How to display exception on error page raised from custom login module?
Hi All,
I've created my own login module and I am using form authentication mechanism.
Here is how my login and error pages defined in web.xml:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/logon.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
But when my login module throws an exception (LoginException) the following code in <i>error.jsp</i> returns null:
<%=request.getAttribute("javax.servlet.error.message")%>
though this code works good on Weblogic.
Declaring the <i>error.jsp</i> also in the <error-page> tag didn't help.
So what did I miss to configure?
Or maybe NetWeaver doesn't allow to get the exception from the <form-error-page> at all?
If I understand your question correctly, you can use the CQ.Notification JavaScript object for this. See documentation here: http://dev.day.com/docs/en/cq/current/widgets-api/index.html?class=CQ.Notification
Similar Messages
-
How to modify display label in error message raised from capi?
How to modify display label in error message raised from capi?
qms_transaction_mgt.process_rule_violation
( p_br_name => 'BR_PBR_DEL006'
, p_msg_code => 'PMS-00417'
, p_display_label => display_label
, p_table_name => 'pan_project_members'
, p_table_rowid => get_rowid
regards,
marcelWhen you mean which columns are displayed, this is actually quite easy.
Display_label will display by default the unique key columns, or if no unique key exists, the primary key. To overrule this behaviour, you have to specify the columns you want to display by assigning them a 'descriptor sequence'.
For example, to display the ename on EMP warnings, assign descriptor sequence 10 to the EMP.ENAME column and regenerate the CAPI package.
Jeroen van Veldhuizen -
How to display content in same page when a custom command is clicked
I have created a custom command and returned the following parameters in getLinkAttributes method but the content still opens in a window. How can I display the content in the same window/
String editwindow = "open("iViewURL","windowName","javaScriptParam")";
return new LinkAttributes(editwindow,"_self",true);
Thanks in advance
VidyaHi,
This is part of JPDK. You will have to install it. Which version of portal are you using? You can also try this out using
URL portlet which is available with webview in 309.
Thanks,
Sharmila -
Error in some of the login modules
`Hi Experts,
I have deployed SPNEGO and when user trying to login to portal, it gives the error as taken from diagtoo(below)
Also would like to inform you that when I have configured the wizard, some how in VA for lots of the Components in Security
provider, I found lots of those components does have the value for the Evaluateticket, evaluateAssertion, basicpassword,
createticketlogon did not had any values to it.
The components which I have updated are,
1. sap.com.lcr*sld---> I have added for EvaulateTicketloginModule and EvaluateAssertion ticket module like
ume.configuration.active true
trustediss1 OU=J2EE,CN=ABC
trusteddn1 OU=J2EE,CN=ABC
trustedsys1 ABC,555
and for CreateTicketLoginModule
ume.configuration.active true
Like wise done for the following components also.
2. sap.com/sap.comtckmc.coll.room.wsdeplRoomABAPWS_config1
3. sap.com/sap.commonitoringsysteminfo*sap_monitoring( here only 3 login modules present. so updated accordingly
to the above mentioned values for whatever loginmodule was present)
4. jmx~spnego was not having the template as SPNEGO so selected SPNEGO template and updated whatever ( 5 login module accordingly)
5. sap.com/tcsecwssec~app*wssproc_cert
6. sap.com/tcsecwssec~app*wssproc_plain
7. sap.com/tcsecwssec~app*wssproc_ssl
8. sap.com/tcslmslmapp*slmServices_Config
9. sap.com/tcslmslmapp*slmSolManServices_Config
10. ....~eap*GPRuntimeFacadeWS_
11. ..RuntimeearCAFDataService
Entering method with (Subject:
, javax.security.auth.login.LoginContext$SecureCallbackHandleraT6d992c17)
13:47:15:804 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, trustedsys1=ABC,555, trusteddn1=OU=J2EE,CN=ABC}].
13:47:15:804 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~s.constructor(Map, Properties, boolean) Entering method with ({System-ID=ABC, sap.security.auth.configuration.name=spnego, sap.security.auth.context.object=Security Context : session (0) for J2EE_GUEST created at Sun Mar 15 13:01:44 AST 2009}, <null>)
13:47:15:804 Info J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas got [ume.configuration.active]: [true]
13:47:15:804 Warning J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas no authscheme found that has auth template spnego
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method with [Ljava.lang.Object;aT631dd237
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~ity.core.server.jaas.getMergedOptions() Entering method
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method with [Ljava.lang.Object;aT3ad44bb7
13:47:15:805 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack after merge with UME properties are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, system=ABC, client=555, j_authscheme=default, inclcert=0, trusteddn1=OU=J2EE,CN=ABC, ume.logon.httponlycookie=TRUE, alias=SAPLogonTicketKeypair, ume.logon.security.enforce_secure_cookie=FALSE, validity=8, keystore=TicketKeystore, trustedsys1=ABC,555, password=}].
