/technicalArticles/Intl/USDST/ refers to 1.3.1_18 as "resolving" the DST issue - this is misleading because the solution in 1.3.1_18 is not complete like that in 1.4 or 1.5
    * Server Side article http://www.theserverside.com/news/thread.tss?thread_id=42212 refers to fixes in 1.4 and 1.5 for the DST issue, and the discussion about 1.3 doesn't lead anywhere
    Thanks for any info or advice available,
    Jim

    Hi KBarney
    I think u have the correct data file. to make sure see the "zi" dir is backed up in ur java lib folder or not.
    if u have suspicion than run the tzupdater tool again.
    this tool must be run for each jre/java version on your machine separately.
    I tried this on 1.4.2.13 and not on 1.5.0.10. here is the result:
    C:\Program Files\Java\j2re1.4.2_13\bin>java -jar c:\tzupdater\tzupdater2006p\tzu
    pdater.jar -t -v
    java.home: C:\Program Files\Java\j2re1.4.2_13
    java.vendor: Sun Microsystems Inc.
    java.version: 1.4.2_13
    JRE time zone data version: tzdata2006p
    Embedded time zone data version: tzdata2006p
    Validating the time zone data
    Validation complete
    C:\tzupdater\tzupdater2006p>java -jar tzupdater.jar test verbose
    java.home: C:\Program Files\Java\jre1.5.0_10
    java.vendor: Sun Microsystems Inc.
    java.version: 1.5.0_10
    JRE time zone data version: tzdata2006k
    Embedded time zone data version: tzdata2006p
    Validating the time zone data
    /data/tzdata2006p.test:990: test failed: America/Managua
    /data/tzdata2006p.test:1465: test failed: America/Havana
    /data/tzdata2006p.test:1466: test failed: America/Havana
    /data/tzdata2006p.test:1847: test failed: Cuba
    /data/tzdata2006p.test:1848: test failed: Cuba
    /data/tzdata2006p.test:2024: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2026: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2028: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2030: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2032: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2034: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2036: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2038: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2040: test failed: America/Campo_Grande
    /data/tzdata2006p.test:2046: test failed: America/Cuiaba
    /data/tzdata2006p.test:2048: test failed: America/Cuiaba
    /data/tzdata2006p.test:2050: test failed: America/Cuiaba
    /data/tzdata2006p.test:2052: test failed: America/Cuiaba
    /data/tzdata2006p.test:2054: test failed: America/Cuiaba
    /data/tzdata2006p.test:2056: test failed: America/Cuiaba
    /data/tzdata2006p.test:2058: test failed: America/Cuiaba
    /data/tzdata2006p.test:2060: test failed: America/Cuiaba
    /data/tzdata2006p.test:2062: test failed: America/Cuiaba
    /data/tzdata2006p.test:2471: test failed: America/Montevideo
    /data/tzdata2006p.test:2472: test failed: America/Montevideo
    /data/tzdata2006p.test:2475: test failed: America/Montevideo
    /data/tzdata2006p.test:2476: test failed: America/Montevideo
    /data/tzdata2006p.test:2479: test failed: America/Montevideo
    /data/tzdata2006p.test:2480: test failed: America/Montevideo
    /data/tzdata2006p.test:2483: test failed: America/Montevideo
    /data/tzdata2006p.test:2484: test failed: America/Montevideo
    /data/tzdata2006p.test:2487: test failed: America/Montevideo
    /data/tzdata2006p.test:2494: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2496: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2498: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2500: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2502: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2504: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2506: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2508: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2510: test failed: America/Sao_Paulo
    /data/tzdata2006p.test:2516: test failed: BET
    /data/tzdata2006p.test:2518: test failed: BET
    /data/tzdata2006p.test:2520: test failed: BET
    /data/tzdata2006p.test:2522: test failed: BET
    /data/tzdata2006p.test:2524: test failed: BET
    /data/tzdata2006p.test:2526: test failed: BET
    /data/tzdata2006p.test:2528: test failed: BET
    /data/tzdata2006p.test:2530: test failed: BET
    /data/tzdata2006p.test:2532: test failed: BET
    /data/tzdata2006p.test:2537: test failed: Brazil/East
    /data/tzdata2006p.test:2539: test failed: Brazil/East
    /data/tzdata2006p.test:2541: test failed: Brazil/East
    /data/tzdata2006p.test:2543: test failed: Brazil/East
    /data/tzdata2006p.test:2545: test failed: Brazil/East
    /data/tzdata2006p.test:2547: test failed: Brazil/East
    /data/tzdata2006p.test:2549: test failed: Brazil/East
    /data/tzdata2006p.test:2551: test failed: Brazil/East
    /data/tzdata2006p.test:2553: test failed: Brazil/East
    /data/tzdata2006p.test:3451: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3452: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3453: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3454: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3455: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3456: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3457: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3458: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3459: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3460: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3461: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3462: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3463: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3464: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3465: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3466: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3467: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3468: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3469: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3470: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3471: time zone not found: Europe/Podgorica
    /data/tzdata2006p.test:3791: test failed: ART
    /data/tzdata2006p.test:3814: test failed: Africa/Cairo
    /data/tzdata2006p.test:3844: test failed: Asia/Amman
    /data/tzdata2006p.test:3848: test failed: Asia/Amman
    /data/tzdata2006p.test:3852: test failed: Asia/Amman
    /data/tzdata2006p.test:3856: test failed: Asia/Amman
    /data/tzdata2006p.test:3860: test failed: Asia/Amman
    /data/tzdata2006p.test:3887: test failed: Asia/Damascus
    /data/tzdata2006p.test:3908: test failed: Asia/Gaza
    /data/tzdata2006p.test:3911: test failed: Asia/Gaza
    /data/tzdata2006p.test:3915: test failed: Asia/Gaza
    /data/tzdata2006p.test:3919: test failed: Asia/Gaza
    /data/tzdata2006p.test:3923: test failed: Asia/Gaza
    /data/tzdata2006p.test:4035: test failed: Egypt
    /data/tzdata2006p.test:4901: test failed: Australia/Perth
    /data/tzdata2006p.test:4902: test failed: Australia/Perth
    /data/tzdata2006p.test:4905: test failed: Australia/Perth
    /data/tzdata2006p.test:4906: test failed: Australia/Perth
    /data/tzdata2006p.test:4909: test failed: Australia/Perth
    /data/tzdata2006p.test:4910: test failed: Australia/Perth
    /data/tzdata2006p.test:4914: test failed: Australia/West
    /data/tzdata2006p.test:4915: test failed: Australia/West
    /data/tzdata2006p.test:4918: test failed: Australia/West
    /data/tzdata2006p.test:4919: test failed: Australia/West
    /data/tzdata2006p.test:4922: test failed: Australia/West
    /data/tzdata2006p.test:4923: test failed: Australia/West
    Validation tests failed.
    -Ranjan

