Implement Axis2 Authentication Security

Similar Messages

• How to implement row level security using external tables

  Hi All Gurus/ Masters,
  I want to implement row level security using external tables, as I'm not sure how to implement that. and I'm aware of using it by RPD level authentication.
  I can use a filter condition in my user level so that he can access his data only.
  But when i have 4 tables in external tables
  users
  groups
  usergroups
  webgrups
  Then in which table I need to give the filter conditions..
  Pl let me know this ...

  You pull the Group into a repository variable using a session variable init block, then reference that variable in the data filters either in the LTS directly or in the security management as Filters. You reference it with the syntax VALUEOF("NQ_SESSION.Variable Name")
  Hope this helps

• What if I implement data level security using Selection formula?

  Hi All,
  I have a requirement to implement data level security for all the reports, the thing is, we donot have a front end application developed in java/.net or any other language, so we have only two options (as per me, if you think there are other alternatives then please share).
  1) Implement security at the database level (that is use user roles in where clause which will make the where clause really complicated and hence the performance of the query will eventually decrease).
  2) Retrieve the data with the flags of user role/permission on data. Use these flags in selection formula to select the needed records as per the user login.
  I have already in middle of implementing the second method, thought to take suggestion from you guys, I appreciate if you could tell me the drawbacks of the method I am using, and if there is an alternative method you could think of.
  Thanks,
  -Azhar

  Standaone Crystal Reports does not have any security option except to use Trusted Authentication when connecting to the DB. We use Microsofts NT or MS SQL Server Authentication only.
  Doing this in CR Designer using flags and formula will never be secure, the user could simply change the formula etc...
  Check with your DBA on how to configure AD authentication and then enable or add each user to SQL server. You may need to configure and mantain this manually depending on how you ahve your network configured.
  Thank you
  Don

• How many types of authentications in sharepoint and how to implement those authentication in sharepoint?

  Hi All,
  How many types of authentications in sharepoint and how to implement those authentication in sharepoint?
  can any one explain the above things with examples?
  Thanks in Advance!

  In addition to
  A Sai Gunaranjan you can also check this URL for Sharepoint 2010:
  http://technet.microsoft.com/en-us/library/cc288475(v=office.14).aspx
  http://www.codeproject.com/Tips/382312/SharePoint-2010-Form-Based-Authentication
  ***If my post is answer for your query please mark as answer***
  ***If my answer is helpful please vote***

• Implement row-level security using Oracleu2019s Virtual Private Databases (VPD)

  Environment: Business Objects XI R2; Oracle 10g
  Functional Requirement:
  Implement row-level security using Oracleu2019s Virtual Private Databases (VPD) technology. The restriction is that the Business Objects Universe connection should use a generic/u201Capplicationu201D database user account. This will allow the organization to avoid the situation where the Business Objects password and the Oracle password need to be kept in synch.
  What do we need from the Business Objects support team?
  1.     Review the 2 attempted solutions that we have tried to implement
  2.     Propose solutions/answers to open questions for each of the attempted solutions
  3.     Propose any alternate solution that will help us implement the Function Requirement stated above
  Attempted Solution 1: Connection String uses Oracle Proxy User
  The connection string that is specified in the Universe is the following:
  app_user[end_user]/app_user_pwdarrobaDatabase.WORLD
  app_user = generic application user
  end_user = the oracle account of the end user which is set using arrobaVariable('BOUSER') app_user_pwd = password of the generic application user
  We have tried and implemented this in our test environment. However, we have some questions and concerns around how the connections are reused in a connection pool environment.
  Open Question for Solution 1:
  i. What happens when multiple proxy users try to connect on at the same time?  Business Objects shares the generic app_user connect string.  However, every user that logs on will have their own unique proxy user credentials.  Will there be any contention involved?  If so, what kind of errors can we expect?
  ii. If a user logs on using his credentials (proxy user), and business objects opens up a connection to the database using that user's credentials (as the proxy user but logging in through the generic app user). Then the user exits out --> based on our test today, it seems like the database connection remains open.  In that case, if another user logs on similarly with their credentials, will business objects simply assign the first users connection to that second user?  If so, then our security will not work.  Is there a way that Business Objects can somehow ensure that everytime we close a report, the connection is also terminated both at the BO and DB levels?
  iii. Our 3rd question is general high level -> How connection pooling works in general and how it is implemented in BO, i.e. how are new connections assigned, how are they recycled, how are they closed, etc.
  Attempted Solution 2: Using the ConnectInit parameter
  Reading through a couple of the Business Objects documents, it states that u201CUsing the ConnectInit parameter it is possible to send commands to the database when opening the session which can be used to set database specific parameters used for optimization.u201D
  Therefore, we tried to set the parameter in the Universe using several different options:
  ConnectInit = BEGIN SYSTEM.prc_logon('arrobaVARIABLE('BOUSER')'); COMMIT; END; ConnectInit = BEGIN DBMS_SESSION.SET_IDENTIFIER('arrobaVariable('BOUSER')'); COMMIT; END;
  Neither of the above iterations or any variation of that seemed to work. It seems that the variable is not being set or being u201Cexecutedu201D on the database.
  One of the Business Objects documents had stated that Patch ID 38, 977, 350 must be installed in our BO environments. We have verified that this patch has been applied on our system.
  Open Questions for Solution 2:
  How do we get the parameter ConnectInit to work? i.e. what is the proper syntax to enter and what other things do we need to check to get this to work.
  Note: Arroba word is being used instead of the symbol in order to avoid following error message:
  We are sorry but your message can not be posted since you have included an email address. Please remove the email address and re-post.