13:47:15:805 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas The options of EvaluateTicketLoginModule in [spnego] authentication stack after adding the default values are: [{ume.configuration.active=true, trustediss1=OU=J2EE,CN=ABC, system=ABC, client=555, j_authscheme=default, inclcert=0, trusteddn1=OU=J2EE,CN=ABC, ume.logon.httponlycookie=TRUE, alias=SAPLogonTicketKeypair, sap.security.auth.configuration.name=spnego, ume.logon.security.enforce_secure_cookie=FALSE, validity=8, keystore=TicketKeystore, trustedsys1=ABC,555, password=}].
13:47:15:805 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas Exiting method
13:47:15:806 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper My GSS name is: J2ee-abcaTBah.ARAB.LOCAL
13:47:15:806 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper GSS name type is: 1
13:47:15:807 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~er.jaas.spnego.util.ConfigurationHelper GSS mechanism is: 1.2.840.113554.1.2.2
13:47:15:808 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is true principal is J2ee-abcaTBah.ARAB.LOCAL tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Refreshing Kerberos configuration
13:47:15:808 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Refreshing Keytab
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTabInputStream, readName(): Bah.ARAB.LOCAL
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTabInputStream, readName(): J2ee-abc
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out >>> KeyTab: load() entry length: 60; type: 3
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out principal's key obtained from the keytab
13:47:15:809 Info J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] System.out Acquire TGT using AS Exchange
13:47:15:811 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Error in some of the login modules.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseLoginException.<init>(BaseLoginException.java:114)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:812 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Error in some of the login modules.
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
... 24 more
13:47:15:813 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception com.sap.engine.services.security.exceptions.BaseLoginException: Error in some of the login modules.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:149)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:75)
at sun.security.jgss.GSSManagerImpl.getCredentialElement(GSSManagerImpl.java:149)
at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: java.lang.NullPointerException
at java.lang.StringBuffer.append(StringBuffer.java:467)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:627)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:511)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:150)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
... 24 more
see below for more error13:47:15:814 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseSecurityException.<initat com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:815 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:816 Error J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] ~es.security.authentication.logincontext LOGIN.FAILED
User: N/A
Authentication Stack: com.sun.security.jgss.accept
Login Module Flag Initialize Login Commit Abort Details
com.sun.security.auth.module.Krb5LoginModule REQUISITE ok exception false null
com.sap.security.core.server.jaas.SPNegoMappingLoginModule REQUISITE ok true
13:47:15:816 Path J2EE_GUEST ~ngine_Application_Thread[impl:3]_Group] com.sap.engine.services.security Exception : Access Denied.
java.lang.Exception
at com.sap.exception.BaseExceptionInfo.traceAutomatically(BaseExceptionInfo.java:1141)
at com.sap.exception.BaseExceptionInfo.<init>(BaseExceptionInfo.java:253)
at com.sap.engine.services.security.exceptions.BaseLoginException.<init>(BaseLoginException.java:114)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:286)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at sun.security.jgss.GSSCredentialImpl.add(GSSCredentialImpl.java:334)
at sun.security.jgss.GSSCredentialImpl.<init>(GSSCredentialImpl.java:44)
at sun.security.jgss.GSSManagerImpl.createCredential(GSSManagerImpl.java:102)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.acquireCredentials(ConfigurationHelper.java:230)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper.access$000(ConfigurationHelper.java:28)
at com.sap.security.core.server.jaas.spnego.util.ConfigurationHelper$RunnableHelper.run(ConfigurationHelper.java:330)
13:47:15:817 Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~rity.core.server.jaas.SPNegoLoginModule Exception in SPNegologinModule.initialize.
[EXCEPTION]
GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:189)
at sun.security.jgss.krb5.Krb5AcceptCredential.getInstance(Krb5AcceptCredential.java:80)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at sun.security.jgss.LoginUtility.run(LoginUtility.java:57)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jgss.krb5.Krb5AcceptCredential.getKeyFromSubject(Krb5AcceptCredential.java:186)
... 9 more
Caused by: com.sap.engine.services.security.exceptions.BaseSecurityException: Internal server error. An error log with ID [00144FB7C99A00B30000000C000040770004653A2C7E1DD8] is created. For more information contact your system administrator.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:157)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:172)
... 22 more
13:47:15:819 Error J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.engine.services.security Cannot initialize login module com.sap.security.core.server.jaas.SPNegoLoginModule .