  • ActiveX support in JDK 1.4

    Where are sun.beans.ole.Packager and unregbean utility
    in Java 2 SDK, Standard Edition, v 1.4 Beta 3 for Win32?
    Who knows Sun's plans about ActiveX support in JDK 1.4 releases?
    Thank you,
    Alexander

    More info found in bug 4616580. Please vote...
    -Trond

  • Signature hash algorithm (e.g. SHA-1, SHA-256...) used in Apple Mail ?

    Would anybody know what is the signature hash algorithm being used by Apple Mail ?
    And can be selected ?
    As NIST recommends the use of SHA-2 in 2011.
    I have searched quite a while but no information is found in this area.
    Thanks your help in advance !

    I've had the same problem now for approximately 6 months. Many of the senders in my inbox are wrong. I haven't changed anything other than upgraded to OS 10.7. It only effects some emails and not all. It is a problem when I search as well because the sender details can't be found
    Please help!!!
    Thanks.

  • What is hash algorithm?

    Hi Everyone,
    Please see this article and explain me what is hash algorithm? How it works internally?
    Hash Partitioning
    Hash partitioning maps data to partitions based on a hashing algorithm that Oracle
    applies to the partitioning key that you identify. The hashing algorithm evenly
    distributes rows among partitions, giving partitions approximately the same size.
    Hash partitioning is the ideal method for distributing data evenly across devices. Hash
    partitioning is also an easy-to-use alternative to range partitioning, especially when
    the data to be partitioned is not historical or has no obvious partitioning key.Can we say it will act an Index?
    Regards,
    BS2012.
    Edited by: BS2012 on May 17, 2013 4:53 PM

    Hi,
    I was previously checking some basic stuffs in other sites and got suffered. Because of that, I want to confirm everything in forum itself. I got my answer. Thanks anyway for your reply.
    Regards,
    BS2012.

  • Which SHA hash algorithm is DS 5.1 using?

    i'm trying to find out whether DS 5.1 uses the SHA-1 (160 bit) or the SHA-256 (256bit). i'm using coldfusion to query the directory and in order to compare password given by the user with the one stored in the directory i should hash the given password. coldfusion (a library, it's not a default function) has two differnt hash algorithms SHA-1 and SHA-256, which one should i use?
    ioanna

    DS uses SHA-1 (160 bit). And I'm not sure what you are proposing will work. I think you need the salt to generate the hash. Why do you need to compare the password outside the directory? You might be able to use the LDAP compare operation.

