Issue with ADF security enabled App deployed to java cloud services
Hi,
Here are the instance details:
Jdev cloud build:JDEVADF_11.1.1.6.0CLOUD_GENERIC_121118.1600.6229
Java cloud service version:13.1
I have created a simple ADF Application & enabled security by editing web.xml:
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<description>manager</description>
<role-name>manager</role-name>
</security-role>
Then I have tried to deploy this Application to Java cloud services.Deployment works fine.
I have 2 users created in Identity console- x & y.In my case x user has manager role enabled & y doesn't have manager role enabled.
Now when I try to access the above deployed ADF Application with 'y' user,the page is accessible.
My question here is that since 'y' user does not have the privilege he should not be able to access this page,could you please let me know if am missing something?
Thanks.
Hi,
You may refer to the documentation available in the link: Developing Applications for Oracle Java Cloud Service - Release 13.1
Please refer to the section: Securing Java EE Applications- Roles and Constraints
Hope this helps
Regards,
Santhosh
Similar Messages
-
ADF BC 11g, Weblogic 10.3 - Deployment Issue with ADF Security
Hi all,
I know there are many many blogs about deployment of an 11g app using ADF Security to a WLS 10.3 server, however, none appear to be working for me.. or I'm not working with them! :P
I've deployed an .ear file to the WLS 10.3 and this works fine - after following these steps
http://www.freewebalbum.com/blogs/faces/bjanko/blogs.jsp?blog=bjanko20090127130431
I then followed Steve's migration technique
http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html
That all built correctly.
I then tried to access the app via browser, entered in the user cred (created under Security Realms in WLS 10.3 admin console - user and groups).
I attempted to login, and received an "Error 401--Unauthorized" error.
I'll that I see in the server log is:
[JpsWlsFilter.doFilter] setContextID to testApp
I'm totally stuck, so any ideas would be awesome.
Cheers,
chrisJust gave that a shot.. No dice unfortunately.
Steve Muench wrote:
You can omit -DdstApp=DEPLOYAPPNAME if the deployed application name is the same as the source application name you supplied in the -DsrcApp=APPNAME argument.I hate massive code dumping... but this is my jazn-data.xml
<?xml version = '1.0' encoding = 'UTF-8'?>
<jazn-data>
<jazn-realm default="jazn.com">
<realm>
<name>jazn.com</name>
<users>
<user>
<name>system</name>
<guid>0300AED0A9A411DD8F304FB2D3E85932</guid>
<credentials>{903}G5cbldq4HwMVt/gQpv1lXuNdLYbSu20y</credentials>
</user>
</users>
<roles>
<role>
<name>PlusAdmin</name>
<guid>0300AED1A9A411DD8F304FB2D3E85932</guid>
<members>
<member>
<type>user</type>
<name>system</name>
</member>
</members>
</role>
<role>
<name>PlusUser</name>
<guid>0300AED2A9A411DD8F304FB2D3E85932</guid>
<members>
<member>
<type>user</type>
<name>system</name>
</member>
</members>
</role>
</roles>
</realm>
</jazn-realm>
<policy-store>
<applications>
<application>
<name>TestApp</name>
<app-roles>
<app-role>
<name>PlusAdmin</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<members>
<member>
<class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
<name>system</name>
</member>
</members>
</app-role>
<app-role>
<name>PlusUser</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<members>
<member>
<class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
<name>system</name>
</member>
</members>
</app-role>
</app-roles>
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl</class>
<name>anonymous-role</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>com.delexian.plus.ui.pageDefs.LogonPageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>com.delexian.plus.ui.pageDefs.LogonErrorPageDef</name>
<actions>view</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<name>PlusAdmin</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
<actions>customize,edit,grant,personalize,view</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<name>PlusUser</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
<actions>customize,edit,grant,personalize,view</actions>
</permission>
</permissions>
</grant>
</jazn-policy>
</application>
</applications>
</policy-store>
<jazn-policy/>
</jazn-data> -
I need to get the logs of my iPhone 5. I'm a registered as a developer and I have an issue with one of my app which is already in the market
The Firefox 3.5.x branch has reached end-of-life and is no longer maintained.<br />
You will no longer receive security updates.<br />
You can update Firefox via "Help > Check for Updates" or download and install the latest Firefox 3.6.x.<br />
Firefox 4 and later require at least OS X 10.5 and an Intel Mac.
