Jaas in 11g
Is there any working tutorial or example on getting jaas working in 11g? The 10g jaas demo doesn't work in 11g, nor does a migrated working jaas project from 10g to 11g.. any sort of help welcome..
Garfield,
What kind of security you are planning to add to your app?
If you plan to add simple file based security, follow the steps from "Fusion Developer's Guide for ADF" section 27. The file based security works. I am using it in my application.
If you want some sophasticated security like ldap, 11g adf does not work correctly for OID or LDAP currently. We have an issue opened on it with Oracle.
HTH,
--AJ
Similar Messages
-
Wls 11g jaas module not working
Hi,
I am successfully using a standard JAAS module to authorize and authenticate users on an HPUX – WebLogic 9.2 environment. However when we port this exact JAAS module to a LINUX – WebLogic 11g environment, the JAAS module times-out after 25 minutes at WebLogic managed server startup and eventually fails.
We want to know if anything has changed from a JAAS perspective when comparing WebLogic 9.2 versus 11g? We have been unable to get JAAS authentication working. We tried re-creating the jar file but have now run out of options. They have over 16 different Linux servers that all have the same problem. All time out once the JAAS module has been implemented.
We are primarily interested in knowing if there have been any significant changes to the JAAS functionality between WLS 9.2 and 11g versions. They have tried recompiling/recreating the JAAS file on our Linux servers but the same result occurs. It simply stalls and then doesn't work after appearing to be hung for 25 minutes at start-up time.
It is a custom JAAS module that we have implemented. However the very same JAAS module that works for WLS 9.2 does not work for WLS 11g.
Any suggestions on how we can get this working would be very helpful.
Thanks in advance.
Edited by: user10600611 on Jul 8, 2010 5:53 PMYes, the packaging has changed somwhat, when you compiled for 11g didn't u get compilcation exceptions?
If you didnt, then you might not be using those packages.
Can u paste the stak trace/ thread dump at the time it was hung? -
Note 974949.1 (Section 3) says that EBS JAAS is not intended for ADF 11g
We are using EBS R12.1.3 and JDEV 11g (11.1.1.4) and want to develop some custom applications based on EBS database, and would like to utilize fnd_users table for user athuentication. Note 974949.1 (Section 3) says that EBS JAAS is not intended for ADF 11g. So whats the other method we have to use for ADF 11g?
Jemar,
As far as i know there is no integration of EBS with ADF. Anyways, Refer http://forums.oracle.com/forums/message.jspa?messageID=9369406#9369406.
Hope this thread helps u.
Note :- Close your previous thread http://forums.oracle.com/forums/message.jspa?messageID=9369406#9369406 by marking helpful & correct reply .if your issue has been resolved. This would be really helpful for someone in need.
Regards,
Gyan -
How-to use the DBTableOraDataSourceLoginModule JAAS LoginModule in jdev 11g
how to configure it in 11g?
My codes work well in jdev 10g, according the http://www.oracle.com/technology/products/jdev/howtos/1013/oc4jjaas/oc4j_jaas_login_module.htmHi,
actually JDeveloper 11 and OC4J is in early preview and the documents for 11 haven't been written yet. The change in the configuration mainly is that LoginModules are no longer configured in system-jazn-data.xml but jps-config.xml. Another change is - though not yet implemented in teh current preview - that jps-config.xml definitions can be deployed with the application, which is in contrast to 10.1.3 where everything has to be in the OC4J bootstrapping config files.
As soon as we have a production date for 11 I'll revisit the paper you referenced for 10.1.3 and update it to 11.
Frank -
OIM 11g issues with design console, creating resource
Hi All,
I have installed OIM 11g, OAM 11g.
I am facing issues while starting design console or creating a resouce.
<Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.SCHEDULER.TASK> <BEA-0000
0> <Error while calling reissue on AUD_JMS messages
com.thortech.xl.dataaccess.tcClientDataAccessException:
at com.thortech.xl.dataaccess.tcDataBaseClient.getDatabaseProductName(t
DataBaseClient.java:944)
at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.processAllByIdent
fier(ReIssueAuditMessage.java:87)
at com.thortech.xl.schedule.tasks.ReIssueAuditMessage.execute(ReIssueAu
itMessage.java:78)
at com.thortech.xl.scheduler.tasks.SchedulerBaseTask.execute(SchedulerB
seTask.java:384)
at oracle.iam.scheduler.vo.TaskSupport.executeJob(TaskSupport.java:144)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcce
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.iam.scheduler.impl.quartz.QuartzJob.execute(QuartzJob.java:16
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.
ava:529)
>
<Sep 2, 2010 9:30:53 PM GMT+05:30> <Error> <XELLERATE.DATABASE> <BEA-000000> <Cl
ass/Method: tcDataBaseClient/bindToInstance encounter some problems: java.lang.A
ssertionError: Can only export activatable objects
oracle.iam.platform.utils.ServiceInitializationException: java.lang.AssertionErr
or: Can only export activatable objects
at oracle.iam.platform.Platform.getService(Platform.java:264)
at oracle.iam.platform.OIMInternalClient.getService(OIMInternalClient.ja
va:152)
at com.thortech.xl.dataaccess.tcDataBaseClient.bindToInstance(tcDataBase
Client.java:151)
at com.thortech.xl.dataaccess.tcDataBaseClient.<init>(tcDataBaseClient.j
ava:75)
at com.thortech.xl.server.tcDataBaseClient.<init>(tcDataBaseClient.java:
33)
at com.thortech.xl.client.dataobj.tcDataBaseClient.<init>(tcDataBaseClie
nt.java:67)
Please helpYou need to copy the files from the linux box to a windows box and change the startup paramaters to meet that of a Windows machine.
