How to configure CustomLoginModule in jps-config.xml
Hi,
How can we configure a Custom Login Module using jps-config.xml, as we do not want to use weblogic custom authentication provider as it needs application jars(which we require fo authenticating the user) to be kept in weblogic classpath.
Is there any documentation on how to configure and use Custom Login Modules in jps-config.xml, I tried to create a LoginModule and specify it in jps-config.xml, but
My LoginModule is not getting called.
Jdev version: 11.1.1.3.0
Server : weblogic
my jps-config.xml is
<?xml version = '1.0' encoding = 'Cp1252'?>
<jpsConfig xmlns="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd">
<property value="doasprivileged" name="oracle.security.jps.jaas.mode"/>
<property value="custom.provider" name="true"/>
<propertySets/>
<serviceProviders>
<serviceProvider class="oracle.security.jps.internal.credstore.ssp.SspCredentialStoreProvider" name="credstore.provider" type="CREDENTIAL_STORE">
<description>Credential Store Service Provider</description>
</serviceProvider>
<serviceProvider class="oracle.security.jps.internal.login.jaas.JaasLoginServiceProvider" name="jaas.login.provider" type="LOGIN">
<description>
Login Module Service Provider
</description>
</serviceProvider>
<serviceProvider class="oracle.security.jps.internal.idstore.xml.XmlIdentityStoreProvider" name="idstore.xml.provider" type="IDENTITY_STORE">
<description>XML-based IdStore Provider</description>
</serviceProvider>
<serviceProvider class="oracle.security.jps.internal.policystore.xml.XmlPolicyStoreProvider" name="policystore.xml.provider" type="POLICY_STORE">
<description>XML-based PolicyStore Provider</description>
</serviceProvider>
</serviceProviders>
<serviceInstances>
<serviceInstance provider="credstore.provider" name="credstore">
<property value="./" name="location"/>
</serviceInstance>
<serviceInstance provider="jaas.login.provider" name="CustomLoginModule">
<property value="SUFFICIENT" name="jaas.login.controlFlag"/>
<property value="SEVERE" name="log.level"/>
<property value="org.calwin.view.CustomLoginModule" name="loginModuleClassName"/>
</serviceInstance>
<serviceInstance provider="idstore.xml.provider" name="idstore.xml">
<property value="./jazn-data.xml" name="location"/>
<property value="OBFUSCATE" name="jps.xml.idstore.pwd.encoding"/>
<property value="jps" name="subscriber.name"/>
</serviceInstance>
<serviceInstance provider="policystore.xml.provider" name="policystore.xml">
<property value="./jazn-data.xml" name="location"/>
</serviceInstance>
</serviceInstances>
<jpsContexts default="TestMultiDatasource">
<jpsContext name="TestMultiDatasource">
<serviceInstanceRef ref="idstore.xml"/>
<serviceInstanceRef ref="credstore"/>
<serviceInstanceRef ref="policystore.xml"/>
</jpsContext>
<jpsContext name="anonymous">
<serviceInstanceRef ref="credstore"/>
</jpsContext>
</jpsContexts>
</jpsConfig>My Login Module Class:
package org.calwin.view;
import java.io.IOException;
import java.security.Principal;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.servlet.http.HttpServletRequest;
import weblogic.security.auth.callback.ContextHandlerCallback;
import weblogic.security.principal.WLSUserImpl;
import weblogic.security.service.ContextHandler;
public class CustomLoginModule
implements LoginModule
// initial state
private Subject subject;
private CallbackHandler callbackHandler;
// the authentication status
private boolean succeeded = false;
private boolean commitSucceeded = false;
// username and password
private String username;
private String password;
// testUser's SamplePrincipal
private Principal userPrincipal;
* Initialize this <code>LoginModule</code>.
* <p>
* @param subject the <code>Subject</code> to be authenticated. <p>
* @param callbackHandler a <code>CallbackHandler</code> for communicating
* with the end user (prompting for user names and
* passwords, for example). <p>
* @param sharedState shared <code>LoginModule</code> state. <p>
* @param options options specified in the login
* <code>Configuration</code> for this particular
* <code>LoginModule</code>.
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
* Authenticate the user by prompting for a user name and password.
* <p>
* @return true in all cases since this <code>LoginModule</code>
* should not be ignored.
* @exception FailedLoginException if the authentication fails. <p>
* @exception LoginException if this <code>LoginModule</code>
* is unable to perform the authentication.
public boolean login() throws LoginException {
if (callbackHandler == null)
throw new LoginException("Error: no CallbackHandler available " +
"to garner authentication information from the user");
Callback[] callbacks = new Callback[3];
callbacks[0] = new NameCallback("user name: ");
callbacks[1] = new PasswordCallback("password: ", false);
callbacks[2]=new ContextHandlerCallback();
try {
callbackHandler.handle(callbacks);
} catch (UnsupportedCallbackException uce) {
throw new LoginException("Callback Not Supported");
} catch (IOException ioe) {
throw new LoginException("I/O Failed");
username = ((NameCallback)callbacks[0]).getName();
char[] tmpPassword = ((PasswordCallback)callbacks[1]).getPassword();
if (tmpPassword == null) {
tmpPassword = new char[0];
password = new String(tmpPassword);
((PasswordCallback)callbacks[1]).clearPassword();
// verify the username/password
boolean usernameCorrect = true;
boolean passwordCorrect = true;
succeeded = true;
return true;
* <p> This method is called if the LoginContext's
* overall authentication succeeded
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* succeeded).
