I have to Implement My Own Keys To Track Session
Developers,
In order to track session requests, similar to HTTP server session in an RMI application is is neccessary to have to append a unique random key with each request that the user may make?
I see no other way around this and it seems like something which should be available in the API.
Thanks
Why do you think a custom application requirement should be part of the RMI specification? Unique Id has nothing to do with RMI, it is an application issue and properly belongs in an application container.
See the Tymeac projects on SourceForge.net for such a container.
http://www.coopsoft.com/JavaProduct.html
Similar Messages
-
is it possible to activate LR5 on a second (privately owned) computer and where do I have to enter the license key?
Lightroom doesn't use activation. The EULA allows you to install Lightroom on two computers, one a desktop the other a laptop. To apply the serial number you go to the Help menu then choose Lightroom Registration.
-
How can i implement "my own" security in ADF 11g
Hi everybody,
I have a problem and hope anyone could help me...
Currently i am developing a ADF application, and i want to implement the security... the problem i have (and i read a lot of posts in the forum and other blogs and i don't found anything that help me) is that the "validation" of the user of password is with a webservice..... and the "roles" of the application are given to me with another web service.
I read a lot and in the Fusion's Developer Guide in chapter 30 (Enabling ADF Security in a Fusion Web Application) explains very good how to implement the security in the application, but, that example really doesn't work for my problem.
I wan't to know any way to in the "doLogin" action of my "Login button in my login page" to implement my own logic.
public String doLogin() {
2 String un = _username;
3 byte[] pw = _password.getBytes();
4 FacesContext ctx = FacesContext.getCurrentInstance();
5 HttpServletRequest request =
6 (HttpServletRequest)ctx.getExternalContext().getRequest();
7 CallbackHandler handler = new SimpleCallbackHandler(un, pw);
8 try {
9 Subject mySubject = Authentication.login(handler); <<----------------------------- Here i wan't to invoke the WS that validate the user and pwd.
10 ServletAuthentication.runAs(mySubject, request);
11 String loginUrl = "/adfAuthentication?success_url=/faces" +
12 ctx.getViewRoot().getViewId();
13 HttpServletResponse response =
14 (HttpServletResponse)ctx.getExternalContext().getResponse();
15 sendForward(request, response, loginUrl);
16 } catch (FailedLoginException fle) {
17 FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR,
18 "Incorrect Username or Password",
19 "An incorrect Username or Password" +
20 " was specified");
21 ctx.addMessage(null, msg);
22 } catch (LoginException le) {
23 reportUnexpectedLoginError("LoginException", le);
24 }
25 return null;
26 }
And i wan't to know if i can save some other user information in some kind of session (like company, mail and other stuff).....
And when i can login validating usr and pwd from the WS... how could i manage my roles ?
Welll i hope anyone can help me.
Regards from Mexico.Hi,
to do this, you create a JAAS Login Module to authenticate against the Web Service. This then you wrap in an authentication provider that you configure with WLS. ADF Security does not perform any authentication itself and instead leaves it for the container.
http://download.oracle.com/docs/cd/E17904_01/web.1111/e13718/atn.htm#i1154044
Frank -
Set my own key instead of using KeyGenerator.generateKey() - how?
How can I set my own key instead of using KeyGenerator.generateKey()?
I don´t see any method that is alowing this.I have now tried my own.
To send encrypted data through a CipherOutputStream, I have done this:
private File file;
private CipherOutputStream cos;
private Cipher cipher;
private PBEKeySpec key;
private char[] password = "test".toCharArray();
public SendFileThread(File file)
this.file = file;
try
key = new PBEKeySpec(password);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey pbeKey = factory.generateSecret(key);
cipher = Cipher.getInstance("PBEWithMD5AndDES");
cipher.init(Cipher.ENCRYPT_MODE, pbeKey);
catch(Exception err) {err.printStackTrace();}
public void run()
byte [] mybytearray = new byte [(int)file.length()];
try
fis = new FileInputStream(file);
bis = new BufferedInputStream(fis);
bis.read(mybytearray,0,mybytearray.length);
OutputStream os = socket.getOutputStream();
cos = new CipherOutputStream(os, cipher);
int byteCount = 0;
int length = mybytearray.length;
while(byteCount < mybytearray.length)
cos.write(mybytearray[byteCount]);
os.flush();
os.close();
socket.close();
catch(FileNotFoundException err){err.printStackTrace();}
catch(IOException err){err.printStackTrace();}To receive the encrypted data and then decrypt it, I use the same password and Cipher.DECRYPT_MODE in the Cipher.init() method.