I have the following files once moved to my windows machine:
basecp.bat:
>
set CLASSPATH=.;.\lib\oimclient.jar;.\lib\iam-platform-auth-client.jar;.\lib\iam-platform-pluginframework.jar;.\lib\iam-platform-utils.jar;.\lib\iam-platform-context.jar;.\lib\XellerateClient.jar;.\lib\xlAPI.jar;.\lib\xlLogger.jar;.\lib\xlVO.jar;.\lib\xlUtils.jar;.\lib\xlCrypto.jar;.\lib\xlAuthentication.jar;.\lib\xlDataObjectBeans.jar;.\ext\log4j-1.2.8.jar;.\ext\jhall.jar;
>
classpath.bat:
>
call basecp.bat
set CLASSPATH=%CLASSPATH%;.\ext\spring.jar;.\ext\security-api.jar;.\ext\commons-logging.jar;.\ext\logging-utils.jar;.\ext\jakarta-oro-2.0.8.jar;.\ext\bsh.jar;.\ext\mail.jar;.\ext\jboss-j2ee.jar;.\ext\jboss-jaas.jar;.\ext\jbosssx.jar;.\ext\jts.jar;.\ext\jbossall-client.jar;.\ext\concurrent.jar;.\ext\getopt.jar;.\ext\gnu-regexp.jar;.\ext\jacorb.jar;.\ext\jboss-client.jar;.\ext\jboss-common-client.jar;.\ext\jbosscx-client.jar;.\ext\jbossha-client.jar;.\ext\jboss-iiop-client.jar;.\ext\jbossjmx-ant.jar;.\ext\jboss-jsr77-client.jar;.\ext\jbossmq-client.jar;.\ext\jboss-net-client.jar;.\ext\jbosssx-client.jar;.\ext\jboss-system-client.jar;.\ext\jboss-transaction-client.jar;.\ext\jcert.jar;.\ext\jmx-connector-client-factory.jar;.\ext\jmx-ejb-connector-client.jar;.\ext\xdoclet-module-jboss-net.jar;.\ext\jsse.jar;.\ext\jnet.jar;.\ext\jmx-rmi-connector-client.jar;.\ext\jmx-invoker-adapter-client.jar;.\ext\jnp-client.jar;.\ext\wlfullclient.jar;.\ext\webserviceclient+ssl.jar;.\ext\sas.jar;.\ext\oc4jclient.jar;.\ext\ejb.jar;.\ext\oscache.jar;.\ext\commons-logging.jar;.\ext\javagroups-all.jar
>
xlclient.cmd:
>
@echo off
setlocal
call classpath
REM SET DEBUG_OPTS=-classic -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5001 -DXL.RedirectSysOutErrToFile=TRUE -DXL.SysOutErrLogFile=.\logs\Client.System.Out.Err.log
REM Make sure to remove java.naming.provider.url and read it from the configuration
REM once the JNDI Profiles are implemented.
REM make sure you are using j2sdk1.4.2_05
"C:\jdk1.6.0_22\bin\java" %DEBUG_OPTS% ^
-DXL.ExtendedErrorOptions=TRUE -DXL.HomeDir=C:\oracle\oim1_11g\designconsole ^
-Djava.security.policy=config\xl.policy ^
-Dlog4j.configuration=config\log.properties ^
-Dweblogic.security.SSL.trustedCAKeyStore=%TRUSTSTORE_LOCATION% ^
-Djava.security.manager -Djava.security.auth.login.config=config\authwl.conf ^
com.thortech.xl.client.base.tcAppWindow -server server
endlocal
>
See if this works.
-Kevin -
OAM 11g BP02 with Kerberos is not working on AIX
Hi,
We are trying to configure OAM 11g with Kerberos on AIX with no success..
Resource is protected according to OAM documentation guide but the oam logs shows the following:
[2012-08-28T00:03:22.305-05:00] [oam_server1] [TRACE] [] [oracle.oam.engine.authn] [tid: [ACTIVE].ExecuteThread:
'2' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000J_fbCuS9h^k5kzWByZ1GF532
00000G,0] [APP: oam_server] [SRC_METHOD: log] [SRC_CLASS: oracle.security.am.engines.common.adapters.OAMLoggerImp
l] Authentication Failed.[[
javax.security.auth.login.LoginException: Bad JAAS configuration: bad URL /home/oracle/oam.keytab
Error java.net.MalformedURLException: no protocol: /home/oracle/oam.keytab
at com.ibm.security.jgss.i18n.I18NException.throwLoginException(I18NException.java:5)
at com.ibm.security.auth.module.Krb5LoginModule.j(Krb5LoginModule.java:537)
at com.ibm.security.auth.module.Krb5LoginModule.b(Krb5LoginModule.java:146)
at com.ibm.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:60)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:611)
we are using OAM 11g BP 02.
oam-config.xml is configured as follow:
<Setting Name="KerberosModules" Type="htf:map">
<Setting Name="6DBSE52C" Type="htf:map">
<Setting Name="keytabfile" Type="xsd:string">/home/oracle/oam.keytab</Setting>
<Setting Name="krbconfigfile" Type="xsd:string">/etc/krb5/krb5.conf</Setting>
<Setting Name="name" Type="xsd:string">Kerberos</Setting>
<Setting Name="principal" Type="xsd:string">HTTP/myssoserver@mydomain</Setting>
</Setting>
</Setting>
Please let me know how to get this resolved. Thanks in advance.
Regards.David,
Your Principal name should be the SSO LB URL.(ie :sso.mycomany.com)
ktpass -princ HTTP/sso.mycomany.com@DOMAIN -pass XXXXXXX mapuser DOMAIN\user -out oam.keytab.
Also make sure sso.mycomany.com has a reverse DNS configured correctly.
you can check using dig command
ping sso.mycomany.com
What ever the ip-address
dig -x <IP-ADDRESS>
Check in the reverse DNS section there should be 1 record.
;; ANSWER SECTION:
1.1.1.1.in-addr.arpa. 3600 IN PTR sso.mycomany.com.
Let me know if you have more questions.
Thanks
Saurabh -
Can not log in Oracle Business Intelligence 11g
Hi All,
When I tried to startup the Oracle Business Intelligence 11g there are issues:
<2010-9-12 下午11时38分24秒 CST> <Error> <oracle.wsm.resources.policymanager> <W
SM-02311> <由于出现基础错误 "java.rmi.RemoteException: EJB Exception: ; nested e
xception is:
oracle.adf.share.ADFShareException: 在 parseADFConfiguration 中遇到 MDSC
onfigurationException", 无法检索请求的文档。>
<2010-9-12 下午11时38分41秒 CST> <Warning> <JDBC> <BEA-001129> <Received excepti
on while creating connection for pool "mds-owsm": The Network Adapter could not
establish the connection>
<2010-9-12 下午11时38分42秒 CST> <Error> <oracle.adf.share.config.ADFMDSConfig>
<BEA-000000> <在 parseADFConfiguration 中遇到 MDSConfigurationExceptionMDS-01330
: 无法加载 MDS 配置文档
MDS-01329: 无法加载元素 "persistence-config"
MDS-01370: metadata-store-usage "OWSM_TargetRepos" 的 MetadataStore 配置无效。
MDS-00922: 无法实例化 ConnectionManager "oracle.mds.internal.persistence.db.JNDI
ConnectionManagerImpl"。
weblogic.common.resourcepool.ResourceDeadException: 0:weblogic.common.ResourceEx
ception: Could not create pool connection. The DBMS driver exception was: The Ne
twork Adapter could not establish the connection
oracle.mds.config.MDSConfigurationException: MDS-01330: 无法加载 MDS 配置文档
MDS-01329: 无法加载元素 "persistence-config"
MDS-01370: metadata-store-usage "OWSM_TargetRepos" 的 MetadataStore 配置无效。
MDS-00922: 无法实例化 ConnectionManager "oracle.mds.internal.persistence.db.JNDI
ConnectionManagerImpl"。
weblogic.common.resourcepool.ResourceDeadException: 0:weblogic.common.ResourceEx
ception: Could not create pool connection. The DBMS driver exception was: The Ne
twork Adapter could not establish the connection
at oracle.mds.config.PConfig.loadFromBean(PConfig.java:695)
at oracle.mds.config.PConfig.<init>(PConfig.java:504)
at oracle.mds.config.MDSConfig.loadFromBean(MDSConfig.java:692)
at oracle.mds.config.MDSConfig.loadFromElement(MDSConfig.java:749)
at oracle.mds.config.MDSConfig.<init>(MDSConfig.java:407)
at oracle.mds.core.MDSInstance.getMDSConfigFromDocument(MDSInstance.java
:2013)
at oracle.mds.core.MDSInstance.createMDSInstanceWithCustomizedConfig(MDS
Instance.java:1171)
at oracle.mds.core.MDSInstance.getOrCreateInstance(MDSInstance.java:571)