* <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the
* <code>login</code> method), then this method associates a
* <code>SamplePrincipal</code>
* with the <code>Subject</code> located in the
* <code>LoginModule</code>. If this LoginModule's own
* authentication attempted failed, then this method removes
* any state that was originally saved.
* <p>
* @exception LoginException if the commit fails.
* @return true if this LoginModule's own login and commit
* attempts succeeded, or false otherwise.
public boolean commit() throws LoginException {
if (succeeded == false) {
return false;
} else {
userPrincipal = new WLSUserImpl(username);
if (!subject.getPrincipals().contains(userPrincipal))
subject.getPrincipals().add(userPrincipal);
// in any case, clean out state
username = null;
password = null;
commitSucceeded = true;
return true;
* <p> This method is called if the LoginContext's
* overall authentication failed.
* (the relevant REQUIRED, REQUISITE, SUFFICIENT and OPTIONAL LoginModules
* did not succeed).
* <p> If this LoginModule's own authentication attempt
* succeeded (checked by retrieving the private state saved by the
* <code>login</code> and <code>commit</code> methods),
* then this method cleans up any state that was originally saved.
* <p>
* @exception LoginException if the abort fails.
* @return false if this LoginModule's own login and/or commit attempts
* failed, and true otherwise.
public boolean abort() throws LoginException {
if (succeeded == false) {
return false;
} else if (succeeded == true && commitSucceeded == false) {
// login succeeded but overall authentication failed
succeeded = false;
username = null;
if (password != null) {
password = null;
userPrincipal = null;
} else {
// overall authentication succeeded and commit succeeded,
// but someone else's commit failed
logout();
return true;
* Logout the user.
* <p> This method removes the <code>SamplePrincipal</code>
* that was added by the <code>commit</code> method.
* <p>
* @exception LoginException if the logout fails.
* @return true in all cases since this <code>LoginModule</code>
* should not be ignored.
public boolean logout() throws LoginException {
subject.getPrincipals().remove(userPrincipal);
succeeded = false;
succeeded = commitSucceeded;
username = null;
if (password != null) {
password = null;
userPrincipal = null;
return true;
}My adf-config.xml:
<sec:adf-security-child xmlns="http://xmlns.oracle.com/adf/security/config">
<CredentialStoreContext credentialStoreClass="oracle.adf.share.security.providers.jps.CSFCredentialStore"
credentialStoreLocation="../../src/META-INF/jps-config.xml"/>
<sec:JaasSecurityContext initialContextFactoryClass="oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass="oracle.adf.share.security.providers.jps.JpsSecurityContext"
authorizationEnforce="true"
authenticationRequire="true"/>
</sec:adf-security-child>My jazn.xml:
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-11_0.xsd">
<jazn-realm default="jazn.com">
<realm>
<name>jazn.com</name>
</realm>
</jazn-realm>
</jazn-data>My web.xml:
<filter>
<filter-name>JpsFilter</filter-name>
<filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
<init-param>
<param-name>enable.anonymous</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>remove.anonymous.role</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>adfAuthentication</servlet-name>
<url-pattern>/adfAuthentication</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>valid-users</role-name>
</security-role>weblogic.xml:
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>users</principal-name>
</security-role-assignment>Regards,
Saikiran
Ours is not a Desktop Application, but we want to handle Authentication(Which authenticates the userid and password by making a Tuxedo call) and add the Principal to Subject in session, so that ADF Authorization and securityContext can be used as is,
but doing this with Custom Authentication Provider in weblogic needs me to have a lot of Tuxedo Service related jars in weblogic/system classpath which i feel is not right thing to do, as the same jars are required in application also, which means i will have the jars in class path twice and i need to deploy the jars to both places everytime there is any change.
Is there any way by which i can set Authenticated principal to Subject in the created session from within Application?
Similar Messages
-
I am installing OIM/OAM in a cluster configuration using release 11.1.1.7.
I looked at the EDG here:
http://docs.oracle.com/cd/E28280_01/core.1111/e12035/toc.htm
And its pointing me to the 11.1.1.5 version
http://docs.oracle.com/cd/E21764_01/core.1111/e12035/toc.htm
So that is the guide I am following.
I am at this step:
18.1.5.2 Integrating Oracle Access Manager with Oracle Identity Manager by Using idmConfigTool
http://docs.oracle.com/cd/E21764_01/core.1111/e12035/wiring.htm#sthref356
When I run the config tool I get SEVERE messages like this one:
SEVERE: java.io.FileNotFoundException: ./config/jps-config.xml (No such file or directory)
Any suggestions on how to fix this ?
