Migrating RDBMS Realm to Weblogic 7
Hi All,
We've defined a RDBMS Security Realm in Weblogic 6.1. We want migrate
to weblogic 7.0. But theres no such thing as RDBMS Security Realm in
weblogic 7.0 . Can somebody help me with this.
With Thanks and Regards
Vigneshwaran
Please post this in the security newsgroup.
-- Rob
Vigneshwaran wrote:
Hi All,
We've defined a RDBMS Security Realm in Weblogic 6.1. We want migrate
to weblogic 7.0. But theres no such thing as RDBMS Security Realm in
weblogic 7.0 . Can somebody help me with this.
With Thanks and Regards
Vigneshwaran
Similar Messages
-
How to use RDBMS Realm in Weblogic Commerce Server?
Hi All,
Same as the subject.
Thx
RayYou should read the security information in the Servlet 2.2 specification
that WL 5.1 implements:
http://java.sun.com/products/servlet/download.html
Chapter 11 deals with declarative and programmatic security, and includes a
section on roles:
11.4 Roles
A role is an abstract logical grouping of users that is defined by the
Application Developer or
Assembler. When the application is deployed, these roles are mapped by a
Deployer to security
identities, such as principals or groups, in the runtime environment.
A servlet container enforces declarative or programmatic security for the
principal associated with
an incoming request based on the security attributes of that calling
principal. For example,
1. When a deployer has mapped a security role to a user group in the
operational environment. The
user group to which the calling principal belongs is retrieved from its
security attributes. If the
principal's user group matches the user group in the operational environment
that the security
role has been mapped to, the principal is in the security role.
2. When a deployer has mapped a security role to a principal name in a
security policy domain, the
principal name of the calling principal is retrieved from its security
attributes. If the principal is
the same as the principal to which the security role was mapped, the calling
principal is in the
security role.
Cameron Purdy
http://www.tangosol.com
"Hari" <[email protected]> wrote in message
news:[email protected]..
Hello Gurus,
I am new to Weblogic server and I am trying to investigate how to make
use of security roles in weblogic server (5.1.0). Can anyone point me
to some documentation. Specifically, I am looking for instance level,
and method level security and how to use it.
Thanks for taking your time to read this e-mail.
Thank You all in advance,
Hari. -
Hi,
I have just started out with EJB & weblogic security. I want to make a RDBMS realm in weblogic that connects to oracle dBase. Since I am new to security, I was wondering if anyone out there knew what fields would be added to a table that manages user?. Also how does a table manage ACLs? And last but not least, I noticed that when I was creating a RDBMS realm in weblogic console there is a tab that mentions that I have to write schema properties...what is this and what do I place in it. I have read all of the weblogic docs and there is nothing that addresses theses questions. I would really appreciate any help I can get.
Thank you,
Jay.
P.S I am using weblogic 6.0 with sp1Is this a continuation of http://forum.java.sun.com/thread.jsp?forum=60&thread=159878
It sure looks like it.
Have you read this weblogic doc http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1052867 -
Error in deploying entity beans - migration from JBoss to Weblogic 10.3.4
Hi,
I am migrating EJB2.x code from JBoss to Weblogic 10.3.4. As a first step, I am tyring to deploy just Entity beans. I get following error when deploying to server.
'weblogic.application.ModuleException: Exception preparing module: EJBModule(myEJB.jar)
Unable to deploy EJB: CollMetaData from myEJB.jar:
[EJB:011017]Error while reading 'META-INF/weblogic-cmp-rdbms-jar.xml'. The error was:
There are 1 nested errors:
java.lang.NullPointerException
at weblogic.ejb.container.cmp.rdbms.finders.EjbqlFinder.setMethods(EjbqlFinder.java:288)
at weblogic.ejb.container.cmp.rdbms.Deployer.processFinders(Deployer.java:744)
at weblogic.ejb.container.cmp.rdbms.Deployer.readTypeSpecificData(Deployer.java:446)
at weblogic.ejb.container.persistence.PersistenceType.setTypeSpecificFile(PersistenceType.java:506)
at weblogic.ejb.container.persistence.PersistenceType.setupDeployer(PersistenceType.java:455)
at weblogic.ejb.container.deployer.CMPInfoImpl.setup(CMPInfoImpl.java:118)
at weblogic.ejb.container.deployer.EJBDeployer.prepare(EJBDeployer.java:1214)
at weblogic.ejb.container.deployer.EJBModule.prepare(EJBModule.java:442)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199)
at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:517)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:159)
at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:45)
at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:613)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:184)
at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:207)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:171)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:46)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
Can someone help me fixing the issue?
