JAAS LoginModule j_security_check and user info

Similar Messages

• User name sent to my email address, but never arrives. Has Firefox been hacked and user info being sent to the wrong people?

  Had some issues with Firefox 35.0.1 trying to post on this forum. Fox would not accept my login, so I requested to reset my password. Password reset O.K. still a no go, thought my login was bad and requested them send my "User name" (same email) User name never arrives. I had to create a new account on the forum to post this question as I can't get my old login to work.
  Anyone else having this problem or has Firefox been hacked and my "User Name" sent to someone else?

  Hi maheman,
  Can you try to recover the password with the email and private message me a timestamp. I can ask an admin to take a look at the technical side of what is happening, the email is removed from the public thread, however it may be necessary to investigate. (please include just the username in the private message)
  Thank you.

• Apple TV Menu dimmming in sub menus and user info screens

  Hey all. I have a problem with my apple tv (2nd gen) dimming when in a sub menu or entering usernames, passwords, etc. When I back out to the main menu the screen brightens. The screen is at normal level when watching videos etc.
  I believe it has nothing to do with my lcd since the screen is fine on the main apple tv menu.
  Any ideas? Is this a setting? I didn't see it in the settings menu.

  Welcome to the Apple Community.
  One of my tv's dims its screen when it is mostly black, but this is a function of the tv, could the same be so in your case.

• Changing a username in Active Directory - does this update People picker, User Info List etc?

  What happens in SP2013 when a user gets married and changes their name in AD?
  My understanding is that after a full  (?) User Profile import and a People crawl (Full/inc?) - their display name in SharePoint will be updated but in SP2013 do the entries in People picker and User Info Lists also get updated or are their manual steps
  that have to be taken?
  Thanks
  J

  First, User Profiles will be updated after the next incremental sync.  SP 2013 only does Full User Profile syncs manually.  A full sync is not really required.
  Second, there are two timer jobs that will sync the user profile with the user lists in each site collection.  The "Quick" job only syncs new users, while the "Full" job should sync all user changes.  The "Full" job
  runs hourly by default.
  Third, the people picker should be getting its info from AD, although there is some caching that goes on.  So it should pick up the change from AD when the cached information ages out.
  Paul Stork SharePoint Server MVP
  Principal Architect: Blue Chip Consulting Group
  Blog: http://dontpapanic.com/blog
  Twitter: Follow @pstork
  Please remember to mark your question as "answered" if this solves your problem.

• Time machine only copies User Info and Users (Applications, Library, and System are missing) from my quad core Mac Pro.  45 Gb of 162 Gb are missing.  Any one having success with time machine copying all folders using Mavericks?   What do I need to do dif

  Time machine only copies User Info and Users (Applications, Library, and System are missing) from my quad core Mac Pro.  45 Gb of 162 Gb are missing.  Any one having success with time machine copying all folders using Mavericks?
  What do I need to do differently?

  The late, great Pondini was investigating that issue before he passed away.
  See here: https://discussions.apple.com/thread/5125969
  I think there might be information there on how to reset Time Machine to do a full backup. I think you basically have to reset it and start over.

• Restoring Old User Info and programs

  Hi, I just got my macbook back from repair and the harddrive is wiped clean...had to start over with new user name and registration.
  Before I sent it away (again), I backed up my user profile on a firewire drive.
  How do I properly re-install this old user information?
  Can I still install and use all my new programs saved in old User?
  What do I need to be careful of?
  Old User info is in 10.4.7---clean Mac back from repair in 10.4.6
  If someone could give me a step-by-step sort of reply or point me in the direction of a support article I'd really appreciate it.
  Thanks

  Fritz,
  All the info you need is contained in this kbase article, but there is one item from this article that is somewhat out of date....
  When you get to the section of the article that describes the 2 commands to use in Terminal, use this single one instead:
  <pre style="overflow:auto; font-family: 'Monaco'; font-size: 10px">chown -R username:username /Users/username</pre>
  In the above command, you will replace all instances of "username" with your own short name. So, if your short name is "fred," for example, you will type the following exactly:
  <pre style="overflow:auto; font-family: 'Monaco'; font-size: 10px">chown -R fred:fred /Users/fred</pre>
  Otherwise, follow all the directions for "manually" restoring your HOME folder.
  Keep in mind that this will not reinstall applications that you had installed before. It will, however, restore all of the settings and data for those applications. Once you have reinstalled the applications, themselves, you will be right back where you were.
  Scott

• Server 10.5.7 upgrade deleted all user and group Info -- Receiving error -1

  After upgrading our Dual 2.0 G5 server that was running 10.5.6 to 10.5.7 all groups and user information lost access. In addition when starting the workgroup manager error -14008 appears. Also when we look into the console log the following shows up
  ------------com.apple.launchd[1] (edu.mit.kadmind) Throttling respawn: Will start in 10 seconds
  over and over
  Any help would be greatly appreciated.

