JAAS and relation of Subject - Principal

Similar Messages

• Doc listing all OBIA RPD Projects and related Subject areas and Presentation tables.

  Hi All,
  Can anyone help with the Oracle document ID which gives the RPD Projects and related Subject areas only and Presentation tables.
  I tried using the documentation utlity but it is unable to give me result according to the RPD Projects.
  Thanks,
  Dev

  It is combination of different activities:
  Product guide, check here cool-bi.com
  RPD documentation based on prod guide.
  There might be a project called Project and try to import rpd contents into another then generate rpd doc.
  if helps mark

• JAAS and JBOSS

  I'm trying to use JAAS to log in a user on a JBOSS app, but am running into a problem. I'm able to successfully authenticate the user, and retrieve a Subject from my LoginContext. However, once that request is done (i.e. the browser displays the "log in complete" page), the application seems to forget that the user was logged in. How does JAAS and JBOSS keep track of the logged in user? Is this done by keeping a singleton of LoginContext around in some scope? Right now I'm creating a new instance of LoginContext, and using it to load a new instance of my CallbackHandler. Note, when I used JBOSS default form based authentication, it kept the user logged in. However, I can't use their default auth because I have some custom things I need to do.
  Thanks in advance for any help you provide.

  Hi,
  I tested this on OC4J for you and here - after setting jbo.security.enforce to Must, the user principal name and the roles are displayed.
  So there are three possibilities why you don't see things working
  - JBoss doesn't add the role principals to the Subject so they become available in the session
  - You attempt accessing this information in a prepareSession() override without enforcing authentication to happen for the root page - URL pattern = /
  - ADF BC security doesn't recognize the custom role principal
  After briefly reviewing the security implementation code, it seems that ADF BC security is dependent on Oracle JAZN for authorization.
  Frank

• Weblogic 10 jaas and login.jsp and web.xml/weblogic.xml security constaints

  Hello,
  I struggled through and got the examples.security.jaas.SampleCallbackHandler.java and examples.common.utils.ExampleUtils.java/ExampleConstants.java into eclipse where they compile. A bean I made can call SambleCallbackHandler like such:
  mybean.logmein(username,password,url). I can then do a mybean.getStatus() or even a mybean.returnCode(). It does seem to correctly identlify that it is authenticating me (I see in stdout logs that it shows success or failures. The problem I have is I do not know how to apply this weblogic and web.xml/weblogic.xml so that if authentication works it redirects me to the page requiring the authentication. In web.xml I have the following set up:
  <security-role>
       <role-name>Admins</role-name>
  </security-role>
  <login-config>
       <auth-method>FORM</auth-method>
       <realm-name>default</realm-name>
       <form-login-config>
            <form-login-page>/login.jsp</form-login-page>
            <form-error-page>/badlogin.html</form-error-page>
       </form-login-config>
  </login-config>
  <security-constraint>
       <web-resource-collection>
            <web-resource-name>empower</web-resource-name>
            <description>These pages are only accessible by authorized users.</description>
            <url-pattern>/admin/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
       </web-resource-collection>
  <auth-constraint>
  <description>These are the roles who have access</description>
  <role-name>Administrators</role-name>
  </auth-constraint>
       <user-data-constraint>
       <description>This is how the user data must be transmitted</description>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
  </security-constraint>
  My weblogic.xml has:
  <?xml version="1.0" encoding="UTF-8"?>
  <wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
  <wls:security-role-assignment>
  <wls:role-name>Admins</wls:role-name>
  <wls:principal-name>Administrators</wls:principal-name>
  <wls:principal-name>dashap</wls:principal-name>
  </wls:security-role-assignment>
  </wls:weblogic-web-app>
  With this set up, if I try to go to a page in /admin folder in my application, it correctly pops up the login page. The jaas in the bean is doing a loginContext.login(), which I thought does authentication too, but it never goes back to the /admin page I was going to that needed the authentication. With jaas, can I not use the web.xml FORM security option? Do I Need to use j_security in the login.jsp's form's action= option and j_username and j_password for the input type names? How do I use j_username/j_password things if I am using jaas? I could just ignore using the web.xml security stuff and put something in the pages that need authentication, but it would be easier if I could use jaas with the security featurs without doing all that. Note that my code above is using a realm called default just because that was what was in the example I got from the web. Does that need to be something else?

