JAAS Principals and subject

Similar Messages

• Relation between Principals and role in JAAS

  hi
  i have a problem to understand the relation between Principals and roles
  is a principal a role?
  if for example, a user A have two roles:role1 and role2
  what we should do:a principal for each role or one principal that contain the two roles
  please help me?

  thanks ejp for your response
  another question if u don't mind:
  suppose that a user A have two principal :p1 and p2
  what should i do: two classes that implements Principal, Serializable for each type of principal or simply write one class that implements Principal, Serializable and assign the type of principal to the constructor(MyPrincipal("p1") and MyPrincipal("p2"))

• JAAS Authorization and Credentials

  Hi,
  I am adapting an access control system to operate as a JAAS authentication and authorization service. There is a lot of doco covering creation of custom authentication but far less on the authorization side. Any pointers welcome.
  My question is: What is the role of a Subject's "credentials" in the authorization scenario?
  From what I can see a Subject's credentials aren't even available to the authorization service under JAAS? When application code calls methods such as SecurityManager.checkPermission() it seems that a Subject's Principals are passed down to the authorization engine (the Policy) but not the Subject's credentials.
  A ProtectionDomain also has an array of Principals rather than credentials.
  I would like to base the access decisions made by the authorization engine (a custom Policy) on a Subject's credentials. Is there a way? I could just use my credential class as a Principal (with some minor changes) but the information in my class does not represent an idenity, it is a "credential"!
  Any tips gratefully received.

  When application code calls methods such as SecurityManager.checkPermission() it seems that a Subject's Principals are passed down to the authorization engine (the Policy) but not the Subject's credentials.The Subject's public credentials are available via Subject.getPublicCredentials if the JAAS login module has set them up. But the Policy shouldn't need them at this stage. The Subject has already been authenticated by the JAAS login module. All the Policy should be is interested in is what this Subject can do. The credentials aren't for that, they are for authenticating his identity. See below for further discussion.
  A ProtectionDomain also has an array of Principals rather than credentials.Again it doesn't need them. Only the JAAS login module needs them.
  I would like to base the access decisions made by the authorization engine (a custom Policy) on a Subject's credentials.You should base it on the Subject itself and its Principals. Specifically the idea is that he has one or more RolePrincipals that name the roles he is allowed to act as in the application.
  So you write a JAAS LoginModule that inspects the credentials, Principal, name etc and adds RolePrincipals to the subject according to what he is now allowed to do. Then your custom Policy just looks for the appopriate Principal in the Subject. If there, OK, if not, bang you're dead.
  From one point of view this is an efficiency measure. From another point of view it is an essential normalization. You could have millions of credential sets that all map to the same role. And you certainly don't want your Policy to be concerned with individual credentials, only with the Roles they map to.

• In Mail, Reply To and Subject area doesn't appear

  In Mail, Reply To and Subject area doesn't appear on an opened email.

  Hi
  Go to Mail / Preferences
  on the Viewing tab - Show header detail  - drop down box
  Select whatever suits you. - try default
  /Dennis

• Submit by email button ignoring specified email address and subject

  I have recently upgraded to CS5.5 and I am having trouble with the Submit by Email button in my form. 
  When I distribute the form the email address and subject specified on the button are ignored.  Instead, the form is submitted to my email address with the subject of 'Submitting Completed Form'. 
  I have tried creating the form a number of different ways (i.e. converting PDF created in inDesign, just in Acrobat from scratch, just in Livecycle Designer from scratch) with no success and the same result.  I have found I can change the email address if I go to Acrobat X Pro: Edit > Preferences > Identity but this is not an adequate work-around and does not fix the issue of the subject.
  My company develops forms for both internal and external clients that require this functionality.  The email subject is used to help identify which form it is and routes it to the appropriate department. 
  I have searched the web and this forum for answers but have not found an answer. 
  My question is:  How do I get the 'Submit by Email' button to work correctly?
  I have created many forms before using CS3 and have never encountered this problem.  At the moment the only way I can see to fix the problem is to go back to CS3 which seems ridiculous.  I thought later versions of software were supposed to work better not look the same and not work (sorry for the rant, frustration is getting the better of me).
  I need to use the Distribute Form as it states in the LiveCycle help:
  If you do not use the Distribute feature, form recipients who use Adobe Reader cannot save modifications to most PDF files, including forms filled with data.  They must either immediately return their data electronically or print the form and return the paper copy.
  I am using Acrobat 10 Pro and Livecycle Designer on Windows 7 64-Bit
  Any help will be greatly appreciated.

