How to implement custom db login module .
Hi Frank.
I was going thru your document on implementing the custom db login module in my application. I am not able to configure this same at my end. when i issue a command to add the dbloginmodule on the j2ee home directory it ask me for the ABSTRACTLOGINMODULE username , pls tell what is to be provided here because i tried it for admin user as specified in your document but it gave me an error user admin not found in the system. Pls tell what to do in this case?
can any one ...list down the steps to do same...for my application
Hi,
if I had to list all the steos then I would end up writing the same steps that come with the LoginModules
Note that if you add the configurations on the command line of JAZN then the ABSTRACTLOGINMODULE most likely is "oc4jadmin", which is the default administartor account
Frank
Similar Messages
-
How to deploy and configure custom JAAS login module
Dear Experts,
I have created a custom jaas login module, In my .jar I am having
1. MyLoginModule.class
2. Handler.class
3. MyPrincipal.class
I want to know how to deploy the custom jaas module to oc4j. And make available to all
other application to use the same for authentication & authorization. Please suggest me.
Thanks,
Rajesh AThis article does not mention that you can put the <jazn-loginconfig> tag into the orion-application.xml as well.
Much easier to deploy and test.
--olaf -
Opinions on implementing a JAAS login module to achieve SSO
We are looking at implementing SSO from a sharepoint website to the portal. The users who are accessing the Sharepoint site are using their own computers and are not members of the AD Domain, so they could theoretically be using any computer in the world to access Sharepoint.
the desired user experience looks something like this.
user--login> sharepoint site -no login--
>portal
One of the methods we are looking at to achieve this is to implement a custom JAAS login module that would authenticate the user if they are coming from the Sharepoint site.
I would like to get your opinions on how viable you think this method is. One of the goals of this method is ease of implementation, so if you can think of an easier way to implement this please let us know.
the method is basically this.
1. User logs into sharepoint using their AD username and password and establish an active session with sharepoint
2. user navigates to a link in sharepoint that points to a resource in the SAP Portal
3. we don't want the user to have to login to access the resource when they click on the link
4. to facilitate this, sharepoint has constructed the link in the following way
5. the link is an https link
6. the link has two additional parameters in addition to whatever is necessary to navigate to the resource
7. the parameters are
8. un = the users AD username
9. uh = sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + "username")
10. the user clicks the link and is directed to the SAP portal
11. the sap portal has a custom JAAS login module which performs it's checks before the other login modules
12. the custom module computes ( sha1("secret_password_known_to_both_the_login_module_and_sharepoint" + un)) and then compares the result with uh, if they are equal, the custom login module authenticates the user bypassing any further need for authentication, otherwise authentication passes to the original authentication modules as normal.
If you think there is an easier way, please let us know. We are essentially looking for the easiest/fastest way to implement this functionality that is still secure.Hey Gary,
I'm currently using Apache running on RedHat that leverage Apache's mod_rewrite module. I've got a bank of 6 reverse proxies sitting in front of an SAP Portal and each proxy runs on a host with dual 3.33GHz processors and 8Gb or RAM. I know... they're waaay over-sized and they pretty much snooze all day.
This is the sole entry point for all SAP users and we sized them to accommodate the "worst case" of about 5000 (potential) named users, concurrently. Realistically, we've only ever had about 1500 unique users hitting the systems in a day (following an upgrade go-live, everybody is curious and wants to log on) and a typical load of about 500 to 750 users in a day.
Never had a real performance problem to speak of. As long as the proxies are tuned properly (ssl cache, sessions, etc.), you should be fine.
Setting header variables and some other "custom stuff" is handled in Perl (need Apache's mod_perl active). We've got a script that's called by all users before being passed to the Portal.
We used IISProxy.dll with an IIS web server a long time ago (5 years maybe?) but opted to can it in favor of the approach described above.
If you ask SAP, they'll recommend you use a WebDispatcher... and that's certainly an option as well.