at oracle.adf.share.config.ADFMDSConfig.parseADFConfiguration(ADFMDSConf
ig.java:137)
at sun.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.adf.share.config.ADFConfigImpl.getResultFromComponent(ADFConfi
gImpl.java:443)
at oracle.adf.share.config.ADFConfigImpl.getConfigObject(ADFConfigImpl.j
ava:508)
at oracle.adf.share.config.ADFConfigImpl.getConfigObject(ADFConfigImpl.j
ava:491)
at oracle.adf.share.config.ADFConfigImpl.getMDSInstance(ADFConfigImpl.ja
va:547)
at oracle.adf.share.config.ADFConfigImpl.getMDSInstance(ADFConfigImpl.ja
va:542)
at oracle.adf.share.config.ADFContextMDSConfigHelperImpl.getMDSInstance(
ADFContextMDSConfigHelperImpl.java:274)
at oracle.adf.share.ADFContext.getMDSInstanceAsObject(ADFContext.java:12
10)
at oracle.wsm.repository.mds.MDSInstanceFactory.getMDSInstance(MDSInstan
ceFactory.java:92)
at oracle.wsm.policymanager.bean.AbstractBean.<init>(AbstractBean.java:9
2)
at oracle.wsm.policymanager.bean.DocumentManagerBean.<init>(DocumentMana
gerBean.java:101)
at oracle.wsm.policymanager.bean.ejb.DocumentManagerEJB.<init>(DocumentM
anagerEJB.java:52)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_Impl.<init>(
DocumentManager_ookznn_Impl.java:24)
at sun.reflect.GeneratedConstructorAccessor275.newInstance(Unknown Sourc
e)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
onstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at com.bea.core.repackaged.springframework.jee.spi.EjbComponentCreatorBr
okerImpl.getBean(EjbComponentCreatorBrokerImpl.java:69)
at weblogic.ejb.container.injection.EjbComponentCreatorImpl.getBean(EjbC
omponentCreatorImpl.java:68)
at weblogic.ejb.container.manager.BaseEJBManager.createNewBeanInstance(B
aseEJBManager.java:216)
at weblogic.ejb.container.manager.BaseEJBManager.allocateBean(BaseEJBMan
ager.java:231)
at weblogic.ejb.container.manager.StatelessManager.createBean(StatelessM
anager.java:303)
at weblogic.ejb.container.pool.StatelessSessionPool.createBean(Stateless
SessionPool.java:201)
at weblogic.ejb.container.pool.StatelessSessionPool.getBean(StatelessSes
sionPool.java:127)
at weblogic.ejb.container.manager.StatelessManager.preInvoke(StatelessMa
nager.java:148)
at weblogic.ejb.container.internal.BaseRemoteObject.preInvoke(BaseRemote
Object.java:230)
at weblogic.ejb.container.internal.StatelessRemoteObject.__WL_preInvoke(
StatelessRemoteObject.java:43)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl.retrieveDocuments(DocumentManager_ookznn_IRemoteDocumentManagerIm
pl.java:604)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:17
4)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef
.java:345)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef
.java:259)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl_1033_WLStub.retrieveDocuments(Unknown Source)
at oracle.wsm.policymanager.client.DocumentManagerDelegate$9.run(Documen
tManagerDelegate.java:346)
at oracle.wsm.policymanager.client.DocumentManagerDelegate$9.run(Documen
tManagerDelegate.java:343)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccAction
Executor.java:47)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivil
egedExceptionAction.run(CascadeActionExecutor.java:79)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
147)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecu
tor.java:48)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(Casca
deActionExecutor.java:52)
at oracle.wsm.policymanager.client.DocumentManagerDelegate.retrieveDocum
ents(DocumentManagerDelegate.java:342)
at oracle.wsm.policymanager.accessor.BeanAccessor.updateCache(BeanAccess
or.java:1139)
at oracle.wsm.policymanager.accessor.BeanAccessor.fetchDocuments(BeanAcc
essor.java:590)
at oracle.wsm.policymanager.accessor.BeanAccessor.access$300(BeanAccesso
r.java:111)
at oracle.wsm.policymanager.accessor.BeanAccessor$MissingDocsFetcherTask
.run(BeanAccessor.java:165)
at oracle.wsm.common.scheduler.TimerManagerWrapper$TimerListenerImpl.tim
erExpired(TimerManagerWrapper.java:63)
at weblogic.timers.internal.commonj.ListenerWrap.timerExpired(ListenerWr
ap.java:38)
at weblogic.timers.internal.TimerImpl.run(TimerImpl.java:273)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTunin
gWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused By: oracle.mds.exception.MDSExceptionList: MDS-01329: 无法加载元素 "persi
stence-config"
MDS-01370: metadata-store-usage "OWSM_TargetRepos" 的 MetadataStore 配置无效。
MDS-00922: 无法实例化 ConnectionManager "oracle.mds.internal.persistence.db.JNDI
ConnectionManagerImpl"。
weblogic.common.resourcepool.ResourceDeadException: 0:weblogic.common.ResourceEx
ception: Could not create pool connection. The DBMS driver exception was: The Ne
twork Adapter could not establish the connection
at oracle.mds.config.PConfig.loadFromBean(PConfig.java:689)
at oracle.mds.config.PConfig.<init>(PConfig.java:504)
at oracle.mds.config.MDSConfig.loadFromBean(MDSConfig.java:692)
at oracle.mds.config.MDSConfig.loadFromElement(MDSConfig.java:749)
at oracle.mds.config.MDSConfig.<init>(MDSConfig.java:407)
at oracle.mds.core.MDSInstance.getMDSConfigFromDocument(MDSInstance.java
:2011)
at oracle.mds.core.MDSInstance.createMDSInstanceWithCustomizedConfig(MDS
Instance.java:1171)
at oracle.mds.core.MDSInstance.getOrCreateInstance(MDSInstance.java:571)
at oracle.adf.share.config.ADFMDSConfig.parseADFConfiguration(ADFMDSConf
ig.java:137)
at sun.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
sorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.adf.share.config.ADFConfigImpl.getResultFromComponent(ADFConfi
gImpl.java:443)
at oracle.adf.share.config.ADFConfigImpl.getConfigObject(ADFConfigImpl.j
ava:508)
at oracle.adf.share.config.ADFConfigImpl.getConfigObject(ADFConfigImpl.j
ava:491)
at oracle.adf.share.config.ADFConfigImpl.getMDSInstance(ADFConfigImpl.ja
va:547)
at oracle.adf.share.config.ADFConfigImpl.getMDSInstance(ADFConfigImpl.ja
va:542)
at oracle.adf.share.config.ADFContextMDSConfigHelperImpl.getMDSInstance(
ADFContextMDSConfigHelperImpl.java:274)
at oracle.adf.share.ADFContext.getMDSInstanceAsObject(ADFContext.java:12
10)
at oracle.wsm.repository.mds.MDSInstanceFactory.getMDSInstance(MDSInstan
ceFactory.java:92)
at oracle.wsm.policymanager.bean.AbstractBean.<init>(AbstractBean.java:9
2)
at oracle.wsm.policymanager.bean.DocumentManagerBean.<init>(DocumentMana
gerBean.java:100)
at oracle.wsm.policymanager.bean.ejb.DocumentManagerEJB.<init>(DocumentM
anagerEJB.java:41)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_Impl.<init>(
DocumentManager_ookznn_Impl.java:42)
at sun.reflect.GeneratedConstructorAccessor275.newInstance(Unknown Sourc
e)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingC
onstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at java.lang.Class.newInstance0(Class.java:355)
at java.lang.Class.newInstance(Class.java:308)
at com.bea.core.repackaged.springframework.jee.spi.EjbComponentCreatorBr