[EXCEPTION]
java.lang.RuntimeException: No valid credentials provided (Mechanism level: Attempt to obtain new ACCEPT credentials failed!)
at com.sap.security.core.server.jaas.SPNegoLoginModule.initialize(SPNegoLoginModule.java:446)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.initialize(LoginModuleLoggingWrapperImpl.java:129)
at com.sap.engine.services.security.login.LoginContextFactory.initializeLoginContext(LoginContextFactory.java:167)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:141)
at com.sap.engine.system.SystemLoginModule.login(SystemLoginModule.java:90)
at sun.reflect.GeneratedMethodAccessor368.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:131)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:303)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
at java.security.AccessController.doPrivileged(Native Method)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.sap.portal.navigation.Gateway.service(Gateway.java:126)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
13:47:15:821 Path J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 ~.security.core.server.jaas.initialize() Entering method with (Subject:
, javax.security.auth.login.LoginContext$SecureCallbackHandleraT6d992c17, {System-ID=ABC, sap.security.auth.configuration.name=spnego, sap.security.auth.context.object=Security Context : session (0) for J2EE_GUEST created at Sun Mar 15 13:01:44 AST 2009}, {ume.configuration.active=true})
13:47:15:821 Debug J2EE_GUEST SAPEngine_Application_Thread[impl:3]_39 com.sap.security.core.server.jaas -
RECORD HISTORY DISPLAYS EXCEPTION ON SUPPLIER PAGES :- R12.1.3
Hello everyone,
We have done personalization on the supplier pages to display the record history icon at site level .
The record History icon is displayed but when I click on that the following error is diplayed:
You have encountered an unexpected error. Please contact the System Administrator for assistance. Click here for exception details .
Any help on this is greatly Appreciated.
Regards985903 wrote:
Hello everyone,
We have done personalization on the supplier pages to display the record history icon at site level .
The record History icon is displayed but when I click on that the following error is diplayed:
You have encountered an unexpected error. Please contact the System Administrator for assistance. Click here for exception details .
Any help on this is greatly Appreciated.
RegardsPlease check Apache log files as well as the application.log file for details about the error.
Please also see the following docs.
R12: Not Able To Enable Record History in R12 Supplier OAF Pages [ID 1319895.1]
Record History Displays Exception On Supplier Pages like Address Book, Supplier Summary Page. [ID 825024.1]
Thanks,
Hussein -
How to redirect to an error page when database is down
We have build an struts/jsp-application with JDeveloper 10g and ADF. If the connection to the database fails, we get a plain page with header "500 Internal Server Error" and the exception and a stack trace. Of course we want to catch this exception and redirect the user to an error page with all of the standard design elements of our site and with a textual description of the error of our one choice.
Our attempts to solve this includes adding error-page tags with error-code and exception-type:
<error-page>
<exception-type>javax.servlet.jsp.JspTagException</exception-type>
<location>error.jsp</location>
</error-page>
<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>error.jsp</location>
</error-page>
<error-page>
<exception-type>oracle.jbo.JboException</exception-type>
<location>error.jsp</location>
</error-page>
<error-page>
<exception-type>oracle.jbo.DMLException</exception-type>
<location>error.jsp</location>
</error-page>
<error-page>
<exception-type>java.sql.SQLException</exception-type>
<location>error.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>error.jsp</location>
</error-page>
Are there other ways to do this, or are there things we have forgotten to do, that has to be done for this solution to work.
We have also tried try and catch in a variety of the lifecycle methods in the DataAction subclass for the page, but none of these are ever called. It seems the error happens before the first lifecyle method starts. We can't figure out where to catch this exception.
In other cases the web.xml mechanism seems to work.Try the Global Exception Mechanism within Struts...
-
How to get Custom Login Module to communicate with frontendtarget
We have created a custom login module and placed it in our login module stack.
So we have the following 3 Login Modules in our stack:
EvaluateTicketModule
OurCustomLoginModule
CreateTicketModule
Also we are using the standard SAP login screen for our frontendtarget, see our authschemes.xml entry:
<authscheme name="cglogon">
<authentication-template>
form
</authentication-template>
<priority>21</priority>
<frontendtype>2</frontendtype>
<frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
</authscheme>
Question:
There are standard screens in the SAP login PAR:
changePasswordPage.jsp
umLogonProblemPage.jsp
umResetPasswordPage.jsp
How do I trigger one of these screens from my Login() method of my
custom login module? I thought if I throw some specific exception, these screens would
be called?A bit more info.
We created a new Authentication Scheme for certain iviews that are deemed more "sensitive" that required a step-up authentication.
I changed the Iview property "Authentication Scheme" to our custom one.
