IFS and security

Does iFS support SSL or any other method to secure data transfer ?

No. Our IMAP4 server does not support SSL.
null

Similar Messages

IFS and security based on custom attributes??

Is it possible to control the access to documents stored in iFS by cross checking the user's permissions and custom attributes values of files stored in iFS??.
Thanks
Sankar

Hi,
You can use tables AUSP, CRMD_MKTBP_AUSP.
Function modules:
CRM_MKTBP_READ_AUSP_EX_DB
CRM_MKTBP_READ_AUSP_GUID
CRM_MKTBP_READ_BP_SEL_AUSP
Regards,
Anup

IFS and iAS (OAS)

We currently use OAS as our web server. All pages are dynamically generated and stored on our Oracle 8i database. My question is this: Is there a way to connect from my OAS web page to iFS and be authenticated to iFS with the username/password combination I entered to access the web site?

Joe
Here's the JspLogin class I used in a demo once. It implements the IfsHttpLogin interface.
Once you've instantiated it you'll need to connect to the repository and obtain a LibrarySession interface and then invoke the setSession() method on the JspLogin object.
The code will look something like this
LibraryService ifsService = new LibraryService();
CleartextCredential me = new CleartextCredential(username,password);
ConnectOptions connect = new ConnectOptions();
connect.setLocale(Locale.getDefault());
connect.setServiceName(service);
connect.setServicePassword(schemaPassword);
LibrarySession ifsSession = ifsService.connect(me,connect);
if (DEBUG) {
Alert.log("JspUtilities.obtainSession: Session Created.");
JspLogin login = new JspLogin();
login.setSession(ifsSession);
httpSession.putValue(IFSHTTPLOGIN,login);
Note IFSHTTPLOGIN is defined as follows
public static final String IFSHTTPLOGIN = "IfsHttpLogin";
I used this code once in a demo. I've not tested that the Login object this creates will allow the complete iFS WebUI to run. This code is definitely supplied as is, with no warranties or anything else for that matter.
Regards
MDD
package ifs.demo.common.jsp;
import oracle.ifs.beans.DirectoryUser;
import oracle.ifs.beans.FolderPathResolver;
import oracle.ifs.beans.LibrarySession;
import oracle.ifs.beans.LibraryService;
import oracle.ifs.common.IfsException;
import oracle.ifs.adk.security.IfsHttpLogin;
import javax.servlet.http.HttpSessionBindingListener;
import javax.servlet.http.HttpSessionBindingEvent;
public class JspLogin implements IfsHttpLogin
private LibrarySession m_IfsSession;
private FolderPathResolver m_Resolver;
// Default constructor required by the jsp spec for the USEBEAN tag
public JspLogin() throws IfsException
public void setSession(LibrarySession ifsSession)
throws IfsException
m_IfsSession = ifsSession;
m_Resolver = new FolderPathResolver(ifsSession);
m_Resolver.setRootFolder();
public LibrarySession getSession()
return m_IfsSession;
public FolderPathResolver getResolver()
return m_Resolver;
public void valueBound(HttpSessionBindingEvent parm1) {
public void valueUnbound(HttpSessionBindingEvent parm1) {
}

Oracle ifs and BEA weblogic

Oracle ifs and BEA weblogic
We have one application server with weblogic and and ifs 1.0.9 , and one db server with Oracle 8.1.7.
with the following configuration:
Web server
appl server with weblogic 6.0 and ifs 1.1.9
Oracle 8i Enterprise with interMedia text
We need to use the iFS API call for our application.
As I know, weblogic 6.0 support JDK1.3 but ifs 1.1.9 supports up to JDK1.2.
Is this configuration possible?
Any conflict if two version JDK co-exist inside same machine?
Any suggestion?
If I separate the appl. server into two machines, that is,
one server installed with weblogic, the other one installed with ifs.
How could I make use the ifs API call from appl. server?
Is there any configuration guides for this setting?
Thanks a lot.
null

<BLOCKQUOTE><font size="1" face="Verdana, Arial, Helvetica">quote:</font><HR>Originally posted by Luis:
The iFS API is 100% pure Java. You can use it from any other Java application, be it JSP, EJB, or a standalone application.
So it really comes down to the CLASSPATH. The iFS API is split among a set of .jar files, and some of the configuration information is stored in .properties files that are outside of these .jar files. All of this stuff needs to be in the CLASSPATH of whatever JVM is calling the iFS API.
The iFS API uses the Oracle JDBC driver to communicate with the Oracle database. This is another requirement. You can't use another JDBC driver; you have to use ours.
So again, it's all about configuration.<HR></BLOCKQUOTE>
Would you mind to share more detail on configurating weblogic to integrate the iFS API?
null

I have forgotten my apple security questions, when I go to My Apple ID and click on password and security, there is no option to reset my security questions even though I have a rescue email adress, how do i reset my security question ?