* http://www.mozilla.com/firefox/4.0/system-requirements/
If you have problems with updating or with the permissions then easiest is to download the full version and trash the currently installed version to do a clean install of the new version.
Download a new copy of the Firefox program and save the DMG file to the desktop
* Firefox 3.6.x: http://www.mozilla.com/en-US/firefox/all-older.html
* Trash the current Firefox application to do a clean (re-)install
* Install the new version that you have downloaded
Your profile data is stored elsewhere in the [http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox Profile Folder], so you won't lose your bookmarks and other personal data. -
Revision: 1433
Author: [email protected]
Date: 2008-04-28 13:13:12 -0700 (Mon, 28 Apr 2008)
Log Message:
adding 'console' security constraint to MBeanServerGateway remote object for MBean tests and ds-console, used when running on Websphere with administrative security enabled. Should call setCredentials("bob","bob1") to use this RO.
Modified Paths:
blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/remoting-config.mods.xml
blazeds/branches/3.0.x/qa/apps/qa-regress/WEB-INF/flex/services-config.mods.xmlHi,
It seems that you were using Hyper-V Remote Management Configuration Utility from the link
http://code.msdn.microsoft.com/HVRemote, if so, you can refer to the following link.
Configure Hyper-V Remote Management in seconds
http://blogs.technet.com/jhoward/archive/2008/11/14/configure-hyper-v-remote-management-in-seconds.aspx
By the way, if you want to perform the further research about Hyper-V Remote Management Configuration Utility, it is recommend that you to get further
support in the corresponding community so that you can get the most qualified pool of respondents. Thanks for your understanding.
For your convenience, I have list the related link as followed.
Discussions for Hyper-V Remote Management Configuration Utility
http://code.msdn.microsoft.com/HVRemote/Thread/List.aspx
Best Regards,
Vincent Hu -
Process of login with ADF security
Hi,
I was looking at how to implement the process of Login with the ADF security using JDev 11g and I feel very good...
My question is if it is possible to use this tool in case of use a container as Tomcat 6.x or JBoss. If it is possible to use ADF security for these containers, what should be configured to work?Hi,
ok, I'd like to use authorization with ADF security, but as you say it is not possible in Tomcat. well, but could implement it, if there must be 3 users with different roles of the little system that I want to develop. Any idea?. There maybe a small example with user roles to use without authorization of ADF security?. -
I can't connect to iTunes. I think it might be an issue with McAfee Security Center - not sure. I am getting an error code of -42408. (Don't know what that means...) Has anyone had this problem? If so, how did you fix it?
Having the same issue after downloading the lastest version of itunes. Apple is going to lose me as a customer, if this keeps up with their software updates. They never seem to work.
Really, they should want me to be able to access their store. That's money out of their pocket.
Honestly, I don't know why Apple doesn't have a techie monitering their support threads trying to help fix issues.
I don't have McAffee, so that wouldn't be my issue. I guess, I'll keep checking back to see if anyone has figured anything out.
I can't seem to sync my ipad, now either. Ebay is sounding really good. -
Error when trying to deploy ADF application in Java Cloud Service - SaaS Extension
Hello guys,
I'm trying to deploy a simple ADF application in "Oracle Java Cloud Service - SaaS Extension" and i'm still having the error below
The job turns to Failed at "Deploy Application" step:
Did someone already got this error ?