Please note that I can see jps-config.xml under the domain configuration in the fmwconfig directory.
Here is the complete output
Enter sso access gate password :
Enter sso keystore jks password :
Enter sso global passphrase :
Enter mds db schema password :
Enter idstore admin password :
Enter admin server user password :
********* Seeding OAM Passwds in OIM *********
Completed loading user inputs for - CSF Config
Completed loading user inputs for - Dogwood Admin WLS
Connecting to t3://admin.mycompany.com:7001
Connection to domain runtime mbean server established
Seeding credential :SSOAccessKey
Seeding credential :SSOGlobalPP
Seeding credential :SSOKeystoreKey
********* Activating OAM Notifications *********
Completed loading user inputs for - MDS DB Config
Jun 6, 2013 1:46:05 PM oracle.mds
NOTIFICATION: PManager instance is created without multitenancy support as JVM flag "oracle.multitenant.enabled" is not set to enable multitenancy support.
Jun 6, 2013 1:46:06 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: ./config/jps-config.xml (No such file or directory)
Jun 6, 2013 1:46:06 PM oracle.mds
NOTIFICATION: Auditing is disabled for component MDS.
Initialized MDS resources
Jun 6, 2013 1:46:06 PM oracle.mds
NOTIFICATION: PManager instance is created without multitenancy support as JVM flag "oracle.multitenant.enabled" is not set to enable multitenancy support.
Jun 6, 2013 1:46:06 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: ./config/jps-config.xml (No such file or directory)
Jun 6, 2013 1:46:06 PM oracle.mds
NOTIFICATION: Auditing is disabled for component MDS.
Jun 6, 2013 1:46:07 PM oracle.mds
NOTIFICATION: transfer operation started.
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: transfer is completed. Total number of documents successfully processed : 1, total number of documents failed : 0.
Upload to DB completed
Releasing all resources
Notifications activated.
********* Seeding OAM Config in OIM *********
Completed loading user inputs for - OAM Access Config
Validated input values
Initialized MDS resources
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: PManager instance is created without multitenancy support as JVM flag "oracle.multitenant.enabled" is not set to enable multitenancy support.
Jun 6, 2013 1:46:08 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: ./config/jps-config.xml (No such file or directory)
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: Auditing is disabled for component MDS.
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: transfer operation started.
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: transfer is completed. Total number of documents successfully processed : 1, total number of documents failed : 0.
Download from DB completed
Releasing all resources
Updated /oracle/product/fmw/Oracle_IAM/server/oamMetadata/db/oim-config.xml
Initialized MDS resources
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: PManager instance is created without multitenancy support as JVM flag "oracle.multitenant.enabled" is not set to enable multitenancy support.
Jun 6, 2013 1:46:08 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: ./config/jps-config.xml (No such file or directory)
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: Auditing is disabled for component MDS.
Jun 6, 2013 1:46:08 PM oracle.mds
NOTIFICATION: transfer operation started.
Jun 6, 2013 1:46:09 PM oracle.mds
NOTIFICATION: transfer is completed. Total number of documents successfully processed : 1, total number of documents failed : 0.
Upload to DB completed
Releasing all resources
OAM configuration seeded. Please restart oim server.
********* Configuring Authenticators in OIM WLS *********
Completed loading user inputs for - LDAP connection info
Connecting to t3://admin.mycompany.com:7001
Connection to domain runtime mbean server established
Starting edit session
Edit session started
Connected to security realm.
Validating provider configuration
Validated desired authentication providers
OAM Asserter already exists in the security realm
OAMIDAsserter is already configured to support 11g webgate
OIM Signature Authenticator already exists in the security realm
A type of LDAP Authenticator already exists in the security realm. Please create authenticator manually if different LDAP provider is required.
Control flags for authenticators set sucessfully
Reordering of authenticators done sucessfully
Saving the transaction
Transaction saved
Activating the changes
Changes Activated. Edit session ended.
Connection closed sucessfully
The tool has completed its operation. Details have been logged to automation.logi found this task :
JDev 11.1.1.1.0 + ADF+ BC4J application on Tomcat6 -
JPS-01514: The default context is missing in jps-config.xml.
when we will get the below erros what is missing
weblogic.security.SecurityInitializationException: The dynamic loading of the OPSS java security policy provider class oracle.security.jps.internal.policystore.JavaPolicyProvider failed due to problem inside OPSS java security policy provider.
JPS-01514: The default context is missing in jps-config.xml.
Caused By: oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check passwordCheck the jps-config.xml file. This has the configuration for security services. Seems like the default context is missing. The default context is essential for connecting to the policy store. If not, you can use a named context to connect to the policy store/idstore etc.
-
Details of properties in jps-config.xml
Hi All,
I'm trying to integrate UCM with webcenter. I have added thebelow mentioned service instance in jps-config.xml. But still the status of JpsUserProvider is down.