I changed schema locations of descriptor files as suggested at http://download.oracle.com/docs/cd/E17904_01/web.1111/e13706/overview.htm#i1074199 (see the third category for '*Enterprise Bean 2.1*' in the listing Table 1-1). Alternatively, you may see the schema locations for EJB2.0 directly at http://download.oracle.com/docs/cd/E17904_01/web.1111/e13719/dd_reference.htm#EJBPG481JRE version in JBoss is 1.6.0_16. JVM in web logic is pointing to jrockit_160_22_D1.1.1-3 which is come in the package. It doesn't seem to be related to JVM version mismatch.
I think it is an issue with definitions in weblogic-cmp-rdbms-jar.xml file. How should be the definition of entity-descriptor appear for entity bean which has finder methods in ejb-jar.xml?
Please see the snippets from corresponding descriptor files below.
ejb-jar.xml
=========
<entity>
<display-name>EmpBean</display-name>
<ejb-name>EmpBean</ejb-name>
<local-home>LocalEmpBeanHome</local-home>
<local>LocalEmpBean</local>
<ejb-class>EmpBeanBean</ejb-class>
<persistence-type>Container</persistence-type>
<prim-key-class>java.lang.String</prim-key-class>
<reentrant>False</reentrant>
<cmp-version>2.x</cmp-version>
<abstract-schema-name>EmpBean</abstract-schema-name>
<cmp-field>
<field-name>firstName</field-name>
</cmp-field>
<cmp-field>
<field-name>lastName</field-name>
</cmp-field>
<cmp-field>
<field-name>phone</field-name>
</cmp-field>
<cmp-field>
<field-name>address</field-name>
</cmp-field>
<primkey-field>lastName</primkey-field>
<query>
<query-method>
<method-name>findByPrimaryKey</method-name>
<method-params>
<method-param>java.lang.String</method-param>
</method-params>
</query-method>
<ejb-ql>SELECT Object(o) FROM EmpBean o WHERE o.lastName= ?1</ejb-ql>
</query>
</entity>
weblogic-jar.xml
============
<weblogic-enterprise-bean>
<ejb-name>EmpBean</ejb-name>
<entity-descriptor>
<pool>
<max-beans-in-free-pool>20</max-beans-in-free-pool>
<initial-beans-in-free-pool>5</initial-beans-in-free-pool>
</pool>
<persistence>
<persistence-use>
<type-identifier>WebLogic_CMP_RDBMS</type-identifier>
<type-version>6.0</type-version>
<type-storage>meta-inf/weblogic-cmp-rdbms-jar.xml</type-storage>
</persistence-use>
<finders-load-bean>true</finders-load-bean>
</persistence>
</entity-descriptor>
<local-jndi-name>ejb/EmpBean</local-jndi-name>
</weblogic-enterprise-bean>
weblogic-cmp-rdbms-jar.xml
====================
<weblogic-rdbms-bean>
<ejb-name>EmpBean</ejb-name>
<data-source-jndi-name>mysqlDS</data-source-jndi-name>
<table-map>
<table-name>emp</table-name>
<field-map>
<cmp-field>firstName</cmp-field>
<dbms-column>first_namel</dbms-column>
</field-map>
<field-map>
<cmp-field>lastName</cmp-field>
<dbms-column>last_name</dbms-column>
</field-map>
<field-map>
<cmp-field>phone</cmp-field>
<dbms-column>phone</dbms-column>
</field-map>
<field-map>
<cmp-field>address</cmp-field>
<dbms-column>address</dbms-column>
</field-map>
</table-map>
<weblogic-rdbms-bean>
Please ignore any typos that you may notice in above sample descriptions (because I just typed it here changing original names).
When I try to deploy the application, I get error message as posted in my first post above in this thread. Please correct me if I am making any erros in descriptor files.
Edited by: 839281 on Feb 25, 2011 10:55 AM
Edited by: venkatp on Mar 1, 2011 9:31 AM -
Configuring file realm in weblogic server 9.2
Hi,
I am trying to upgrade my application from weblogic 6.1 to weblogic 9.2 and I am using compatibility security.
I have configured a RDBMS realm and then configured the caching realm giving that RDBMS realm as its Base realm.