If I navigate into one of these more sensitive Iviews, I get the standard SAP login screen: <frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
Whis is what i expect.
I enter a username and password and click Logon button. I see that it successfully hits our custom login module and goes through Login(), and Commit() methods and finally displays the iview i originally requested.
However, on a failure, i want it to return focus to the SAP login screen with an error explaining why...(i.e. wrong password, account locked, etc.)
However, It always give iview runtime exception with Access Denied.
#1.5 #0018FE8C6FD800690000029000004D6C00045B6E5E7D6014#1226429496628#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Debug##Java###Login module {0} from authentication stack {1} does not authenticate the caller.#2#companyname.com.CGLoginModuleClass#form#
#1.5 #0018FE8C6FD800690000029100004D6C00045B6E5E7D6275#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule.abort()#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Plain###Entering method#
#1.5 #0018FE8C6FD800690000029200004D6C00045B6E5E7D6308#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Debug##Plain###Internal Login Module data has been reset.#
#1.5 #0018FE8C6FD800690000029300004D6C00045B6E5E7D6386#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Java###Exiting method with {0}#1#true#
#1.5 #0018FE8C6FD800690000029400004D6C00045B6E5E7D6438#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule.abort()#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Plain###Entering method#
#1.5 #0018FE8C6FD800690000029500004D6C00045B6E5E7D64B2#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Java###Exiting method with {0}#1#true#
#1.5 #0018FE8C6FD800690000029700004D6C00045B6E5E7D6750#1226429496630#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Info#1#/System/Security/Authentication#Plain###LOGIN.FAILED
User: N/A
Authentication Stack: form
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok exception true authscheme not sufficient: uidpwdlogon<cglogon
\#1 ume.configuration.active = true
2. companyname.com.CGLoginModuleClass REQUISITE ok exception true Authentication did not succeed.
3. com.sap.security.core.server.jaas.CreateTicketLoginModule OPTIONAL ok true
\#1 ume.configuration.com = true#
#1.5 #0018FE8C6FD800690000029900004D6C00045B6E5E7DA973#1226429496647#System.err#sap.com/irj#System.err#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Error##Plain###Nov 11, 2008 10:51:36... com.sap.portal.portal [SAPEngine_Application_Thread[impl:3]_24] Error: Exception ID:10:51_11/11/08_0002_176065950
#1.5 #0018FE8C6FD800690000029B00004D6C00045B6E5E7DCA91#1226429496647#com.sap.portal.portal#sap.com/irj#com.sap.portal.portal#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Error#1#/System/Server#Java###Exception ID:10:51_11/11/08_0002_176065950
[EXCEPTION]
{0}#1#com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: pcd:portal_content/com.companyname.portal.capitalgroup/com.companyname.com.security/com.companyname.portal.cghressnaaa/com.sap.pct.ess.employee_self_service/com.companyname.pg_sensitiveWebdynpro/com.cg.ivu_saplogon_0 - user: Guest
at com.sapportals.portal.prt.deployment.DeploymentManager.getPropertyContentProvider(DeploymentManager.java:1936)
at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:230)
at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:312)
at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:385)
at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:435)
at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:545)
and here's my login method...
public boolean login() throws javax.security.auth.login.LoginException
this.succeeded = false;
String passwordString = "";
if (callbackHandler == null)
throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
HttpGetterCallback httpgettercallback = new HttpGetterCallback();
NameCallback nc = new NameCallback("User:");
PasswordCallback pc = new PasswordCallback("Password:", false);
Callback[] callbacks = new Callback[] { nc, pc };
try
callbackHandler.handle(callbacks);
catch (IOException e)
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
catch (UnsupportedCallbackException e)
return false;
String userid = nc.getName();
char[] password = pc.getPassword();
pc.clearPassword();
if (userid.length() == 0)
throwNewLoginException("USERID IS MISSING!", LoginExceptionDetails.IO_EXCEPTION);
else
username = userid;
if (password.length == 0)
throwNewLoginException("PASSWORD IS MISSING!", LoginExceptionDetails.NO_PASSWORD);
else
passwordString = new String(password);
String eccLoginResult = validateECCAuthentication(username, passwordString);
if (!eccLoginResult.equals(""))
myLoc.infoT(this.username + " - failed ECC authentication.");
throwNewLoginException("Wrong UserId/Password", LoginExceptionDetails.WRONG_USERNAME_PASSWORD_COMBINATION);
else
myLoc.infoT(this.username + " - failed ECC authentication.");
this.succeeded = true;
if (this.succeeded)
try
refreshUserInfo(this.username);
catch (SecurityException e)
throwUserLoginException(e);
if (sharedState.get(AbstractLoginModule.NAME) == null)
sharedState.put(AbstractLoginModule.NAME, this.username);
this.nameSet = true;
else
throwNewLoginException("Wrong UserId/Password", LoginExceptionDetails.WRONG_USERNAME_PASSWORD_COMBINATION);
return this.succeeded; -
How to call custom Login Module from JSP
Hi,
I am stuck with the following issue:
1) Exactly as presented in help.sap.com (http://help.sap.com/saphelp_nw04/helpdata/en/3f/1be040e136742ae10000000a155106/content.htm) I created custom login module and deployed it as a library on J2EE server. When I configured it to be used for my applications in the Security provider but I am getting "No user name provided" exception everytime when my applications use this custom login module.