  What you are seeing is the intended behavior and I'm not sure why is has changed.
  When you distribute a form, it substitutes the email address you originally set up with the button with the one specified in your identity preference and the subject is set to "Submitting Completed Form". It makes a number of other changes to the document that make the distribution workflow possible. I do know that different code is used if the form is being used in a version of Acrobat/Reader prior to 9.
  With an acroform (not XFA), you can save a copy of the distributed form, allowing you to edit the scripts that among other things set the subject line of the email, so that a different subject line text is used. You can then re-enable the form and it should work OK. The problem is knowing exactly what needs to be changed and finding it, and I'm not certain that this is possible with an XFA form. I normally work with acroforms and know where to do it in Acrobat, but things are different in LiveCycle Designer.

• From:, To: and Subject: end up in email body - html email using sendmail

  To the experts and the experienced:
  I am trying to send email in html format from a Korn shell script on Solaris 10. The
  email does get delivered and is displayed html-formatted, except that the From:, To: and
  Subject: lines are displayed in the email body, rather than in the email header. I
  would appreciate it very much if experts and the experienced could shed some light.
  I use this command line to send the email:
  sendmail -t [email protected] < testmail
  The content of the testmail file is as follows:
  MIME-Version: 1.0
  Content-Type: multipart/alternative; boundary="frontier"
  --frontier
  Content-Type: text/plain
  From: [email protected]
  To: [email protected]
  Subject: test html email
  This is a plain-text email.
  Newman
  --frontier
  Content-Type: text/html
  From: [email protected]&lt;br/&gt;
  To: [email protected]&lt;br/&gt;
  Subject: test html email&lt;br/&gt;
  &lt;h3 align="center"&gt;This is a html email&lt;/h3&gt;
  &lt;p&gt;This is the paragraph.&lt;/p&gt;
  &lt;p&gt;Newman&lt;/p&gt;
  frontier\
  The email received in Microsoft Outlook (html-formatted), looks like this:
  From:         [email protected]
  To:
  Subject:
  From: [email protected]
  To: [email protected]
  Subject: test html email
  <h3 align="center">This is a html email</h3>
  <p>This is the paragraph.</p>
  Newman
  Two things in the email need fixing:
  1. All the From:, To: and Subject: lines are treated as part of the email body and are
  displayed in the email body, rather than in the header as I wanted them to.
  2. The From: line in the email header is the actual sender, not the Bursar.Office as I
  put in the testmail file. This can be easily done when using SMTP (telnet to port 25)
  or mailx.
  How do I tell sendmail/the email client to display in the intended places the From:,
  To: and Subject: information that I specified in the testmail file?
  Many thanks!
  Newman

  I searched in google and found a solution:
  mailx -r [email protected] -s "test html email
  content-type: text/html" john.doe < testmail
  The testmail file is a pure html file with one <html></html> element. The content embedded in this element is the body of the email, with all the usual tags you would like to use: <head>, <style>, &lt;h3&gt;, &lt;p&gt;, &lt;ul&gt;, etc.
  The trick is piggy-backing a content-type with the subject. It seems to me this it to get the content-type into the email header rather than into the body. And that was exactly the problem I had.
  The command lines was executed on Solaris 10. It works.
  Hope this could be useful to someone who would encounter the same problem.
  Newman

• How to email purchase order along with body and subject line

  hi experts,
         i have to email the purchase order along with the body and subject line. I am able to send the purchase order as a pdf attachment, but i have still not got a solution how to add body and subject line to this mail.
  plz help me out.