  Hi John,
  I would like magic of course. However, in this case I want something special: my authentication provider uses special means and contents of headers, cookies and service from external identity management systems to determine the user's identity.
  I do not want the application to present the login dialog! I want to derive the identity and the fact that the user is logged in from whatever the authentication provider returns in terms of Subject.
  Ideally, the flow is something like:
  - user accesses an unprotected resource - resource is shown, no interaction with authentication provider
  - user presses a link or button that takes him/her to a protected resource
  - the authentication provider is contacted to work with the identity asserter to establish the identity of the current user and create a subject object for this user
  - the application can access the subject and principals
  - ADF Security recognizes the identity and the roles (based on the principals) and coordinates access based on this.
  the authentication method is client certificate. presumably this prompts WebLogic/OPS to use an identity asserter to work with custom headers and cookies ("... when you configure a web application to use CLIENT-CERT authentication. In this case, WebLogic can perform identity assertion based on values from request headers and cookies. If the header name or cookie name matches the active token type for the provider, the value is passed to the provider."). No login form should be presented to the user, as all information required to perform the authentication is already available.
  I am trying to understand what I must do to have the ADF application adopt the subject set by the authentication provider - if anything?!
  If you more ideas to share - I would love to hear them.
  best regards,
  Lucas

• JAAS and LDAPLogin Module

  Hi ! I am just getting use to weblogic 6.0. The JAAS example which along
  with the installation worked for me using default realm. I want to use LDAP
  for authenticating users using JAAS.Could somebody give me details how this
  should be configured and how to create LDAPLoginModule.Please help me
  guys.
  Thanks,
  Nancy

  Hi Nivas,
  My understanding of JAAS is that it is best implemented in some java client
  (rather
  than in a JSP or servlet -- using JAAS in a JSP or servlet is not recommended --
  it's
  much easier to just use the standard WebLogic security mechanisms for JSPs and
  servlets)
  This is because you need to have a place to store the subject (principal) on the
  client side, and this is most easily done in a java client. In a JSP/Servlet,
  there's
  really nowhere to easily store that information since your end-clients are
  browsers.
  For question 3) -- you don't have to be using an LDAP server to use JAAS. If you
  are
  using an LDAP server, that just means that WebLogic will verify usernames and
  credentials against your LDAP realm.
  Hope this helps.
  Joe Jerry
  nivas wrote:
  i successfully executed the sample code for JAAS in weblogic 6.1
  now I want to use LDAP for authenticating users using JAAS.Could somebody give
  me details how this should be configured and how actually i have to implement
  this

• Difference betwwen jaas and realm

  hi
  i would like to add jaas to my web application
  i have a confusion between jaas and realm
  can anyone tell me what difference between this two technologies

  This is less or more Servlet related. In the future, please use the [Servlet forum|http://forums.sun.com/forum.jspa?forumID=33] for this kind of question to get better response.
  To the point: JAAS (Java Authentication & Authorization Service) is authentication framework at Java SE level. Realm is an abstract layer between the webapplication and several ways of authentication so that you can easily switch between the authentication types/frameworks for the case that. JAAS is one of them.

• TS5376 For about 4 months now I have been getting an Apple I-Tunes update message but when I try to install it, the program stops and refuses to install it saying I need to go to tools and manually install. the support page says:1. Remove iTunes and relat

  Dear Windows support personel,
       As part of my message reads above; I keep getting an i-tunes update message and when I click on the OK to download it, I get an error message saying there was a problem and I need to go to Tools>manual download.  Well, I don't know how to do that even though I gave it my best try. I went to the support sight and it had the following message;
  1. Remove iTunes and related components from the Control Panel
  Use the Control Panel to uninstall iTunes and related software components in the following order. Then, restart your computer:
  iTunes
  Apple Software Update
  Apple Mobile Device Support
  Bonjour
  Apple Application Support (iTunes 9 or later)
  Important: Uninstalling these components in a different order, or  only uninstalling some of these components, may have unintended affects.
  If you encounter an error while uninstalling, try repairing the affected component:
  I don't know if I should do that since I'm not PC savey. Could you help me by doing the work on my pc for me? I'd be most apprieciative if you'd help me in this manner.
  Sincerely,
  Christine Bocker
  <Email Edited by Host>