okerImpl.getBean(EjbComponentCreatorBrokerImpl.java:69)
at weblogic.ejb.container.injection.EjbComponentCreatorImpl.getBean(EjbC
omponentCreatorImpl.java:68)
at weblogic.ejb.container.manager.BaseEJBManager.createNewBeanInstance(B
aseEJBManager.java:216)
at weblogic.ejb.container.manager.BaseEJBManager.allocateBean(BaseEJBMan
ager.java:231)
at weblogic.ejb.container.manager.StatelessManager.createBean(StatelessM
anager.java:303)
at weblogic.ejb.container.pool.StatelessSessionPool.createBean(Stateless
SessionPool.java:201)
at weblogic.ejb.container.pool.StatelessSessionPool.getBean(StatelessSes
sionPool.java:127)
at weblogic.ejb.container.manager.StatelessManager.preInvoke(StatelessMa
nager.java:148)
at weblogic.ejb.container.internal.BaseRemoteObject.preInvoke(BaseRemote
Object.java:230)
at weblogic.ejb.container.internal.StatelessRemoteObject.__WL_preInvoke(
StatelessRemoteObject.java:41)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl.retrieveDocuments(DocumentManager_ookznn_IRemoteDocumentManagerIm
pl.java:604)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:17
4)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef
.java:345)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef
.java:259)
at oracle.wsm.policymanager.bean.ejb.DocumentManager_ookznn_IRemoteDocum
entManagerImpl_1033_WLStub.retrieveDocuments(Unknown Source)
at oracle.wsm.policymanager.client.DocumentManagerDelegate$9.run(Documen
tManagerDelegate.java:346)
at oracle.wsm.policymanager.client.DocumentManagerDelegate$9.run(Documen
tManagerDelegate.java:343)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccAction
Executor.java:47)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivil
egedExceptionAction.run(CascadeActionExecutor.java:79)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
147)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecu
tor.java:48)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(Casca
deActionExecutor.java:52)
at oracle.wsm.policymanager.client.DocumentManagerDelegate.retrieveDocum
ents(DocumentManagerDelegate.java:342)
at oracle.wsm.policymanager.accessor.BeanAccessor.updateCache(BeanAccess
or.java:1139)
at oracle.wsm.policymanager.accessor.BeanAccessor.fetchDocuments(BeanAcc
essor.java:590)
at oracle.wsm.policymanager.accessor.BeanAccessor.access$300(BeanAccesso
r.java:111)
at oracle.wsm.policymanager.accessor.BeanAccessor$MissingDocsFetcherTask
.run(BeanAccessor.java:165)
at oracle.wsm.common.scheduler.TimerManagerWrapper$TimerListenerImpl.tim
erExpired(TimerManagerWrapper.java:62)
at weblogic.timers.internal.commonj.ListenerWrap.timerExpired(ListenerWr
ap.java:37)
at weblogic.timers.internal.TimerImpl.run(TimerImpl.java:273)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTunin
gWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<2010-9-12 下午11时38分42秒 CST> <Error> <oracle.wsm.resources.policymanager> <W
SM-02311> <由于出现基础错误 "java.rmi.RemoteException: EJB Exception: ; nested e
xception is:
oracle.adf.share.ADFShareException: 在 parseADFConfiguration 中遇到 MDSC
onfigurationException", 无法检索请求的文档。>
What is wrong with it? any idea is appreciate.
Thanks,
arvin
帖子经 user12986314编辑过
帖子经 user12986314编辑过
Edited by: user12986314 on 2010-9-12 下午5:56I have encounted the same promble.Have u resolve it?Please do me a favor.Thanks.
-
How to configure SOA Suite 11g Worklist with LDAP Identity Store
Hi
Im trying to configure the worklistapp to use an ldap identity store (SOA Suite 11g)
The ldap is a open source ldap (Open DS in this case), is NOT : OID, OVD, Active Directory, WLS OVD, IPlanet.
for doing so, i did the next configurations:
workflow-identity-config.xml
<configuration realmName="realm1">
<provider providerType="JPS" name="JpsProvider" service="Identity">
<property name="jpsContextName" value="worklist" />
</provider>
</configuration>
jps-config.xml
<?xml version="1.0" encoding="UTF-8" standalone='yes'?>
<jpsConfig xmlns="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" schema-major-version="11" schema-minor-version="1">
<!-- This property is for jaas mode. Possible values are "off", "doas" and "doasprivileged" -->
<property name="oracle.security.jps.jaas.mode" value="off"/>
<property name="custom.provider" value="true"/>
<serviceProviders>
<serviceProvider type="IDENTITY_STORE" name="idstore.ldap.provider" class="oracle.security.jps.internal.idstore.ldap.LdapIdentityStoreProvider">
<description>LDAP-based IdentityStore Provider</description>
</serviceProvider>
</serviceProviders>
<serviceInstances>
<serviceInstance name="idstore.ldap.opends" provider="idstore.ldap.provider">
<property name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<property name="idstore.type" value="CUSTOM"/>
<property name="ldap.url" value="ldap://host:port"/>
<property name="subscriber.name" value="dc=company,dc=com"/>
<property name="search.type" value="SIMPLE"/>
<property name="security.principal" value="cn=adminuser,dc=company,dc=com"/>
<property name="security.credential" value="!adminuser_password"/>
<property name="user.login.attr" value="cn"/>
<property name="username.attr" value="cn"/>
<property name="groupname.attr" value="cn"/>
<extendedProperty>
<name>group.mandatory.attrs</name>
<values>
<value>cn</value>
<value>objectClass</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.object.classes</name>
<values>
<value>top</value>
<value>groupOfUniqueNames</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.filter.object.classes</name>
<values>
<value>groupOfUniqueNames</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.member.attrs</name>
<values>
<value>uniqueMember</value>
</values>
</extendedProperty>
<extendedProperty>
<name>group.search.bases</name>
<values>
<value>o=groups,dc=company,dc=com</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.mandatory.attrs</name>
<values>
<value>cn</value>
<value>objectClass</value>
<value>sn</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.object.classes</name>
<values>
<value>organizationalPerson</value>
<value>person</value>
<value>inetOrgPerson</value>
<value>top</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.filter.object.classes</name>
<values>
<value>inetOrgPerson</value>
</values>
</extendedProperty>
<extendedProperty>
<name>user.search.bases</name>
<values>
<value>o=users,dc=company,dc=com</value>
</values>
</extendedProperty>
</serviceInstance>
</serviceInstances>
<jpsContexts default="default">
<jpsContext name="worklist">
<serviceInstanceRef ref="credstore"/>
<serviceInstanceRef ref="keystore"/>
<serviceInstanceRef ref="policystore.xml"/>
<serviceInstanceRef ref="audit"/>
<serviceInstanceRef ref="idstore.ldap.opends"/>
</jpsContext>
</jpsContexts>
</jpsConfig>
but i get the error:
Jul 2, 2009 12:52:40 PM oracle.security.jps.internal.idstore.util.IdentityStoreUtil getIdentityStoreFactory
WARNING: The identity store factory name is not configured.
