How to setup security manager for applet at runtime?
hello everyone,
I am wonder if there is a way to setup security manager at runtime. This is what I am trying to do:
1. Create a Applet GUI and allow users to specify in an input dialog box of the URL they like make connection to.
I know there is two way of do this
1. Is modify java.policy file and specify the URL SocketPermission to connect to.
2. setup signed certificate applet.
But, I would to try to see if there is a way to have applet make connection at runtime when users specify the URL.
Anyone have any ideas.
Thanks.
Thanks, Peter
Going over some articles you and references that you pointed out was very useful on how the java security model work and a little bit history too.
So, I am assuming that I can make my own securitymanager class that defines the permission of the applet that I am working, using Permission, SecurityManager, ....etc class right? I just want to be clear on what I am going to be doing.
If you have any other thoughts, Thanks,
Similar Messages
-
How to setup IPV6 boundary for SCCM 2012 R2 Primary Site?
How to setup IPV6 boundary for SCCM 2012 R2 Primary Site?
I have Direct Access implemented in my environment. I have Windows 8.1 machine connecting through direct access.
I want to manage the windows 8.1 through SCCM. How do I setup IPV6 boundary. Can someone guide me through?
Below are the Windows 8.1 client IP Configuration
C:\Windows\system32>ipconfig
Windows IP Configuration
Wireless LAN adapter Local Area Connection* 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : home
Link-local IPv6 Address . . . . . : fe80::7466:11a5:39ed:ffb0%4
IPv4 Address. . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
Tunnel adapter isatap.home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1494:1339:93d6:439c
Link-local IPv6 Address . . . . . : fe80::1494:1339:93d6:439c%9
Default Gateway . . . . . . . . . :
Tunnel adapter iphttpsinterface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000:e1a7:9cc8:c3c7:d819
Temporary IPv6 Address. . . . . . : fd64:fc00:d17b:1000:206c:f857:ddbe:2f2b
Link-local IPv6 Address . . . . . : fe80::e1a7:9cc8:c3c7:d819%10
Default Gateway . . . . . . . . . :
Below are the IPConfiguration details for Direct Access server
C:\Windows\system32>PsExec.exe \\MURA01 ipconfig
PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
Windows IP Configuration
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:3333::1
Link-local IPv6 Address . . . . . : fe80::b1ad:1c29:b4a:9125%15
IPv4 Address. . . . . . . . . . . : 10.192.1.25
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.192.1.1
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter isatap.{3D6A5E86-D85A-46C8-B69B-FFCF6D5D849C}:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1:0:5efe:10.192.1.25
Link-local IPv6 Address . . . . . : fe80::5efe:10.192.1.25%18
Default Gateway . . . . . . . . . :
Tunnel adapter 6TO4 Adapter:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Tunnel adapter IPHTTPSInterface:
Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000::1
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000::2
IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000:2552:e9f8:87d3:ed8e
Link-local IPv6 Address . . . . . : fe80::2552:e9f8:87d3:ed8e%20
Default Gateway . . . . . . . . . :
ipconfig exited on MURA01 with error code 0.
Below are the IPCONFIG Details for SCCM Server:
C:\Windows\system32>PsExec.exe \\sccm01 ipconfig
PsExec v1.98 - Execute processes remotely
Copyright (C) 2001-2010 Mark Russinovich
Sysinternals - www.sysinternals.com
Windows IP Configuration
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::9f0:86f9:441d:bc07%12
IPv4 Address. . . . . . . . . . . : 10.192.1.30
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.192.1.1
Tunnel adapter isatap.{0749E47D-AE0A-4D47-9D37-BDDC848E56F6}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
ipconfig exited on sccm01 with error code 0.
What will be the IPV6 values to configure boundary?Depending on how the clients connect use the IPv6 prefix of their 6to4, Teredo, and/ or IP-HTTPS tunnel. Just keep in mind that it could become a long list...