Now since caching realm works with file realm. I have to configure this also. Now on click of file realm tab in weblogic 9.2 throws the following error.
java.lang.RuntimeException: The requested operation is not exposed through JMX in this context: equals
Caused by: java.lang.NoSuchMethodException: equals(java.lang.Object,) for com.bea:Name=CachingRealm-0,Type=CachingRealm
at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:369)
at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:213)
at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
at weblogic.management.mbeanservers.internal.SecurityMBeanMgmtOpsInterceptor.invoke(SecurityMBeanMgmtOpsInterceptor.java:63)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
at weblogic.management.mbeanservers.edit.internal.EditLockInterceptor.invoke(EditLockInterceptor.java:141)
at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:149)
at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:426)
at weblogic.management.mbeanservers.internal.AuthenticatedSubjectInterceptor$10.run(AuthenticatedSubjectInterceptor.java:377)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.management.mbeanservers.internal.AuthenticatedSubjectInterceptor.invoke(AuthenticatedSubjectInterceptor.java:375)
at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:310)
at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1408)
at javax.management.remote.rmi.RMIConnectionImpl.access$100(RMIConnectionImpl.java:81)
at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1245)
at java.security.AccessController.doPrivileged(Native Method)
at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1348)
at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:782)
at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)
... 91 more
Can anyone help me out?
Thank you
Njoy
:-)You may still need to define the role in the weblogic.xml file in order for deployment descriptor-based role definition to work (alternatively you could use the WebLogic Server console to define the role and policy).
You can specify your role "testrole" as "externally-defined" as opposed to mapping it to specific principals.
See http://e-docs.bea.com/wls/docs92/webapp/weblogic_xml.html#wp1040908
Jeff -
Hi,
I am currently using WLI 2.0 SP2 installation. Here is a very unusual thing I
noticed. Can somebody tell me what is going on ???
1 : I have set up the security realm as indicated in the config.xml file. As far
as I understand, the caching realm entry has attribute pointing to the wlpiRDBMSRealm,
which is a RDBMS implementation from the WLI 2.0 SP2 distribution.
2: I start the server, open the WLS console, and create a new user through the
console. I get no error message and it seems to work fine. ( I also click on the
save it to database link, and it returns with msg that cache is refreshed ).
3: I see an entry in the fileRealm.properties file, but no record is inserted
in the WLSUSER table in the database.
Since the RDBMS realm (from WLI distribution) is defined as basic
realm implementation, should it not insert entry into the database, instead of
the file realm.
Is this a general problem ( any RDBMS realm ) or is it specific to the WLI ?
Is there anything that I have not configured here that is causing this behavior
Is it just refreshing the cache instead of inserting record in DB ?
Why should it insert entry into fileRealm.properties ?
Thanks,
Girish
[noaa1.zip]Hi,
I turned on the caching realm through the WLS Console, (Security).
After this I get a very unusual error, which seems to be comming
from the RDBMS implementation class (from WLI 2.0 SP2 distribution).
Here is the msg that I get while WLS server boots (the WLS server boots ok, but
WLPI does not initialize) ....
Unable to initialize WebLogic Process Integrator:
SQL Exception: ResultSet not open, operation 'next' not permitted. Verify that
autocommit is OFF.
at c8e.k.j.l_(Unknown Source)
at c8e.k.j.l_(Unknown Source)
at c8e.k.j.j_(Unknown Source)
at c8e.k.n.checkIfClosed(Unknown Source)
at c8e.k.n.movePosition(Unknown Source)
at c8e.k.n.movePosition(Unknown Source)
at c8e.k.n.next(Unknown Source)
at com.bea.wlpi.rdbmsrealm.RDBMSDelegate.getGroup(RDBMSDelegate.java:425)
at com.bea.wlpi.rdbmsrealm.RDBMSRealm.getGroup(RDBMSRealm.java:235)
at weblogic.security.acl.CachingRealm.getGroup(CachingRealm.java:1120)
at weblogic.ejb20.deployer.SecurityRoleMapping.lookupPrincipal(SecurityRoleMapping.java:243)
at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:96)
at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:128)
at weblogic.ejb20.deployer.SecurityRoleMapping.isPrincipalInAnyRole(SecurityRoleMapping.java:174)
at weblogic.ejb20.deployer.MethodInfoImpl.checkAccess(MethodInfoImpl.java:214)
at weblogic.ejb20.internal.MethodDescriptor.checkAccess(MethodDescriptor.java:285)
at weblogic.ejb20.internal.BaseEJBObject.preInvoke(BaseEJBObject.java:90)
at weblogic.ejb20.internal.StatelessEJBObject.preInvoke(StatelessEJBObject.java:55)
at com.bea.wlpi.server.plugin.PluginManagerCfgBeanEOImpl.init(PluginManagerCfgBeanEOImpl.java:1301)
at com.bea.wlpi.server.initlistener.InitListenerBean.onMessage(InitListenerBean.java:151)
at weblogic.ejb20.internal.MDListener.execute(MDListener.java:221)
at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:175)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:1933)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:1892)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.Kernel.execute(Kernel.java:250)
at weblogic.jms.client.JMSSession.pushEnvelope(JMSSession.java:1779)
at weblogic.jms.client.JMSCallback.pushEnvelope(JMSCallback.java:69)
at weblogic.jms.frontend.FESession.execute(FESession.java:1972)
<Aug 22, 2001 11:56:01 AM MDT> <Notice> <WebLogicServer> <WebLogic Server started>
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
--------------- nested within: ------------------
com.bea.wlpi.rdbmsrealm.RDBMSException: caught SQL exception - with nested exception:
[SQL Exception: ResultSet not open, operation 'next' not permitted. Verify that
autocommit is OFF.]