  Let's first try updating using an installer file downloaded from the Apple Website:
  http://www.apple.com/itunes/download/

• Is it possible to get the style, font and related info of a paragraph of a in design file and write it on the same in design file  on the  left side

  Is it possible to get the style, font and related info of a paragraph text  of a in design file and write  all the stuff on the same in design file  on the  left side with small fonts 
  as
  Lets  this is a text in in design file    :
  style : abc                      we are going to check the  condition  Agence Wallonne pour la Promotion d'une Agricultur we are going to check the  condition  Agence Wallonne pour la    font 12                                  d'une Agricultu we are going to check the  condition  Agence Wallonne pour la Promotion d'une Agricultu
  style : xyz                      we are going to check the  condition  Agence Wallonne pour la Promotion d'une Agricultur we are going to check the  condition  Agence Wallonne pour la    font 10                                  d'une Agricultu we are going to check the  condition  Agence Wallonne pour la Promotion d'une Agricultu

  Hi Poojith
  Not sure if this would solve your requirment but just in case might be helpful:
  1. We can mix up the HTML and HTMLB components in the JSP Page. However, can access only the HTMLB components in the controller. The following link refers to what customizations are offered by the HTMLB framework:
  [http://www.sapdesignguild.org/resources/htmlb_guidance/]
  2. Another option would be to use AbstractPortalComponents or a simple web app if that's feasible. (where custom UI themes, css and layout are more in control of the developers.)
  Thanks
  Deepak

• How to show statistics of main item and related items with less filter?

  Hi experts,
  Have any of you come thro' similar requirements before?
  To show the statistics of a main item in different aspect in a document and show the comparison of this item in a particular aspect with other related items as inputted at prompt.
  You can image that, for the comparison, if I build another query for the related items, there will be duplicated dimensions, which we aim to avoid as duplicated dimension confuse end users.
  However, if i build the main items and related items in same query, for those reports of main item only, I need to add a report filter one by one!
  Any one of you have better idea?
  Thanks and Regards,
  Cherry

  You Should use Formatted Search in this case.
  You must create and associate a query for your field.
  click on the field you want items to be listed and press Shift + F2
  catch the keydown event of this field  and check pval.charpressed = 9 (tab key press)
  then execute
  SBO_Application.SendKeys("+")

• Services in SAP management console and related window services and process

  hai
  can u please any one of you can send me the services in SAP management console and related window services(in adminstrator/services) and process in task manager.
  thanks in advance.
  Naga Laxmi

  Hi Naga,
  Please refer to this article for the processes relevant to the Java Instance:
  http://help.sap.com/saphelp_nw04/helpdata/en/62/1bf03eae11e16be10000000a114084/frameset.htm
  Except the processes of the Java instance you can find several processes of the IGS server and the ABAP disp+work processes.
  You can easily find the relevant services by their SAP prefix.
  Hope this helps.
  Best Regards
  Vyara

• My downloads of iTunes and related software onto my Windows PC fails every time with error message that the software does not have valid signature.  How to get around this problem?

  I have trouble downloading iTunes software and related software like the new ios8 on both my desktop--Windows 7, and my laptop--Windows Vista, because I keep getting error messages saying the software has been deleted because invalid signature.   I have tried download and install and I have tried just download, but neither method works.   So I am stuck with the older software and my new iPad 2 Air isn't connecting because I need ios8 apparently.
  I have an iPhone 5 and a new iPad 2 Air.
  How to get around the Windows problem, please?
  Thank you!