  Hi Santosh,
  if you investigate a little bit the PO output, you can find following information in SRM output customizing:
  POs are edited by methode PROCESS_BBP_PO_MAI from class CL_PD_PO_PROCESSING_BBP.
  Subject, body and attachments are handled here.
  So create your own class and method, and assign them in this customizing point (SRM Server --> Cross-Application Basic Settings --> Set Output Actions and Output Format --> Define Actions for Purchase Order Output).
  Rgds
  Christophe
  PS: please reward points for helpfull answers

• Automatic Derivation of IBASE and Subject values in SDCR document (ChaRM)

  Hi All
  In CHARM, when we create Change Document "SDCR", my objective is to set default values in IBASE/Component and Subject Fields. For the reason, I tried finding configuration to derive the values automatically whenever SDCR document is created through SLFN.
  Do I need to write User Exit, or is there any way to do it through Customizing?
  Thanks in advance.
  Nayab

  Thanks for your reply
  How can we set user-exit in solution manager. I do know of developing and activating exits in SAP FICO module, however, not in solution manager? Is it through some different way?
  Regards,
  Nayab

• OdiReadMail  - extract field from and subject in file

  Tool odiReadMail extract the body of the message in to file.
  I wont extract in this file fields form e-mal "from" and "subject". How i can do it?

  Yes. I want to extract fields "subject", "sender" and body mail message and place them in a file.
  I think, that it is necessary to change odiReadMail. But I do not know where to find source codes of this ODI tools.
  Message was edited by:
  RAD

• Is it possible to bypass JAAS authentication and use Authorisation alone?

  I have to implement jsp level security (by checking roles) for my JSF application.
  Authentications in my appln are done by a different servers. I don't want to disturb that.
  I have to implement authorisation alone using JAAS.
  Is it possible to bypass JAAS authentication and use Authorisation alone?
  I am using custom login module( implements DatabaseLoginModule) for authorisation.
  Moreover, after logging in, when a user tries to access a secured jsp page, he should NOT be redirected to login page again. Rather the role checks should be done using existing user credentials stored somewhere. How to invoke the custom DataBaseLoginModule without taking user to login screen?
  Any help would be great.
  Thanks,
  Adhil.J

  I have to implement jsp level security (by checking roles) for my JSF application.
  Authentications in my appln are done by a different servers. I don't want to disturb that.
  I have to implement authorisation alone using JAAS.
  Is it possible to bypass JAAS authentication and use Authorisation alone?
  I am using custom login module( implements DatabaseLoginModule) for authorisation.
  Moreover, after logging in, when a user tries to access a secured jsp page, he should NOT be redirected to login page again. Rather the role checks should be done using existing user credentials stored somewhere. How to invoke the custom DataBaseLoginModule without taking user to login screen?
  Any help would be great.
  Thanks,
  Adhil.J

• New mail: sender and subject dont match message

  Has anyone encountered the problem i have at the moment. When receiving a new message, the sender and subject line are new, however when i open the message the main text is from emails I received months ago? its really strange, only appears to be happening on mail I open on my G5 , not on my laptop.
  Any suggestions please?

  Hi, and welcome to the forums Adam!
  Nope, haven't seen nor heard of this one yet, but First I'd backup your whole Mail folder.
  Try trashing this file first, then logout/in...
  /Users/YourUserName/Library/Preferences/com.apple.mail.plist
  If that doesn't work try the .plists in...
  /Users/YourUserName/Library/Mail/

• Mail sender and subject mismatch with message content

  I have just started to find a few messages here and there that have a sender and subject which does not match the message content. The frequency of this behavior seems to be increasing. The senders are people I do get mail from and the message content looks like something I would receive from another recognized sender but they don't match. Anyone have any ideas?
  Thanks in advance.

  Never mind. A little more searching solved the problem.
  http://discussions.apple.com/thread.jspa?messageID=11969642&#11969642

• Remove a meeting on specific time date and subject line

  Hi
  I have a situation where a meeting organizer is no longer able to update or cancel a meeting she booked. Some how she also became the participant of the meeting and now has lost control of the actual meeting. Not able to edit or send update. I've exhausted
  my efforts in trying to find a solution for this. Doesn't look like there is anyway to get back ownership or transfer it to someone else.
  So my next plan is to remove the meeting from everyone's calendar via a script. So my question is, is there a way to remove a meeting from all participants calendar where the date/time and subject line is known. This is to ensure only that meeting is removed
  from the calendar.
  or if anyone has some other ideas please do share. I need to somehow send notification of cancellation and remove the meeting from outlook and the organizer has no control anymore.
  Thanks