at com.bea.wlpi.rdbmsrealm.RDBMSRealm.getGroup(RDBMSRealm.java:242)
<Aug 22, 2001 11:56:01 AM MDT> <Notice> <WebLogicServer> <ListenThread listening
on port 7101>
at weblogic.security.acl.CachingRealm.getGroup(CachingRealm.java:1120)
at weblogic.ejb20.deployer.SecurityRoleMapping.lookupPrincipal(SecurityRoleMapping.java:243)
at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:96)
at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:128)
at weblogic.ejb20.deployer.SecurityRoleMapping.isPrincipalInAnyRole(SecurityRoleMapping.java:174)
at weblogic.ejb20.deployer.MethodInfoImpl.checkAccess(MethodInfoImpl.java:214)
at weblogic.ejb20.internal.MethodDescriptor.checkAccess(MethodDescriptor.java:285)
at weblogic.ejb20.internal.BaseEJBObject.preInvoke(BaseEJBObject.java:90)
at weblogic.ejb20.internal.StatelessEJBObject.preInvoke(StatelessEJBObject.java:55)
at com.bea.wlpi.server.plugin.PluginManagerCfgBeanEOImpl.init(PluginManagerCfgBeanEOImpl.java:1301)
at com.bea.wlpi.server.initlistener.InitListenerBean.onMessage(InitListenerBean.java:151)
at weblogic.ejb20.internal.MDListener.execute(MDListener.java:221)
at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:175)
at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:1933)
at weblogic.jms.client.JMSSession.execute(JMSSession.java:1892)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.Kernel.execute(Kernel.java:250)
at weblogic.jms.client.JMSSession.pushEnvelope(JMSSession.java:1779)
at weblogic.jms.client.JMSCallback.pushEnvelope(JMSCallback.java:69)
at weblogic.jms.frontend.FESession.execute(FESession.java:1972)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
"Girish Gupte" <[email protected]> wrote:
>
>
>
Hi,
I am currently using WLI 2.0 SP2 installation. Here is a very unusual
thing I
noticed. Can somebody tell me what is going on ???
1 : I have set up the security realm as indicated in the config.xml file.
As far
as I understand, the caching realm entry has attribute pointing to the
wlpiRDBMSRealm,
which is a RDBMS implementation from the WLI 2.0 SP2 distribution.
2: I start the server, open the WLS console, and create a new user through
the
console. I get no error message and it seems to work fine. ( I also click
on the
save it to database link, and it returns with msg that cache is refreshed
3: I see an entry in the fileRealm.properties file, but no record is
inserted
in the WLSUSER table in the database.
Since the RDBMS realm (from WLI distribution) is defined as basic
realm implementation, should it not insert entry into the database, instead
of
the file realm.
Is this a general problem ( any RDBMS realm ) or is it specific to the
WLI ?
Is there anything that I have not configured here that is causing this
behavior
Is it just refreshing the cache instead of inserting record in DB ?
Why should it insert entry into fileRealm.properties ?
Thanks,
Girish -
[Fwd: Re: rdbms realm and connection pool]
Hi,
One reason why I would like to use the connection pool for the RDBMS
realm is because there is the retry machanism built into the connection
pool. With this retry, I don't need to re-start WebLogic if the DB
server is somehow re-started. With the current implementation, all the
connections maintained by the realm will become invalid if the DB server
has been restarted independently.