I have forgotten my security questions but when I click on My Apple ID and got to password and security, there is no option to rest my questions and/or send my self a rescue email, what do I do now ?

You need to contact Apple. Click here, phone them, and ask for the Account Security team, or fill out and submit this form.
(89174)

Start up problems after Safari 3.1 and Security update

Updated safari and security update last night.
Safari downloaded and installed but there was an error downloading or installing the security update, I forgot.
After I restarted everything booted up fine, but was stuck on "Starting Mac OS X" screen.
Did a fsck and zap the pram, still stuck.
Today I tried booting up in safe mode, stuck on the gray screen with the apple logo.
Then I tried booting up from an external firewire dvd drive. Repaired permissions, repaired the disk, but it is still stuck on "Starting Mac OS X" screen. Help please...
Thank you

Ok i had a similar problem, with all the recent updates for Leopard, including the 10.5.2 combo update... the 12" PowerBook G4 kept getting stuck on the grey apple and spinning wheel... if it managed to get past this it would get stuck on the blue screen!!!
The way i got around this, after trying all these other tips was: Archived & Installed 10.5; restarted, waited; downloaded 10.5.2 Combo update, installed; restarted, waited; waited; waited; after getting back to desktop, restarted, waited; then ran Software Update only installing one at a time, and after each install, restarted, waited; when all Software updates completed, proceeded with iLife updates etc... It took a while (still quicker than the 3 days of failed installs and updates) with a lot of waiting on the blue screen (5-20mins) but we got there in the end. Disks where checked with Leopard Disk Utility before and after, permissions where checked before and after completing all installs, also with a DW 4.1 optimization. Also note worthy is the RAM was upgraded from the initial 256Mb (!!!) with an extra Gb.

Bursting with translation and security attributes?

Hi folks,
I've been lurking on the forum for a while and despite not always finding a solution, existing threads normally pointed me in the right direction - so thanks :)
I'm working on EBS 11.5.10 with the latest Bi-Publisher 5.6.3 (5472959) and bursting (5968876) patches installed.
I have successfully done the following individual AR Invoice Bi-Publisher tasks:
1. translated an invoice RTF template by attaching an xliff file to the data definition,
2. applied security attributes to the template to restrict updates on the resulting PDF,
3. burst a custom AR invoice print and emailed the resultant pdf's.
The PDF generated by the combined Invoice print correctly applies the translation and security attributes; however when I run the "XML Publisher Report Bursting Program" to the XML file the resultant burst PDF's do not apply the translation or security attributes. I assume this a limitation of bursting control files? If so, is this on the list of future enhancements to Bi-Publisher?
Here's an example of my control file document entry, I have included locale and pdf-security entries - these don't cause an error but equally don't generate the desired result (p.s. I know I'm emailing on a PRI filter - it's just a test):
<xapi:document output-type="pdf" delivery="att_email">
<xapi:template type="rtf"
location="/usr/tmp/xxxINVOICE3.rtf"
locale="fr-US"
pdf-security="true" pdf-encryption-level="1" pdf-permissions-password="xxxxxx"
filter=".//G_INVOICE_HEADER[PRINTING_OPTION='PRI']" >
</xapi:template>
</xapi:document>
Thanks
Dave

=================
==Properties Idea's
=================
You would have happened to try applying the security stuff in the application for your template? Try that and see if the pdf properties get set.
If that doesn't work your left with two options:
1. create a java concurrent program and set the properties manually.
2. Log a tar.
=================
==local idea's
=================
Are you sure you don't have to create template config for the locale? i suspect that's why it's not applying the xliff translation. Also, your NLS_LANG needs to be set to FRENCH for the approriate template to be applied. If your logged-in as english your french format template will not be applied, neither will the translation. As an example you can query vl table and you'll only get american (us) but if you alter your session you'll get the translation for that language when your query the table.
location="xdo://xxxAR.xxx_XML_PRINT.fr.US"
try it out and see if that works. Note: This will only work if your session NLS_LANG is set to FRENCH.