  Hi,
  Per my understanding, you might want to display all the specific documents in a page, they can be filtered by values of a Date and time column.
  A possible solution I will provide is that, we can create custom visual web part to display all these documents. In the code behind, run a query with CAML to retrieved all the
  documents with the specific date and time, then generate a view of hyperlinks that points to these documents.
  In this way, we can combine the filter component with the data display component into one web part, with the help of CAML query and Object Model, it would not be a tough job to
  implement such a solution.
  More information about CAML and Object Model:
  https://msdn.microsoft.com/en-us/library/office/ee536691%28v=office.14%29.aspx?f=255&MSPPError=-2147217396
  Thanks
  Patrick Liang
  TechNet Community Support
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
  [email protected]

• Mail.app From and Subject are blank in list

  From time to time I get an email and once it is deleted, the "From" and "Subject" do not display in the list of emails. Its just blank. The "Date Received" shows up as well as if there were any attachments I get the paperclip icon, but no "From" or "Subject". If I open the email I can see the "From" and "Subject" in the email header just fine so I know the data is there, just doesnt show up in the list of emails. If I move the email back to my inbox and the delete it again it usually fixes the problem. Not a big deal but wanted to see if anyone else has had this issue and has a fix.
  I am running Mail.app 3.2, and my emailemail is being routed through google apps setup as imap account.
  This also happens on my wife's computer, who has an identical email setup as mine, just a different account, which leads me to believe its a mail.app ->imap ->gmail issue.
  Dont get me started on the dreaded "All Mail" folder.

  I have tried suffering through changing the message encoding back and forth to get messages to appear, but it has reached a level of absurdity that I just can stand anymore.
  I view my mail with IMAP from three places; Mac Pro, MacBook Pro, and iPhone. If I read a message on any one of the platforms, the remaining Mac (not iPhone) do not display the header information in the message list pane. The iPhone always shows everything fine. And if I download the message first on one of the Macs, it looks fine there, but when that message is downloaded on the other Mac (doesn't matter which was first or second, the pro or macbook pro) the from, to, sent, subject are all invisible on the second machine.
  I wrote an automator "watch me" recording to toggle message encoding, but with over 2000 affected email messages, it was taking hours to run, and makes that Mac useless until it is done.
  I am less than happy with this situation. Why no bulk message encoding change capability? If you select more than one message the encoding options grey-out.
  I've tried rebuilding mailboxes. Using the "defaults write ..." on both Macs. Nothing is working.
  Surely someone else is seeing this too?
  Message was edited by: Brian Brumfield
  Message was edited by: Brian Brumfield

• From and subject text is missing in listview (imap)

  Hi all,
  I have just setup mail 3.0 and all messages+folders are downloaded correct. But messages are missing the From and Subject text in the list view, the place where text normally is written is just blank so I can not see whom the email is from and what it's about.
  Once I click on a message it opens up perfectly in the message view and all details are available (from, to, date, etc...). Got damm wired
  I'm running with IMAP through a danish host called Azero and I think they are running with Merak Mail Server (http://www.icewarp.com/Products/MerakEmail_ServerSoftware/)
  I hope somebody can help me.
  Cheers,
  Jesper

  so this is strange... i tried the exact same process on 3 machines with the same mail account set up. on the first machine, i selected the mailbox, went to Mailbox>Rebuild. Mailbox rebuilt without any issues, all old mail that was missing From/Subject fields were fixed and all new mail comes through without any issues.
  I tried the same thing on two other machines with Merak IMAP accounts on them and on one machine, ALL previous mail that had been correctly displaying From/Subject fields had those fields deleted but date received displayed just fine. I could also click on the blank line and the message would display correctly in the Mail window's preview pane below the list view.
  On the third and final machine, rebuilding the mailbox wiped the mailbox COMPLETELY. Folders displayed but they were empty.
  I'm submitting a support ticket to Merak as soon as I'm done typing this
  .//chris