private Socket sock;
private DataInputStream din;
private CipherInputStream cin;
private BufferedOutputStream out_file;
private Cipher cipher;
private PBEKeySpec key;
private char[] password = "test".toCharArray();
public ListenForConnectionThread()
try
key = new PBEKeySpec(password);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
SecretKey pbeKey = factory.generateSecret(key);
cipher = Cipher.getInstance("PBEWithMD5AndDES");
cipher.init(Cipher.DECRYPT_MODE, pbeKey);
catch(Exception err) {err.printStackTrace();}
public void run()
try
serverSocket = new ServerSocket(2000);
sock = serverSocket.accept();
Runnable r = new Runnable()
public void run()
try
cin = new CipherInputStream(sock.getInputStream(), cipher);
out_file = new BufferedOutputStream(new FileOutputStream("received_file.txt"));
int inputLine;
while((inputLine = cin.read()) != -1)
out_file.write(inputLine);
out_file.flush();
catch(Exception err){err.printStackTrace();}When I run the application, I get this error:
java.security.InvalidKeyException: requires PBE parameters.
Why? -
Implementing my own linked lists...aiiieee!
Hi,
I'm trying to implement my own linked list structure oftype String. It will eventually go to form a simple text editor, with each line of a file being loaded into its own String node.
However, im having problems implementing the list itself :)
So far ive got the file to read in succesfully, but now im stuck...how do i load up a line into a new node? and what about the head/tail nodes, they just confuse me! Do i have to write a seperate 'List' class and create an object of that, much like the LinkedList class with Java?
Any help or a nudge in the right direction would be appreciated,
TIA
andrew
PS code below ...
=================================
=================================
import java.io.*;
import java.util.*;
class Editor {
public static void main(String[] args) {
///LOAD UP THE TEXT FILE//////////////////////////////////////
String file = "s.txt";
String line;
System.out.println(System.in);
//testing here...
StringNode alist = new StringNode(null,null);
try{
FileReader FR = new FileReader(file);
BufferedReader BR = new BufferedReader(FR);
while ( (line = BR.readLine()) != null ){
alist.addNodeAfter(line);
System.out.println(line);
}//while
}//try
catch(IOException e){
System.out.println(file + " not found");
}//catch
///COMMANDS///////////////////////////////////////////////////
//text editor commands to be input via command line type console. how to grab inputs on return?
}//main
}//Editor
//code to create a node...but now what?
class StringNode
private String data;
private StringNode link;
// constructor for initialisation
public StringNode(String initialData, StringNode initialLink)
data = initialData;
link = initialLink;
// accessor method to get the data from this node
public String getData( )
return data;
// accessor method to get a reference to the next node after this node.
public StringNode getLink( )
return link;
// modification method to set the data in this node.
public void setData(String newData)
data = newData;
// modification method to set the link to the next node after this node
public void setLink(StringNode newLink)
link = newLink;
// add a new node after this node
public void addNodeAfter(String item)
link = new StringNode(item, link);
// modification method to remove the node after this node.
public void removeNodeAfter( )
link = link.link;
// compute the number of nodes in a linked list
public static int listLength(StringNode head)
StringNode cursor;
int answer;
answer = 0;
for (cursor = head; cursor != null; cursor = cursor.link)
answer++;
return answer;
// print the nodes in a linked list
public static void listPrint(StringNode head)
StringNode cursor;
for (cursor = head; cursor != null; cursor = cursor.link)
System.out.println(cursor.getData());
// print the nodes in a linked list skipping dummy node at head
public static void listPrint2(StringNode head)
StringNode cursor;
for (cursor = head.link; cursor != null; cursor = cursor.link)
System.out.println(cursor.getData()+" ");
// search for a particular piece of data in a linked list
public static StringNode listSearch(StringNode head, String target)
StringNode cursor;
for (cursor = head; cursor != null; cursor = cursor.link)
if (target == cursor.data)
return cursor;
return null;
}You wouldn't by any chance be doing computer science at Cardiff university would you and have been given this as an assignment?