  the connectinit setting should look something like this:
  declare a date; begin vpd_setup('@VARIABLE('BOUSER')'); Commit; end;
  The vpd_setup procedure (in Oracle) should look like this:
  CREATE OR REPLACE procedure vpd_setup (p_user varchar)IS
  BEGIN
    DBMS_SESSION.set_vpd( 'SESSION_VALUES', 'USERID', p_user );
  END vpd_setup;
  Then you can retrieve the value of the context variable in your vpd functions
  and set the vpd.

• SAP Lumira - Implementing row level security

  Hi All,
  I aware that SAP Lumira 1.17 onward allows to share the datasets, stories to SAP Lumira Server as well as SAP BI Platform (4.1 SP3 onward).
  But I would like to know if there is any way of implementing Row level security for this published contents i.e. datasets or stories. e.g. If user A (may be an administrator with access to all the regions) creates dataset and story and shares it with other users over SAP Lumira Server or SAP BI Platform. But when user B accesses these contents on any platform, SAP Lumira server or SAP BI Platform, he should be able to see data only as per his access (his own region). Can something of this sort be implemented?
  Thanks,
  Abhijit

  Hi,
  Sorry for the delay in getting back to you.
  As per my understanding - as of today, we respect Row-level security when acquiring (fetching) the data from universe into Lumira desktop (also, contexts and business-security profiles i.e. columns)
  now, when that desktop user has 'designed' the Lumira document, all of the above: row-level, contexts and security profiles  are 'locked-down' into that artefact when shared onwards. (i.e. to Lum Server and hence, BI Platform)
  once this content is being access from the BI Launchpad, refresh-on-demand is possible from the story, as well as scheduling of dataset on which it is based.
  According this blog by Greg Wcislo (the product owner for the Add-on)  Lumira integration for BI4 functionality detailed. note that features such as 'refresh on open' and 'changing design-time parameters' (i.e. prompts) are not yet supported,  but very much in future scope / plans.
  I believe that one of the other mid-term goals is to architect a 'Lumira server-side universe refresh' (i.e. so that the processing is handled 100% by Lumira server) rather than querying across BIPlatform services then replicating a dataset to HANA (which is currently the process flow)
  I hope this helps.
  Regards,
  H

• How to implement Dual Authentication in Oracle Apex

  Currently I am learning an oracle Apex tools. I am pretty confuse and not able to find any help for authentication scheme offered from oracle Apex. Like I would like to implement dual authentication scheme i.e. I want to implement Database Authentication and LDAP authentication. If user is fail in authenticate in Database Credential then I would like to check him in LDAP Credential. If user is present in LDAP credential then User is able to login. But if user is not present in any of them then again Login page should get displayed.
  Edited by: user2074688 on Jun 24, 2010 3:27 PM

  Dual Authentication doesn't exist as predefined Authentication Scheme, you need to program that yourself.
  So what you need to do is create a custom Authentication Scheme where you at first check user credentials against Database and then against LDAP.
  Have fun,
  Peter
  Blog: http://www.oracle-and-apex.com
  ApexLib: http://apexlib.oracleapex.info
  Work: http://www.click-click.at

• How to implement Custom Authentication and Authorization in Oracle SOA 11g

  Can anyone please tell me, how to implement Custom Authentication in Oracle SOA 11g ?
  Because in Oracle SOA 10.1.3.4 , i have implemented this custom authentication and authorization by implementing BPMAuthenticationService, BPMAuthorizationService, BPMIdentityService to verify againt my database systems.
  implementation classes like the mentioned below
  1).
  public class SampleAuthenticationService extends SampleServiceBase implements BPMAuthenticationService {
  2).
  public class SampleAuthorizationService extends SampleServiceBase implements BPMAuthorizationService {
  3).
  public class SampleIdentityService extends SampleServiceBase implements BPMIdentityService {
  Please help me to implement the authentication and authorization in Oracle SOA 11g .
  thanks in advance