Thanks at advance
Sid
2014-12-10 11:06:20 PST: Starting action "Deploy Application"
2014-12-10 11:06:20 PST: Deploy Application started
2014-12-10 11:06:28 PST: weblogic.application.ModuleException: weblogic.application.ModuleException:
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1531)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:488)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
at weblogic.application.internal.SingleModuleDeployment.activate(SingleModuleDeployment.java:44)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:80)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:573)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:150)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:116)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:327)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:844)
at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1253)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:440)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:163)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:195)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:545)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: java.security.AccessControlException: access denied ("java.net.NetPermission" "specifyStreamHandler")
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
at java.security.AccessController.checkPermission(AccessController.java:559)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.net.URL.checkSpecifyHandler(URL.java:649)
at java.net.URL.<init>(URL.java:373)
at weblogic.application.io.MergedDescriptorFinder.getSource(MergedDescriptorFinder.java:46)
at weblogic.application.io.DescriptorFinder.getSource(DescriptorFinder.java:44)
at weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
at weblogic.application.utils.CompositeWebAppFinder.getSource(CompositeWebAppFinder.java:71)
at weblogic.servlet.internal.War$ResourceFinder.getSource(War.java:1213)
at weblogic.servlet.internal.War$ResourceFinder.getSource(War.java:1203)
at weblogic.servlet.internal.War.getResourceAsSource(War.java:512)
at weblogic.servlet.internal.WebAppServletContext.getResourceAsSource(WebAppServletContext.java:3436)
at weblogic.servlet.internal.WebAppServletContext.getResourceAsSource(WebAppServletContext.java:3427)
at weblogic.servlet.internal.WebAppServletContext.getResourceAsStream(WebAppServletContext.java:872)
at com.sun.faces.config.ConfigureListener$WebXmlProcessor.scanForFacesServlet(ConfigureListener.java:805)
at com.sun.faces.config.ConfigureListener$WebXmlProcessor.<init>(ConfigureListener.java:768)
at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:178)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1871)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3173)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1529)
2014-12-10 11:06:28 PST: WL action state: failed
2014-12-10 11:06:28 PST: Action FAILED with WL action state: failed
2014-12-10 11:06:28 PST: Check the server log of your Java cloud service for more info about the failure.
2014-12-10 11:06:28 PST: Application deployment failed.
2014-12-10 11:06:28 PST: "Deploy Application" complete: status FAILEDThe Application does nothing, it's just a simple page (the button does nothing too) the aim is to deploy a jsf page with ADF forms.
The deployment log is on the first message.
I'm using Jdeveloper and i note the Jdev inserts some servlets into the web.xml file ! is it possible that the probleme is related to this ? (below the web.xml file)
Sid
<?xml version = '1.0' encoding = 'windows-1252'?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>resources</servlet-name>
<servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.GraphServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BIGAUGESERVLET</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.GaugeServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>MapProxyServlet</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.MapProxyServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/adf/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/afr/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<url-pattern>/servlet/GraphServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BIGAUGESERVLET</servlet-name>
<url-pattern>/servlet/GaugeServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>MapProxyServlet</servlet-name>
<url-pattern>/servlet/mapproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/bi/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>trinidad</filter-name>
<filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
</filter>
<filter>
<filter-name>ServletADFFilter</filter-name>
<filter-class>oracle.adf.share.http.ServletADFFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>trinidad</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>ServletADFFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.faces.PARTIAL_STATE_SAVING</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
<param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
<param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<description>Security precaution to prevent clickjacking: bust frames if the ancestor window domain(protocol, host, and port) and the frame domain are different. Another options for this parameter are always and never.</description>
<param-name>org.apache.myfaces.trinidad.security.FRAME_BUSTING</param-name>
<param-value>differentOrigin</param-value>
</context-param>
<context-param>
<param-name>javax.faces.VALIDATE_EMPTY_FIELDS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>oracle.adf.view.rich.geometry.DEFAULT_DIMENSIONS</param-name>
<param-value>auto</param-value>
</context-param>
<context-param>
<param-name>oracle.adf.view.rich.SYNCROWS</param-name>
<param-value>enable</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_DECORATORS</param-name>
<param-value>oracle.adfinternal.view.faces.facelets.rich.AdfTagDecorator</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_RESOURCE_RESOLVER</param-name>
<param-value>oracle.adfinternal.view.faces.facelets.rich.AdfFaceletsResourceResolver</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_VIEW_MAPPINGS</param-name>
<param-value>*.jsf;*.xhtml</param-value>
</context-param>
<mime-mapping>
<extension>swf</extension>
<mime-type>application/x-shockwave-flash</mime-type>
</mime-mapping>
<mime-mapping>
<extension>amf</extension>
<mime-type>application/x-amf</mime-type>
</mime-mapping>
<listener>
<listener-class>oracle.adf.mbean.share.config.ADFConfigLifeCycleCallBack</listener-class>
</listener>
<login-config />
</web-app> -
Hello Experts,
I have deployed an ADF application on Oracle Java Cloud Service - SaaS Extension and also deployed database objects from local environment to cloud using JDeveloper. I can see the cloud database has tables and data which I have deployed but when I access the application it seems it is not able to connect with cloud database.