-
Can we have more than one primary key constraint to a Oracle Table?
Hi,
Can we have more than one primary keys to a single table in oracle? ( Not the composite key)
Please somebody answer..
Regards,
Alaka811935 wrote:
Can we have more than one primary keys to a single table in oracle? ( Not the composite key)
In principle a table can have multiple keys if you need them. It is a very strong convention that just one of those keys is designated to be "primary" but that's just a convention and it doesn't stop you implementing other keys as well.
Oracle provides two uniqueness constraints for creating keys: the PRIMARY KEY constraint and the UNIQUE constraint. The PRIMARY KEY constraint can only be used once per table whereas the UNIQUE constraint can be used multiple times. Other than that the PRIMARY KEY and UNIQUE constraints serve the same function (always assuming the column(s) they are applied to are NOT NULL). -
Hi,
i using the following code to encypt a string, but i now i need to encrypt using my own key, what i have to change in this code to make that possible...
String message="test";
KeyGenerator kgen = KeyGenerator.getInstance("Rijndael");
kgen.init(128);
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "Rijndael");
// Instantiate the cipher
Cipher cipher = Cipher.getInstance("Rijndael");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal((args.length == 0 ?message : args[0]).getBytes());OK, try this:
import java.math.BigInteger;
byte[] raw = new
BigInteger("c9536544-9b54-4986-75a1-45982b69587c".repl
aceAll("-","")).toByteArray();
This does not really work. It tries to convert the key using base 10, not base 16, and it puts a leading zero in the byte array so produces a 17 byte key. See for example
String hexKey = "c9536544-9b54-4986-75a1-45982b69587c".replaceAll("-","");
System.out.println(hexKey.length() + "\t" + hexKey);
byte[] raw = new BigInteger(hexKey, 16).toByteArray();
System.out.println(raw.length + "\t" + java .util.Arrays.toString(raw));In this case one could just remove the leading zero from the resulting 'raw' but this would then fail if using a key that has a genuine leading zero.
It would be better to use one of the free Hex decoders out there. I use 'jakarta commons codec'. Google will find it. -
UIX Controller - Implementing my own PageFlowEngine
I want to implement my own PageFlowEngine and having looked at the javadocs it seems to me that there are really only two methods which need overriding from BasePageFlowEngine:
checkPageAccess(...) - this is where any security issues should be addressed
getPage(...) - decide which page to go to next
Am I right in this? If not what am I missing?
Thanks
IanHi Arjuna, here's our views on what we're trying to do.
Our application will have many multi-step transactions building state as they progress. A user will have access to a set of functions but may have limited access within each function (e.g. View <objectType> only, not Update).
The issues we are trying to address are:
1. We'd like the back button to only re-render relevant pages. In a multi-page dialogue, rather than display each state of the same page (for example where <hideShow>s may be actioned) we want to go to the previous page in that dialogue.
2. We'd like the back button to prevent 'cross-transaction' flows. Following a 'commit of a transaction' we want to control what happens when the user hits the back button e.g. return the user to a known point in the dialogue NOT the previous page.
3. Remove page-flow from event handlers because :
a. The flow may change based on user security settings or may be determined by previous flow.
b. Enable re-use of common pages in multiple scenarios i.e. where a page can be reached from several points we want the flow engine to return the flow to its 'initiation point'.
4. Enable a generic error-handling mechanism. Depending on the nature of any error, we want to encapsulate the processing of the error e.g. return to the same page, go to a warning or error page.
We believe that in order to get our required behaviour for the above we would have to do (at least!) the following:
1. Implement our own PageFlowEngine
2. Implement our own StateManager
3. Disable browser cacheing (overriding isCacheable in our implementation of PageBroker)
I hope this is enough for you to understand our requirements, thanks for your help
Ian -
Implementing my own Topic and TopicConnectionFactory
I need to implement my own version of Topic and TopicConnectionFactory. I also need to do this without changing my original program code at all. That is, I still need to be able to say Topic myTopic, but have it load up my own version of the Topic class.