Jul 2, 2009 12:52:40 PM oracle.bpel.services.common.ServicesLogger __logException
SEVERE: <.> Error in authenticating user.
Error in authenticating and creating a workflow context for user realm1/user1.
Verify that the user credentials and identity service configurations are correct.
ORABPEL-30501
Error in authenticating user.
Error in authenticating and creating a workflow context for user sigfe.com/user1.
Verify that the user credentials and identity service configurations are correct.
at oracle.bpel.services.workflow.verification.impl.VerificationService.authenticateUser(VerificationService.java:603)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
So, anyone knows how i can specify the identity store factory?
or the correct parameters for a ldap identity store repository?
I used the 11G documentation for the security file :
http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/jpsprops.htm
thanksI am having exactly the same issue. Once I configure jps-config.xml file to use my custom authenticator and login into the worklist app, the following gets thrown. I was wondering if you need map some roles to the existing users in the Custom Authenticator.
Exception
exception.70692.type: error
exception.70692.severity: 2
exception.70692.name: Error while granting BPMOrganizationAdmin role to SOAOperator.
exception.70692.description: Error occured while granting the application role BPMOrganizationAdmin to application role SOAOperator.
exception.70692.fix: In the policy store, please add SOAOperator role as a member of BPMOrganizationAdmin role, if it is not already present. -
Weblogic 11g JPS-04028 error - Application with name "abc" does not exist
Hi,
We are migration one our app from OC4J to weblogic 11g server. This app is running fine in OC4J but getting the below exception in 11g. Pls help us in resolving this in identifying and resolving the same.
I found info here, but wasn't help full to understand.
JPS-04028: Application with name "{0}" does not exist.
Cause: Could not find application with name {0}.
Action: Verify that an application with the provided name exists.
Level: 1
Type: ERROR
Impact: Configuration
link - http://docs.oracle.com/cd/E25178_01/core.1111/e10113/chapter_jps_messages.htm
<May 24, 2012 11:17:11 AM GMT+00:00> <Notice> <StdErr> <BEA-000000> <May 24, 2012 11:17:11 AM oracle.security.jps.az.internal.runtime.service.PDPServiceImpl getApplicationPolicy
FINE: Not found ApplicationPolicy:abc
oracle.security.jps.service.policystore.PolicyObjectNotFoundException: Application with name "abc" does not exist.
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.unsync_getApplicationPolicy(XmlPolicyStore.java:640)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.getApplicationPolicyWithNoAuthzCheck(XmlPolicyStore.java:625)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicy(XmlPolicyDistributionService.java:222)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntity(XmlPolicyDistributionService.java:212)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntry(XmlPolicyDistributionService.java:121)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntry(XmlPolicyDistributionService.java:116)
at oracle.security.jps.az.internal.management.pd.service.PolicyDistributionServiceImpl.getAppPolicyEntry(PolicyDistributionServiceImpl.java:137)
at oracle.security.jps.az.internal.runtime.service.PDPServiceImpl.getApplicationPolicy(PDPServiceImpl.java:355)
at oracle.security.jps.az.internal.runtime.service.PDPServiceImpl.getApplicationPolicy(PDPServiceImpl.java:320)
at oracle.security.jps.internal.policystore.PolicyUtil.getGrantedAppRoles(PolicyUtil.java:2719)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver$4.run(JpsAbsSubjectResolver.java:526)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver$4.run(JpsAbsSubjectResolver.java:516)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.getApplicationRoles(JpsAbsSubjectResolver.java:516)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.createJpsSubject(JpsAbsSubjectResolver.java:363)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.getAuthenticatedSubject(JpsAbsSubjectResolver.java:356)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.resolveJpsSubject(JpsAbsSubjectResolver.java:269)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.resolveSubject(JpsAbsSubjectResolver.java:212)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalPreRegister(JpsJmxInterceptor.java:447)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.DefaultMBeanInterceptor.internalPreRegister(DefaultMBeanInterceptor.java:81)
at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalPreRegister(ContextClassLoaderMBeanInterceptor.java:1
50)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.DefaultMBeanInterceptor.internalPreRegister(DefaultMBeanInterceptor.java:81)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.BasePublicMBeanInterceptor.internalPreRegister(BasePublicMBeanInterceptor.java:110)
at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalPreRegister(LoggingMBeanInterceptor.java:633)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.preRegister(OracleStandardEmitterMBean.java:611)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.preRegisterInvoke(DefaultMBeanServerInterceptor.java:1010)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerDynamicMBean(DefaultMBeanServerInterceptor.java:938)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerObject(DefaultMBeanServerInterceptor.java:917)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:312)
at com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:482)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$27.run(WLSMBeanServerInterceptorBase.java:714)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.registerMBean(WLSMBeanServerInterceptorBase.java:709)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.registerMBean(JMXContextInterceptor.java:445)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$27.run(WLSMBeanServerInterceptorBase.java:712)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.registerMBean(WLSMBeanServerInterceptorBase.java:709)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.registerMBean(WLSMBeanServer.java:462)
at oracle.as.jmx.framework.wls.spi.security.PrivilegedMBeanServerInterceptor$1.run(PrivilegedMBeanServerInterceptor.java:55)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at oracle.as.jmx.framework.wls.spi.security.PrivilegedMBeanServerInterceptor.registerMBean(PrivilegedMBeanServerInterceptor.java:60)
at HTTPClient.config.JRFContextProvider.registerContextRemovalListener(JRFContextProvider.java:142)
at HTTPClient.config.ConfigurationFactory.registerContextRemovalListener(ConfigurationFactory.java:569)
at HTTPClient.config.ConfigurationFactory.getConfiguration(ConfigurationFactory.java:133)
at HTTPClient.config.ConfigurationFactory.getConfiguration(ConfigurationFactory.java:103)
at HTTPClient.HttpClientConfiguration.getConfiguration(HttpClientConfiguration.java:53)
at HTTPClient.CookieModule.getMutableStatics(CookieModule.java:769)
at HTTPClient.CookieModule.addCookie(CookieModule.java:515)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3717)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)>
<May 24, 2012 11:17:11 AM GMT+00:00> <Notice> <StdErr> <BEA-000000> <May 24, 2012 11:17:11 AM oracle.security.jps.internal.jaas.JpsAbsSubjectResolver getApplicationRoles
FINE: oracle.security.jps.ee.jmx.JpsJmxInterceptor:internalPreRegisterJpsException caught during app roles computation: oracle.security.jps.service.policyst
ore.PolicyObjectNotFoundException: JPS-04028: Application with name "abc" does not exist.>
-----------------Hi,
This forum is for issues migrating from non-Oracle databases to Oracle.