-Kevin -
JDEV deployment of web app with custom JAAS login module fails
For the first time, I am trying to implement a custom JAAS login module.
JDEV deployment to standalone OC4J only fails when my orion-application.xml is included. The deployment fails with a java.lang.InstantiationException.
This what I have done:
1) Wrote a custom LoginModule called com.whirlpoool.sjtc.jaas.gpa.LDAPLoginModule.
2) Put it and its dependent classes in a jar named sjtcjaas.jar.
3) Put the jar in $ORACLE_HOME\j2ee\home\lib
4) Changed library_path in $ORACLE_HOME\j2ee\home\config\application.xml to
<library path="../../home/lib/scheduler.jar;../../home/lib/sjtcjaas.jar" />
5) Added an orion-application.xml to the JDEV project. (I used an Oracle How-to as a pattern, see below.)
I think I'm close but no cigar, yet. Any help would be appreciated.
Regards,
Al Malin
=============== orion-application.xml ========================================
<?xml version="1.0"?>
<orion-application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/orion-application-10_0.xsd" deployment-version="10.1.3.0.0" default-data-source="jdbc/OracleDS" schema-major-version="10" schema-minor-version="0" >
<security-role-mapping name="sr_manager">
<group name="managers" />
</security-role-mapping>
<security-role-mapping name="sr_developer">
<group name="developers" />
</security-role-mapping>
<log>
<file path="application.log" />
</log>
<!-- Configuring a Login Module in an Application EAR file. -->
<jazn-loginconfig>
<application>
<name>customjaas</name>
<login-modules>
<login-module>
<class>com.whirlpoool.sjtc.jaas.gpa.LDAPLoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>debug</name>
<value>true</value>
</option>
</options>
</login-module>
</login-modules>
</application>
</jazn-loginconfig>
</orion-application>Starting OC4J from c:\oc4j\j2ee\home ...
2006-09-07 13:45:28.484 NOTIFICATION JMS Router is initiating ...
06/09/07 13:45:29 Oracle Containers for J2EE 10g (10.1.3.0.0) initialized
2006-09-07 13:45:58.609 NOTIFICATION Application Deployer for aam STARTS.
2006-09-07 13:45:58.640 NOTIFICATION Copy the archive to C:\oc4j\j2ee\home\applications\aam.ear
2006-09-07 13:45:58.656 NOTIFICATION Initialize C:\oc4j\j2ee\home\applications\aam.ear begins...
2006-09-07 13:45:58.656 NOTIFICATION Auto-unpacking C:\oc4j\j2ee\home\applications\aam.ear...
2006-09-07 13:45:58.687 NOTIFICATION Unpacking aam.ear
2006-09-07 13:45:58.687 NOTIFICATION Unjar C:\oc4j\j2ee\home\applications\aam.ear in C:\oc4j\j2ee\home\applications\aam
2006-09-07 13:45:58.750 NOTIFICATION Done unpacking aam.ear
2006-09-07 13:45:58.750 NOTIFICATION Finished auto-unpacking C:\oc4j\j2ee\home\applications\aam.ear
2006-09-07 13:45:58.750 NOTIFICATION Auto-unpacking C:\oc4j\j2ee\home\applications\aam\aam.war...
2006-09-07 13:45:58.750 NOTIFICATION Unpacking aam.war
2006-09-07 13:45:58.765 NOTIFICATION Unjar C:\oc4j\j2ee\home\applications\aam\aam.war in C:\oc4j\j2ee\home\applications\aam\aam
2006-09-07 13:45:58.765 NOTIFICATION Done unpacking aam.war
2006-09-07 13:45:58.765 NOTIFICATION Finished auto-unpacking C:\oc4j\j2ee\home\applications\aam\aam.war
2006-09-07 13:45:58.812 NOTIFICATION Initialize C:\oc4j\j2ee\home\applications\aam.ear ends...