How to Set up HTTPOnly and SECURE FLAG for session cookies

Hi All,
To fix some vulnerability issues (found in the ethical hacking , penetration testing) I need to set up the session cookies (CFID , CFTOKEN , JSESSIONID) with "HTTPOnly" (so not to access by other non HTTP APIs like Javascript). Also I need to set up a "secure flag" for those session cookies.
I have found the below solutions.
For setting up the HTTPOnly for the session cookies.
1] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
     this.sessioncookie.httponly = true;
For setting up the secure flag for the session cookies.
2] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
     this.sessioncookie.secure = "true"
Here my question is how we can do the same thing in Application.cfm?. (I am using ColdFusion version 10). I know we can do this using the below code , incase of HTTPOnly (for example).
<cfapplication setclientcookies="false" sessionmanagement="true" name="test">
<cfif NOT IsDefined("cookie.cfid") OR NOT IsDefined("cookie.cftoken") OR cookie.cftoken IS NOT session.CFToken>
<cfheader name="Set-Cookie" value="CFID=#session.CFID#;path=/;HTTPOnly">
<cfheader name="Set-Cookie" value="CFTOKEN=#session.CFTOKEN#;path=/;HTTPOnly">
</cfif>
But in the above code "setclientcookies" has been set to "false". In my application (it is an existing application) this has already been set to "true". If I change this to "false" as mentioned in the above code then ColdFusion will not automatically send CFID and CFTOKEN cookies to client browser and we need to manually code CFID and CFTOKEN on the URL for every page that uses Session. Right???. And this will be headache.Right???. Or any other way to do this.
Your timely help is well appreciated.
Thanks in advance.

BKBK wrote:
Abdul L Koyappayil wrote:
BKBK wrote:
You can switch httponly / secure on and off, as we have done, for CFID and CFToken. However, Tomcat automatically switches JsessionID to 'secure' when it detects that the protocol is secure, that is, HTTPS.
I couldnt understand this. I mean how are you relating this with my question.
When Tomcat detects that the communication protocol is secure (that is, HTTPS), it automatically switches on the 'secure' flag for the J2EE session cookie, JsessionID. Tomcat is configured to do that. Coldfusion has no say in it. So, for JsessionID, 'secure' is automatically set to 'false' when HTTP is detected and automatically set to 'true' when HTTPS is detected.
     If this is the case then why I am getting below info for jsessionid (As you mentioned it should set with SECURE flag . Right???). Note that we are using web server - Apache vFabric .And the application that we are using is in https and there is no hit is going from https to http.
Name:
JSESSIONID
Content:
782BF97F50AEC00B1EBBF1C2DBBBB92F.xyz
Domain:
xyz.abc.pqr.com
Path:
Send for:
Any kind of connection
Accessible to script:
No (HttpOnly)
Created:
Wednesday, September 3, 2014 2:25:10 AM
Expires:
When the browsing session ends
BKBK wrote:
2]When I checked CF Admin->Server Settings->Memory Variables I found that J2EE SESSION has been set to YES. So does this mean that do we need to set HTTPOnly and SECURE flag for JSESSIONID only or for CF session cookies (CFID AND CFTOKEN ) as well ?.
Set HTTPOnly / Secure for the session cookies that you wish to use. Each cookie has its pros and cons. For example, the JsessionID cookie is more secure and more Java-interoperable than CFID/CFToken but, from the explanation above, it forbids the sharing of sessions between HTTP and HTTPS.
     I understood that setting thos flags (httponly/secure) is as per my wish. But my question was , is it necessary to set those flags forcf session cookies (cfid and cftoken) as we have enabled J2EE session in CF admin?. Or in other way as the session management is J2EE based do we need to set those flags for CF session cookies?.
BKBK wrote:
3]If I need to set HTTPOnly and SECURE flag for JSESSIONID , how can I do that.
It is sufficient to set the HTTPOnly only. As I explained above, Tomcat will automatically set 'secure' to 'true' when necessary, that is, when the protocol is HTTPS.
     I understood that it is sufficient to set httponly only.but how we will set it for jsessionid?. This is my question. Apache vFabric will alos set secure to true automatically. Any idea??

HT2534 My friend created me an itunes store account with his credit card , his credit card is about to expire and they are asking me to re-enter the credit card and security card number .... I don't have these numbers ... How can i create new itunes accou

My friend created me an itunes store account with his credit card , his credit card is about to expire and they are asking me to re-enter the credit card and security card number .... I don't have these numbers ... How can i create new itunes account without credit card?????

Why do you need to create a new account?
Just change the payment method.
http://support.apple.com/kb/ht1918

I forgot the answers for the security questions and when I try to change them (My Apple ID - Manage your account - Password and Security) I'm asked to answer the exact questions I'm Trying to change because I don't remember the answers. How can I do it?

