Is this possible to use no default security realm?

Similar Messages

• What should be I have to do , If I want IDM-CC add-on in my firefox 4? Firefox do not support IDM-CC add-on. Is this possible to use idm-cc in firefox 4?

  What should be I have to do , If I want IDM-CC add-on in my firefox 4? Firefox do not support IDM-CC add-on. Is this possible to use idm-cc in firefox 4?

  Hello! I had this problem and fixed it by entering here: http://www.internetdownloadmanager.com/support/firefox_integration.html
  You just need to go down below the page and click on "Install"... Then, firefox gonna install the new IDM CC complement. Restart firefox, and enjoy it :D

• Using LDAP as security realm

  Hi,
  Our goal is to use LDAP(Iplanet Directory Server 5.0) as a security Realm
  for Weblogic Personalization and Commerce 3.5.
  Using the WLCS console, I've modified the config.xml file and following
  elements are added:
  <LDAPRealm AuthProtocol='simple' Credential='admin'
  GroupDN='ou=groups,dc=netnumina,dc=com' GroupIsContext='false'
  GroupUsernameAttribute='uniquemember'
  LDAPURL='ldap://sanand.netnumina.com:389' Name='wlcsLDAPRealm'
  Principal='uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot'
  UserAuthentication='local' UserDN='ou=people,dc=netnumina,dc=com'
  UserNameAttribute='uid'/>
  <CachingRealm BasicRealm='wlcsLDAPRealm' CacheCaseSensitive='true'
  Name='wlcsCachingRealm'/>
  But when we try to restart the WLCS, it throws java exceptions that context
  is not initialized and I get the following error
  <Jun 15, 2001 3:41:28 PM EDT> <Emergency> <Server> <Unable to initialize the
  ser
  ver: 'Fatal initialization exception
  Throwable: weblogic.security.ldaprealm.LDAPException: could not get
  context - wi
  th nested exception:
  [java.lang.reflect.InvocationTargetException - with target exception:
  [javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
  Credential
  s]]]
  weblogic.security.ldaprealm.LDAPException: could not get context - with
  nested e
  xception:
  I tried using Windows NT as a security realm but that gave me errors too.
  Does anyone has any experience using anything other than the default Realm?
  Any help would be appreciated. Thanks!
  Asim Raja
  [email protected]

  I'm not sure, but I suspect you can't
  since this would create a circular dependency -
  your realm would rely on the upper level security
  checking calls but those calls would rely on your
  realm.
  My suggestion is to give it a try and see what
  happens.
  -Tom
  Ozcan ADIYAMAN <[email protected]> wrote:
  Hi ,
  I am implementing a simple custom security realm using LDAP as the
  security store and I can see the users, groups and acls from the admin
  console.
  My question is (a custom realm newbie question) ;
  Is it possible to use weblogic.security.acl.Security with my custom
  realm to check permissions, get the current user,etc.,
  OR
  is this class ONLY used with default realms (when ACL is stored in a
  file) ?
  Thanks
  Ozcan

• BEA public API (WLS6.1)for programatically updating default security realm?

  Hi,
  Does anyone know how to use BEA's public API to programmatically add/update WLS
  6.1 user credentials in the default security realm? The API would of course
  automatically persist the updates to $WLS/config/mydomain/fileRealm.properties.
  Is there a way to do such updates by programmatically engaging the WLS security
  realm related Mbeans? I basically need to do (from a deployed application component)
  what is easily done from the WLS Console's [security->User->Add User/Change
  Password] screen. Ideally, I could use the same API that the weblogic.security.acl.internal.FileRealm
  command line utility (or wlshell also) uses to make updates. But I doubt that
  the classes used by these tools are in BEA's public API for WLS 6.1. Especially
  important to me would be the BEA API mechanism that takes a clear-text password
  and hashes it to the encrypted format written in fileRealm.properties (and synchronized
  w/ SerializedSystemIni.dat). Ultimately, I am trying to replicate a large
  Oracle table of (*user, clear-text -password, group) records into the default
  WLS security realm. Thanks for any insights.
  Ben