2) I realized that I would need to call my custom module somewhere within my application (simple JSP) using LoginContext class and then use MyLoginContext.login() spec to initiate login process. But I am not able to pass CallbackHandler parameters from JSP application to my custom login module.
So I have the following questions:
1. Can I pass parameters using LoginContext and CallbackHandler from JSP to my custom login module (created as exact copy of HELP.SAP.COM example) or this module cannot be used this way.
2. How to pass CallbackHandler correctly to my custom login module from JSP. When I am trying to use CallbackHandler, I am getting "Abstract Class cannot be called" error.
I'd appreciate any little help on this matter.
Thanks and regards,
MikeYou have two alternatives to do this:
You can declare your JSP as a protected resource with the use of the deployment descriptors of the application (web.xml) and add the custom login module in the authentication stack of the application. This way, you will use container-based authentication, i.e. the Web Container will enforce the authentication and it will call the custom login module before it dispatches to the JSP. I recommend you this approach because it requires less coding and it makes the whole thing a matter of configuration. The configuration can be later on enhanced or changed runtime without the need to re-build and re-deploy the application. If you choose this approach you can go to the documentation of the server for help on how to modify the login module stack of the application.
You can also use programmatic authentication by using JAAS API. To do this you need to create a custom security policy configuration with login module stack containing the custom login module, and then use the standard JAAS mechanism - new LoginContext(<configuration>, <callback-handler>).login(). This approach requires that you write your own callback handler and handle any LoginException.
Let us know which approach you prefer and whether you have difficulties implementing it! -
J2EE 6.40 Custom Login Module - how to config
hello all,
i am using WAS J2EE 6.40 Sneak Preview edition. Read all i can find about custom login module, in the forum and the online help. still confused. pls help.
here is the background info:
- i am writing a web app. the EAR file contains 5 ejbs, 1 war and bunch of java classes in jars.
- access to my web app is protected through url pattern (in web.xml), i've defined the same named security role in web.xml and on j2ee engine.
- my login module does the user name and password checking. both are stored in database through some other means.
- login is FORM based
following the discussion in another thread on the topic, i did the following:
#1 develop my login module code. packaged it in a jar, then sda file. deploy the sda as a llibrary to the engine.
#2 add my login module to the security store through the security provider service.
#3 configure my web app to use the custom login module in web-j2ee-engine.xml
#4 deploy my web app through the ear file
at this point, in the visual administrator, i can see the library, the custom login module (added to the UME User Store), and also my web app has authentication set to use the custom login module (under policy configurations tab).
now i try to login to my web app. it correctly complains when i enter non-existent user or wrong password and brings me to the login failed jsp page. but when i enter both correctly (as stored in my database), i get http 403 error code. i know it is 403 because i set that error code to a special jsp page in web.xml.
question is why? now i create a user on the j2ee engine with the same name as in my user database. then i can login ok. i am confident that my login module is called since i see the println lines in j2ee engine server logs.
??? so i must be missing something obvious. is it because my web app is protected through security-role? i even tried removing all such roles, but still same problem.
??? or do i completely mis-understand how custom login modules are supposed to work. i thought it means i can authenticate users any way i want without having to use the j2ee engine's user mgmt. pls tell me if i am totally wrong.
??? or maybe my login module code is missing some key stmts. how should it tell the j2ee engine that a user is authenticated? in the login() method, it returns true if user name/passwd match. in the commit() method, it adds the principal to the subject. i don't what else is required.
does anyone have a working scenario using custom login modules?
thanks very much for your inputs and thoughts.
wentaoHi Astrid,
I guess I have the same understanding of JAAS as you. I want to deploy an application that internally makes use of JAAS to authenticate users. There is a LoginModule that authenticates users against some database tables containing all the user data and profile. The application was not designed to be deployed to NetWeaver. So it does not make use of UME or some other NetWeaver specific feature. Actually it handles user management and authoroization issues completely on its own. The only reason for having JAAS is to allow customers to plug in their own LoginModule to use some other kind of user store.