My Blog: http://www.petervanderwoude.nl/
Follow me on twitter: pvanderwoude -
Security Manager for decryption is not set
Hey,
I am using the Livecycle virtual appliance in a test version to evaluate its features. When I decrypt an encrypted document with the java API I get an error message that says that the security manager is not set.
Is the security Manager part of the appliance?
How can I solve that problem?
My Code:
//Set connection properties required to invoke LiveCycle ES
Properties connectionProps = new Properties();
connectionProps.setProperty(ServiceClientFactoryProperties.DSC_DEFAULT_EJB_ENDPOINT, getConfig("lc.ejb-endpoint.url", "jnp://192.168.56.50:1099"));
connectionProps.setProperty(ServiceClientFactoryProperties.DSC_TRANSPORT_PROTOCOL,Service ClientFactoryProperties.DSC_EJB_PROTOCOL);
connectionProps.setProperty(ServiceClientFactoryProperties.DSC_SERVER_TYPE, "JBoss");
connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_USERNAME, getConfig("lc.ejb-endpoint.username", "jjacobs"));
connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_PASSWORD, getConfig("lc.ejb-endpoint.password", "password"));
//Create a ServiceClientFactory object
ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
//Create an EncryptionServiceClient object
EncryptionServiceClient encryptClient = new EncryptionServiceClient(myFactory);
//Unlock the password-encrypted PDF document
Document unlockedDoc = encryptClient.unlockPDFUsingPassword(pdf, pdfPassword);
return unlockedDoc;
Exceptions details:
Caused by: com.adobe.internal.pdftoolkit.core.exceptions.PDFSecurityAuthorizationException: Security Manager for decryption is not set
at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamEncryption(Encrypti onImpl.java:196)
at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamDecryptionHandler(E ncryptionImpl.java:263)
at com.adobe.internal.pdftoolkit.core.cos.CosEncryption.getStreamDecryptionStateHandler(CosE ncryption.java:675)
at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStreamForCopying(CosStream.java:377)
at com.adobe.internal.pdftoolkit.core.cos.CosStream.copyStream(CosStream.java:310)
at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStream(CosStream.java:422)
at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.getDataStream(CosObjectStream.java :130)
at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.<init>(CosObjectStream.java:80)
at com.adobe.internal.pdftoolkit.core.cos.CosToken.readObject(CosToken.java:576)
at com.adobe.internal.pdftoolkit.core.cos.CosToken.readIndirectObject(CosToken.java:108)
at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:607)
at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:599)
at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
at com.adobe.internal.pdftoolkit.core.cos.CosDocument.resolveReference(CosDocument.java:1067 )
at com.adobe.internal.pdftoolkit.core.cos.CosDictionary.get(CosDictionary.java:278)
at com.adobe.internal.pdftoolkit.pdf.document.PDFCosDictionary.getDictionaryCosObjectValue(P DFCosDictionary.java:423)
at com.adobe.internal.pdftoolkit.pdf.document.PDFCatalog.getInteractiveForm(PDFCatalog.java: 156)
at com.adobe.internal.pdftoolkit.pdf.document.PDFDocument.getInteractiveForm(PDFDocument.jav a:521)
at com.adobe.formServer.utils.CommonGibsonUtils.isForm(CommonGibsonUtils.java:153)
at com.adobe.livecycle.formdataintegration.server.FormData.exportDataInternal(FormData.java: 338)
at com.adobe.livecycle.formdataintegration.server.FormData.exportData2(FormData.java:217)
... 81 moreI think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
You'll have to remove the security first. You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
Note that you will need the document's password to remove the security. -
Specifying system properties/security manager for OC4J
I have a couple of related questions regarding OC4J/orion.jar:
1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
rmission java.protocol.handler.pkgs write)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.System.setProperty(Unknown Source)
at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
Any help much appreciated.
..HrishiThanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
Thanks.
..Hrishi
Hi,
You can try this :
- Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
- Launch OC4J :
java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
Maher -
How to setup the RV120W for quickvpn
Hello,
The PPTP client from Windows 7 is not working with this router; therefore I would like to try the quickvpn.