I have followed below document and same sample application (HRSystem).
http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/JDeveloperPart1/jdeveloperPart1.html
http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/JDeveloperPart2/jdeveloperPart2.html
Please guide me what can be the issue.
Regards
Gulam DyerHi,
Can you give us more details about your issue? Any error messages?
Thanks,
Bogdan -
Can we deploy a java web service on OC4J within EBS 12.1.3
Hi,
I needed some instructions if this is possible to deploy a java web service on OC4J in EBS 12.1.3.
We don't have SOA gateway integration. The web service is simple SOAP web service.
Is there any document that can be referred for this ?
ThanksI would try a number of things:
1) Try generating the web service artifacts by using the web service assembler tool that comes with oc4j 10.1.3 dp3. You can use either the command line or ant assembly tasks that are available with the download. There are some fairly detailed examples of using the ant tasks for web service generation at http://www.oracle.com/technology/tech/java/oc4j/1013/howtos/index.html (under the "web services" heading).
2) Try deploying the generated ear file using the admin console. I believe that should work.
3) If for some reason that doesn't work you can try to use the deployment ant tasks (also detailed in the how to examples).
I believe the reason you did not deploy successfully is that even though the core service implementation class, SEI, and JAX-RPC descriptor are portable the artifacts generated in order to deploy the service to a particular application server are unique. JWSDP is tailored to the sun platform.
Hope that helps.
-- Jon -
Error deploying custom java web service -Jdeveloper11.1.1.3.0
Hi all,
Error deploying custom java web service in - Jdeveloper 11.1.1.3.0
Weblogic Server Exception: weblogic.deploy.api.internal.utils.DeployerHelperException: The source 'C:\DOCUME~1\.......\LOCALS~1\Temp\.xyz..........Project-context-root.war'
for the application 'xyz....Project-context-root' could not be loaded to the server 'http://hostname:port/bea_wls_deployment_internal/DeploymentService'.
Server returned HTTP response code: 409 for URL: http://hostname:port/bea_wls_deployment_internal/DeploymentService
See server logs or server console for more details.
weblogic.deploy.api.spi.exceptions.ServerConnectionException: [J2EE Deployment SPI:260041]Unable to upload 'C:\JDeveloper\mywork\MyApllicationName\Project\deploy\xyz........Project-context-root.war' to 't3://hostname:port'
#### Deployment incomplete. ####
Remote deployment failed (oracle.jdevimpl.deploy.common.Jsr88RemoteDeployer)
Thanks
Edited by: soauser on Sep 3, 2010 8:55 AMAny help for the above post is appreciated..
Edited by: soauser on Sep 3, 2010 11:58 PM -
Error deploying custom java web service in SOA11g-Jdeveloper 11.1.1.3.0
Hi all,
I am getting Error deploying custom java web service in SOA 11G- Jdeveloper 11.1.1.3.0
Weblogic Server Exception: weblogic.deploy.api.internal.utils.DeployerHelperException: The source 'C:\DOCUME~1\.......\LOCALS~1\Temp\.xyz..........Project-context-root.war'
for the application 'xyz....Project-context-root' could not be loaded to the server 'http://hostname:port/bea_wls_deployment_internal/DeploymentService'.
Server returned HTTP response code: 409 for URL: http://hostname:port/bea_wls_deployment_internal/DeploymentService
See server logs or server console for more details.
weblogic.deploy.api.spi.exceptions.ServerConnectionException: [J2EE Deployment SPI:260041]Unable to upload 'C:\JDeveloper\mywork\MyApllicationName\Project\deploy\xyz........Project-context-root.war' to 't3://hostname:port'
#### Deployment incomplete. ####
Remote deployment failed (oracle.jdevimpl.deploy.common.Jsr88RemoteDeployer)
Edited by: soauser on Sep 3, 2010 7:44 AM
Edited by: soauser on Sep 3, 2010 7:45 AM
Edited by: soauser on Sep 3, 2010 7:46 AMAny help for the above post is appreciated..