  I looked into A&I more, maybe it's not as nuclear as I thought. I presumed it meant I needed to reinstall all non-apple Apps, which means digging up disks and codes, none of which I have here. I'm away from home for another 4 weeks, which means doing that is difficult.
  Being away is also why my back-up is a little out of date, I didn't bring the time machine drive for that MBP with me. I had it shipped to me as soon as I had problems, but the back-up I'd have to roll back to is now 1-2 weeks old and might still have the funky user:group problems since my timezone problems began before the 10.5.7 update.
  I think DiskWarrior may of finally repaired the user:group issues. Not 100% sure but it's looking better. I just noticed that the primary user is admin but User is 502 and Group is 502. Whereas my secondary user account (also Admin) on that MBP User is 501 and Group is 20. My recollection is 20 is staff and both users groups should be 20.
  I'll look into A&I more, probably do it when I get home.
  Thanks.
  Message was edited by: jb510

• I'm unable to load my Microsoft Exchange account.  Think I'm entering the wrong info for domain and user but haven't figured out the correct inputs...

  I think the problem is with my domain and user name information.  Does anyone have any suggestions...

  I know that when i tried to add a Live/Hotmail account I tried MS Ex but ended up having to forward my Live to my Gmail or just add an IMAP account.

• Web - What is easiest way to implement User Security and User Profiles

  Hi, I am new to these forums and kind of new to Java. Sorry if this is in the wrong forum!
  Bit of background to my experience with java
  I have been playing about with java for a number of years and have created a few basic programs such as a screen shot tool that allows you to capture to default locations and look at previews first etc. I am now venturing into web related stuff. I work in IT doing systems testing and have done bits of basic development on various things.
  What I've done so far
  I am using Netbeans IDE 6.7 and MySQL 5.0
  I am trying to learn more complex java and have decided to try build a basic web / database system that basically implements adding / amending / deleting data from a MySQL database through web pages. I am now trying to implement basic user access and profiles. I have so far got the following:
  - MySQL table with user info - username / password
  - JSP page with usual login stuff
  - Servlet that validates the username and password - if correct forwards to main menu page.
  Its as simple as that - there is nothing stopping you just typing in the URL of the main menu page and going from there.
  What I want
  I am wanting to eventually get the following:
  - User authentication so that you have to logon before you can access anything else
  - User profiles that determine what each user can or can't do, restricting the pages / services / options available (i.e. normal user can't delete etc)
  - Would it need some sort of session manager to allow multiple users etc?
  I appreciate this is a fairly open question but what is the easiest way to start implementing this? Not after specific code as I would prefer to try figger things out myself, but a point in the right direction would be great. It doesn't have to be extremely secure as this is just for me at the minute.
  I have spent all day looking at things like session data / url rewriting / security settings in web.xml / bespoke servlets and am now in java overload!

  Hi everyone,
  I've now actually gone back to the tutorial that I linked to above and implemented that using form login and j_security_check.
  Agree with Saish, and although I don't know enough about the other options to give a good reason, using realms and j_security_check just seems to be a bit cluncky and messy. I would also prefer something a bit more generic, that doesn't rely on setting users in glassfish, hence why I started with my own user table.
  Anyway, I will leave it as is for now and maybe come back and try one of the other options.
  The only problem I can see now is that to add users i will need to go through all the steps of adding users in glassfish and web.xml... Is there a way to do this through a servlet or something so I can have a jsp page to add users that also creats all the other bits for it to work?
  Thanks everyone for your help

• How to capture LoginException throwed by Customized JAAS LoginModule?

  I have a customized JAAS LoginModule deployed on WebLogic, when authentication fails, it throws LoginException("Incorrect Password");
  At remote fat-client side, I use following code to login to WebLogic:
  Environment env = new Environment();
  env.setInitialContextFactory(weblogic.jndi.Environment.DEFAULT_INITIAL_CONTEXT_FACTORY);
  env.setProviderUrl(url);
  env.setSecurityPrincipal("user1");
  env.setSecurityCredentials("wrong password");
  Subject subject = new Subject();
  Authenticate.authenticate(env, subject);
  With the wrong password, the client get exception:
  javax.security.auth.login.LoginException: java.lang.SecurityException: User: user1, failed to be authenticated. (The exception message is replaced :-( )
  How can the fat-client get the exact Exception("Incorrect Password") which is thowed by the LoginModule ???