  Thanks to another's post, I have found the answer to my problem in the Girdley/Woollen/Emerson
  book "J2EE Applications and BEA WebLogic Server" pp. 496-498:
  Note: this code segment is for WLS 6.1 and this API is said to be deprecated
  in WLS 7+
  //Roughly outlined, assuming session w/ userName, groupName, password Strings
  in HTTP Post request
  weblogic.security.acl.CachingRealm realm = (weblogic.security.acl.CachingRealm)
  weblogic.security.acl.Security.getRealm();
  weblogic.security.acl.User u;
  weblogic.security.acl.Group g;
  u = realm.newUser(userName, password, null);
  g = realm.getGroup(groupName); // use g = realm.newGroup(groupName) if groupName
  does not exist in realm
  g.addMember(u);
  //log in the new user
  int rc = weblogic..servlet.security.ServletAuthentication.weak(userName, password,
  httpSession);
  // use realm.deleteUser(u), realm.deleteGroup(g) as appropriate, etc.
  "Ben Cotton" <[email protected]> wrote:
  >
  >
  Hi,
  Does anyone know how to use BEA's public API to programmatically add/update
  WLS
  6.1 user credentials in the default security realm? The API would of
  course
  automatically persist the updates to $WLS/config/mydomain/fileRealm.properties.
  Is there a way to do such updates by programmatically engaging the
  WLS security
  realm related Mbeans? I basically need to do (from a deployed application
  component)
  what is easily done from the WLS Console's [security->User->Add User/Change
  Password] screen. Ideally, I could use the same API that the weblogic.security.acl.internal.FileRealm
  command line utility (or wlshell also) uses to make updates. But I
  doubt that
  the classes used by these tools are in BEA's public API for WLS 6.1.
  Especially
  important to me would be the BEA API mechanism that takes a clear-text
  password
  and hashes it to the encrypted format written in fileRealm.properties
  (and synchronized
  w/ SerializedSystemIni.dat). Ultimately, I am trying to replicate
  a large
  Oracle table of (*user, clear-text -password, group) records into the
  default
  WLS security realm. Thanks for any insights.
  Ben

• This possible? ==   use iTunes to sync your contacts to Macbook contacts?

  Hi guys,
  As I am unable to sync my contacts from Mobileme to my contacts in my macbook (my earlier post), a possible solution I was thinking of is if I am able to use iTunes and sync the contacts from my iphone into my contacts on my Macbook.
  Is this possible and if so, can you tell me the steps please.... a million thanks

  No. The iPhone stores no data on a sim card, thus there is no way to do what you want using iTunes.

• How can one use one specific security realm per application ? The realm-name attribute of the login-config tag of web.xml does not make any difference

  Hi,
  I have different sets of users coming from different databases and using different
  roles mapping for each of my web applications. I would like to configure a specific
  security realm per application in my weblogic server 7.0 . Is it possible ?
  I try to specify the realm-name of the login-config tag from the web-xml deployement
  descriptor but it doesn't make any difference. The default realm is always used.
  I also would like to tell the Weblogic server to use the default realm in case
  the realm isn't specified or isn't found. For example, the default would contains
  my admin users.
  Thanks a lot for your answer.
  Iz

  I thik this is a common mistake the ralm-name tag in the deployment descriptor is used
  just by the browser for display purposes (when it opens the basic auth dialog box) so as
  of now there is only 1 active realm which can have multiple providers as Kevin pointed
  out
  Kevin Lewis wrote:
  WebLogic 7 now ignores the realm-name tag (I found that out yesterday).
  My understanding is that there is only one realm active at a time for a domain
  (I would be interested in being contradicted in this).
  However, you can have multiple providers in each category of a realm: authentication,
  authorization, etc. Therefore, what you can do is key authentication, et al,
  off of some other information. We have our users enter their company, for example,
  and use the TextInputCallback to get it. You could also encode something in the
  initial page, based on the URL they hit, or whatever, and get that back in your
  callback.
  You can store that information in your own Principal implementation, and key off
  of that in your authorization provider, going to a different database as appropriate,
  or abstaining when a specific provider doesn’t have anything to say about a subject.
  Anyway, there should be a way to do it, even if it's more complex than you would
  have hoped.
  --Kevin

• Unable to use a custom security realm with Netscape Directory Server in WebLogic 7

  I have all users and groups stored in a Netscape LDAP server (version 4.1.6 on
  Solaris 8), so I want to create a custom security realm in WebLogic 7 (also run
  on Solaris 8) which uses my LDAP server as the Authenticator. I tried this by
  using the Admin Console and followed exactly the steps in Chapter 3 of the "Managing
  WebLogic Security" doc. However, when I rebooted WebLogic and logged into the
  Admin Console again and clicked the Users node under my custom realm, I saw this
  message in the right-hand pane: "There are no Authentication providers available
  that support the creation of Users". Also, I don't see my custom realm in the
  dropdown list under mydomain -> Security tab -> General tab -> Default Realm.
  What did I do wrong? Also, where does WebLogic store the custom security realm
  info? It is definitely not in config.xml.
  Thanks,
  Eric Ma