When deploying the web application to a simple servlet engine like Tomcat, all I have to do is to register my LoginModule in the "jaas.conf" file that is parsed by JAAS default implementation. I also tell the JVM where my jaas.conf file is located by appending a "-Djava..." runtime parameter to the JVM startup script.
When using other application servers like IBM WebSphere things become a bit different. Normally you use the administration GUI of that server to configure your LoginModules. WebSphere for example keeps the login configuration in an internal database rather than writing everything into a "jaas.conf" text file. But the way the application can use the LoginModule is the same as in Tomcat.
But when it comes to Netweaver, it seems to me that it's not possible to define a LoginModule that your application can use WITHOUT having to couple it tightly to UME. Or did I get something wrong? Initially I've tried to modify the JVM's parameters (using SAP J2EE Config Tool) to include the location of my "jaas.conf" file containing the my login configuration. But that did not work. The parameter was really passed to the JVM but anyway my LoginModule was not found, I guess that NetWeaver has some own implementation of the JAAS interfaces that just ignore the plain text JAAS configuration files (like WebSphere also does).
The documentation that I have downloaded from SDN doesn't seem to match the 6.4 sneak preview version that I just downloaded some days ago. They say you should deploy your LoginModule as a library and add a refernce to the application. I tried that out but it did not help. The login configuration that the application wants to access is still not found. Actually there seems to be no way to specify the name for a JAAS Login Configuration in NetWeaver. At least I cound not find that in the documentation.
So basically my question is: is it possible to deploy an application that wants to use some own LoginModule (either deployed separately or together with the application, that does not matter) without making use of Netweaver specific features like UME? The application has its own user management infrastructure and just needs a way to setup a JAAS Login Configuration to access its own LoginModule.
Thanks in advance
Henning -
How to save the instance in standard lead from custom business object
Hi Experts,
I am unable to save the instance(Record) in standard Lead business object from custom business object.
Steps:
created one custom business object with mandatory fields for creating instance in standard lead.
in quick create screen i bind data elements to standard lead business object elements.
issue:
when i click on preview i am getting exception as Arguments not found
can you please tell me that How to save the instance in standard lead from custom business object with step by step .Hi Vijay,
Please refer this link under that mentioned that how to create lead using ABSL code
Web 2 Lead in SAP Cloud for Customer, step by step - Part 1 - myCloudDoor myCloudDoor
Under the "Action-CreateLead.absl" mentioned how to create lead
the above link for convert web 2 lead functionality and under they create lead using web data from ABSL code.
Regards,
Mithun -
Error using 10.1.3 Security Provider:3rd party LDAP or Custom Login Module
Hello all,
After deploying my JSF/ADF application using Jdeveloper 10.1.3 to Oracle Application Server 10.1.3, I used the Application Server control to change the 'Security Provider' configuration:
1. Using 3rd Party LDAP Provider (Novell eDirectory)
I get the following error when restarting the application with the new config.
06/06/21 16:42:32 Error while configuring security provider MBean for application AccessList
06/06/21 16:42:32 java.lang.ClassNotFoundException: oracle/security/jazn/jmx/CustomLDAPSecurityProvider
2. Using Custom Login Module (again programmatically talks to eDirectory and it works in UIX/10.1.2 application)
I get the following error when restarting the application with the new config.
06/06/21 14:31:19 Error while configuring security provider MBean for application AccessList
06/06/21 14:31:19 java.lang.ClassNotFoundException: oracle/security/jazn/jmx/LoginModuleSecurityProviderAlso, I get this error with both the settings..
06/06/21 14:31:19 WARNING: Application.setConfig Application: AccessList is in failed state as initialization failedjava.lang.
InstantiationException
Jun 21, 2006 2:31:19 PM com.evermind.server.Application setConfig
WARNING: Application: AccessList is in failed state as initialization failedjava.lang.InstantiationException
06/06/21 14:31:19 java.lang.InstantiationException
06/06/21 14:31:19 at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
06/06/21 14:31:19 at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
java.lang.ClassNotFoundException error leads me to believe, I am just missing to include some libraries..
I have included "bc4j.security" in my web project and I am not sure if that is what is needed!
Will appreciate your help..
Thanks,
KarthikThe problem i had with my Custom login module was that JDeveloper includes the datasources listed in the connection tab.
When JDeveloper does that it writes the username and password in the jazn-data.xml. But with the Custom Login module the reference in de data-source declaration cannot find the password. that's why i got the InstantiationException at the initDataSources point.
In tools>preferences>deployment you can uncheck the option:
Bundle Default data-sources.xml During Deployment.