<serviceInstance name="idstore.oid" provider="idstore.ldap.provider">
<property name="subscriber.name" value="dc=oracle,dc=com"/>
<property name="idstore.type" value="OID"/>
<property name="security.principal.key" value="ldap.credential"/>
<property name="security.principal.alias" value="JPS"/>
<property name="ldap.url" value="ldap://gmldap-stage.oracle.com:389"/>
<extendedProperty>
<name>user.search.bases</name>
<values>
<value>dc=oracle,dc=com</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.search.bases</name>
<values>
<value>cn=groups,dc=oracle,dc=com</value>
</values>
</extendedProperty>
*<property name="username.attr" value="uid"/>*
*<property name="user.login.attr" value="uid"/>*
*<property name="groupname.attr" value="cn"/>*
</serviceInstance>
Can someone please explain me the meaning of each property in the service instance? Are the properties in bold mandatory? What are their use?Here are the errors i'm getting:
Error: The Provider 'JpsUserProvider' is in error. JPS IdentityStore not configured correctly. [ Details ]
An error has occurred. The stack trace below shows more information.
!csProviderError,JpsUserProvider!csJpsIdentityStoreNotConfigured
intradoc.common.ServiceException: !csJpsIdentityStoreNotConfigured
at idc.provider.jps.JpsUserProvider.testConnection(JpsUserProvider.java:691)
at intradoc.server.proxy.ProviderStateUtils.testConnection(ProviderStateUtils.java:63)
at intradoc.server.ProviderManagerService.testProvider(ProviderManagerService.java:120)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at intradoc.common.IdcMethodHolder.invokeMethod(ClassHelperUtils.java:617)
at intradoc.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:279)
at intradoc.common.ClassHelperUtils.executeMethod(ClassHelperUtils.java:264)
at intradoc.server.Service.doCodeEx(Service.java:507)
at intradoc.server.Service.doCode(Service.java:472)
at intradoc.server.ServiceRequestImplementor.doAction(ServiceRequestImplementor.java:1360)
at intradoc.server.Service.doAction(Service.java:452)
at intradoc.server.ServiceRequestImplementor.doActions(ServiceRequestImplementor.java:1201)
at intradoc.server.Service.doActions(Service.java:447)
at intradoc.server.ServiceRequestImplementor.executeActions(ServiceRequestImplementor.java:1121)
at intradoc.server.Service.executeActions(Service.java:433)
at intradoc.server.ServiceRequestImplementor.doRequest(ServiceRequestImplementor.java:635)
at intradoc.server.Service.doRequest(Service.java:1707)
at intradoc.server.ServiceManager.processCommand(ServiceManager.java:359)
at intradoc.server.IdcServerThread.run(IdcServerThread.java:197)
Error: Failed to add context /idc/jsp. Web application exist. Exception type is 'java.lang.Throwable'
Error: Failed to add context /idc/jsp. Web application exist.
Error: Failed to add context /idc/groups/public. Web application exist. Exception type is 'java.lang.Throwable'.
Error: Failed to add context /idc/groups/public. Web application exist. -
Jps-config.xml (No such file or directory)
Hi Experts,
I created a Java proxy for a web service, deployed on a separate server (not WLS), with no ws policy. When I used POJO client, the invocation of the web service worked fine. But when I put the same invocation code in a concurrent program in EBS R12.2 (running on WLS), I got error when running the program:
oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: /u01/R122_EBS/inst/apps/xxxx/logs/appl/conc/log/./config/jps-config.xml (No such file or directory)
I didn't use any JPS related feature in the proxy client. I don't know why it asks for jps-config.xml in EBS 12.2.
Any input is appreciated.
Thanks.Thanks Hussein!
I saw this from the note ID 972284.1:
Output:-
30/11/2009 6:27:24 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration
SEVERE: java.io.FileNotFoundException: D:\JDeveloper\Middleware_JDev11.1.1.2\jdeveloper\jdev\mywork\SimpleOWSM_Application\Proxy\.\config\jps-config.xml (The system cannot find the path specified)
INFO: WSM-09004 Component auditing cannot be initialized.
INFO: WSMAgent is initialized for category=security, function=agent.function.client, topologyNodePath=TopologyRoot/Service/null/SimpleWSPort, isJ2EE=false
INFO: empty.bindings
INFO: empty.bindings
INFO: Recipient Alias property not configured in the policy. Defaulting to encrypting with signers certificate.
Hello >> Peter Pan
Looks like it's the output when successful. Does that mean the SEVERE FileNotFound Exception can be ignored? If the jps-config.xml is not used in the example, why the runtime keeps looking for it?