It would be better to ask this question in one of the Weblogic servers but as there are several Weblogic forums but it may be better to try this one first -
Forum: WebLogic Server - Upgrade / Install / Environment / Migration
WebLogic Server - Upgrade / Install / Environment / Migration
Regards,
Mike -
11g JPS-04028 error - Application with name "abc" does not exist
Hi,
We are migration one our app from 10g OC4J to weblogic 11g server. This app is running fine in 10g OC4J but getting the below exception in 11g. Pls help us in resolving this in identifying and resolving the same.
I found info here, but wasn't help full to understand.
JPS-04028: Application with name "{0}" does not exist.
Cause: Could not find application with name {0}.
Action: Verify that an application with the provided name exists.
Level: 1
Type: ERROR
Impact: Configuration
link - http://docs.oracle.com/cd/E25178_01/core.1111/e10113/chapter_jps_messages.htm
<May 24, 2012 11:17:11 AM GMT+00:00> <Notice> <StdErr> <BEA-000000> <May 24, 2012 11:17:11 AM oracle.security.jps.az.internal.runtime.service.PDPServiceImpl getApplicationPolicy
FINE: Not found ApplicationPolicy:abc
oracle.security.jps.service.policystore.PolicyObjectNotFoundException: Application with name "abc" does not exist.
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.unsync_getApplicationPolicy(XmlPolicyStore.java:640)
at oracle.security.jps.internal.policystore.xml.XmlPolicyStore.getApplicationPolicyWithNoAuthzCheck(XmlPolicyStore.java:625)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicy(XmlPolicyDistributionService.java:222)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntity(XmlPolicyDistributionService.java:212)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntry(XmlPolicyDistributionService.java:121)
at oracle.security.jps.az.internal.management.pd.service.XmlPolicyDistributionService.getAppPolicyEntry(XmlPolicyDistributionService.java:116)
at oracle.security.jps.az.internal.management.pd.service.PolicyDistributionServiceImpl.getAppPolicyEntry(PolicyDistributionServiceImpl.java:137)
at oracle.security.jps.az.internal.runtime.service.PDPServiceImpl.getApplicationPolicy(PDPServiceImpl.java:355)
at oracle.security.jps.az.internal.runtime.service.PDPServiceImpl.getApplicationPolicy(PDPServiceImpl.java:320)
at oracle.security.jps.internal.policystore.PolicyUtil.getGrantedAppRoles(PolicyUtil.java:2719)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver$4.run(JpsAbsSubjectResolver.java:526)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver$4.run(JpsAbsSubjectResolver.java:516)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.getApplicationRoles(JpsAbsSubjectResolver.java:516)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.createJpsSubject(JpsAbsSubjectResolver.java:363)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.getAuthenticatedSubject(JpsAbsSubjectResolver.java:356)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.resolveJpsSubject(JpsAbsSubjectResolver.java:269)
at oracle.security.jps.internal.jaas.JpsAbsSubjectResolver.resolveSubject(JpsAbsSubjectResolver.java:212)
at oracle.security.jps.ee.jmx.JpsJmxInterceptor.internalPreRegister(JpsJmxInterceptor.java:447)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.DefaultMBeanInterceptor.internalPreRegister(DefaultMBeanInterceptor.java:81)
at oracle.as.jmx.framework.generic.spi.interceptors.ContextClassLoaderMBeanInterceptor.internalPreRegister(ContextClassLoaderMBeanInterceptor.java:1
50)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.DefaultMBeanInterceptor.internalPreRegister(DefaultMBeanInterceptor.java:81)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.generic.spi.interceptors.BasePublicMBeanInterceptor.internalPreRegister(BasePublicMBeanInterceptor.java:110)
at oracle.as.jmx.framework.generic.spi.interceptors.LoggingMBeanInterceptor.internalPreRegister(LoggingMBeanInterceptor.java:633)
at oracle.as.jmx.framework.generic.spi.interceptors.AbstractMBeanInterceptor.doPreRegister(AbstractMBeanInterceptor.java:180)
at oracle.as.jmx.framework.standardmbeans.spi.OracleStandardEmitterMBean.preRegister(OracleStandardEmitterMBean.java:611)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.preRegisterInvoke(DefaultMBeanServerInterceptor.java:1010)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerDynamicMBean(DefaultMBeanServerInterceptor.java:938)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerObject(DefaultMBeanServerInterceptor.java:917)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.registerMBean(DefaultMBeanServerInterceptor.java:312)
at com.sun.jmx.mbeanserver.JmxMBeanServer.registerMBean(JmxMBeanServer.java:482)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$27.run(WLSMBeanServerInterceptorBase.java:714)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.registerMBean(WLSMBeanServerInterceptorBase.java:709)
at weblogic.management.mbeanservers.internal.JMXContextInterceptor.registerMBean(JMXContextInterceptor.java:445)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$27.run(WLSMBeanServerInterceptorBase.java:712)
at java.security.AccessController.doPrivileged(Native Method)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.registerMBean(WLSMBeanServerInterceptorBase.java:709)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.registerMBean(WLSMBeanServer.java:462)
at oracle.as.jmx.framework.wls.spi.security.PrivilegedMBeanServerInterceptor$1.run(PrivilegedMBeanServerInterceptor.java:55)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at oracle.as.jmx.framework.wls.spi.security.PrivilegedMBeanServerInterceptor.registerMBean(PrivilegedMBeanServerInterceptor.java:60)
at HTTPClient.config.JRFContextProvider.registerContextRemovalListener(JRFContextProvider.java:142)
at HTTPClient.config.ConfigurationFactory.registerContextRemovalListener(ConfigurationFactory.java:569)
at HTTPClient.config.ConfigurationFactory.getConfiguration(ConfigurationFactory.java:133)
at HTTPClient.config.ConfigurationFactory.getConfiguration(ConfigurationFactory.java:103)
at HTTPClient.HttpClientConfiguration.getConfiguration(HttpClientConfiguration.java:53)
at HTTPClient.CookieModule.getMutableStatics(CookieModule.java:769)
at HTTPClient.CookieModule.addCookie(CookieModule.java:515)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3717)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)>
<May 24, 2012 11:17:11 AM GMT+00:00> <Notice> <StdErr> <BEA-000000> <May 24, 2012 11:17:11 AM oracle.security.jps.internal.jaas.JpsAbsSubjectResolver getApplicationRoles
FINE: oracle.security.jps.ee.jmx.JpsJmxInterceptor:internalPreRegisterJpsException caught during app roles computation: oracle.security.jps.service.policyst
ore.PolicyObjectNotFoundException: JPS-04028: Application with name "abc" does not exist.>Hi,
This forum is for issues migrating from non-Oracle databases to Oracle.