  I have also had the same problem. In the end, it is not possible to propagate a sub-class of a LoginException (or any other type of exception) to a remote client. The WLS Security Framework will always return to the caller its stand LoginException and message. The WLS documentation also clearly states this. Sorry to disappoint. The only other suggestion I have is to pass the name and credentials to a server-side client authentication proxy and let it return the authenticated Subject or a customized LoginException to the client (the server-side proxy should of course not required any authorization).
  Let me know if you come up with some other way!
  Eitan

• JAAS LoginModule: how to getCurrentUser

  Hallo there everyone!
  I'm creating a custom LoginModule for the WLS 7.0 and I'm trying to get the username
  from the user request. Something like in servlets/jsp request.getRemoteUser()
  or in WLS 6.0 weblogic.security.acl.Security.getCurrentUser() would have done
  the job I think (but it’s been deprecated in 7.0).
  Is there a way of doing this from within the JAAS LoginModule?
  Regards
  Patrick

  request.getRemoteUser() still works fine for me after I implented a custom
  Autthenication / LoginModule.
  "patrik" <[email protected]> wrote in message
  news:[email protected]..
  >
  Yes, I have. see:
  http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.develo
  per.interest.security&item=8553&utag=
  >
  But if you've managed to get out the information from it I'd be gratefulto know
  how.
  /Patrik
  "Utpal" <[email protected]> wrote:
  Have you tried weblogic.security.Security.getCurrentSubject() ??
  -utpal

• JAAS LoginModule - how do I get path, port, resource accessed, etc

  Hi,
  I checked everywhere including the forums, but could not get any info on this. I'm writing a custom JAAS LoginModule for the WebAS 6.40 server. I'm trying to figure out how to get the following out of the request from within login() or initialize() or any other method:
  1. Name of the webserver (i.e. the WebAS server being accessed like www.mycompany.com)
  2. Resource (e.g. /QuickCarRental)
  3. Port through which the request comes in (e.g. 50000)
  The URL being accessed in the above case is http://www.mycompany.com:50000/QuickCarRental
  Appreciate your help, and points will be awarded. Have a nice day
  R Abraham

  This is only available for NetWeaver Portal, not NetWeaver Application Server(WebAS). host and port can be obtained using the following code:
                 Callback[] callbacks = new Callback[3];
                 callbacks[0] = new NameCallback("UserId: ");
                 callbacks[1] = new PasswordCallback("Password: ", false);
                 // get host name and port
                 HttpGetterCallback getterCallback = new HttpGetterCallback();
                 getterCallback.setType(HttpCallback.HEADER);
                 getterCallback.setName("Host");
                 callbacks[2] = getterCallback;
                 try {
                      callbackHandler.handle(callbacks);
                 } catch (Exception ex) {
                      throw new LoginException(ex + "");
                 Object retValue = ((HttpGetterCallback)callbacks[2]).getValue(); //get host
  host and port will be returned in the following format SERVER.COMPANY.COM:50000
  Currently WebAS is not able to return the resource as per SAP development.

• Use custom JAAS LoginModule without UME - possible?

  Hi all,
  I want to deploy an application that internally makes use of JAAS to authenticate users. There is a LoginModule that authenticates users against some database tables containing all the user data and profile. The application was not designed to be deployed to NetWeaver. So it does not make use of UME or some other NetWeaver specific feature. Actually it handles user management and authoroization issues completely on its own. The only reason for having JAAS is to allow customers to plug in their own LoginModule to use some other kind of user store.
  When deploying the web application to a simple servlet engine like Tomcat, all I have to do is to register my LoginModule in the "jaas.conf" file that is parsed by JAAS default implementation. I also tell the JVM where my jaas.conf file is located by appending a "-Djava..." runtime parameter to the JVM startup script.
  When using other application servers like IBM WebSphere things become a bit different. Normally you use the administration GUI of that server to configure your LoginModules. WebSphere for example keeps the login configuration in an internal database rather than writing everything into a "jaas.conf" text file. But the way the application can use the LoginModule is the same as in Tomcat.
  But when it comes to Netweaver, it seems to me that it's not possible to define a LoginModule that your application can use WITHOUT having to couple it tightly to UME. Or did I get something wrong? Initially I've tried to modify the JVM's parameters (using SAP J2EE Config Tool) to include the location of my "jaas.conf" file containing the my login configuration. But that did not work. The parameter was really passed to the JVM but anyway my LoginModule was not found, I guess that NetWeaver has some own implementation of the JAAS interfaces that just ignore the plain text JAAS configuration files (like WebSphere also does).
  The documentation that I have downloaded from SDN doesn't seem to match the 6.4 sneak preview version that I just downloaded some days ago. They say you should deploy your LoginModule as a library and add a refernce to the application. I tried that out but it did not help. The login configuration that the application wants to access is still not found. Actually there seems to be no way to specify the name for a JAAS Login Configuration in NetWeaver. At least I cound not find that in the documentation.
  So basically my question is: is it possible to deploy an application that wants to use some own LoginModule (either deployed separately or together with the application, that does not matter) without making use of Netweaver specific features like UME? The application has its own user management infrastructure and just needs a way to setup a JAAS Login Configuration to access its own LoginModule.
  Thanks for any reply
  Henning

  http://help.sap.com/saphelp_nw04s/helpdata/en/3f/1be040e136742ae10000000a155106/content.htm

• How is our CustomRealm supposed to find our user info?