2006-09-07 13:45:58.828 NOTIFICATION Starting application : aam
2006-09-07 13:45:58.828 NOTIFICATION Initializing ClassLoader(s)
2006-09-07 13:45:58.828 NOTIFICATION Initializing EJB container
2006-09-07 13:45:58.828 NOTIFICATION Loading connector(s)
2006-09-07 13:45:58.843 NOTIFICATION application : aam is in failed state
06/09/07 13:45:58 WARNING: Application.setConfig Application: aam is in failed state as initialization failedjava.lang.InstantiationException
Sep 7, 2006 1:45:58 PM com.evermind.server.Application setConfig
WARNING: Application: aam is in failed state as initialization failedjava.lang.InstantiationException
06/09/07 13:45:58 oracle.oc4j.admin.internal.DeployerException: java.lang.InstantiationException
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:510)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.doDeploy(ApplicationDeployer.java:191)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:93)
06/09/07 13:45:58 at oracle.oc4j.admin.jmx.server.mbeans.deploy.OC4JDeployerRunnable.doRun(OC4JDeployerRunnable.java:52)
06/09/07 13:45:58 at oracle.oc4j.admin.jmx.server.mbeans.deploy.DeployerRunnable.run(DeployerRunnable.java:81)
06/09/07 13:45:58 at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:814)
06/09/07 13:45:58 at java.lang.Thread.run(Thread.java:595)
06/09/07 13:45:58 Caused by: java.lang.InstantiationException
06/09/07 13:45:58 at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
06/09/07 13:45:58 at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
06/09/07 13:45:58 at com.evermind.server.Application.setConfig(Application.java:391)
06/09/07 13:45:58 at com.evermind.server.Application.setConfig(Application.java:308)
06/09/07 13:45:58 at com.evermind.server.ApplicationServer.addApplication(ApplicationServer.java:1771)
06/09/07 13:45:58 at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:507)
06/09/07 13:45:58 ... 6 more
2006-09-07 13:45:58.890 NOTIFICATION Application Deployer for aam FAILED.
2006-09-07 13:45:58.890 NOTIFICATION Application UnDeployer for aam STARTS.
2006-09-07 13:45:58.906 NOTIFICATION Removing all web binding(s) for application aam from all web site(s)
2006-09-07 13:45:59.015 NOTIFICATION Application UnDeployer for aam COMPLETES.
06/09/07 13:45:59 WARNING: DeployerRunnable.run java.lang.InstantiationExceptionoracle.oc4j.admin.internal.DeployerException: java.lang.InstantiationException
at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:126)
at oracle.oc4j.admin.jmx.server.mbeans.deploy.OC4JDeployerRunnable.doRun(OC4JDeployerRunnable.java:52)
at oracle.oc4j.admin.jmx.server.mbeans.deploy.DeployerRunnable.run(DeployerRunnable.java:81)
at EDU.oswego.cs.dl.util.concurrent.PooledExecutor$Worker.run(PooledExecutor.java:814)
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.InstantiationException
at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
at com.evermind.server.Application.setConfig(Application.java:391)
at com.evermind.server.Application.setConfig(Application.java:308)
at com.evermind.server.ApplicationServer.addApplication(ApplicationServer.java:1771)
at oracle.oc4j.admin.internal.ApplicationDeployer.addApplication(ApplicationDeployer.java:507)
at oracle.oc4j.admin.internal.ApplicationDeployer.doDeploy(ApplicationDeployer.java:191)
at oracle.oc4j.admin.internal.DeployerBase.execute(DeployerBase.java:93)
... 4 more
2006-09-07 13:45:59.031 WARNING java.lang.InstantiationException -
Howto put custom JAAS Login Module into NWDI
Hi there!
We are currently in migration phase and want to integrate existing codings to NWDI. We mainly had Web Dynpro projects which we figured out how to migrate through discovering help.sap.com
Formerly I developed a custom JAAS login module which is productive on our portal systems. Now I would like to integrate it to NWDI. Is this possible in general?