It would be better to ask this question in one of the Weblogic servers but as there are several Weblogic forums but it may be better to try this one first -
Forum: WebLogic Server - Upgrade / Install / Environment / Migration
WebLogic Server - Upgrade / Install / Environment / Migration
Regards,
Mike -
Using Weblogic LDAP JAAS credentials for 3rd party authentication
Hello to all!
I'm posting this question because I'm developing a software layer that will connect a weblogic based web application, with LDAP authentication, to a 3rd party application, also with LDAP authentication, and I'm having difficulties in getting a <b><i>javax.security.auth.Subject</i></b> object from the weblogic server.
I already have a way of doing it, but it requires that a username and a password exist in some sort of storage, in order to work (either hardcoded (which is to be avoided as much as possible) or stored in a file (which is to be avoided if possible, but if nothing better exists...)).
I'm using a Weblogic 11g server, with LDAP authentication (LDAP provider placed in last at the provider list, with flag SUFFICIENT) and I'm developing the software layer using Oracle's jDeveloper 11g Release 1.
Now, this 3rd party application requires a <b><i>javax.security.auth.Subject</i></b> object in order to perform authentication.
How do I get this from the weblogic server ?
Of the following approaches, can you tell me which are the most correct ones ?
<ul>
a)<b>
LoginContext lc = null;
try {
lc = new LoginContext("<JAAS instance name>");
lc.login();
} catch (LoginException e) {
e.printStackTrace();
javax.security.auth.Subject subject = lc.getSubject();
</b>
</ul>
<ul>
b)<b>
LoginContext lc = new LoginContext("<JAAS instance name>"
new MyClass.CallbackHandler(userid, password));
lc.login();
javax.security.auth.Subject subject = lc.getSubject();
javax.security.auth.Subject.doAs(subject, myClassObject);
</b>
</ul>
<ul>
c)<b>
javax.security.auth.Subject subjectA = weblogic.security.Security.getCurrentSubject();
subjectA.doAs(subjectA, myClassObject);
</b>
</ul>
Thanks in advance,
Nuno B.Here is a document on Monitoring and Reporting Tool Integration into Network Admission Control.
http://www.cisco.com/en/US/netsol/ns466/networking_solutions_white_paper0900aecd801dee49.shtml -
Multiple LDAP Servers in Fusion Middleware (OBIEE 11g)
Hello,
I have a question, regarding integration of multiple LDAP servers with single Weblogic Server of Fusion Middleware (OBIEE 11g). We are currently using OBIEE 10g. We are on verge of migrating to 11g. However, I have a question regarding the LDAP server.
Our two applications run on two distinct LDAP servers. The plan is to provide a single sign on link for OBIEE 11g reports to the end users and depending on what application they are using, they must be authenticated against the respective LDAP server.
So, my question, is it possible to Integrate two different LDAP servers in the Weblogic of Fusion Middleware (OBIEE 11g). If so, what would be the steps. Any helpful document will also be appreciated.
Thank you,
Chandu.Yes, you can configure multiple authentication providers one by one as you generally do.
When you configure multiple Authentication providers, use the JAAS Control Flag for each provider to control how the Authentication providers are used in the login sequence. You can set the JAAS Control Flag in the WebLogic Administration Console.
REQUIRED—The Authentication provider is always called, and the user must always pass its authentication test. If authentication succeeds or fails, authentication still continues down the list of providers.
REQUISITE—The user is required to pass the authentication test of the Authentication provider. If the user passes the authentication test of this Authentication provider, subsequent providers are executed but can fail (except for Authentication providers with the JAAS Control Flag set to REQUIRED).
SUFFICIENT—The user is not required to pass the authentication test of the Authentication provider. If authentication succeeds, no subsequent Authentication providers are executed. If authentication fails, authentication continues down the list of providers.
OPTIONAL—The user is allowed to pass or fail the authentication test of this Authentication provider. However, if all Authentication providers configured in a security realm have the JAAS Control Flag set to OPTIONAL, the user must pass the authentication test of one of the configured providers.
refer - http://docs.oracle.com/cd/E13222_01/wls/docs92/secmanage/atn.html
Regards
Mukesh Negi
http://weblogicserveradministration.blogspot.in/ -
Questions on Oracle E-Business Suite JAAS impl with ADF (Patch 8571001)
I am working at a customer site, where we are developing extensions to EBS R12 using ADF 11g. I have some questions around Oracle E-Business Suite JAAS implementation (Patch 8571001). The answers to these would help us choose the right path for the overall project.
1. How much integration is possible between ADF JAAS roles and the EBS User management roles? If we implement Oracle E-Business Suite JAAS implementation using this patch, how would the component/field level security work in ADF? Will ADF pages refer to roles in EBS UMX tables for field level security?
2. Is there any detailed documentation as to how to Oracle E-Business Suite JAAS implementation works. I have read the metalink note # 974949.1; however it does not provide enough details on UMX/EBS integration. Any pointers would be really helpful.
Thanks a lot.wrong forum - sorry.
Please try the Applications forums on OTN
Frank -
SOA Suite 11g - Connection Pools constantly getting suspended...
Hi,
I have composites, bpel processes using database adapters.
*I keep getting "+Pool mds-owsm is Suspended, cannot allocate resources to applications+" and " Pool SOALocalTxDataSource is Suspended, cannot allocate resources to applications.." in soa_server logg.*
There are no errors in db trace logs. It seems related to the WLS JDBC data sources, they are constantly getting suspended.
After a while no new connections can be created, and managed soa server hangs. Restart is the only "solution" for now...
I have increased "Maximum Capacity" on the connection pool to 300 without success.
Any ideas, pointers, help appreciated.