Does anyone have any suggestions for where I can make this change? I am thinking I might have to use JNDI but I am not sure. Pointing me in the right direction would be VERY helpful, I'm willing to do lots of research on this, I just don't know where to look. Thanks!Hi!
You can study how these interfaces are inplemented in real projects. Study for example source codes of some Open Source project. Here is one starter page
http://www.jmiddleware.com/jms_links_page.html
-Raine- -
hello..
i need to specify my own key when creating one, can i do that? The only thing i keep reading is like this code:
KeyGenerator generator = KeyGenerator.getInstance("DES");
key = generator.generateKey();
where a a KeyGenerator generates a key for me.
can't i specify the key that i want instead of it generating for me ?
thanks.hello again..
isnt this code alone enough:
SecretKey testKey = new SecretKeySpec(byteArray, "RC4"); ??
or must i use the SecretKeyFactory class as well?
and i have this following code i want to post, i want to do brute force decryption of an RC4 encrypted string, but its not always working with me, specifically it only works when i set Key size to 8 bits. i read RC4 has no limits on key size so i guess that should work though, here is the code, if i set keysize to something like 10, while loop never stops, am i wrong somewhere:
import java.math.*;
import javax.crypto.*;
import javax.crypto.spec.*;
public class RC4EncDec
public static void main(String[] args)
try
KeyGenerator kgen = KeyGenerator.getInstance("RC4");
kgen.init(8);
SecretKey key = kgen.generateKey();
RC4 encrypter = new RC4(key);
String encryptedString = encrypter.encrypt("Hello World");
BigInteger big = new BigInteger("-128", 10);
byte[] possibleKey = big.toByteArray();
SecretKey testKey = new SecretKeySpec(possibleKey, "RC4");
encrypter = new RC4(testKey);
String decryptedString = encrypter.decrypt(encryptedString);
int c = 0;
while (!(decryptedString.equals("Hello World")))
c++;
System.out.println(big.toString(2));
big = big.add(new BigInteger("1"));
possibleKey = big.toByteArray();
testKey = new SecretKeySpec(possibleKey, "RC4");
encrypter = new RC4(testKey);
decryptedString = encrypter.decrypt(encryptedString);
System.out.println("Found '" + decryptedString + "' after " + c + " iterations");
System.out.println("The decryption key was: " + big.toString(2));
catch (Exception e)
e.printStackTrace();
class RC4
Cipher encCipher;
Cipher decCipher;
RC4(SecretKey key)
try
encCipher = Cipher.getInstance("RC4");
decCipher = Cipher.getInstance("RC4");
encCipher.init(Cipher.ENCRYPT_MODE, key);
decCipher.init(Cipher.DECRYPT_MODE, key);
catch (Exception e)
public String encrypt(String str)
try
// Encode the string into bytes using utf-8
byte[] utf8 = str.getBytes("UTF8");
// Encrypt
byte[] enc = encCipher.doFinal(utf8);
// Encode bytes to base64 to get a string
return new sun.misc.BASE64Encoder().encode(enc);
catch (Exception e)
return null;
public String decrypt(String str)
try
// Decode base64 to get bytes
byte[] dec = new sun.misc.BASE64Decoder().decodeBuffer(str);
// Decrypt
byte[] utf8 = decCipher.doFinal(dec);
// Decode using utf-8
return new String(utf8, "UTF8");
catch (Exception e)
return null;
}i installed the bouncyCastle provider to use its RC4. is my code correct? is that the way a brute force check should happen. some parts are from Java Almanac.
thanks... -
Implement my own password field
I have implemented my own "password" field.
I catch the before_action of the et_KEY_DOWN event, check for the delete and backspace, displays an '*' or clears the field and bubbleevent is false.
my code is below.
If pVal.CharPressed = 8 Or pVal.CharPressed = 46 Then
pincode = ""
oApp.Forms.Item(FormUID).Items.Item "pincode").Specific.string = ""
Else
oApp.Forms.Item(FormUID).Items.Item"pincode").Specific.string += "*"
pincode += Chr(pVal.CharPressed)
End If
BubbleEvents = False
My problem is that the cursor stays at the beginning of my field.