  • Configuring AD LDS Password Hash Algorithm

    Hello,
    I have a client which has a requirement that the passwords in Active Directory should be stored using the Secure Hash Standard (SHS) standard. This could be SHA-1 or SHA-2.
    Could you please tell me where can I check the current hashing algorithm and configure the new one?
    Windows Server 2008 R2 Enterprise
    Forest & Domain functional level: Windows Server 2008 R2
    Thanks!

    Hi Levente,
    I don’t think it is possible to specify algorithm to encrypt AD passwords. The password is computed by RSA MD-4 and MD-5 algorithm.
    More information for you:
    Help: How to configure encryption/hashing policies on Active Directory 2008 LDS
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/04591e6e-22d3-4251-ab55-b778a479465e/help-how-to-configure-encryptionhashing-policies-on-active-directory-2008-lds?forum=winserverDS
    View Password hash in Active Directory
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/63e3cf2d-f186-418e-bc85-58bdc1861aae/view-password-hash-in-active-directory?forum=winserverfiles
    Active Directory hashing algorithms used?
    http://social.technet.microsoft.com/forums/windowsserver/en-US/7fbc0669-2ccb-4c24-9f08-24241e30d72b/active-directory-hashing-algorithms-used
    Md5 passwords in Active Directory
    http://social.technet.microsoft.com/Forums/windowsserver/en-US/5bed809e-3e04-4917-b940-47d3c758987f/md5-passwords-in-active-directory
    Best Regards,
    Amy

  • Hash algorithms for passwords.

    Hello!
    I have those question.
    When I store password in database I can use any hash algorithms.
    But if I would use local database and start my application on another computer values after hashing will be the same or not?
    For example :
    string password = "admin";
    int passwordToDb = password.GetHashCode(); // this value I save in db.
    On another computer, when I will verify my password and calculate hash, it wouldn't be the same? I guess that not.
    And what about SHA algorithms? Will I have such problem?

    Use MD5 encryption :
    /// <summary>
            /// Hasher la chaîne en MD5
            /// </summary>
            /// <param name="chaine">La chaîne à hasher.</param>
            /// <returns>La chaîne hashée.</returns>
            public static String hashWithMD5(String chaine)
                //L'objet MD5.
                MD5 md5HashAlgo = MD5.Create();
                //le résultat.
                StringBuilder resultat = new StringBuilder();
                //Tableau d'octes pour le hashage.
                byte[] byteArrayToHash = Encoding.UTF8.GetBytes(chaine);
                //Hasher la chaîne puis placer le résultat dans le tableau.
                byte[] hashResult = md5HashAlgo.ComputeHash(byteArrayToHash);
                //Parcourir le tableau pour le mettre dans le résultat.
                for (int i = 0; i < hashResult.Length; i++)
                    //Afficher le Hash en hexadecimal.
                    resultat.Append(hashResult[i].ToString("X2"));
                //Retourner le résultat.
                return resultat.ToString();

Maybe you are looking for

  • Changing the value of a row from bean code.

    Hello, I apologies for my bad English, and my bad knowledge of jdeveloper... I had never work with Oracle, jdeveloper, adf... before this Month, but I have to migrate one "window" from forms to jdeveloper 11g r2 for my Internship... The problem I am

  • HP Printer Assistant software always opens in full-screen mode

    Hi I have a large screen and it is just annoying that the HP Printer Assistant software opens in full screen mode and I have to make adjustments to the window to get it out of the way every time I open it. Does anyone have a solution ? Thanks Tony

  • Different framerates - how to combine - YouTube

    Hello. I was trying to find an answer for my question but couldn't. I made an animation in AE which is 23.976fps, 16:9, full HD. I must connect it with a .flv file which is 13FPS (!) and 480x270px. I want then to export it to YouTube. When I chose to

  • Hi need help in writing this query

    A table has three columns - id (primary key), categoryID (numeric) and amount (numeric). The goal is to provide a query that would show categoryID and sum of amounts within that category where categoryID is an odd number and sum of amounts is greater

  • Problem in using SPEL for Required Property

    Hi, While creating a Application Properties View Object PVO transient attribute for the required property item what should be the type while using Boolean Iam facing issue If any guidense related to SPEL for Required Property it would be helpful Rega