+<Jan 6, 2011 8:55:02 AM CET> <Error> <org.quartz.impl.jdbcjobstore.JobStoreCMT> <BEA-000000>+
+<ClusterManager: Error managing cluster: Failed to obtain DB connection from data source 'soaNonManagedDS': java.sql.SQLException:+
Could not retrieve datasource via JNDI url 'jdbc/SOALocalTxDataSource'*
weblogic.jdbc.extensions.PoolDisabledSQLException: weblogic.common.resourcepool.ResourceDisabledException: Pool SOALocalTxDataSource is Suspended, cannot allocate resources to applications..org.quartz.JobPersistenceException:
Failed to obtain DB connection from data source 'soaNonManagedDS': java.sql.SQLException:
Could not retrieve datasource via JNDI url 'jdbc/SOALocalTxDataSource' weblogic.jdbc.extensions.PoolDisabledSQLException:
weblogic.common.resourcepool.ResourceDisabledException: Pool SOALocalTxDataSource is Suspended, cannot allocate resources to applications..
+[See nested exception: java.sql.SQLException: Could not retrieve datasource via JNDI url 'jdbc/SOALocalTxDataSource'+
+weblogic.jdbc.extensions.PoolDisabledSQLException: weblogic.common.resourcepool.ResourceDisabledException: Pool SOALocalTxDataSource is Suspended, cannot allocate resources to applications..]+
+ at org.quartz.impl.jdbcjobstore.JobStoreCMT.getNonManagedTXConnection(JobStoreCMT.java:167)+
+ at org.quartz.impl.jdbcjobstore.JobStoreSupport.doCheckin(JobStoreSupport.java:3167)+
+ at org.quartz.impl.jdbcjobstore.JobStoreSupport$ClusterManager.manage(JobStoreSupport.java:3811)+
+ at org.quartz.impl.jdbcjobstore.JobStoreSupport$ClusterManager.run(JobStoreSupport.java:3847)+
+<Jan 10, 2011 6:22:47 AM CET> <Warning> <oracle.wsm.resources.policyaccess> <WSM-06001> <Error obtaining Policy Set.+
oracle.wsm.policymanager.PolicyManagerException: WSM-02079 : Failed to connect to Policy Manager instance due to error "java.rmi.Rem
oteException: EJB Exception: ; nested exception is:
oracle.mds.exception.MDSRuntimeException: MDS-00001: exception in Metadata Services layer
MDS-00001: exception in Metadata Services layer
+weblogic.common.resourcepool.ResourceDisabledException: Pool mds-owsm is Suspended, cannot allocate resources to applications..".+ at oracle.wsm.policymanager.client.PolicyAccessServiceDelegate.getPolicies(PolicyAccessServiceDelegate.java:136)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread$1.run(PolicyCacheImpl.java:714)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread$1.run(PolicyCacheImpl.java:711)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:47)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedExceptionAction.run(CascadeActionExecutor.java:7
+9)+
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:48)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:52)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread.run(PolicyCacheImpl.java:710)
Caused By: java.rmi.RemoteException: EJB Exception: ; nested exception is:
oracle.mds.exception.MDSRuntimeException: MDS-00001: exception in Metadata Services layer
MDS-00001: exception in Metadata Services layer
+weblogic.common.resourcepool.ResourceDisabledException: Pool mds-owsm is Suspended, cannot allocate resources to applications..+ at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:205)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:345)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at oracle.wsm.policymanager.ejb.impl.PolicyAccessService_elx95s_IStringPolicyAccessServiceRemoteImpl_1033_WLStub.getPolicies
AsStrings(Unknown Source)
at oracle.wsm.policymanager.client.PolicyAccessServiceDelegate.getPolicies(PolicyAccessServiceDelegate.java:132)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread$1.run(PolicyCacheImpl.java:714)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread$1.run(PolicyCacheImpl.java:711)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at oracle.security.jps.internal.jaas.AccActionExecutor.execute(AccActionExecutor.java:47)
at oracle.security.jps.internal.jaas.CascadeActionExecutor$SubjectPrivilegedExceptionAction.run(CascadeActionExecutor.java:7
+9)+
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.security.Security.runAs(Security.java:61)
at oracle.security.jps.wls.jaas.WlsActionExecutor.execute(WlsActionExecutor.java:48)
at oracle.security.jps.internal.jaas.CascadeActionExecutor.execute(CascadeActionExecutor.java:52)
at oracle.wsm.policyaccess.impl.cache.PolicyCacheImpl$BackTracingSynchronizationThread.run(PolicyCacheImpl.java:710)
Caused By: oracle.mds.exception.MDSRuntimeException: MDS-00001: exception in Metadata Services layer
MDS-00001: exception in Metadata Services layer
weblogic.common.resourcepool.ResourceDisabledException: Pool mds-owsm is Suspended, cannot allocate resources to applications..
at oracle.mds.internal.persistence.db.BaseReposAccess.<init>(BaseReposAccess.java:360)
at oracle.mds.internal.persistence.db.shredded.ShreddedReposAccess.<init>(ShreddedReposAccess.java:274)Hi again,
Thanks for the input, to answer your questions Anuj:
Database
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
Middleware
Oracle SOA Management 11.1.1.3.0
Oracle SOA Infrastructure 11.1.1.3.0
Oracle SOA Suite Patch 11.1.1.3.0
Oracle SOA Common Adapters 11.1.1.3.0
Enterprice Manager 11g Fusion Middleware Control 11.1.1.3.0
And..
Connection Creation Retry Frequency is set to "10"
Test Connections On Reserve is enabled.
Login Delay is stil set to 0 (by default), why should this value be other than 0?, wouldn't increasing it to 10 heavily slow down message-processing..?
DB and SOA are not on same machine, no n/w issues.
Regards
Anders. -
Hi! i'm trying to build my loginapp project using jaas auth (based on table db)
in the 11g and doesn't work.
Is there any difference with the 10.1.3g example?
I also try to open the loginapp demo in the 11g build with the 10.1.3g and
migration tell me success but still not working.
For the OCJ4 conf :
The files i modify in the 10.1.3g are located in <home>/jdev/system/oraclexxx/embebedoc4j/config
and the ones i modify in the 11g are located in <home>/j2ee/home/config
is it right or maybe i have to change other files?
Thanks!Hi,
because of changes to the security architecture in OC4J, the whole JAAS area is flaky right now. I am working on a similar project that suffers from the same issues. Chances are that a next public beta will have this issue fixed.
Don't worry if migrations doesn't work because they are not worked on yet
Frank
Maybe you are looking for
-
New Video Editing Laptop for CS6
Hi there, Have been doing a ton of reading on different forums and everyone has come to similar conclusions that this is about as hard as it gets, but seeing as I will be moving around a lot in the next year and my organization has agreed to pay $250
-
I have created a PDF file with password protection. The Clip to Clipboard is grayed out but I can highlight it and copy it. Why? I am viewing the file in Adobe Reader 9.1.3
-
Itunes will not display amazon purchases
iTunes will not display songs I purchased from Amazon and others, it also will not automatically play them when I shuffle "Purchased". They are in the library because when I search for them I find them. Any help greatly appreciated.
-
New ipod nano...
I had an older ipod nano and recieved a new one for Christmas. Can I still use the music library from the old one on the new one?
-
HI, GURUS, Will any expert will suggest me pls i have to load data in invoice cube of business content, for this how can i know that i have to load these master data for invoice cube.