  Thanks for the info.
  I wonder when they will fix it.
  Jakub
  U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
  news:[email protected]..
  >
  According to BEA Tech Support, a known bug prevents the WLS 7 AdminConsole from
  displying users and groups defined in Netscape Directory Server.
  Eric Ma
  "Jakub Wroniszewski" <[email protected]> wrote:
  I have the same problem.
  Any new ideas?
  Rgds,
  Jakub
  U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
  news:[email protected]..
  Now I doubt my custom security realm is actually using the NetscapeDirectory Server
  as the authenticator. Unlike in WebLogic 6.1 Admin Console, whereclicking on
  the Users node displays all users in the LDAP server, in WebLogic 7I keep
  getting
  the message "There are no Authentication providers available that
  support
  the
  creation of Users." Any suggestions?
  "Eric Ma" <[email protected]> wrote:
  Never mind. I tried again by following the steps outlined at
  http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.deve
  l
  oper.interest.security&item=8463&utag=
  and it seemed to have worked for me.
  "Eric Ma" <[email protected]> wrote:
  I have all users and groups stored in a Netscape LDAP server (version
  4.1.6 on
  Solaris 8), so I want to create a custom security realm in WebLogic7
  (also run
  on Solaris 8) which uses my LDAP server as the Authenticator. I
  tried
  this by
  using the Admin Console and followed exactly the steps in Chapter3
  of
  the "Managing
  WebLogic Security" doc. However, when I rebooted WebLogic and logged
  into the
  Admin Console again and clicked the Users node under my custom realm,
  I saw this
  message in the right-hand pane: "There are no Authentication
  providers
  available
  that support the creation of Users". Also, I don't see my customrealm
  in the
  dropdown list under mydomain -> Security tab -> General tab ->
  Default
  Realm.
  What did I do wrong? Also, where does WebLogic store the customsecurity
  realm
  info? It is definitely not in config.xml.
  Thanks,
  Eric Ma

• Errors encountered while using a Custom Security Realm on a Platform Domain

  Hi,
  We have created a WebLogic Platform Domain. A WebLogic Portal application(Portal
  7.0) and some Web Service apps are running on this domain.
  We have created a Custom Security Realm b'cos of our application requirements
  and now when I startup the Platform Domain, I see lot of errors.
  Some of the errors typically are
  "<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user: wlisystem,
  for the servlet: ApplicationView for the webapp: /WLI_AI_Workshop_Control_Web,
  could not be resolved to a valid user in the system. Please check if the user
  exists.
  javax.security.auth.login.LoginException: Authentication Failed: User wlisystem
  denied in Realm Adapter realm weblogic"
  or
  Unable to deploy EJB: wlai-eventprocessor-ejb.jar from wlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
  weblogic.ejb20.interfaces.PrincipalNotFoundException: Authentication Failed: User
  wlisystem denied in Realm Adapter realm weblogic
  Do we have to create any predefined user accounts in the Security Store to get
  rid of these errors. I would appreciate if anyone can suggest some tips or workarounds
  for configuring or creating a Custom Security Realm for Web Logic Platform Domain.
  Thanks
  Vikram

  Hello Vikram,
  Are you using the new WLS 7.0 security framework? It is not supported for
  Portal 7.0. For Portal 7.0 apps you have to use compatibility mode (6.x
  style) security.
  Ture Hoefner
  BEA Systems, Inc.
  www.bea.com
  "Vikram Datla" <[email protected]> wrote in message
  news:3e273015$[email protected]..
  >
  Hi,
  We have created a WebLogic Platform Domain. A WebLogic Portalapplication(Portal
  7.0) and some Web Service apps are running on this domain.
  We have created a Custom Security Realm b'cos of our applicationrequirements
  and now when I startup the Platform Domain, I see lot of errors.
  Some of the errors typically are
  "<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user:wlisystem,
  for the servlet: ApplicationView for the webapp:/WLI_AI_Workshop_Control_Web,
  could not be resolved to a valid user in the system. Please check if theuser
  exists.
  javax.security.auth.login.LoginException: Authentication Failed: Userwlisystem
  denied in Realm Adapter realm weblogic"
  or
  Unable to deploy EJB: wlai-eventprocessor-ejb.jar fromwlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
  weblogic.ejb20.interfaces.PrincipalNotFoundException: AuthenticationFailed: User
  wlisystem denied in Realm Adapter realm weblogic
  Do we have to create any predefined user accounts in the Security Store toget
  rid of these errors. I would appreciate if anyone can suggest some tips orworkarounds
  for configuring or creating a Custom Security Realm for Web Logic PlatformDomain.
  >
  Thanks
  Vikram