Best Regards
ChristianCan you clarify a bit more what didn't work? What issues do you face?
Our setup for security.jar (which is not available in one of the base SC's) (for the rest try to use as many base DC's as possible):
1. Create External Library DC for security.jar
2. Add security.jar to libraries folder, add to new pp for Compilation
3. Create J2EE Library DC for loginmodule
4. Create Java Library DC for loginmodule as Child DC
5. Define the External Library DC as Used DC of the Java DC, referencing the Compilation pp (Only a Build time dependency, since this will not be deployed, instead you'll reference the registered interface, see below).
6. Create a public part for Assembly in the Java DC. Add all your loginmodule classes to the pp.
7. Define the Java DC as Used DC of the J2EE Library DC, referencing the Assembly pp (only Build time dependency). (this packages the loginmodule jar in the J2EE library)
8. Create a provider.xml in the 'server' folder of the J2EE Library DC
9. Define references to libraries used by the Child DC and the Child DC's jar:
<references>
<reference
provider-name="sap.com"
strength="weak"
type="library">com.sap.security.api.sda</reference>
<reference
provider-name="sap.com"
strength="weak"
type="interface">security_api</reference>
<reference
provider-name="sap.com"
strength="weak"
type="library">com.sap.tc.Logging</reference>
<reference
provider-name="sap.com"
strength="weak"
type="library">servlet</reference>
</references>
<jars>
<jar-name>[vendor name]~[DC name]~Assembly.jar</jar-name>
</jars>
The J2EE Library DC has only one Used DC: The child Java DC.
The Java DC has Used DCs for anything you need to compile your loginmodule code.
Hope I didn't forget anything else. -
How to Implement custom share functionality in SharePoint 2013 document Lib programmatically?
Hi,
I have created custom action for Share functionality in document library.
On Share action i'm showing Model pop up with Share form with addition functionality.
I am developing custom share functionality because there is some addition functionality related to this.
How to Implement custom share functionality in SharePoint 2013 document Lib pro-grammatically?
Regards,
- SiddhehswarHi Siddhehswar:
I would suggest that you use the
Ribbon. Because this is a flexible way for SharePoint. In my project experience, I always suggest my customers to use it. In the feature, if my customers have customization about permission then i can accomplish this as soon
as possible. Simple put, I utilize this perfect mechanism to resolve our complex project requirement. Maybe we customize Upload/ Edit/ Modify/ Barcode/ Send mail etc... For example:
We customize <Edit> Ribbon. As shown below.
When user click <Edit Item>, the system will
render customized pop up window.
Will -
Accessing LDAP in a custom JAAS login module
Hi,
I have developed a custom jaas login module in CE 7.1. I created a java dc which contains a class extending AbstractLoginModule. This DC is deployed on to the server using an EAR DC. I am trying to access LDAP in the custom login module. I am trying to establish an SSL connection to LDAP. For this purpose i have created a custom socket factory class which extends SSLSocketFactory. I used the code below to establish the connection.
Hashtable<String,String> env=new Hashtable<String,String>();
DirContext dirContext=null;
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,ldapURL);
env.put(Context.SECURITY_PROTOCOL,"ssl");
env.put("java.naming.ldap.factory.socket", "com.test.ldap.MySSLSocketFactory");
dirContext=new InitialDirContext(env);
MySSLSocketFactory is the name of custom socket factory.
During a login process, the above code results in error because the connection to LDAP server could not be established. However the same code when executed in a webdynpro DC is working without any problem. What could be the reason for this?