-------- Original Message --------
Subject: Re: rdbms realm and connection pool
Date: Wed, 27 Sep 2000 09:32:47 +0100
From: "Terry" <[email protected]>
Reply-To: "Terry" <[email protected]>
Organization: BEA SYSTEMS Inc
Newsgroups: weblogic.developer.interest.security
References: <[email protected]>
I believe not- the realm restricts access to connection pools to those
who
are allowed it, so if the realm needs the connection pool to start up,
and
you can't open the connection pool without the realm then you have a bit
of
a no-chicken and no-egg situation, which is I believe one of the reasons
why
there is no use of connection pools, ejbs, jndi, servlets etc. in the
realm
(along with other reasons, like why would it be provided with a servlet)
The delegate pool acts somewhat similarly to a connection pool, and can
even
use the same database, so I'm not sure what the advantage would be
Terry
Nirmala devi <[email protected]> wrote in message
news:[email protected]..
>
I think the rdbms realm uses different connection as it need to be setbefore
the connection pool for Database.Is there any that i can point my rdbmsrealm to use
the connection pool for Database instead
Thanks in advance
NirmalaI believe not- the realm restricts access to connection pools to those who
are allowed it, so if the realm needs the connection pool to start up, and
you can't open the connection pool without the realm then you have a bit of
a no-chicken and no-egg situation, which is I believe one of the reasons why
there is no use of connection pools, ejbs, jndi, servlets etc. in the realm
(along with other reasons, like why would it be provided with a servlet)
The delegate pool acts somewhat similarly to a connection pool, and can even
use the same database, so I'm not sure what the advantage would be
Terry
Nirmala devi <[email protected]> wrote in message
news:[email protected]..
>
I think the rdbms realm uses different connection as it need to be setbefore
the connection pool for Database.Is there any that i can point my rdbmsrealm to use
the connection pool for Database instead
Thanks in advance
Nirmala -
Unlocking user in RDBMS realm of portal
Hi All,
Does any body know where the information of a user being locked is stored in case
oif RDBMS Realm ? In portal server, some user is locked b'coz of wrong password
and I tried unlocking from weblogic console, but didn't work. Does any body having
any idea on this ?
Any suggestion is welcome.
TIA,
SudarsonHi All,
Does any body know where the information of a user being locked is stored in case
oif RDBMS Realm ? In portal server, some user is locked b'coz of wrong password
and I tried unlocking from weblogic console, but didn't work. Does any body having
any idea on this ?
Any suggestion is welcome.
TIA,
Sudarson -
Hi,
Now maybe eveyone knows that the RDBMS Realm provided by weblogic 6.0 isn't production
ready, and miss some functions, for examples, change password, or add group no.
It is suprised for me that weblogic didn't support these basic functions of RDBMSRealm
and didn't provide suitable documentation for implementing this RDBMS Realm.
So I ask for help that if everyone know how to implement one function: changeCredential.
I know the weblogic.management.configuration.Uer object has this method (User.changeCredential(oldPass,
newPass)). I know I have to provide one additional database schema for updating
user password. I know I should add a method in the RDBMSDelegate and RDBMSRealm
classes. But I don't the suitable method signature, and couldn't find internal
method call when the user click the "change" button changing password in the Console.
Thank you very much for any idea or help. Also I'd like to deeply discuss other
security issues.
Is any project use the RDBMS realm?
By the way, if anyone try to directly update the database tables as a means to
implement this issues. I have tried this approach, and it seems work fine except
for some catching delay. Can anyone tell me if this is an effective method?
ThxThis RDBMS Realm issue is really bother me too. I was wondering if anyone use the
RDBMS Realm for production. it is difficult to find what the architecture the
RealmMBean object and RealmManager is. Any idea let me know. Good luck.
"andy Zhong" <[email protected]> wrote:
>
Hi,
Now maybe eveyone knows that the RDBMS Realm provided by weblogic 6.0
isn't production
ready, and miss some functions, for examples, change password, or add
group no.
It is suprised for me that weblogic didn't support these basic functions
of RDBMSRealm
and didn't provide suitable documentation for implementing this RDBMS
Realm.
So I ask for help that if everyone know how to implement one function:
changeCredential.
I know the weblogic.management.configuration.Uer object has this method
(User.changeCredential(oldPass,
newPass)). I know I have to provide one additional database schema for
updating
user password. I know I should add a method in the RDBMSDelegate and
RDBMSRealm
classes. But I don't the suitable method signature, and couldn't find
internal
method call when the user click the "change" button changing password
in the Console.
Thank you very much for any idea or help. Also I'd like to deeply discuss
other
security issues.
Is any project use the RDBMS realm?
By the way, if anyone try to directly update the database tables as a
means to
implement this issues. I have tried this approach, and it seems work
fine except
for some catching delay. Can anyone tell me if this is an effective method?
Thx -
Groups within groups in RDBMS Realm
I can see how the supplied RDBMS Realm schema supports groups that contain
groups: you simply store a group name as the gm_member field in the
groupmembers table.