• Default security realm

  Hi,
  I recently downloaded Weblogic7.0. And I have created a new security realm. But there
  is no option i can see on the console to set the new security realm as default realm.
  If anyone did this before, please reply me.
  Thanks
  Venkat

  Its available under Domain(examples)---->Security---->General
  Venkat wrote:
  Hi,
  I recently downloaded Weblogic7.0. And I have created a new security realm. But there
  is no option i can see on the console to set the new security realm as default realm.
  If anyone did this before, please reply me.
  Thanks
  Venkat

• Using an alternate security realm

  Hi,
  I'm trying to configure the Weblogic Personalization & Personalization
  Server v3.5 to use NT or LDAP as a security realm.
  With LDAP, the server reboots properly but when I try to goto
  http://localhost:7501/tools, it prompts me for password/userid and none of
  the user accounts(including for weblogic and those in the LDAP) work.
  When I try to configure for NT security realm and then I try to reboot the
  server, I get the error message below.
  Any help would be greatly appreciate. Thanks!
  Asim
  [email protected]
  NT error message:
  U n a b l e t o a d j u s t t o k e n p r i v i l e g e s
  U n a b l e t o a d j u s t t o k e n p r i v i l e
  g e
  s
  java.lang.SecurityException: Unable to assert all required
  priviledges
  at weblogic.security.ntrealm.NTDelegate.initFields(Native Method)
  at weblogic.security.ntrealm.NTDelegate.loadlib(NTDelegate.java:218)
  at weblogic.security.ntrealm.NTDelegate.<init>(NTDelegate.java:84)
  at weblogic.security.ntrealm.NTRealm.<init>(NTRealm.java:42)
  at java.lang.Class.newInstance0(Native Method)
  at java.lang.Class.newInstance(Class.java:237)
  at weblogic.security.acl.Realm.getRealm(Realm.java:84)
  at weblogic.security.acl.Realm.getRealm(Realm.java:62)
  at
  weblogic.security.SecurityService.initializeRealm(SecurityService.jav
  a:265)
  at
  weblogic.security.SecurityService.initialize(SecurityService.java:123
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
  at weblogic.Server.main(Server.java:35)
  <Jun 19, 2001 1:58:10 PM EDT> <Emergency> <Server> <Unable to initialize the
  ser
  ver: 'Fatal initialization exception
  Throwable: java.lang.IllegalAccessError: java.lang.SecurityException: Unable
  to
  assert all required priviledges -- bad domain name
  java.lang.IllegalAccessError: java.lang.SecurityException: Unable to assert
  all
  required priviledges -- bad domain name

  Hi,
  I'm trying to configure the Weblogic Personalization & Personalization
  Server v3.5 to use NT or LDAP as a security realm.
  With LDAP, the server reboots properly but when I try to goto
  http://localhost:7501/tools, it prompts me for password/userid and none of
  the user accounts(including for weblogic and those in the LDAP) work.
  When I try to configure for NT security realm and then I try to reboot the
  server, I get the error message below.
  Any help would be greatly appreciate. Thanks!
  Asim
  [email protected]
  NT error message:
  U n a b l e t o a d j u s t t o k e n p r i v i l e g e s
  U n a b l e t o a d j u s t t o k e n p r i v i l e
  g e
  s
  java.lang.SecurityException: Unable to assert all required
  priviledges
  at weblogic.security.ntrealm.NTDelegate.initFields(Native Method)
  at weblogic.security.ntrealm.NTDelegate.loadlib(NTDelegate.java:218)
  at weblogic.security.ntrealm.NTDelegate.<init>(NTDelegate.java:84)
  at weblogic.security.ntrealm.NTRealm.<init>(NTRealm.java:42)
  at java.lang.Class.newInstance0(Native Method)
  at java.lang.Class.newInstance(Class.java:237)
  at weblogic.security.acl.Realm.getRealm(Realm.java:84)
  at weblogic.security.acl.Realm.getRealm(Realm.java:62)
  at
  weblogic.security.SecurityService.initializeRealm(SecurityService.jav
  a:265)
  at
  weblogic.security.SecurityService.initialize(SecurityService.java:123
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:343)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
  at weblogic.Server.main(Server.java:35)
  <Jun 19, 2001 1:58:10 PM EDT> <Emergency> <Server> <Unable to initialize the
  ser
  ver: 'Fatal initialization exception
  Throwable: java.lang.IllegalAccessError: java.lang.SecurityException: Unable
  to
  assert all required priviledges -- bad domain name
  java.lang.IllegalAccessError: java.lang.SecurityException: Unable to assert
  all
  required priviledges -- bad domain name

• Is this possible to use in iWeb?