  bump

• A simple question about Drag and Relate navigation

  Dear experts
  I have found SAP help or related manuals only good at talking difficult things such as how to customise the drag and relate targets, etc.  However, after I followed exactly and then how to test.
  Then I just see pieces of information, very unstructured.  Spending me a whole day, even I can't get a good simple example on how to really perform a drag and relate at least for the proof of concept at EP 6.0.   It spent a lot of time in describing what the navgiation panels about, what drag and relate targets.  Then how to do it in once transversal.  That is, with all customisation, how to drag and relate an object.
  My step is with iview A, shows a purchase order details showing a drag and relate enabled object like vendor no.
  Then I try to drag this vendor no. to a display vendor iview, iview B.
  I have known I have to put iview A and iview B to a Drag-and-relate targets.  I am sure I have done this.  Does it mean opening the portal, I will see both iview A and iview B appearing at the same time in the drag-and-relate target area?  However, in my case, it is not, iview A only appears in that area when I load it once, same to view B.  When I load iview B, iview A links from D&R target will be wiped off.  Then how I can drag an item from iview A to B while each one of them can only appear at any time.
  Can anyone give me a simple guide (don't give me an internet link from help.com) I have been tired of this.
  First, I would to make sure if my so called self-learnt drag-and-relate simple action is correct in the steps or really I have made something wrong in the customisation or even a bug there.
  Can anyone on the planet have this experience, pls. act as my teacher in this area?
  Rgds
  Stephen

  Thanks
  I have tried the 1st way already.  But I can see both iviews existing in the D & R targets.  Now I try to drag an item with business object BUS2002 from iview A to relate to LFA1 of iview B of the same back end system.
  But iview B shown up with that data of LFA1 shown up (in my case the vendor no.)
  I have used autocomplete relationship and I have checked it has been well-defined already.  Also check from metadata at backend they are both active.
  Do you have any clues to the pitfall in my case?
  Rgds

• Report to List Incoming Payments and related Invoices

  Hi Experts,
  I would like a query which lists Incoming Payments and also the related Invoices which were paid.
  Is there a table which links together the ORCT and OINV tables?
  Thanks
  Greig

  Hi Greig,
  Link to ORCT - OINV( SELECT * FROM ORCT T0  INNER JOIN OINV T1 ON T0.DocEntry = T1.ReceiptNum )
  Link to ORCT -RCT1 - OINV( SELECT * FROM ORCT T0  INNER JOIN RCT1 T1 ON T0.DocNum = T1.DocNum
  NNER JOIN OINV T2 ON T0.DocEntry = T2.ReceiptNum)
  Try this,
  Lists of Incoming Payments and related Invoices.
  SELECT T0.DocNum,
  COUNT(T0.DocEntry) 'No of Invoice'
  FROM RCT2 T0
  INNER JOIN OINV T1 ON T0.DocEntry = T1.DocEntry
  GROUP BY T0.DocNum
  Regards,
  Madhan.
  Edited by: Madhan Babu C on Aug 28, 2009 9:23 AM

• How to import custom report to drag and relate menu ?

  Hi Professionals .
  Kindly advice me how to add or import custom report at drag & relate menu
  Any help please ?

  Hi Mohamed,
  Please check below link.
  What is Drag and Relate in SAP Business One - YouTube
  https://help.sap.com/saphelp_sbo882/helpdata/en/45/100314cf465d7ae10000000a11466f/content.htm
  https://help.sap.com/saphelp_sbo882/helpdata/en/45/10ff71cf465d7be10000000a11466f/content.htm
  SAP - SAP Business One: Your Solution for Generating Custom Reports
  Hope this helps
  Regards::::
  Atul Chakraborty

• JAAS and j_security_check

  Hi there,
  I'm using Weblogic 6.1 and working on the security aspect of a project.
  What I want to do is to set up the app so that a user logs in and gets authenticated
  using JAAS. I also want to secure the app so that all requests for urls must
  be authenticated first i.e. They go through the login page first.
  The easiest way I can see to do this is to use FORM based authentication using
  j_security_check.
  Is there a way then to set whatever j_security_check in the session, within the
  JAAS part of the code? Rather than authenticating with JAAS and then sending
  username and password to j_security_check.
  Does anyone know what to set? I looked at previous messages but they seem to
  deal with earlier versions and these do not work with 6.1
  Any help would be appreciated,
  Thanks,
  Ian

  Frank, thanks for comments.
  Yes user info is in the sama database so I can get it from there, but I would like to call this DB function once after succesfull authentication. In addition we have kind of 2 level passwords in place, one application password and one internal db password for user to access database resources.
  User does not know his/her db password, we have just api to get db password after authentication and existing application api (developed for forms client originaly) assumes user access db by his own connection, so in many api's oracle function user is stored in some tables.
  So what I need is after authentication of user (with application password) I can get Oracle password and then make new DB connection to all application api, just would like to store Oracle password (or new user db connection )somewhere so I dont need to fetch it everytime I need to call application API.
  ferdo