Does weblogic or the RDBMS Realm implementation in particular provide any
special support for the concept of nested groups? What I mean is, I want to
make a call like isUserInGroup(String userName, String groupName) and get
back true if the user is either in the specified group or is in some group
that is nested inside of the specified group.
I can write my own little routine to recursively expand the groupmembers and
determine if the user is contained in the specified group, but I wonder if
that is reinventing the wheel.
Thanks!Thanks for the helpful response, Terry! That was exactly the info I needed.
John
Terry <[email protected]> wrote in message
news:[email protected]..
RDBMSGroup's isMember method is inherited from the FlatGroup class, theAPI
of which is athttp://www.weblogic.com/docs51/classdocs/javadocs/index.html.
I quote
isMember
public boolean isMember(java.security.Principal member)
Returns true if the passed principal is a member of the group. This method
does a recursive search, so if a principal belongs to a group which is a
member of this group, true is returned.
So it looks like somebody already thought of that 'wheel' thing you were
talking about, and you don't have to bother
terry
John Lindwall <[email protected]> wrote in message
news:3a67b151$[email protected]..
I can see how the supplied RDBMS Realm schema supports groups that
contain
groups: you simply store a group name as the gm_member field in the
groupmembers table.
Does weblogic or the RDBMS Realm implementation in particular provideany
special support for the concept of nested groups? What I mean is, Iwant
to
make a call like isUserInGroup(String userName, String groupName) and
get
back true if the user is either in the specified group or is in somegroup
that is nested inside of the specified group.
I can write my own little routine to recursively expand the groupmembersand
determine if the user is contained in the specified group, but I wonder
if
that is reinventing the wheel.
Thanks! -
Re: DBMS Realm and Weblogic as Web Server
oops , forgot the link
http://www.weblogic.com/docs51/examples/security/rdbmsrealm/Package-examples.security.rdbmsrealm.html
"Rahul Rele" <[email protected]> wrote:
>
I think this link will give you all the answers.
Andre Barnes <[email protected]> wrote:
How did you configure the RDBMS realm? How does it know
what table name and fields the realm is to use? -
How to setup RDBMS Realm.
Hi
Can some one tell me the basic steps to setup RDBMS Realm for resouces like
pool, Servlets and EJB. I am trying to use the weblogic example code.
Thanks in advance!!!
jtanejaPlease look into the previous posting of yours.
-utpal
"Amit" <[email protected]> wrote in message
news:[email protected]..
>
Hi,
I want to store user id, password, roles in the DB tables and providewebbased
forms to create/modify user.
How do I implement security relam for users stored in the DB table?
Thanks and Regards,
Amit -
I am using the RDBMS Realm that comes with Weblogic 6.0.
We have created ejbs to create and insert our users and group members into
the
tables that the RDBMS Realm reads from .
The problem is occasiounly the caching realm gets out of date. When a user
tries
to access a secured resource the attempts fails. After a few more attempts
the
cache will refresh itself and the access works fine.
When I make changes to my user data how can I programmatically tell the
caching
realm to refresh itself. (The refresh through the console will not help me
here).
...Or should I re-think the way I am creating and updating user data, i.e.
should I
only be doing this through the Realm class?
Thankss> 1. I get an Nullpointer exception on the flatgroups.java on some of the
s> api's.
s> like getAcls() ..etc.
More details would be useful. Stack backtraces with line numbers.
s> 4. Can i use weblogic.security.acl api's along with the RDBMS example.
s> Logically speaking i could ... but why exceptions are raised.
Insufficient information to be able to tell.
<b
Let us pray:
What a Great System.
Please Do Not Crash.
^G^IP@P6 -
Hi,
I tried creating rdbms realm in mydomain.
I am able to see the rdbms realm users in the console when I click on users.
I am not able to see the new groups or new members in old groups when I click
groups. I can only see the old groups' entries.
When I click on ACL I get the following
weblogic.management.configuration.RealmException: RealmManager.listAcls - with
nested exception: [security.rdbmsrealm.RDBMSException: RDBMSEnumeration.nextElement
failed - with nested exception: [java.sql.SQLException: ResultSet has already
been closed]] at weblogic.management.configuration.RealmManager.listAcls(RealmManager.java:203)
at weblogic.management.console.pages._panels._mbean._acltable._jspService(_acltable.java:213)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:213)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:1265)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:1622)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
Any idea whats wrong? I am using the default dbschema
I have the entries as listed below in my config.xml.