  Since my site seems to have a fragmented loading sequence because the size is so large, I was searching to see if there was some sort of plug-in that could be used to transition between pages...
  I found this site, but I didn't know if the coding could be used in iWeb?
  http://tiny.cc/I08tO
  If this can't work, is there anything that is similar to this that does work in iWeb? I would welcome any suggestions.
  thanks!

  It loads very fast for me. A nicely designed site by the way. If the site is loading slow for you on a Mac it could be your connection. If the problem lies with Internet Explorer on PCs then there is some optimizing you can do to speed it up. See Roddy's post in this thread: http://discussions.apple.com/thread.jspa?threadID=1837981&tstart=0. He has a site, iWebforMusicians.com, which has many good tips dealing with IE.
  OT

• Is this possible? Using Illustrator Script to duplicate EPS file 35 times & changing C,M,Y,K value?

  Hi everyone,
  I need HELP I have a bunch of vector clip arts, which are Black (C,M,Y,K100). I need it in 35 different colors Saved as Illustrator 8 EPS and I also need those file in 72 DPI PNG Transparent files.
  Thanks for any help.
  Akkudo.

  Good evening,
  0) In your templates give a specific namme to each path or groups or items via the layers window.
       The objective is to use a script like these two:
      Set myLayerCercle = my_Laieur_elements.GroupItems("Laplupart").PathItems("LaplupartCercle")
          myAiApp.Redraw
          myLayerCercle.FillColor.Spot.Color.Cyan = 0
          myLayerCercle.FillColor.Spot.Color.Magenta = 100
          myLayerCercle.FillColor.Spot.Color.Yellow = 80
           myLayerCercle.FillColor.Spot.Color.Black = 0
         myAiApp.Redraw
  or
    textRef.Paragraphs.Add ("myNewText")
      textRef.Paragraphs(1).ParagraphAttributes.Justification = aiRight
      textRef.Paragraphs(1).CharacterAttributes.Size = 12
      textRef.Paragraphs(1).CharacterAttributes.HorizontalScale = 10
      textRef.TextRange.CharacterAttributes.BaselineShift = fontBaseLineShift
      textRef.TextRange.CharacterAttributes.TextFont = myAiApp.TextFonts.Item("Times")
      textRef.TextRange.CharacterAttributes.FillColor.Black = 0
      textRef.TextRange.CharacterAttributes.FillColor.Magenta = 100
      textRef.TextRange.CharacterAttributes.FillColor.Yellow = 0
      textRef.TextRange.CharacterAttributes.FillColor.Cyan = 0
  If you agree please send your eps file via my email. I could be than more efficient.
  Have a good evening
  Patrice
  *) open an office sofware (Word or Excel) and go to the Visual basic editor (alt+F11) and
  copy and paste these script; replace nom_docAi  with your eps file name
  Public nom_docAi
  Sub myPrg()
  call OpenAi
  call openBaseFile                          '= open the eps file
  call myRectangle(100,100,200,300)
  call saveEPS(nom_docAi )
  call savePNG(nom_docAi )
  end sub
  Sub OpenAi()
  '*** le fichier excel et illustrator se trouvent dans le même répertoire
  myPath = ActiveWorkbook.Path
  '*** Définition de la variable "application"
  Set myAiApp = CreateObject("Illustrator.Application.CS4")
  End Sub
  Sub openBaseFile()
  '*** Définition et ouverture du fichier illustrator de base
  nom_eps = "cycle.eps"
  'nom_docAi = myPath & "\" & nom_eps
  nom_docAi = "G:\graph" & "\" & nom_eps
  Set myDocAi = myAiApp.Open(nom_docAi, 1)
  End Sub
  Sub saveEps(myPictureName)
  '*** Sauvegarde fichier
  Set myDocAi = myAiApp.ActiveDocument
  Set myEpsSave = CreateObject("Illustrator.EPSSaveOptions.CS4")
      myDocAi.CropBox = myDocAi.VisibleBounds
      myEpsSave.EmbedAllFonts = True
      myEpsSave.Preview = aiColorTIFF
      myEpsSave.postscript = ailevel3
      myAiApp.ActiveDocument.SaveAs myPictureName, myEpsSave
  End Sub
  sub myRectangle(x, y, LenghRect, HeightRect)
  '*** Sélection du calque recevant les rectangles
  Set Laieur = docAi.layers("data")
  myAiApp.Redraw
  Set myRect = docAi.PathItems.Rectangle(y, x, LenghRect, HeightRect)
  myRect.FillColor.Cyan = 0
  myRect.FillColor.Yellow = 100
  myRect.FillColor.Magenta = 35
  myRect.FillColor.Black = 0
  myRect.Stroked = False
  myAiApp.Redraw
  'mTab = myCColor(mType)
  End Function
  Sub savePNG(myPictureName)
  '*** Sauvegarde fichier
  myPictureName = Replace(myPictureName, ".eps", ".png")
  Set myAiApp = CreateObject("Illustrator.Application.CS4")
  Set docAi = myAiApp.ActiveDocument
  Set pngExportOptions = CreateObject("Illustrator.ExportOptionsPNG24.CS4")
  pngExportOptions.AntiAliasing = True
  pngExportOptions.Transparency = True
  docAi.Export myPictureName, aiPNG24, pngExportOptions
  End Sub