Appreciate your help very much. -
Hi All, I'm trying to edit the jps-config.xml file for ODI external LDAP. -------------- jps-config.xml -------------- user.search.bases DC=ndcvc,DC=com ---------------------- here we don't need group search.so i removed it from this file. When i try to run the odi_credtool.cmd is giving the below error----- ---- D:\Oracle\product\11.1.1\Oracle_ODI_1\oracledi\client\odi\bin>D:\Oracle\Middleware\jdk160_29\bin\java -classpath D:\Oracle\product\11.1.1\Oracle_ODI_1\oracledi.sdk\lib\odi-core.jar;D:\Oracle\product\11.1.1 cle.jps_11.1.1\jps-manifest.jar -Doracle.security.jps.config=.\jps-config.xml oracle.odi.core.security.JPSContextCredTool [input] Map:jps_map [input] Key:jps_key [input] User name:hypadmin [input] Password: Jul 17, 2014 12:15:23 PM oracle.security.jps.internal.config.xml.XmlConfigurationFactory initDefaultConfiguration SEVERE: org.xml.sax.SAXParseException: The element type "extendedProperty" must be terminated by the matching end-tag "". oracle.security.jps.config.JpsConfigurationException: The element type "extendedProperty" must be terminated by the matching end-tag "". at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.initDefaultConfiguration(XmlConfigurationFactory.java:436) at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.getDefaultConfiguration(XmlConfigurationFactory.java:338) at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.getConfiguration(XmlConfigurationFactory.java:160) at oracle.security.jps.internal.core.runtime.JpsContextFactoryImpl.(JpsContextFactoryImpl.java:112) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at java.lang.Class.newInstance0(Class.java:355) at java.lang.Class.newInstance(Class.java:308) at oracle.security.jps.util.JpsUtil.newInstance(JpsUtil.java:190) at oracle.security.jps.JpsContextFactory$1.run(JpsContextFactory.java:74) at oracle.security.jps.JpsContextFactory$1.run(JpsContextFactory.java:72) at java.security.AccessController.doPrivileged(Native Method) at oracle.security.jps.JpsContextFactory.getContextFactory(JpsContextFactory.java:71) at oracle.odi.core.security.JPSContextCredToolImpl.manageJPSContextCred(JPSContextCredToolImpl.java:23) at oracle.odi.core.security.JPSContextCredTool.main(JPSContextCredTool.java:43) Caused by: org.xml.sax.SAXParseException: The element type "extendedProperty" must be terminated by the matching end-tag "". at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:195) at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:174) at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:388) at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1414) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(XMLDocumentFragmentScannerImpl.java:1749) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2939) at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648) at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140) at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:511) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:808) at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737) at com.sun.org.apache.xerces.internal.jaxp.validation.StreamValidatorHelper.validate(StreamValidatorHelper.java:144) at com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorImpl.validate(ValidatorImpl.java:111) at javax.xml.validation.Validator.validate(Validator.java:127) at oracle.security.jps.internal.common.util.XmlSchemaValidationUtil$1.run(XmlSchemaValidationUtil.java:132) at java.security.AccessController.doPrivileged(Native Method) at oracle.security.jps.internal.common.util.XmlSchemaValidationUtil.doValidation(XmlSchemaValidationUtil.java:124) at oracle.security.jps.internal.common.util.XmlSchemaValidationUtil.doValidation(XmlSchemaValidationUtil.java:99) at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.initDefaultConfiguration(XmlConfigurationFactory.java:418) ... 16 more JPS Context Credential tool received an exception:oracle.security.jps.config.JpsConfigurationException: The element type "extendedProperty" must be terminated by the matching end-tag "". -------------- Thanks for ur help G
Another odd thing is that there is no longer the option to add users to "BI Administrators" "BI Authors"... looks like those groups are missing.
-
How to read the extended-cache-config.xml file. in C++ API
I want to create my own XML config file and define the config values in that, so that C++ Client (using Coherence C++ API) application can access the config files.
Also how to get the instance of configuration values which Coherence client has read,
i.e.
TangosolCoherenceOverride=$PATH/examples/config/tangosol-coherence-override.xml
TangosolCoherenceCacheconfig=$PATH/examples/config/extend-cache-config.xml
How to get the instance of this XMLDocument ? and read values from it.
Thanks,
NaveenHi,
You can get the cache-config that was read by getting it from the ConfigurableCacheFatory (which you can get from the CacheFactory) via getConfig(). See:
http://download.oracle.com/otn_hosted_doc/coherence/352CPP/classcoherence_1_1net_1_1_cache_factory.html
http://download.oracle.com/otn_hosted_doc/coherence/352CPP/classcoherence_1_1net_1_1_configurable_cache_factory.html
There is no way to get the actual XmlDocument object from the cluster that is read for the cluster-config (though you could open the same path yourself).
thanks,
-Rob -
How to configure resource bundle in facescontext.xml in JSF
I have to take each label from the resource bundle in my web application, so how to configure resource bundle in JSF and how to use it, so please help me.....
Follow the below mentioned steps ::
1) make a properties file say mymessages.properties alongwith your java files. Put content like
click=Click Me !!!