Edited by: soauser on Sep 3, 2010 11:58 PM -
Error when trying to see pages in webcenter app with adf security activated
Greetings
I have this problem
I developed a WebCenter Application that uses ADF Security with form authentication. This App has
two JSPX the first one is the login page and the second one is the page where i manage runtime created pages
using the CREATE PAGE task flow and a page tree iterator to see my created pages.
when i deploy de application on the weblogic server i am able to login successfully and create as many pages as
i want and also see them using the link generated. the problem is that when a delete the application from the weblogic
server, i mean the deployed application, then redeploy the same application on the server i can login again and
see the pages i created before but when i try to reach them i get this error showed in my internet browser:
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46)
containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization
header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that
authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response,
and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was
given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained
in section 11.
Does anybody now what kind of configuration i am missing or what is happening?
thanks for your helpthis issue has a solution showed on the this thread Re: ERROR when trying to see pages created with create page task flow
-
Web Center app with ADF Security - login problem
I have a custome Oracle Web Center app.
I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
and i get
Error 403--Forbidden
I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
This works fine if i use a Login link with
destination="#{'/adfAuthentication?login=true&end_url=/faces/postLogin.jspx'} "
which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
Edited by: new_to_webcenter on 18-Jan-2011 05:25Thanks for your response Frank.
The web.xml has
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
"/faces/postLogin.jspx"
this then adds into web.xml
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<init-param>
<param-name>success_url</param-name>
<param-value>/faces/postLogin.jspx</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
So the sequence which works is:
Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
So should the form be posting to j_security_check directly or to the adfAuthentication ? -
Error in page when ADF Security enabled
Hi,
I have created a sample JSF page having only a 'Hello World!' output text.
When I run the page without enabling ADF Security, it runs fine.
I have enabled ADF Security as per "29.3 Enabling Oracle ADF Security" in Dev Guide for ADF.
Now when I run the page, it shows default login page. I enter username and password there and 'Submit'.
After that it shows an error page with following error:
Error 500--Internal Server Error
java.lang.RuntimeException: Cannot find FacesContext
at javax.faces.webapp.UIComponentClassicTagBase.getFacesContext(UIComponentClassicTagBase.java:1855)
at javax.faces.webapp.UIComponentClassicTagBase.setJspId(UIComponentClassicTagBase.java:1672)
at jsp_servlet.__testpage1_jspx._jspService(__testpage1_jspx.java:85)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:408)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:318)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Any suggestion/help in this regard is appreciated.
ThanksPlease find below the web.xml
<?xml version = '1.0' encoding = 'windows-1252'?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
<param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
<param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
<param-value>false</param-value>
</context-param>
<filter>
<filter-name>JpsFilter</filter-name>
<filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
<init-param>
<param-name>enable.anonymous</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>remove.anonymous.role</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter>
<filter-name>trinidad</filter-name>
<filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
</filter>
<filter>
<filter-name>adfBindings</filter-name>
<filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>JpsFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>trinidad</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>adfBindings</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<listener>
<listener-class>oracle.adf.mbean.share.connection.ADFConnectionLifeCycleCallBack</listener-class>
</listener>
<listener>
<listener-class>oracle.adf.mbean.share.config.ADFConfigLifeCycleCallBack</listener-class>
</listener>
<listener>
<listener-class>oracle.bc4j.mbean.BC4JConfigLifeCycleCallBack</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>resources</servlet-name>
<servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<init-param>
<param-name>success_url</param-name>
<param-value>/TestPage2.jspx</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/adf/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/afr/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>adfAuthentication</servlet-name>
<url-pattern>/adfAuthentication</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>valid-users</role-name>
</security-role>
</web-app>
I have uploaded Application zip file on gmail docs:
https://docs.google.com/leaf?id=0B6W2rsWyyNGMNTk1NjQ5NTYtMGVlOS00OWYxLThkY2UtNGMzOTJkZGFiZTE5&hl=en
Please check if you can access it.