  To start with please go through following document
  http://docs.oracle.com/cd/E21764_01/integration.1111/e10231/adptr_jms.htm
  http://docs.oracle.com/cd/E23943_01/integration.1111/e10231/adptr_file.htm
  Regards
  Arpit

• 802.1x Implementation - Machine Authentication

  Hello friends...
  I am trying to implement 802.1x in my network, but I have a problem.
  I have an environment with Cisco ACS appliance 4.1.2.12, switches 3560 12.2(37)SE1 and clients Microsoft Windows XP and 2000.
  My problem is: I want to implement Machine Authentication with PEAP. When I use MS-PEAP (native Windows) the ACS don`t log and the access is not permitted, but when I use Cisco-PEAP (SCC) every works perfectly.
  Could you help me? I need that 802.1x works with MS-PEAP...
  Regards,
  Cris

  Following links can help you with the configuration:
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00801df0e4.shtml
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml#t21
  Hope this helps
  ~Rohit

• How to implement data level security

  How to implement data level security in BI Publihser?. I am using Obiee enterprise edition and bi publihser. My requirement is to show data based on User- Region relation ship.
  User A - belongs to Eastern Region
  User B - belongs to Southern Region
  so if user A logged in he should see only Eastern Region report. If user B logged in He should see only Southern region. I am using direct sql to my oralce database as data source.
  i appriciate your help

  I am using a common database username and password for jdbc connection. what i am looking is based the BI Publihser login, is there any way?
  say i have userregion table joined with fact. so that i can write a query to get the data
  select c1,c2,c3
  from userregion, fact
  where fact.region=userregion.region
  and userregion.user = BIPUBLIHSERUSER
  but my question is ithere any variable to tell who is logged in BI Publisher? Any server varaibles?
  Other related question is, In every report i want to show User name who is running the report. How can i get this?

• Tips on Implementing Row Level Security

  Dear All,I am currently trying to implement row level security in Hyperion Intelligent version 8.2. The user guide is straight forward on explaining the steps. However, when I tried it, the row level security does not filter the information at all eventhough I have set the row level security setting in System Administration. Is there Anyone who can share their problems and experience when implementing row level security in Hyperion Intelligent version 8?Regards,Ricky

  I don't believe you need the bqy file anymore, as you set up the ODBC to connect to the database of the EPM Workspace since it contains the 3 tables (BRIOSECG, BRIOSECP, BRIOSECR).
  (I don't have an EPM instance with IR installed to check currently).
  Note: from the docs quoted earlier:
  If you want to implement row-level security in Reporting and Analysis, keep these points in mind:
  At least one Hyperion Interactive Reporting Data Access Service instance must be configured to access the data source storing your row-level security information.
  The database client library should be installed on the computer where the Hyperion Interactive Reporting Data Access Service is running.
  The data source for the Reporting and Analysis repository that has the row-level security table information should be configured.
  For security reasons, the user name and password to access the data source should differ from that used for the Reporting and Analysis user account.
  Regards, Iain

• Does coldfusion 8 support the implementation of WS-Security ?

  Does coldfusion support the implementation of WS-Security? We are  running Coldfusion 8 Enterprise Edition .We are trying to consume a web  service that is written in java on an IBM web sphere server. Can  coldfusion 8 consume this web service and pass in the required  WS-Security elements?
  Requirement : To consume a Webservice developed in java from coldfusion using WS-Secuirty mode .
  Environment used : Windows 2003, IIS 6, Coldfusion 8, SQl server  2005
  While trying to consume a public webservice through coldfusion , We received unable to read WSDL file and Unknown host exception error.
  Hence,  we are using <cfhttp to consume webservices.
  Can  you please advise how we can consume webservice using WS-Secuirty  (SHA-1)?

  swoodrich wrote:
  > Does coldfusion support the implementation of
  WS-Security? I am running
  > Coldfusion 8 Enterprise Edition as a stand alone server.
  I am trying to
  > consume a web service that is written in java on an IBM
  web sphere server. Can
  > coldfusion consume this web service and pass in the
  required WS-Security
  > elements?
  >
  > Also, is the reverse achievable... Can I create a web
  service that implements
  > WS-Security on a coldfusion server?
  As far as I know CF cannot consume or produce WS-Security.
  I've consumed
  a .net security enabled web service using raw XML. I think
  it's much
  harder to produce ws-security in CF (you're still going to do
  it raw
  just that it's harder).
  Mack