How can I move it to the end of this field.anyway, how do you handle such features, as a:
input of character in the middle of password ???
for example:
I want to type in my password "asdf" and I've made a typo and I'm sure, that I've forgot to type the "s", so in the password field, I have the "***"-"adf" thus, I move right after the first char and press the "s" (or copy/paste the string containing the "s" or whatever) ... what happends ? you add the "s" at the end of your pincode ... and ups, you have the "adfs" instead of "asdf" ...
and more problems appear ... when:
user marks (using mouse, or shift+movement_arrows) more chars, and inputs the desired char/string ...
This was the reason ... why I'm using a linkedbutton, which opens new form, with empty editbox, to type in the password ... fully visible, ofcourse ... -
Do We Have Multiple Implementations
Do We Have Multiple Implementations for all the Badi's. or any exceptions
Hi,
There is no limitation for implementing BADI's
We can have multiple implementations for BADI
that property of BADI makes it different from user exits
see the BADI Doc
DEFINING THE BADI
1) execute Tcode SE18.
2) Specify a definition Name : ZBADI_SPFLI
3) Press create
4) Choose the attribute tab. Specify short desc for badi.. and specify the type :
multiple use.
5) Choose the interface tab
6) Specify interface name: ZIF_EX_BADI_SPFLI and save.
7) Dbl clk on interface name to start class builder . specify a method name (name,
level, desc).
Method level desc
Linese;ection instance methos some desc
8) place the cursor on the method name desc its parameters to define the interface.
Parameter type refe field desc
I_carrid import spfli-carrid some
I_connid import spefi-connid some
9) save , check and activate adapter class proposed by system is
ZCL_IM_IM_LINESEL is genereated.
IMPLEMENTATION OF BADI DEFINITION
1) EXECUTE tcode se18.choose menuitem create from the implementation menubar.
2) Specify aname for implementation ZIM_LINESEL
3) Specify short desc.
4) Choose interface tab. System proposes a name fo the implementation class.
ZCL_IM_IMLINESEL which is already generarted.
5) Specify short desc for method
6) Dbl clk on method to insert code..(check the code in AAA).
7) Save , check and activate the code.
Some useful URL
http://www.esnips.com/doc/e06e4171-29df-462f-b857-54fac19a9d8e/ppt-on-badis.ppt
http://www.esnips.com/doc/10016c34-55a7-4b13-8f5f-bf720422d265/BADIs.pdf
http://www.esnips.com/doc/43a58f51-5d92-4213-913a-de05e9faac0d/Business-Addin.doc
http://www.esnips.com/doc/1e10392e-64d8-4181-b2a5-5f04d8f87839/badi.doc
www.sapgenie.com/publications/saptips/022006%20-%20Zaidi%20BADI.pdf
http://www.sapdevelopment.co.uk/enhance/enhance_badi.htm
http://help.sap.com/saphelp_nw04/helpdata/en/04/f3683c05ea4464e10000000a114084/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/e6/d54d3c596f0b26e10000000a11402f/content.htm
http://help.sap.com/saphelp_nw2004s/helpdata/en/c2/eab541c5b63031e10000000a155106/frameset.htm
Now write a sample program to use this badi method..
Look for BBB sample program.
AAA
data : wa_flights type sflight,
it_flights type table of sflight.
format color col_heading.
write:/ 'Flight info of:', i_carrid, i_connid.
format color col_normal.
select * from sflight
into corresponding fields of table it_flights
where carrid = i_carrid
and connid = i_connid.
loop at it_flights into wa_flights.
write:/ wa_flights-fldate,
wa_flights-planetype,
wa_flights-price currency wa_flights-currency,
wa_flights-seatsmax,
wa_flights-seatsocc.
endloop.
BBB
*& Report ZBADI_TEST *
REPORT ZBADI_TEST .
tables: spfli.
data: wa_spfli type spfli,
it_spfli type table of spfli with key carrid connid.