This is the error i could see in defaultTrace
javax.naming.CommunicationException: js24.na.domain.net:636 [Root exception is java.lang.ClassNotFoundException: com.test.ldap.MySSLSocketFactory
Loader Info -
ClassLoader name: [service:security]
Living status: alive
Direct parent loaders:
[system:Frame]
[library:j2eeca]
[service:timeout]
[service:com.sap.security.core.ume.service]
[service:adminadapter]
Resources:
/usr/sap/SV3/J10/j2ee/cluster/bin/services/security/lib/private/sap.comtcjesecurityimpl.jar
at com.sun.jndi.ldap.Connection.<init>(Connection.java:205)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1579)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2681)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:299)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
at com.sap.engine.system.naming.provider.DefaultInitialContext.<init>(DefaultInitialContext.java:45)
at com.sap.engine.system.naming.provider.DefaultInitialContextFactory.getInitialContext(DefaultInitialContextFactory.java:41)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)Hi,
I used an EJB to perform the LDAP search and called the EJB from the login module. It is working as expected.
Regards,
Shabeer -
How to implement Custom Authentication and Authorization in Oracle SOA 11g
Can anyone please tell me, how to implement Custom Authentication in Oracle SOA 11g ?
Because in Oracle SOA 10.1.3.4 , i have implemented this custom authentication and authorization by implementing BPMAuthenticationService, BPMAuthorizationService, BPMIdentityService to verify againt my database systems.
implementation classes like the mentioned below
1).
public class SampleAuthenticationService extends SampleServiceBase implements BPMAuthenticationService {
2).
public class SampleAuthorizationService extends SampleServiceBase implements BPMAuthorizationService {
3).
public class SampleIdentityService extends SampleServiceBase implements BPMIdentityService {
Please help me to implement the authentication and authorization in Oracle SOA 11g .
thanks in advanceTo start with please go through following document
http://docs.oracle.com/cd/E21764_01/integration.1111/e10231/adptr_jms.htm
http://docs.oracle.com/cd/E23943_01/integration.1111/e10231/adptr_file.htm
Regards
Arpit -
Custom JAAS Login Module 9.0.4 configuration problems
Hello,
We have created a custom JAAS Login Module on OC4J 9.0.4 and are having some sort of configuration problem
We always get this error:
Caused by: javax.security.auth.login.LoginException: Login Failure: all modules ignored
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:779)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:535)
The Login Module is configured for a specific deployed application in the global jazn-data.xml and is being run as I have attached a debugger to the app server.
Our authentication process succeeds and we return a "true" from the login() method. No exceptions are thrown from our Login Module.
our ORACLE_HOME/j2ee/home/config/jazn-data.xml has this added
<application>
<name>helloworld</name>
<login-modules>
<login-module>
<class>com.test.JaasLoginModule</class>
<control-flag>required</control-flag>
<options>
</options>
</login-module>
</login-modules>
</application>
The j2ee/home/application-deployments/helloworld/jazn-data.xml looks like this:
<?xml version="1.0" encoding="UTF-8" standalone='yes'?>
<!DOCTYPE jazn-data PUBLIC "JAZN-XML Data" "http://xmlns.oracle.com/ias/dtds/jazn-data.dtd">
<jazn-data />
and we added this into the j2ee/home/application-deployments/helloworld/orion-applicaton.xml
<jazn provider="XML" location="jazn-data.xml" >
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
<property name="jaas.username.simple" value="true" />
</jazn>
Are we missing anything? Our code runs, it seems like there is something lacking in the configuration on the OC4J side of things.
Anyone know what we are missing?
Thanks....Hi,
if you are on 9.0.4 then <property name="custom.loginmodule.provider" value="true"/> shouldn't work because its a parameter of 10.1.3
Frank -
How to save Custom control records module pool program ?
Hi guru ,
1. How to save Custom control records module pool program ?
I wrote multiple lines of record in custom control
Who to save that records ?
thanking you.
Regards,
Subash.Hi Subasha,
Please check the format below since it is based on a working code
**************data declarations
TYPES: BEGIN OF TY_EDITOR,
EDIT(254) TYPE C,
END OF TY_EDITOR.
data: int_line type table of tline with header line.
data: gw_thead like thead.
data: int_table type standard table of ty_editor.