<CachingRealm BasicRealm="defaultRDBMSRealmForOracle" Name="defaultCachingRealm"/>
<Realm CachingRealm="defaultCachingRealm"
FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
<RDBMSRealm DatabaseDriver="weblogic.jdbc.oci.Driver"
DatabasePassword="tiger"
DatabaseURL="jdbc:weblogic:oracle:vogue"
DatabaseUserName="scott" Name="defaultRDBMSRealmForOracle"
Notes="I have changed the package to security.rdbmsrealm from examples.security.rdbmsrealm
example. I am using the same schema(in the ddl) in oracle"
RealmClassName="security.rdbmsrealm.RDBMSRealm" SchemaProperties="getGroupMembers=SELECT
GM_GROUP, GM_MEMBER from groupmembers WHERE GM_GROUP = ?;deleteGroup2=DELETE FROM
aclentries WHERE A_PRINCIPAL = ?;deleteGroup1=DELETE FROM groupmembers WHERE GM_GROUP
= ?;addGroupMember=INSERT INTO groupmembers VALUES ( ? , ? );getUser=SELECT U_NAME,
U_PASSWORD FROM users WHERE U_NAME = ?;getPermission=SELECT DISTINCT A_PERMISSION
FROM aclentries WHERE A_PERMISSION = ?;deleteUser3=DELETE FROM aclentries WHERE
A_PRINCIPAL = ?;getGroupNewStatement=false;deleteUser2=DELETE FROM groupmembers
WHERE GM_MEMBER = ?;deleteUser1=DELETE FROM users WHERE U_NAME = ?;getAcls=SELECT
A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries ORDER BY A_NAME, A_PRINCIPAL;getUsers=SELECT
U_NAME, U_PASSWORD FROM users;getPermissions=SELECT DISTINCT A_PERMISSION FROM
aclentries;getGroups=SELECT GM_GROUP, GM_MEMBER FROM groupmembers;getAclEntries=SELECT
A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries WHERE A_NAME = ? ORDER BY A_PRINCIPAL;newUser=INSERT
INTO users VALUES ( ? , ? );removeGroupMember=DELETE FROM groupmembers WHERE GM_GROUP
= ? AND GM_MEMBER = ?"/>
ananyaHi Narin,
I seem to have forgotten to mention that the problem got fixed when I set getGroupNewStatement
to true.
Anu
"Narinder Gaheer" <[email protected]> wrote:
Have you taken the RDBMSRealm example that comes with weblogic? If thats
the case, that example doesn't implement Group related functionality
as
pointed out by many posts earlier on this newsgroup. You need to provide
that implementation on your own.
"ananya" <[email protected]> wrote in message
news:[email protected]...
Hi,
I tried creating rdbms realm in mydomain.
I am able to see the rdbms realm users in the console when I clickon
users.
I am not able to see the new groups or new members in old groups whenI
click
groups. I can only see the old groups' entries.
When I click on ACL I get the following
weblogic.management.configuration.RealmException: RealmManager.listAcls-
with
nested exception: [security.rdbmsrealm.RDBMSException:RDBMSEnumeration.nextElement
failed - with nested exception: [java.sql.SQLException: ResultSet has
already>> been closed] atweblogic.management.configuration.RealmManager.listAcls(RealmManager.java:20
3)
atweblogic.management.console.pages._panels._mbean._acltable._jspService(_aclt
able.java:213)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:27) atweblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
:213)
atweblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
ntext.java:1265)
atweblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
:1622)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137) atweblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
Any idea whats wrong? I am using the default dbschema
I have the entries as listed below in my config.xml.