#where click is the key and Click Me !!! is the actual value that needs to be displayed
2) Add in faces-config.xml like this ::
<application>
<message-bundle>mymessages.mymessages</message-bundle>
</application>
3) Use in your jsp page like this ::
<f:view>
<f:loadBundle basename="mymessages/mymessages" var="msg"/>
hello :: <h:commandButton value="#{msg.click}" onclick="callJavaMethod()"></h:commandButton>
</f:view> -
How to read domain info from "config.xml"
Is it possilble to access information about the domain (say, the notes) from
the
config.xml? If it is, how? Also, is it possible to add an attribute to the
root ("domain")
element and, again, access it programmatically?
Thank you,
Vladimir Grabarchuk"vladchuk" <[email protected]> wrote in message
news:3aca8370$[email protected]..
Is it possilble to access information about the domain (say, the notes)from
the
config.xml? If it is, how?Just get the DomainMBean and invoke getNotes() on it. For information on how
to get MBeans see
http://e-docs.bea.com/wls/docs60/isv/overview.html &
http://e-docs.bea.com/wls/docs60/isv/program.html
Also, is it possible to add an attribute to the
root ("domain")
element and, again, access it programmatically?
Thank you,
Vladimir Grabarchuk -
How can we apply a user/group filter in jps-config.xml?
Or even better, if using WLS is there a way to use each Authenticator's filters?
Ours is not a Desktop Application, but we want to handle Authentication(Which authenticates the userid and password by making a Tuxedo call) and add the Principal to Subject in session, so that ADF Authorization and securityContext can be used as is,
but doing this with Custom Authentication Provider in weblogic needs me to have a lot of Tuxedo Service related jars in weblogic/system classpath which i feel is not right thing to do, as the same jars are required in application also, which means i will have the jars in class path twice and i need to deploy the jars to both places everytime there is any change.
Is there any way by which i can set Authenticated principal to Subject in the created session from within Application? -
How to configure IP address thrugh web.xml doubts
Hello there
I want to configure my web application. How can i initialise the IP Address and ports through web.xml file?
thanks!ashish.251985 wrote:
I want to configure my web application. How can i initialise the IP Address and ports through web.xml file?You cannot do that in the web.xml.
At least the port can be configured in one of the configuration files in the /conf directory of the application server. The exact details and procedure depends on the application server implementation. Read its documentations. -
How to use requestScope in faces-config.xml file?
a managed-bean need get value from request as its property
so i configure the manged-bean as below:(use requestScope object)
<managed-bean>
<description>this is for item test bean.</description>
<managed-bean-name> item </managed-bean-name>
<managed-bean-class> test.Item </managed-bean-class>
<managed-bean-scope> request </managed-bean-scope>
<managed-property>
<property-name>id</property-name>
<value-ref>requestScope.id</value-ref>
</managed-property>
</managed-bean>
but it didnot work.
after i restart tomcat with above configure file, it report
HTTP Status 404 error.
and seemed that the context donot start...
if i change the line
<value-ref>requestScope.id</value-ref>
to:
<value>7</value>
then everything will be OK...but this isnot fit my require.
any body can help me?
I use JSF 1.0 beta.Rather than starting a new thread, I thought I'd just add on to this one, since it already lays the grounds for my question. I'm using the
I noticed that my setId() method is being called once during the ApplyRequestValuesPhase, and then again in the UpdateModelValuesPhase. The first time, it sets the ID to null, despite the fact that I'm posting an id to the page. When it comes around the second time, it sets the id properly, and the data is loaded from the database and everything works great. If I'm not posting anything to the page, it is only hit once and the value is null.
Normally I wouldn't fuss over such small things like this, but there's a bit of a probelm. I have a few buttons which are rendered based on this id. If the id is zero (i.e. null or empty string is passed into the setId() method), I want the add button to appear, else I want the update/delete/cancel buttons to appear. If any of these buttons are false after the ApplyRequestValuesPhase, the button's action will not be executed. In other words, when I'm editing an entry and I press the update button the life cycle goes a little like this...
Object constructed
ApplyRequestValuesPhase calls setId(null),add button to be rendered, update/delete/cancel to not be rendered
// the call to save() is not queued up! (save() is the method associated with the action of my update button)
UpdateModelValuesPhase calls setId("34"), data loaded from database, add button is not to be rendered, update/delete/cancel are to be rendered
Since save() is never called, it renders the data loaded from the database, and the update/delete/cancel buttons are shown. So, from the user's perspective... nothing happened other than a page refresh. A.k.a. the update button is broken!
I can, of course, choose to not update the boolean flags which determine if the buttons are rendered or not when setId() is called with a null. Since the default is to render everything (which was a decision specifically to avoid the buttons not being rendered in the early stages of the JSF life cycle, and the action not being executed). That works when I post an id to the page because it's called a second time and the correct buttons are rendered. The problem is when no parameters are given... it isn't called a second time, so it renders all buttons when I only want it to render the add button.
So how can I get the values to post during the ApplyRequestValuesPhase? I thought that would be how it would work, but apparently not. Anyone know why it explicitly sets the id to null the first time aroud?
Here's all you should need...