You should create a text for uniquely identifying the text you are saving each time so that it doesn't get overwritten
For this a key combination must be decidedd to uniquely identify the test..here it is loc_nam
****************fill header..from SO10( t-code )
GW_THEAD-TDNAME = loc_nam. " unique key for the text
GW_THEAD-TDID = 'ST'. " Text ID
GW_THEAD-TDSPRAS = SY-LANGU.
GW_THEAD-TDOBJECT = 'ZXXX'. "name of the text object created
*Read Container and get data to int_table
CALL METHOD EDITOR ->GET_TEXT_AS_R3TABLE
IMPORTING
TABLE = int_table
EXCEPTIONS
ERROR_DP = 1
ERROR_CNTL_CALL_METHOD = 2
ERROR_DP_CREATE = 3
POTENTIAL_DATA_LOSS = 4
others = 5.
IF SY-SUBRC 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
loop data from int_table and save to int_line-tdline appending it.
*save the text
CALL FUNCTION 'SAVE_TEXT'
EXPORTING
HEADER = GW_THEAD
TABLES
LINES = InT_LINE
EXCEPTIONS
ID = 1
LANGUAGE = 2
NAME = 3
OBJECT = 4
OTHERS = 5.
IF SY-SUBRC 0.
ENDIF.
The code shown above is ok and working fine for save also,hope that the above sample with helps you solve the problem
Please check and revert,
Reward if helpful
Regards
Byju -
Custom JAAS login module configuration in Oracle application server
I have a LDAP login module implementing javax.security.auth.spi.LoginModule. This login module works well with tomcat and weblogic, if I configure the JVM arguments -Djava.security.auth.login.config and -Djava.security.policy to point to the login.conf and access.policy files. The login.conf file has the below content
FREEWAY_SERV
com.wipro.freeway.security.LdapLoginModule required debug=true portal=false;
FREEWAY_PORT
com.wipro.freeway.security.LdapLoginModule required debug=true portal=true;
The access.policy file has contains content like below:
grant Principal com.wipro.freeway.security.RolePrincipal "UserAdministration" {
permission com.wipro.freeway.security.URLPermission "/createOtherUser.frw";
permission com.wipro.freeway.security.URLPermission "/createDealer.frw";
The application uses these login modules by passing Name of the JAAS configuration (FREEWAY_SERV or FREEWAY_PORT).
I would like to use the same login module and code in Oracle application sever 10.1.3 and I haven't got any success yet. I am not getting how to set these JVM properties and make my application identify this custom login module. I have tried configuring the custom login module via oc4j admin console and I couldn't give a name to my configuration. I also set the system properties for
-Djava.security.auth.login.config and -Djava.security.policy with no success.
Could anybody please help me to get this right?
Thanks in advance.Hello,
In OracleAS 10g R3 (10.1.3.x) you can register your login module in your application (and server) using Enterprise Manager, and config file. That is easier and more flexible that the parameter.
I would invite you to take a look to the security how-to:
- 10.1.3 How-tos, and How to integrate a custom login module
You can also take a look to the 10.1.3 Documentation and the LDAP/Login Module integration.
- Security guide: Login Modules -
How to implement custom Model Class in Oracle ADF?
I am using Oracle ADF for one of my project and i am using Query component of ADF. For given tables the query component creates view objects and maps the relations. ADF uses its own custom model class for this component and it should understand the DB tables. But for my project i have no access to database. All i can do is pass a string or object/query to the existing (custom) Java class/object, and this model class formulates query and queries the database and returns the value to my Java class. I have to display these results using ADF to the front end. Is There a way to achieve this? Can i replace/override the existing Model class of ADF. If so how?