The problem with this is when i specify a datasource in the data-sources.xml i included myself, jdeveloper will also put de datasources under the Connections tab in the data-sources.xml.
Does anyone knows how to stop jdeveloper putting the datasources automatic in the file, or how to prevent jdeveloper storing the password in jazn-data.xml? -
Custom login module error: Login permission not granted for myapp (myuser)
I have developed a custom login module for my application. I have followed the steps outlined in security guide and other postings. I could not log into the application when I access EJBs from an RMI client. I get the following error.
Login permission not granted for myapp (myuser)
I did grant the login permission to myuser.
I am using OC4J 10.1.3.1.0
Here are the steps I followed and the configuration files. Can anybody help me out?
1. Created a custom login module and packaged it in EAR along with other classes. In the commit method, I added my user into principals of subject. Here is the code,
==================================================================
public boolean commit() throws LoginException {
try {
if (!loginOk) {
return false;
Set<Principal> principals = subject.getPrincipals();
principals.add(user);
loginOk = true;
} finally {
// Some audit logs are written here.
return loginOk;
===============================================================
2. Added custom login module in orion-application.xml. Here are the relevant portions of orion-application.xml
===============================================================
<jazn provider="XML">
<property name="role.mapping.dynamic" value="true" />
<property name="custom.loginmodule.provider" value="true" />
<property name="role.compare.ignorecase" value="true" />
</jazn>
<jazn-loginconfig>
<application>
<name>myApp</name>
<login-modules>
<login-module>
<class>com.test.myServerLoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>maxRetries</name>
<value>3</value>
</option>
<option>
<name>debug</name>
<value>true</value>
</option>
</options>
</login-module>
</login-modules>
</application>
</jazn-loginconfig>
<namespace-access>
<read-access>
<namespace-resource root="">
<security-role-mapping name="myUser">
<group name="users"/>
<group name="oc4j-app-administrators"/>
</security-role-mapping>
<security-role-mapping name="esp_operator">
<group name="users"/>
<group name="oc4j-app-administrators"/>
</security-role-mapping>
</namespace-resource>
</read-access>
</namespace-access>
===============================================================
3. After the application is deployed on the EAR, I can see the custom login module in system-jazn-data.xml. The command line jazn admin tool lists my custom login module for my application.
4. I have an RMI client, the client JNDI properties are
==============================================================
java.naming.factory.initial=oracle.j2ee.naming.ApplicationClientInitialContextFactory
java.naming.factory.url.pkgs=oracle.j2ee.naming
==============================================================
The value for java.naming.provider.url is constructed dynamically and it is ormi://myserver:23791/myapp
java.naming.security.principal is set to the user who is trying to login, myuser, in this case.
java.naming.security.credentials is set to the password entered by myuser, password in this case.
5. I used jazn admin tool to grant login permission to my user.
===============================================================
a. Added user
java -jar jazn.jar -user oc4jadmin -password welcome -adduser jazn.com myuser password
b. Grant roles
java -jar jazn.jar -user oc4jadmin -password welcome -grantrole users ja
zn.com myuser
java -jar jazn.jar -user oc4jadmin -password welcome -grantrole oc4j-app
-administrators jazn.com myuser
c. Grant RMI permission
java -jar jazn.jar -user oc4jadmin -password welcome -grantperm jazn.com
-user myuser com.evermind.server.rmi.RMIPermission login
===============================================================
After the permission is granted, the folowing piece of XML is added to system-jazn-data.xml.
===============================================================
<grant>
<grantee>
<principals>
<principal>
<realm-name>jazn.com</realm-name>
<type>user</type>
<class>oracle.security.jazn.spi.xml.XMLRealmUser</class>
<name>jazn.com/esp_administrator</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
==============================================================
My principal class is not of type, oracle.security.jazn.spi.xml.XMLRealmUser. Hence, I changed system-jazn-data.xml to include com.test.MyUser instead of oracle.security.jazn.spi.xml.XMLRealmUser. Either way, I get Not Authorized and Login permission not granted for myapp (myuser).
Can anybody help me out, please?
Thank you,
Sri
Message was edited by:
user532586I finally got it to work. But I have a problem granting RMI Permission "login", if the depth of my Principal class within the inheritance hierarachy is more than one. My hierarachy of my principal class is
Object --> ObjectA --> ObjectB --> ObjectC --> ObjectD
ObjectD is my principal class. ObjectB implements java.security.Principal. ObjectA has implementations for methods equals, hashcode and toString. ObjectB has implementations for getName.
When I try to grant RMI permission for ObjectD, I get an error that says null.
If I override the methods, equals, hashcode, toString, and getName in ObjectD and provide implementations, I still could not grant permission using jazn tool. I get error that says null. If I update the system-jazn-data.xml with the following grant tag, I could get into the application without any errors.