  We keep our user info in EJBs. Custom realms can't use EJBs, so we've been
  told to access them directly through JDBC. The problem is that we don't
  know where the EJB data source is pointed so we don't know where to look for
  our user info. Is there some trick to this? Some way to tell WebLogic
  where our EJBs will be so that our custom realm can go look there?

  I'll share our ideas at this point, maybe someone can help us pick a winner:
  1. Make a custom realm that fails until our EJBs and data source are
  available, then starts working. The documentation says that the caching
  realm will check the custom realm first, then the basic realm. This seems
  like the solution with the least administrative overhead. I'm testing this
  idea right now.
  2. Keep a separate database/file/whatever synchronized with our EJBs for the
  custom realm to use. This raises the synchronization issues, and I'm not
  sure where we'd put the file/database/whatever. We make a tool that creates
  enterprise apps (deployed as EARs), so we like solutions that are easy for
  our users to deploy.
  3. Create a custom realm bean that knows where our data source is going to
  be. Then the custom realm can use JDBC to connect to our actual EJB
  database and get info from there. This is WebLogic's suggestion, if I
  understand their WebSupport folks properly. The downside is that the user
  has to set up a datasource for our EJBs and fill in a property on our
  custom realm bean.
  Any other suggestions?
  Any info on why these wouldn't work?
  Anyone out there solve this problem before?
  "Rod Johnson" <[email protected]> wrote in message
  news:[email protected]...
  Good question. I was just about to make a similar post.
  I assume that a custom realm (or any realm implementation) is analogous toa
  startup class, and will be instantiated before any EJBs, and will apply to
  the entire server, regardless of the EJB and Web application deploymentson
  it. (I'm assuming that the user data is stored in a RDBMS.) This means
  that:
  (a) Eric's problem will prevent flexibility in deploying the EJBs, which
  breaks one of the advantages of J2EE
  (b) The need for connection pooling infrastructure is duplicated: the
  RDBMSRealm sample gets JDBC connections directly
  (c) The need for the realm to create users conflicts with the use of EJBsto
  manage User entities (normally used in one form or another in J2EE
  applications). For example, the RDBMSRealm needs to be able to create rows
  in a table (username and password) to create a user. This means that auser
  entity can't "manage" this table. I see that in the new
  Girdley/Woollen/Emerson book's sample application, there are two tables,
  one managed by the user entity, and one managed by the RDBMSRealm. Tocreate
  a user, the app first creates an entity, and if that works, adds a user toa
  realm. This means that user data is duplicated (and there isn't even any
  enforced referential integrity between these tables in the database).
  Am I missing something, or has anyone been able to find an elegantsolution
  to these problems?
  I can see why the architecture might work the way in does, but this whole
  problem makes me wonder whether standard J2EE form-based security with the
  j_security_check action is very useful. Wouldn't implementing a customlogin
  action that does the entity bean lookup and calls
  ServletAuthentication.weak(user, pwd, request) be less trouble and avoid
  fighting the entity bean? The problem would be how to handle permissions.
  Rod Johnson
  "Eric Hodges" <[email protected]> wrote in message
  news:[email protected]...
  We keep our user info in EJBs. Custom realms can't use EJBs, so we'vebeen
  told to access them directly through JDBC. The problem is that we don't
  know where the EJB data source is pointed so we don't know where to lookfor
  our user info. Is there some trick to this? Some way to tell WebLogic
  where our EJBs will be so that our custom realm can go look there?

• How to access a Portal User Info from a J2EE application?

  Hi,
  I have deployed a j2ee application in portal and its running fine.
  from that application i need to assign some roles to some users.i have the user id.
  so my doubt is can i access the portal user info from this j2ee application?i have some servlets in the j2ee application....can i get the portal user info from this servlet?
  plz help me
  regards,
  Visweswar

  Hi,
  Please check out this to get the portal user information from Java -
  WdClientUser class/Interface to aciehve this.
  Please check out these links on the same -
  WDClientUser.getClientUser IUser
  help needed
  Regards
  Lekha