Is there any paper from Cisco explaining how to setup the RV120W for quickvpn ?
Thanks for any helpUser Guides for thee rv120W are here:
http://www.cisco.com/en/US/docs/routers/csbr/rv220w/quick_start/guide/rv220w_qsg.pdf
http://www.cisco.com/en/US/docs/routers/csbr/rv120w/administration/guide/rv120w_admin.pdf
and theres some more stuff over on my site:
http://www.linksysinfo.org/index.php?forums/cisco-small-business-routers-and-vpn-solutions.49/ -
How to have Secure Connection for File Adapter.Pls help
Hi All,
For File to File Scenario
How to have Secure Connection for File Adapter.
Pls send links/blogs explaining this scenario.
Regardshi rich
go through these links
FTPs connection failed - error ".. certificate rejected by ChainVerifier"
Re: What is SFTP, FTI channels
http://help.sap.com/saphelp_erp2005/helpdata/en/e3/94007075cae04f930cc4c034e411e1/frameset.htm
http://help.sap.com/saphelp_erp2005/helpdata/en/bc/bb79d6061007419a081e58cbeaaf28/frameset.htm
FTPS implementation question.
http://help.sap.com/saphelp_nw04s/helpdata/en/43/0e16bfd7b021aee10000000a1553f6/frameset.htm
Server certificate rejected by ChainVerifier:FTPS server(Points Guaranteed)
/people/krishna.moorthyp/blog/2007/07/31/sftp-vs-ftps-in-sap-pi
File adapter
thanks
Kunaal -
How to provide security settings for the adobe form using livecycleDesigner
Hello,
I am very new to form designing,
can any one please tell me how to provide security settings for the adobe forms at client side?
Regards,
MenakaHi,
that is a good topic for the ADFS forum.
ADFS forum - http://social.msdn.microsoft.com/Forums/vstudio/en-US/home?forum=Geneva
But you could pass the user-agent as incoming claim type Client User agent. User-agents can be manipulated, so if that is an issue you can look into Device Registration and the Device OS type from there. That is also a incoming claim but requires DRS and
DRS is not available for all plattforms.
Hth,
Lutz -
How to setup SSL cert for SharePoint apps in a three tier farm with nlb
I am having trouble understanding how to setup the SSL certificate on SharePoint apps or in general its configuration
Please check the below thread..
https://social.technet.microsoft.com/Forums/sharepoint/en-US/53465d30-10b2-48c9-9541-5ade738156b4/how-to-setup-ssl-cert-for-apps
Don't forget to mark it as an Answer if it resolves your issue and Vote Me as helpful if it useful.
Mahesh -
How do the change management for the configuration of the adapters
Hi all.
How do the change management for the configuration of the adapters, when i transport the software version component from an development system to production system.
For example, for to change the url parameters of adapters soap inside the production system. I will need type, the news values in this system?
Thanks
Best Regards.There is an option to pass all the paramters except those who changes from
system to system.
for example,
if you are reading from a file from the directory: <SYS>\CREMAS_<TS>.XML
when <SYS> is DEV or QAS or PROD, and <TS> is time stamp,
you can create channel template that read file with file pattern CREMAS_*.XML,
this can save you a lot of work, however, parameters that are diffrent in every system, (in this case the directory DEV,QAS,PROD) you must enter manually in every system. -
How to setup Data guard for SAP database?
Can someone please tell me how to setup data guard for SAP databases?
Thanks,
AbhiHi Abhi,
have a look at OSS 105047 - Support for Oracle functions in the SAP environment you find this under
14
Oracle Data Guard
You can use "Physical Standby".
You cannot use "Logical Standby".
You are allowed to use Fast Start Failover (FSFO) but SAP Support is not provided.
You can use Data Guard Broker.
You can use Maximum Performance Mode, Maximum Availability Mode and Maximum Protection Mode.