<managed-bean>
<managed-bean-name>dropdownEntry</managed-bean-name>
<managed-bean-class>org.dc949.bugTrack.DropdownEntry</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
<managed-property>
<property-name>id</property-name>
<value>#{param.id}</value>
</managed-property>
</managed-bean>
public void setId(String id) {
try {
this.id = Long.parseLong(id);
load(); // loads data from DB
} catch(Exception e) {
if(id != null && !id.equals(""))
log.warn("Unable to convert id from String to long ("+id+")", e);
if(id != null) { // this was my solution while I was frusterated that my save method wasn't being called
if(this.getIdAsLong() == 0) {
this.showAdd = true;
this.showUpdate = false;
this.showDelete = false;
} else {
this.showAdd = false;
this.showUpdate = true;
this.showDelete = true;
<t:div>
<h:commandButton id="add" value="Add dropdown entry"
rendered="#{dropdownEntry.showAddButton}"
action="#{dropdownEntry.save}" />
<h:commandButton id="update" value="Update dropdown entry"
rendered="#{dropdownEntry.showUpdateButton}"
action="#{dropdownEntry.save}" />
<h:commandButton id="delete" value="Delete dropdown entry"
rendered="#{dropdownEntry.showDeleteButton}"
action="#{dropdownEntry.deleteDropdownEntry}" />
<h:commandButton id="cancel" value="Cancel"
rendered="#{dropdownEntry.showUpdateButton}"
action="#{dropdownEntry.reset}" immediate="true" />
</t:div>I could, and probably will get rid of the showDeleteButton flag and isShowDeleteButton() method and make it like the cancel button since these update/delete/cancel will always be shown/hidden together.
Edit: Now I feel like a fool. A little clean and build, and it's working perfectly. If any one of the above people read this, I thank you for your help from years past. <img class="emoticon" src="images/emoticons/happy.gif" border="0" alt="" />
Edited by: AdamNichols on Apr 18, 2008 9:57 PM -
How to configure SOA Suite 11g Worklist with LDAP Identity Store
Hi
Im trying to configure the worklistapp to use an ldap identity store (SOA Suite 11g)
The ldap is a open source ldap (Open DS in this case), is NOT : OID, OVD, Active Directory, WLS OVD, IPlanet.
for doing so, i did the next configurations:
workflow-identity-config.xml
<configuration realmName="realm1">
<provider providerType="JPS" name="JpsProvider" service="Identity">
<property name="jpsContextName" value="worklist" />
</provider>
</configuration>
jps-config.xml
<?xml version="1.0" encoding="UTF-8" standalone='yes'?>
<jpsConfig xmlns="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" schema-major-version="11" schema-minor-version="1">
<!-- This property is for jaas mode. Possible values are "off", "doas" and "doasprivileged" -->
<property name="oracle.security.jps.jaas.mode" value="off"/>
<property name="custom.provider" value="true"/>
<serviceProviders>
<serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">
<description>LDAP-based IdentityStore Provider</description>
</serviceProvider>
</serviceProviders>
<serviceInstances>
<serviceInstance name="idstore.ldap.opends" provider="idstore.ldap.provider">
<property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<property name="idstore.type" value="CUSTOM"/>
<property name="ldap.url" value="ldap://host:port"/>
<property name="subscriber.name" value="dc=company,dc=com"/>
<property name="search.type" value="SIMPLE"/>
<property name="security.principal" value="cn=adminuser,dc=company,dc=com"/>
<property name="security.credential" value="!adminuser_password"/>
<property name="user.login.attr" value="cn"/>
<property name="username.attr" value="cn"/>
<property name="groupname.attr" value="cn"/>
<extendedProperty>
<name>group.mandatory.attrs</name>
<values>
<value>cn</value>
<value>objectClass</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.object.classes</name>
<values>
<value>top</value>
<value>groupOfUniqueNames</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.filter.object.classes</name>
<values>
<value>groupOfUniqueNames</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.member.attrs</name>
<values>
<value>uniqueMember</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.search.bases</name>
<values>
<value>o=groups,dc=company,dc=com</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.mandatory.attrs</name>
<values>
<value>cn</value>
<value>objectClass</value>
<value>sn</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.object.classes</name>
<values>
<value>organizationalPerson</value>
<value>person</value>
<value>inetOrgPerson</value>
<value>top</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.filter.object.classes</name>
<values>
<value>inetOrgPerson</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.search.bases</name>
<values>
<value>o=users,dc=company,dc=com</value>
</values>
</extendedProperty>
</serviceInstance>
</serviceInstances>
<jpsContexts default="default">
<jpsContext name="worklist">
<serviceInstanceRef ref="credstore"/>
<serviceInstanceRef ref="keystore"/>
<serviceInstanceRef ref="policystore.xml"/>
<serviceInstanceRef ref="audit"/>
<serviceInstanceRef ref="idstore.ldap.opends"/>
</jpsContext>
</jpsContexts>
</jpsConfig>
but i get the error:
Jul 2, 2009 12:52:40 PM oracle.security.jps.internal.idstore.util.IdentityStoreUtil getIdentityStoreFactory
WARNING: The identity store factory name is not configured.