• Problem using Implementing Remote Panel Security with a Login Example Guide

  I'm having issues implementing a Remote Panel protected by username and password using this NI guide:
  Implementing Remote Panel Security with a Login Example
  Remotepanellogin.zip
  After login process using Login.vi, if the user has the right password, his IP will be included in the Webserver allowed access list and the user can open the web site which hosts the Main.vi. Ok.
  But if the user doesn't have the password, his IP will be denied!
  Here is the problem: Will his IP be denied at all including Login.vi? 
  I can't block access to Login.vi because even if the user entered a wrong password, he can still try login again....
  How can I configure a type of Allowed and Denied table using Webserver properties? For example:
  IP: 10.0.0.2 - Login.vi (allowed) - Main.vi (allowed) -> User entered a right password
  IP: 10.0.0.3 - Login.vi (allowed) - Main.vi (denied) -> User entered a wrong password
  Note: Login.vi must be visible and accessible always.
  These are the Implementing Remote Panel Security with a Login Example instructions:
  After you configure the VIs with the Web Publishing Tool, browse to the Remote Panel Login VI and run it. When this VI runs, LabVIEW gives remote panel access to all users, but they can view and control only this VI.
  If a user successfully logs in by supplying the Username of NI and password of labview (both are case sensitive) then LabVIEW gives remote panel access to the IP address specified in the Remote Panel Login VI only. That user can then browse to and run the Main VI.
  Thanks in advance!
  APrado
  Message Edited by APrado on 04-01-2009 08:21 AM

  I'm thinking about using the option Reentrant Execution (VI property > Category > Execution).
  Could anyone help me?
  Thanks.

• How can i implement "my own" security in ADF 11g

  Hi everybody,
  I have a problem and hope anyone could help me...
  Currently i am developing a ADF application, and i want to implement the security... the problem i have (and i read a lot of posts in the forum and other blogs and i don't found anything that help me) is that the "validation" of the user of password is with a webservice..... and the "roles" of the application are given to me with another web service.
  I read a lot and in the Fusion's Developer Guide in chapter 30 (Enabling ADF Security in a Fusion Web Application) explains very good how to implement the security in the application, but, that example really doesn't work for my problem.
  I wan't to know any way to in the "doLogin" action of my "Login button in my login page" to implement my own logic.
  public String doLogin() {
  2 String un = _username;
  3 byte[] pw = _password.getBytes();
  4 FacesContext ctx = FacesContext.getCurrentInstance();
  5 HttpServletRequest request =
  6 (HttpServletRequest)ctx.getExternalContext().getRequest();
  7 CallbackHandler handler = new SimpleCallbackHandler(un, pw);
  8 try {
  9 Subject mySubject = Authentication.login(handler); <<----------------------------- Here i wan't to invoke the WS that validate the user and pwd.
  10 ServletAuthentication.runAs(mySubject, request);
  11 String loginUrl = "/adfAuthentication?success_url=/faces" +
  12 ctx.getViewRoot().getViewId();
  13 HttpServletResponse response =
  14 (HttpServletResponse)ctx.getExternalContext().getResponse();
  15 sendForward(request, response, loginUrl);
  16 } catch (FailedLoginException fle) {
  17 FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR,
  18 "Incorrect Username or Password",
  19 "An incorrect Username or Password" +
  20 " was specified");
  21 ctx.addMessage(null, msg);
  22 } catch (LoginException le) {
  23 reportUnexpectedLoginError("LoginException", le);
  24 }
  25 return null;
  26 }
  And i wan't to know if i can save some other user information in some kind of session (like company, mail and other stuff).....
  And when i can login validating usr and pwd from the WS... how could i manage my roles ?
  Welll i hope anyone can help me.
  Regards from Mexico.

  Hi,
  to do this, you create a JAAS Login Module to authenticate against the Web Service. This then you wrap in an authentication provider that you configure with WLS. ADF Security does not perform any authentication itself and instead leaves it for the container.
  http://download.oracle.com/docs/cd/E17904_01/web.1111/e13718/atn.htm#i1154044
  Frank

• How to implement sharepoint 2010 security implementation at site level ?

  Hi,
  We are going to implement one school automation system as internet application using sharepoint 2010.
  I want to know what type of step's i have to take for best security level implementation in the site level.
  Thanking You, Nagendra.

  Hiya,
  simple as that, SharePoint 2010 has no known vulnerabilities against SQL injections due to the nature of how it works.
  It's hard to protect against unknown vulnerabilities. If your planning to allow only authenticated users, you can perform the authentication on a dedicated application server. TMG/UAG/Web Application Proxy.
  Besides that, SharePoint 2010 and up was build to be exposed to the internet, with all the considerations that incurs.
  I fail to see the validity in the argument about "any web application using Asp.net there is a chance to SQL inject". If you create a custom asp.net application and do not secure yourself, yes you will have a problem. If you do secure yourself, you do not
  have a problem. Proposing it as a general approach is faulty.