• One custom security realm for many wl servers?

  Is it possible to use one custom security realm for many weblogic servers...ie
  one login for all application on different weblogic server.

  Is it possible to use one custom security realm for many weblogic servers...ie
  one login for all application on different weblogic server.

• 10.1.3.1 issue: not possible to use default revision endpoint

  My use case is the following.
  Messages are sent from back-end systems to the BPEL engine, which start processes in BPEL.
  Because I don't want the back-end systems to be aware of the version of the processes, I want to submit the request from the back-end system to the default end-point. This is not possible anymore in 10.1.3.1. It was possible in 10.1.2
  Examples of options:
  10.1.2
  Default wsdl works: http://serverXXX:7777/orabpel/default/ProcessXXX/ProcessXXX?wsdl
  Explicit version wsdl works: http://serverXXX:7777/orabpel/default/ProcessXXX/1.0/ProcessXXX?wsdl
  Default end-point works: http://serverXXX:7777/orabpel/default/ProcessXXX
  Expliciet version wsdl works:
  http://serverXXX:7777/orabpel/default/ProcessXXX/1.0
  In 10.1.3.1 the default end-point doesn't work anymore.
  - If I have a new version for which the implementation has changed, but the interface has remained unchanged, I want to deploy a new version (e.g. 1.1).
  - The 1.1 version will become the default
  - I don't want to change the end-point configuration in my back-end systems
  - If I deploy a changed process with the same version (again 1.0), I will not be able anymore to analyse the 1.0 versions of the previous implemementation of the process
  I know that in an ideal world, the lookup of the end-point will be done dynamically using the WSDL, but my backend-systems are not that SOA aware.
  Is there a solution for this?
  Thanks,
  Jan Willem

  Marc,
  When requesting the default end-point in a browser, I get a page not found 404 error.
  Your comment (BTW) is right on the spot. This is just my problem.
  I want to deploy a new version, with a new number without changing the end-point configuration in my back-end applications.
  I hoped that this is possible by using the default end-point (which was possible in 10.1.2), but it seems that this is not possible in 10.1.3.1.
  Any other ideas?
  Jan Willem

• Use of default XACML with custom role mapper and authorization provider

  Hi,
  Is it possible to use the default XACML provider for custom role mappers and authorization providers when role information will be provided via an external application ( not an LDAP or RDBMS server )?
  My custom providers will be communicating with the external application via an API that accepts user credentials and will return decisions whether the credentials were successfully authenticated as well as returning a list of roles for the authenticated user.
  Once the roles and the subject are cached, will the default XACML provider be able to use them to make role mapping and authorization decisions?

  I see 2 approaches. First, write a custom authenticator that stores the role information in the subject either by creating a custom java.security.Principal that is stored in the Subject or by saving it in PrivateCredentials of the Subject. Then right a custom role mapper that knows how to get the role information from the Subject and return a role Map. The default XACML Authorizer will then work with the role information in the role map.
  Second approach is to write a custom role mapper that looks up the role information based on the Subject and returns a role map.
  The chosen approach depends on where you're getting the role information from.