Thanks in advance for your help.Hi, there:
Best thing to do is to start with the default login.html page, and then modify it. The login screen is fairly complex and it's easy to just miss a JS function you need to call. To get to default page, you would need to do one deploy (to simulator or whatever), and then look for login.html page in the temporary Xcode or Android project generated from the deployment. It should be under the "deploy" directory in your JDev workspace.
You can also see all the framework JS files and CSS files that way as well.
We have had customers implementing custom login screen so we know it can work, but they all had to start with the default login screen and then modify it.
Thanks,
Joe Huang -
Problems deploying custom JAAS login module (ClassNotFound)
Hi,
I've developed a custom made JAAS login module that filters on IP addresse which I am moving from 6.20 to 6.40.
I've pretty much followed the procedures from http://help.sap.com/saphelp_nw04/helpdata/de/46/3ce9402f3f8031e10000000a1550b0/content.htm , the only major difference is that I needed a reference to WebCallback and therefore a reference to com.sap.security.api.sda from my library project.
I've especially followed the step with "Adding a Reference to the Classloader of the Security Provider" (http://help.sap.com/saphelp_nw04/helpdata/de/2b/23e4407211732ae10000000a155106/content.htm) , but I think its this step that fails. This has been set to library:<library name> , where <library name> is what is written on the right hand side of visual admin under library. I see that the library is deployed under the folder bin\ext\customer.com~com.customer.portal.login.IPRuleLibrary , so maybe I will try that name tomorrow morning.
The exceptions I get are
#1.5#001321B3B106005C0000000800002E380004039375E59BA6#1129831779936#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#1####ae7c5500419411daa7fd001321b3b106#SAPEngine_Application_Thread[impl:3]_17##0#0#Error#1#/System/Audit#Java###Exception #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Cannot load a login module.
at com.sap.engine.services.security.login.LoginContextFactory.init(LoginContextFactory.java:95)
at com.sap.engine.services.security.login.LoginContextFactory.getLoginContext(LoginContextFactory.java:133)
at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:227)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:86)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.getLoggedInUser(AuthenticationService.java:305)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:96)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
at java.security.AccessController.doPrivileged(Native Method)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:295)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:351)
at com.sap.portal.navigation.Gateway.service(Gateway.java:68)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:95)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:159)
Caused by: java.lang.ClassNotFoundException: com.customer.portal.login.IPRuleLoginModule
Found in negative cache
- Loader Info -
ClassLoader name: [common:library:com.sap.security.api.sda;library:com.sap.security.core.sda;library:security.class;library:webservices_lib;service:adminadapter;service:basicadmin;service:com.sap.security.core.ume.service;service:configuration;service:connector;service:dbpool;service:deploy;service:jmx;service:jmx_notification;service:keystore;service:security;service:userstore]
Parent loader name: [Frame ClassLoader]
References:
library:com.sap.ip.basecomps
library:core_lib
common:library:IAIKSecurity;library:activation;library:mail;library:tcsecssl
library:servlet
library:sapxmltoolkit
library:com.sap.mw.jco
library:com.sap.util.monitor.jarm
library:j2eeca
library:opensql
interface:security
interface:log
interface:shell
interface:keystore_api
library:ejb20
interface:webservices
library:com.sap.guid
interface:appcontext
interface:endpoint_api
interface:resourceset_api
interface:resourcecontext_api
common:service:iiop;service:naming;service:p4;service:ts
interface:ejbcomponent
interface:container
interface:visual_administration
interface:transactionext
interface:dsr_ejbcontext_api
service:timeout
library:tc~jmx
library:tcSLUTIL
service:memory
library:antlr
library:jdbdictionary
library:opensqlextensions
interface:cross
service:locking
service:file
Resources:
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_toolkit_api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
adminadapter
adminadapter.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
com.sap.security.core.ume.service
com.sap.security.core.ume.service.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
jaxrpc-api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.api.sda
com.sap.security.api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
opensqllib.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx
jmx_sec.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
jaxm-api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
keystore
keystore.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
security