<CachingRealm BasicRealm="defaultRDBMSRealmForOracle"Name="defaultCachingRealm"/>
<Realm CachingRealm="defaultCachingRealm"
FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
<RDBMSRealm DatabaseDriver="weblogic.jdbc.oci.Driver"
DatabasePassword="tiger"
DatabaseURL="jdbc:weblogic:oracle:vogue"
DatabaseUserName="scott" Name="defaultRDBMSRealmForOracle"
Notes="I have changed the package to security.rdbmsrealm fromexamples.security.rdbmsrealm
example. I am using the same schema(in the ddl) in oracle"
RealmClassName="security.rdbmsrealm.RDBMSRealm"SchemaProperties="getGroupMembers=SELECT
GM_GROUP, GM_MEMBER from groupmembers WHERE GM_GROUP =?;deleteGroup2=DELETE FROM
aclentries WHERE A_PRINCIPAL = ?;deleteGroup1=DELETE FROM groupmembersWHERE GM_GROUP
= ?;addGroupMember=INSERT INTO groupmembers VALUES ( ? ,? );getUser=SELECT U_NAME,
U_PASSWORD FROM users WHERE U_NAME = ?;getPermission=SELECT DISTINCTA_PERMISSION
FROM aclentries WHERE A_PERMISSION = ?;deleteUser3=DELETE FROM aclentriesWHERE
A_PRINCIPAL = ?;getGroupNewStatement=false;deleteUser2=DELETE FROMgroupmembers
WHERE GM_MEMBER = ?;deleteUser1=DELETE FROM users WHERE U_NAME =?;getAcls=SELECT
A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries ORDER BY A_NAME,A_PRINCIPAL;getUsers=SELECT
U_NAME, U_PASSWORD FROM users;getPermissions=SELECT DISTINCT A_PERMISSIONFROM
aclentries;getGroups=SELECT GM_GROUP, GM_MEMBER FROMgroupmembers;getAclEntries=SELECT
A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries WHERE A_NAME = ?ORDER
BY A_PRINCIPAL;newUser=INSERT
INTO users VALUES ( ? , ? );removeGroupMember=DELETE FROM groupmembersWHERE GM_GROUP
= ? AND GM_MEMBER = ?"/>
ananya -
WLS5.1 SP_9 RDBMS Realm problem
Hi all,
I am trying to configure the RDBMS realm examples that come with weblogic.
I am getting an error saying the Table Users was not found.
I created my own simple java class to check if the parameters from
rdbmsrealm.properties are working fine, they are. Then why is weblogic not
able to find the USERS table, where is it looking for this table.
Any Help is highly appreciated.
Ramesh
Stack Trace :
Unable to initialize server: examples.security.rdbmsrealm.RDBMSException:
realm
initialization failed, Connection.prepareStatement() failed on statement
"SELECT
U_NAME, U_PASSWORD FROM users WHERE U_NAME = ?", - with nested exception:
[SQL Exception: Table 'USERS' does not exist.]
fatal initialization exception
Properties File :
# - - - - - - ORACLE - - - - - - -
driver=weblogic.jdbc.oci.Driver
dbURL=jdbc:weblogic:oracle:bizpivot.india
dbUser=ramesh
dbPassword=******
#getGroupNewStatement=falseHi all,
Never Mind, I got it working. A couple of lines down the property lines,
the Cloudscape URL was uncommented and hence the webloigc server was looking
the USERS table in cloudscape instead of Oracle where I created them.
I figured this out by modifying the LoadDDL,java and asking it to print the
URL and other details that it read from the rdbmsldaprealm.properties file.
Thank you all.
Ramesh
"ramesh" <[email protected]> wrote in message
news:[email protected]..
Hi all,
I am trying to configure the RDBMS realm examples that come with weblogic.
I am getting an error saying the Table Users was not found.
I created my own simple java class to check if the parameters from
rdbmsrealm.properties are working fine, they are. Then why is weblogicnot
able to find the USERS table, where is it looking for this table.
Any Help is highly appreciated.
Ramesh
Stack Trace :
Unable to initialize server: examples.security.rdbmsrealm.RDBMSException:
realm
initialization failed, Connection.prepareStatement() failed on statement
"SELECT
U_NAME, U_PASSWORD FROM users WHERE U_NAME = ?", - with nestedexception:
[SQL Exception: Table 'USERS' does not exist.]
fatal initialization exception
Properties File :
# - - - - - - ORACLE - - - - - - -
driver=weblogic.jdbc.oci.Driver
dbURL=jdbc:weblogic:oracle:bizpivot.india
dbUser=ramesh
dbPassword=******
#getGroupNewStatement=false
Maybe you are looking for
-
My Ipod touch plays music but every time I open an app that I have downloaded it closes immediately. This started happening after updating to the latest version of Ipod software.
-
My computer broke and i lost all my music but the music is still on my ipod how do i fix this?
please help me... my computer broke and i lost all my music but the music is still on my ipod how do i fix this?
-
Using visual editor with a modified component...
Hi, I'm creating an MDI application with eclipse. I'm using Visual editor plugin; Now I've two visual class like this: public class CommonFrame extends JInternalFrame { public CommonFrame(){ super(); public class specificFrame extends CommonFra
-
Can't get rid of an icon on my desktop
I am unable to get rid of an icon on my iMac desktop. I am running OS X 10.2.8. It is a Word document. Every time I try to trash it, I get the following response: The item "X.doc" is being used by another task right now. (Other tasks include moving,
-
Lightroom 2.0 will not allow multiple image keywording
Lightroom 2.0 intermittently will not allow me to add keywords to multiple image selections (two or more images selected). The first image selected gets keyworded and the rest do not. Is anyone else having this problem, and if so, have you been able