In the case of Maximum Availability and Maximum Protection, you must pay particular attention to a fast network connection in order to avoid performance problems.
Maximum Protection causes the primary database to terminate if problems occur in the standby database.
And here you find on Oracle white paper from 2010 http://www.oracle.com/us/solutions/sap/wp-ora4sap-dataguard11g-303811.pdf
Perhaps some SAP user have answers for you http://scn.sap.com/community/oracle/content?query=guard
regards
Kay -
SAP IDM 7.2: How to setup SSO functionality for WebUI of CRM and GRC?
Hello IDM-experts,
where can my customer find information about
SAP IDM 7.2: How to setup SSO functionality for WebUI of CRM and GRC?
Customer situation description:
The situation is that we are using SAP IDM 7.2. We are using a functionality to allow our users to access a webpage from where they can gain
SSO access to the Abap systems via the SAPGui. See screenshot as an example.
Now what we want is to access the CRM and GRC WebUI also with the same SSO possibility. We cannot find any guide/best practice on how to do
this or if it is possible via SAP IDM 7.2.
You can see a weblink in the first screenshot but it does not work. It will ask you for a username and password, see second screenshot.
Kind regards,
DanielaDo you know how the SAP GUI SSO is setup ? Is it using SNC/Kerberos ?
If it is (I suspect it is), then you will need to use similar method of authentication for the ICF Services. These cannot use SNC since they are accessed via browser, but what you want is possible.
Thanks
Tim -
How to do delta management for fi module?
how to do delta management for fi module?
Hi,
Take a look on the following help site,It has all most all information about FI extraction:
http://help.sap.com/saphelp_bw32/helpdata/en/af/16533bbb15b762e10000000a114084/frameset.htm
With rgds,
Anil Kumar Sharma .P -
FormDataIntegration Security Manager for decryption not set
When trying to export or import from a specific PDF form, I am getting the error below. I suspect it's the pdf b/c I can import and export from different pdf forms. Any ideas or help in order to modify or resolve this problem?
com.adobe.livecycle.formdataintegration.client.ImportFormDataException: Security Manager for decryption is not set
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at com.adobe.livecycle.formdataintegration.server.FormData.importData(FormData.java:98)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at java.lang.reflect.Method.invoke(Method.java:615)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
[5/5/10 16:12:04:953 EDT] 0000001e SystemErr R aI think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
You'll have to remove the security first. You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
Note that you will need the document's password to remove the security. -
HT1918 How recalled the security question for account iTunes
How recalled the security question for account iTunes
Check the AppleCare number for your country here:
http://support.apple.com/kb/HE57
Call them up, and let them know you would like to be transferred to the Account Security Team. -
How to recover security code for itunes store
How to recover security code for itunes store
From the link right at the bottom of this very page
Contact Us
Maybe you are looking for
-
Hi Experts, I am printing Orderknowlegdement form, in that i am printing Billing Schedule .. Stage stage% stgAmt Date I want to format this in screen ... since it varies depending on the field length .. i tries wa-stage(40) ...but not working ?? nee
-
Safari acting up after Lion update
After I updated to Lion... Safari is acting very strange. On each startup... all windows from last launch open. Also, even after setting homepage in preferences, Safari opens to last page in history. All new windows open very small . Any fixes for th
-
Restrict same user using same internet explorer session
Hi, I encountered a problem here. Hope some one had deal with this problem can help me out. The application was written in BSP. The users are using Internet Explorer 6.0 and 7.0 to use the application. The problem I encountered here is after an user
-
How to install Firefox in English when in Greece?
I download and install twice the english version of firefox from firefox's website, but when I start installing I don't get asked what is my prefered language and everything start in Greek and finally the greek version is installed again and again!!!
-
Exploiting RIA & RCA functionalities would entail changing in the ABAP code
Dear All, Could someone please explain to what extent exploiting the latest RCA & RIA functionalities available in SAP NetWeaver would lead to changing in the underlying ABAP code (SAP native & customized) of an ERP system, ABAP stack. Thank you in