security.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
jstartupapi.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_jaas.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
connector
connectorimpl.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
webservices_lib.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_jaas.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_service_api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_userstore_lib.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
webservices_lib
saaj-api.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.core.sda
com.sap.security.core.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.core.sda
com.sap.security.core.tpd.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_csi.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_ssf.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
userstore
userstore.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
sqljimpl.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_xmlbind.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_util.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
dbpool
dbpool.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
deploy
deploy.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_saml_toolkit_core.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx
jmx.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_compat.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
jmx_notification
jmx_notification.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
configuration
configuration.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
jstartupimpl.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_https.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
services
basicadmin
basicadmin.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
security.class
tc_sec_jaas_test.jar
C:
usr
sap
EQ2
J13
j2ee
cluster
server1
bin
ext
com.sap.security.api.sda
com.sap.security.api.perm.jar
Loading model: {parent,local,references}
at com.sap.engine.frame.core.load.ReferencedLoader.loadClass(ReferencedLoader.java:348)
at com.sap.engine.services.security.Util.loadClass(Util.java:262)
at com.sap.engine.services.security.Util.loadClassFromAdditionalLoaders(Util.java:204)
at com.sap.engine.services.security.login.LoginContextFactory.init(LoginContextFactory.java:92)
... 45 more
#1.5#001321B3B106005C0000000900002E380004039375E5A109#1129831779936#com.sap.engine.services.security#sap.com/irj#com.sap.engine.services.security#Guest#1####ae7c5500419411daa7fd001321b3b106#SAPEngine_Application_Thread[impl:3]_17##0#0#Error##Java###Cannot load login module class .#1#com.customer.portal.login.IPRuleLoginModule#Hi,
The problem was solved by using the name customer.com~com.customer.portal.login.IPRuleLibrary for the library (so basically look at the name of your library folder under cluster\j2ee\serverx\bin\ext , not the name reported by visual admin).
Also I was able to modify the properties of the login module runtime, which made me very happy
Dagfinn -
How to implement custom logging using log4j in Webcenter Portal Application
I need to implement custom logging and export it to a new log file in Oracle 11.1.1.5 (Webcenter portal application). Please tell me the steps to implement this functionality.
Please post questions for WebCenter Portal in it's own forum:
WebCenter Portal -
How to implement custom skin in JavaFX 2.0?
To implement custom skin, I extend TextFieldSkin (in com.sun.javafx.scene.control.skin.*) class, but I don't know which methods to overwrite, anyone can provide some sample codes? Thanks!
Hi,
You can implement Skin interface or extend SkinBase class. I made some controls on my blog http://jojorabbitjavafxblog.wordpress.com/ but i still have not updated code to build 40. In my opinion the easiest way is to make first skin for Button class for example add text and Rectangle.
Maybe you are looking for
-
I cannot download Adobe Reader app using my IPod Touch 4th Generation due to iOS upgrade.
I have an IPod Touch 4th Generation (the older model) and the highest operating system stops at iOS 6.1.6. Unfortunately, when I tried to download Adobe Reader app, it only works for the newer IPod Touch 5th Generation with an operating system of iOS
-
What exactly is in my Lenovo T400
I have a problem. I want to upgrade my Lenovo T400 2768-BQ4 to a WiMAX and a Wireless USB. I want to know everything else about my specific computer too. Can you help me here?
-
How to get the real name of the webcam ?
Hello, For my application, I need to display the name of the different webcams on the computer. How can I get a better name than vfw:Microsoft WDM Image Capture (Win32) ? Thank you
-
What's the best audio filter and settings to eliminate echo?
I shot an interview in a hallway. What's the best audio filter and settings to reduce/eliminate echo?
-
I burned AVI movie files onto DVD-R discs with a windows machine, and when I insert them into my Macbook, they show up as blank cds or dvds. How can I get my Macbook to show the files? They show up just fine on a windows machine in Windows Explorer.