Thanks -
How to integrate a SSO based in cookie with ADF Security
At work they asked me to integrate a existing SSO based in cookie with the new ADF + Jdeveloper 11g + WLS. After google for days and read a lot of blogs and official documentation I've made a custom LoginModule. I made it very simple, it's just an "if" inside the login() function with the username, if the username is "john" I put to the Subject some Principals. My steps are:
1- Create a new app based on "Fusion application" template.
2- Make a new ADF Taskflow with only one view inside (the entry point of the taskflow). The jspx only contains a welcome message.
3- Run the ADF Security wizard, all the steps with the default option, I don't change anything.
4- Put some users and some roles in jazn-data.xml, and maping them to an application role. Then I grant permissions to the application role to view the previous task flow.
At this point everything is ok. I run the taskflow and a basic login popup prompts me to write my username and password. Now I try to remove everything useless for me, like idstore, credentials, anonymous, etc. I only want a LoginModule that get the HttpRequest and passes it to an already done class that returns a true/false depending if the cookie is correct or not but, as I said before, my LoginModule is so simple now and even didn't try to do something more complicated than an if. The steps I try are:
in jps-config.xml
5- Remove idstore.xml and credentials.
6- (loginmodule tab) Make a new login module, and put here my class. The class is in the ViewController project and JDeveloper find it navigating through the heriarchy, so I have visibility. I put REQUIRE flag, add all roles and debug mode.
7- In the security context unmark the idstore.loginmodule and mark myLoginModule. Also delete the anonymous security context.
All that I got until now is a 500 error (Internal server error - Authorization Exception). Sometimes (the close i've ever been to do something correct) the browser ask me for user/password but then only recognizes the users that already are in WLS (idstore from previous tests), but NOT the "john" user that is inside my custom LoginModule. Even more, if I run the WLS from JDeveloper 11g in debug mode, the runtime never stops at breakpoints inside my custom login module. It seems that my LoginModule isn't deployed or I made some error maping the roles.
So, my questions are:
- I'm in the good way? If I want an authentication based in cookie/httprequest I have to do a custom LoginModule? My goal is to do a re-usable code, and re-use the code that my co-workers have done. They have a class that with only the HttpRequest determines if a user is logged or not.
- If I'm in the good way... how can I put my custom LoginModule in the WLS? I tried to search something in the Administration Panel (localhost:7101/console) but I did'nt find nothing.
- In case I'd got the custom LoginModule working fine in WLS... how can I get a HttpRequest from a LoginModule and avoid the username/password dialog? I've to make a filter and pass it to the my LoginModule? If it's correct... how?
I don't post my code because is so simple, it's based on DBTableLoginModule but without all the database access code.
Thanks to all!
P.D.: If this message isn't in the correct forum, I'm sorry. Feel free to move it.
P.D.2: Sorry about my english, I'm spanish. I know i've to practise a lot :)Hi Frank,
Thanks a lot for your answer. Just one more easy question: what I need to do is a custom Authentication Module (which will read the cookie)? If only you can point me to the correct chapter of the WLS documentation I'll be very pleased.
In future releases of JDeveloper will be easier to do this kind of things related to security?
Riveck
Maybe you are looking for
-
I have browsed the forum and help sites and have seen many similar problems, but even after reading through everything I couldn't find something to fix my problem. I just bought a loop set that were all .wav files. I converted them into .aiff files w
-
Why sql sERVER products are so frustratingly complicated to install???
Dear Ms Team, I found MS SQL Server products are frustrating, complex and difficult while installing. As per my experience , installing SQL sever need to follow some experts tips. During installation it will ask for sp1 need to install first, Power
-
SWF file different from internal movie testing
ok i made a basic website in flash when i test the movie while my file is open everything works fine, no errors pop up or anything, but when i go to drag the swf file into a web browser, random movie clips as well as all of my buttons are missing and
-
Slow delete on a table with one CLOB column
Hi, I have a table which has one CLOB column and even if I delete one row from it, it takes approx. 16 seconds. Since UNDO isn't generated for CLOBs (at least not in the UNDO tablespace), I can't figure out why this is so? The CLOB has defined a RETE
-
Dialog Programming - Transaction
Hi Experts, I am working in dialog programme. Anybody will suggest me how we can maintain the create/change/display transactions for single screen having all three create/change/display as pushbutton. So that if I call create transaction the only cre