<grant>
<grantee>
<principals>
<principal>
<class>com.test.ObjectD</class>
<name>developers</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>com.evermind.server.rmi.RMIPermission</class>
<name>login</name>
</permission>
</permissions>
</grant>
If I create a new class, myPrincipal that implements java.security.Principal, I donot have any problems. I can grant permission and access application.
Any ideas why I could not use ObjectD as my principal class for granting RMI permission?
Message was edited by:
user532586 -
How to make a 500 error page with exception stacktrace
Hi Guys ,
The weblogic default 500 error page is not showing the exception stacktrace. we try to build a customer error page to display trace just like tomcat .
By pointing 500 error to myerror.jsp in web.xml ,we are able to replace defaut page. but still can't get the trace by using ex.printStacktrace() , it look like weblogic swallow the stacktrace and hijack the exception object.
Any idea ?
KYanyone ?
-
How do I customize the error page
Our IT department has adopted a policy that requires a standard look and feel for all error pages encountered in any web application. To this end I need to be able to modify the error page that shows up on the browser when an unexpected error is encountered or a validation error is sent to a new page.
How can I modify this page? Is there a template for it, and if so where?
Any help is greatly appreciated,
Adam CummingHello Bhavin,
I have already started looking at this links (you copied twice Marc Lancaster's page, instead of Roel Hartmans's, which is actually : http://roelhartman.blogspot.com/2009/09/transform-ora-xxxx-messages-into.html)
I'm focused on Marc Lancaster's solution (Friendly Exception Messages), which is also interesting because it covers Ajax manipulation inside Apex (i'm using Apex 2.1).
But it seems that the apex.ajax.ondemand(...) line doesn't do anything to my application. Here is the code of this line :
var lRequest = new apex.ajax.ondemand('test', function(){
var l_s = p.readyState;
if(l_s == 1||l_s == 2||l_s == 3){
} else if(l_s == 4){
gReturn = p.responseText;
$s('ajax-drop',gReturn); }
else{return false;}
);Because that's the first time I'm trying Ajax, I don't see what could be silly (I just copied the code from Marc's example).
Here is the application process, called 'test' :
begin
htp.p('Hello !');
end;Thanks a lot.
Dovik -
SAP CRM ISA for B2B B2C How I can set customize error page in SAP J2EE 6.40
Hi,
I am trying to change default error mesaage which is comming from SAP J2EE engine in SAP CRM ISA B2B and B2C application.
I want to set different customize error(400, 401,403,500 etc..) pages designed in HTML in B2B and B2C of SAP CRM ISA application.
If any one has any idea how to do it pl. let me know.
Thanks.
Ashish Patel.Hi,
Except for the application error pages you should also keep in mind that some error pages are generated by SAP Webdispatcher - presuming you are using one in front of your J2EE-Engine
You find some information about this type of error pages under <a href="http://help.sap.com/saphelp_webas630/helpdata/en/f6/3c0b0389cea34ba66f10d62b718a1a/frameset.htm">help.sap.com</a>
Best regards,
Frank
Maybe you are looking for
-
Can't print from my Apple Laserwriter 16/600 PS
Hello, I have an Apple Laserwriter 16/600 PS that I used to be able to print documents to from my Mac G4 OS 10.2.8 via a network connection with my Mac 9600/OS 8 as a shared printer. It was an easy solution to the cabling issues between laserwriters
-
Using xmldom.freeDocument
Oracle 8.1.7, PL/SQL I wrote a function to return a node list from a clob. The code is as follows: FUNCTION fcn_Get_Node_List ( p_clobXML clob, p_vcPath VARCHAR2) RETURN sys.xmldom.DOMNodelist AS v_docParse xmldom.DOMDocument; v_nlNodeList xmldom.DOM
-
Youtube videos do not play and gchat sounds do not work
These problems are only in Firefox. Allow me to elaborate. I have a Windows 7 64-bit laptop, Firefox 13.0 and the latest Adobe Flash Player installed. What's strange is that I think the videos worked fine two or three days ago, but now the videos d
-
ActiveSync - Freshly added calendar entries disappear just after syncing
We have a problem with single user on Exchange 2010, occurring both on iOS and Android based mobile devices. When the user add an entry to calendar from the level of Outlook, everything is alright - he gets it on his mobile too within a few seconds.
-
My iphone 5 keeps shutting down and restarting.
My iphone 5 keeps shutting down and restarting. I have tried powering it completely off and reseting through itunes. I had to call someone back three times just to finish my 2 minute conversation. I have changed cords and charging cubes. I have insta