Jul 2, 2009 12:52:40 PM oracle.bpel.services.common.ServicesLogger __logException
SEVERE: <.> Error in authenticating user.
Error in authenticating and creating a workflow context for user realm1/user1.
Verify that the user credentials and identity service configurations are correct.
ORABPEL-30501
Error in authenticating user.
Error in authenticating and creating a workflow context for user sigfe.com/user1.
Verify that the user credentials and identity service configurations are correct.
at oracle.bpel.services.workflow.verification.impl.VerificationService.authenticateUser(VerificationService.java:603)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
So, anyone knows how i can specify the identity store factory?
or the correct parameters for a ldap identity store repository?
I used the 11G documentation for the security file :
http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/jpsprops.htm
thanksI am having exactly the same issue. Once I configure jps-config.xml file to use my custom authenticator and login into the worklist app, the following gets thrown. I was wondering if you need map some roles to the existing users in the Custom Authenticator.
Exception
exception.70692.type: error
exception.70692.severity: 2
exception.70692.name: Error while granting BPMOrganizationAdmin role to SOAOperator.
exception.70692.description: Error occured while granting the application role BPMOrganizationAdmin to application role SOAOperator.
exception.70692.fix: In the policy store, please add SOAOperator role as a member of BPMOrganizationAdmin role, if it is not already present. -
Hi,
my customer wanted set InitialPhoneSelection to deskphone mode, when users firs run Jabber for Windows (ver. 9.2.1).
I created custom config (configurationfile=jabber-config-deskphone.xml) but it doesn't work.
Policies>
<InitialPhoneSelection>deskphone</InitialPhoneSelection>
</Policies>
I tested it couple times and at the end I tried put configuration to default jabber-config.xml and ... this functionality start working...
Could you check guys if you have same problem with custom config file? I think that it is bug. Maybe other option don't work in custom config file.
Thanks a lot
PavelHi Pavel,
This setting is only when the client is installed and started by the user for the first time. After that the client will save the user preference (what was the phone selection when the user exited the client) and use it in subsequent logins.
Having said that, can you please specify in details how exactly you did your tests or maybe test again taking the above into consideration ?
Thanks,
Christos -
How toremove messages from JMS Queue?how to configure queue in spring?
Hi
I have Confiured a JMS configaration in spring applicationConfiguaration.xml file
<bean id="connectionFactory" class="org.apache.activemq.ActiveMQConnectionFactory">
<property name="brokerURL" value="tcp://localhost:61616"/>
<property name="useAsyncSend" value="true"/>
</bean>
<bean id="queue" class="org.apache.activemq.command.ActiveMQQueue">
<constructor-arg value="foo"/>
</bean>
<bean id="broker" class="org.apache.activemq.xbean.BrokerFactoryBean">
<property name="config" value="classpath:activemq.xml" />
<property name="start" value="true" />
<!-- <property name="messageListener" ref="auditInterface"/> -->
</bean>
<bean id="auditInterface"
class="org.springframework.jms.remoting.JmsInvokerProxyFactoryBean">
<property name="serviceInterface" value="com.infiniti.gpn.auditing.AuditInterface"/>
<property name="connectionFactory" ref="connectionFactory"/>
<property name="queue" ref="queue"/>
</bean>
<bean id="listenerContainer" class="org.springframework.jms.listener.SimpleMessageListenerContainer">
<property name="connectionFactory" ref="connectionFactory"/>
<property name="destination" ref="queue"/>
<property name="messageListener" ref="auditMessageListener"/>
</bean>
Sender is sedning messages continusly messages that messages r storing in queue , these r acupying more memory in RAM , due to that jboss is restarting for each request, is there any way to clean up messages in Queue ? if it is there then how will configure that queue in apllicationConfiguaration.xml file?
Thanks in advance
NaraI suggest posting your question on the [Spring Remoting and JMX forum|http://forum.springframework.org/forumdisplay.php?f=30].
Maybe you are looking for
-
Help understanding panic report
Hello, I have a straight forward question. A person is trying to render in Adobe Aftereffects and it has a kernel panic. Below is the report. Can someone help me understand it? Thanks. Interval Since Last Panic Report: 30319302 sec Panics Since
-
I'm looking for a way to have a JButton in my java applet that will load up a new page from the applet page when it is clicked. Basically I'm making a game, and the registration system will be done in php, so I don't want to create the same registrat
-
after installing cs4, paste in office 2033 word, excel is grayed out. when uninstalling cs4 all is normal. malware has been done with no errors, windows xp with service pack 2, IE7, adobe reader 8. are there any custom checks i should look for. t
-
Alternative BOM in Subcontarcting PO
Greetings.... How to select the alternative BOM in Subcontarcting Purchase Order,...
-
I'm connected to the internet but I keep getting the message cannot connect to web services
When I Scan to Email in my Photosmart 7520 all-in-one printer, I get the message, "Unable to connect to web services. Confirm internet access and try again."