I forgot the answers for the security questions and when I try to change them (My Apple ID -> Manage your account -> Password and Security) I'm asked to answer the exact questions I'm trying to change because I don't remember the answers. How can I do it?

Can't you try the email option instead?

[Request] Move Windows Control Panel applet from "System and Security" to "Programs"

The "Flash Player (32-bit)" Windows Control Panel applet should be moved from "System and Security" to "Programs" where the Java applet is.
Vote: https://bugbase.adobe.com/index.cfm?event=bug&id=2953107
Thanks

njb,
Why not just run the ThinkVantage System Update and let it install as usual. You can also "un-check" those drivers that you don't want to install.
*Non Lenovo employee*
I have a Y2P (i5) ... Feel free to ping me if you want me to test some applications with your Y2P if you have the same model. I don't mind keep doing recovery on it if needed .... =)

System and security control panel

Could someone with a W520 take a screenshot of the lenovo apps in their "system and security" section of control panel please. I am doing a ground up install from bare windows 7 to get rid of the preloaded SQL server 2005 and adding back the programe I want.
Just want to seee what came preloaded.
Thanks

njb,
Why not just run the ThinkVantage System Update and let it install as usual. You can also "un-check" those drivers that you don't want to install.
*Non Lenovo employee*
I have a Y2P (i5) ... Feel free to ping me if you want me to test some applications with your Y2P if you have the same model. I don't mind keep doing recovery on it if needed .... =)

"logon time" between USR41 and security audit log

Dear colleagues,
I got a following question from customer for security audit reason.
> 'Logon date' and 'Logon time' values stored in table USR41 are exactly same as
> logon history of Security Audit Log(Tr-cd:SM20)?
Table:USR41 saves 'logon date' and 'logon time' when user logs on to SAP System from SAP GUI.
And the Security Audit Log(Tr-cd:SM20) can save user's logon history;
at the time when user logged on, the security audit log is recorded .
I tried to check SAP GUI logon program:SAPMSYST several ways, however,
I could not check it because the program is protected even for read access.
I want to know about specification of "logon time" between USR41 and security audit log,
or about how to look into the program:SAPMSYST and debug it.
Thank you.
Best Regards.

Hi,
If you configure Security Audit you can achieve your goals...
1-Audit the employees how access the screens, tables, data...etc
Answer : Option 1 & 3
2-Audit all changes by all users to the data
Answer : Option 1 & 3
3-Keep the data up to one month
Answer: No such settings, but you can define maximum log size.
4-Log retention period can be defined.
Answer: No !.. but you can define maximum log size.
SM19/SM20 Options:
1-Dialog logon
You can check how many users logged in and at what time
2-RFC login/call
Same as above you can check RFC logins
3-Transaction/report start
You can see which report or transaction are executed and at what time
(It will help you to analyise unauthorized data change. Transactions/report can give you an idea, what data has been changed. So you can see who changed the data)
4-User master change
(You can see user master changes log with this option)
5-System/Other events
(System error can be logged using this option)
Hope, it clear the things...
Regards.
Rajesh Narkhede

I have used a Seagate external hard drive for my Mac desktop. It is malfunctioning. Can I disconnect and depend on iCloud to keep my documents, music, and photos backed up safe and secure? I use the Cloud for phone, pad and desktop.

Can I expect iCloud to safely back up and secure my documents, music and pictures? I am using Cloud on phone, pad, and desktop. Have depended on external hard drive in the past. It is malfunctioning. Will the Cloud replace it for storage and safety?

Time Machine in itself, without an external drive may well be good for instances where you accidentally delete documents that you later require. However in the event of a hard drive failure, if Time Machine backup is kept on the same drive as the original items, it will not be much use to you.
In my opinion, it is vitally important that you have an external drive for backup, whether you use Time Machine or a another backup solution is entirely up to you.
My situation is slightly unusual, I have four hard drives in my computer and multiple arrays of hard drive enclosures with multiple hard drives within them (in total I have 40 TB of storage). As a result of this I tend to employ more than one backup procedure, I use Time Machine to backup some items and a utility called tri-backup to backup other items. I also keep two backups of everything.
Time Machine is free, it's included with your operating system, I wonder if you mean time capsule.

HT1222 MacOSX v10.6.8 mail and security update issues - help?

in the system profiler, my mail app is showing as v4.5 but has the application name Mail 3.6
Not sure if that matters but I read to reinstall updcombo and security update but when installing the security update I get:
security update 2012-004 can't be installed on this disk. This volume does not meet the requirements
Help?

this is where the install stops

IFS and security

Similar Messages

Maybe you are looking for