*Initialise the object of the interface.
data: exit_ref type ref to ZCL_IM_IM_LINESEL,
exit_ref1 type ref to ZIF_EX_BADISPFLI1.
selection-screen begin of block b1.
select-options: s_carr for spfli-carrid.
selection-screen end of block b1.
start-of-selection.
select * from spfli into corresponding fields of table it_spfli
where carrid in s_carr.
end-of-selection.
loop at it_spfli into wa_spfli.
write:/ wa_spfli-carrid,
wa_spfli-connid,
wa_spfli-cityfrom,
wa_spfli-deptime,
wa_spfli-arrtime.
hide: wa_spfli-carrid, wa_spfli-connid.
endloop.
at line-selection.
check not wa_spfli-carrid is initial.
create object exit_ref.
exit_ref1 = exit_ref.
call method exit_ref1->lineselection
EXPORTING
i_carrid = wa_spfli-carrid
i_connid = wa_spfli-connid.
clear wa_spfli.
<b>Reward points</b>
Regards -
When my Mac Book Pro is asleep and I lift the cover the screen goes dark and I have to press the F2 key to get it back. What do I need to do to prevent this?
Try this, may help.
1. Reset PRAM. http://support.apple.com/kb/PH4405
2. Reset SMC. http://support.apple.com/kb/HT3964
Choose the method for:
"Resetting SMC on portables with a battery you should not remove on your own".
If this does not help, contact Apple.
Best. -
I have lost Lightroom 5 due to a crashed hard drive. I don't have a back up disc, and I dont think I have a key. I have a an adobe key recorded but don't know if it relates to LR5. I have an LR4 disc and key. LR5 is still intact and running on my laptop, but I need to use LR% on my desktop PC. I need an address to try a download so that I can try the key which might fit it. Any ideas how I can transfer the program (with key) from my laptop? Any other ideas?
John Carden <[email protected]>Just download and install.
you can find by internet search for "download Lightroom", or click here:
https://creative.adobe.com/products/download/lightroom
Note: trial software is same as licensed software, once you license it.. (I hope you still have the license key). -
Is it possible to have your whole family on one apple id or is it better to have each person have there own? If each has their own does each id have to buy their own music and apps? How does find my iphone work with one apple id or two? also I am going to be going off to college soon should I make an itunes id for my self and how will I get all the music from the old id?
Is it possible to have your whole family on one apple id or is it better to have each person have there own?
Yes, it is possible. 1 apple ID can be associated with up to 10 devices.
If each has their own does each id have to buy their own music and apps?
Yes, all purchases are non-transferable.
How does find my iphone work with one apple id or two?
Every device associated with one apple ID through Find my iPhone is tied to that Apple ID; Find my iPhone will work in the same way with up to ten devices associated with one apple ID. You cannot enable Find my iPhone for one device across two apple IDs
I am going to be going off to college soon should I make an itunes id for my self and how will I get all the music from the old id?
If you have authorized a computer with the old apple ID, you can transfer old media purchased through the old to other devices via iTunes. This doesn't mean the media purchases through the old apple ID it transferred to the new account. If you plan to make future purchases and don't wish to share them with others, make your own apple ID.
Maybe you are looking for
-
How to measure the current/power running through iMac
Hi After I moved from my old house to my new appartment, my 24" late 2006 iMac instantly started making this annoying high pitch noise. I've tracked it to coming from the area around the hard drive fan. I believe there might be a problem with the gro
-
VF04 - Maintain Billing Due List
Hello all, The Billing Due List is displaying several Orders which have been already fully invoiced. My questions are: 1) If I execute the Billing Due List, will the sales orders(the ones that are already invoiced)be invoiced again? 2) How to delete
-
Uwc redirect w/ POST /uwc/wabp/login.wabp cmd & uwcauth.admins=calmaster
We enabled uwcauth.admins and restarted the web container in SCS6U1. Now instead of getting proxyauth being disallowed we get redirected after a successful proxy authentication. The web client fails because of this redirection instead of accessing th
-
I had started a movie maker project back in August, and had sound attached and working. Sound is now no longer working in movie maker. Works for everything else eg itunes, you tube, games etc. What am I doing wrong? This question was solved. View
-
My phone is disabled. what do i need to do??
the other day i tried to put my password in my phone and it didnt work i kept trying until eventually it was totally disabled. it said to connect to itunes. i tried to but it said i had to input the passcode on my phone before i can sync to itunes. i