New Security Feautres/Privs/Roles with 10g

Hi,
I am trying to submit a report to mngt. about all the new roles and privs with 10g and any modifications to existing roles and privs. I think I have read about 4 different online manuals for 10g from the oracle site and I have not been able to find a whole lot of details. I have come accross the change to the CONNECT role and about the new user TSMSYS created by default when you install Oracle. But my understanding is that 10g has some new privs and some new roles and mods to existing ones. Can someone please help me with this. All the 10g new features books only talk about encryption and the removal of all privs except CREATE SESSION for the CONNECT role. Even the Security Admins guide does not really give a whole lot on this topic. I though maybe this forum might be able to help me and I am sure there are many people out there that would also like to understand this information if they are also planning on upgrading to 10g.
Thanks in advance my fellow DBA's

There are a lot of good things that I am not sure if 9i covered, but the new EM is quite elegant and has policies validations that make security issues easier to detect.
If you open the web-based EM in 10g and navigate to Policy Violations in the Administration page. It basically shows all the potential security issues that you may want to look at.
For example:
Oracle by default grants execute to UTL_FILE to PUBLIC, Open Ports, Securing the Listener, etc. You will also find that Oracle recommends you strong password the well-known users, and lock and expires these user account if you are not using them as some of these users have DBA privileges. The advantage to this is that no one has access to these account directly until you unlock the user, yet you have access to the packages that are created in these accounts that have been granted access to.
I also found that all users can see all other users - that is:
SELECT * FROM ALL_USERS
Because ALL_USERS is a public synonym and SELECT is granted to public on this synonym. This is the reason why you want to enforce strong passwords. This can be done by creating profiles and writing a function that will enforce passwords, or use the standard password function supplied by Oracle (utlpwdmg.sql).
I am sure my comments didn't answer your question fully.

Similar Messages

Save new workbook in menue role with VBA / ABAP

Hello,
does anybody know of a way to save a workbook which is not stored in SAP BW by then in a menue role folder through VBA or ABAP automatically?
I know that there is the SAPBEXsaveWorkbook function in VBA but that only works if the workbook already has an ID in BW. Maybe there is some workaround to assign name and ID beforehand? Where does the BEx get the ID if the workbook already has one? Is it stored in a temporary mapping table or something? I found that there are NO very hidden sheets as long as there are no queries embedded in the workbook, and I want to save a workbook WITHOUT queries.
Also, I know that there is the saveDialogWorkbook function, but as stated above the saving process should be automatically, i.e. a function like SAPBEXsaveWorkbook(name As String, role As String, node-id As String). By the way, where would I get the node-id for the nodes in the menue role?
Thank you for ANY hints!

Hi Peter,
thanks for your update! Saving in the "root folder" of a role might already be sufficient if we don't figure out how to save in folders.
I've done some research, too, and the strange thing is that the number at the end is obviously not the folder ID. When you choose "Open -> Workbooks", then copy a workbook entry using Ctrl+C and paste it in an editor, you get more information than what is displayed in the dialog even with technical names turned on. The pasted entry includes the role name and the number you referred to. And the thing is that even two workbooks in the same folder have different numbers! When you save a workbook using 0000000000 and then look at the number assigned in the way described above, it also has an ID different from 0000000000. It seems that every workbook has its own number. So to me it's still a mistery where the folder is specified.
Regards,
Jörg

Need to build the security roles (actual technical roles) with HRCON object

I need to build the security roles (actual technical roles) with HRCON objectfor date driven security.
Please help me that how could i learn and what should be the approach.
i.e. What is the requirement for learing to build the security roles (actual technical roles) with HRCON object for date driven security.

Hi marco,
It is related to Context solution and I need to implement HR Security in terms of context solution.
So Could you please describe Following points:
1. What is context solution
2. How can i implement this context solution and HR Basic security as well
3 What is the prerequiest to learn about HR security
4. I am new for HR Security, SO what would be the approach to implement HR Security.
Thanks

EBay does not recognize new security feature requiring security number in Firefox but works with IE

eBay has a new security feature when attempting to e-mail a seller; it requires that you enter a numerical code in a box. When on Firefox eBay does not recognize that I've entered the number and keeps telling me to enter the number but when on IE it recognizes the number. What add-on, etc do I need to make Firefox compatible with eBay? Thanks
== URL of affected sites ==
http://ebay.com

The problem seems to be caused by the Java Console add-ons. Disabling mine (6.0.20 and 6.0.21) fixed the problem.

Security role with alias KeystoreAdministrator does not exist.

i have a error trying to start the java engine of a Solution Manager 4.0 SR2 on AIX with ibm jdk SR9
the next log is about the std_server0.out
i do not how to create the alias because i can not connect using Visual Administrator because the server not start
stdout/stderr redirect
node name   : server0
pid         : 995354
system name : SMS
system nr. : 00
started at : Wed Aug 13 18:26:36 2008
[Thr 1] Wed Aug 13 18:26:37 2008
[Thr 1] MtxInit: -2 0 0
<?xml version="1.0" ?>
<verbosegc version="200708_30">
SAP J2EE Engine Version 7.00   PatchLevel 108458.44 is starting...
Loading: LogManager ... 2643 ms.
Loading: PoolManager ... 2 ms.
Loading: ApplicationThreadManager ... 837 ms.
Loading: ThreadManager ... 54 ms.
Loading: IpVerificationManager ... 12 ms.
Loading: ClassLoaderManager ... 14 ms.
Loading: ClusterManager ... 226 ms.
Loading: LockingManager ... 68 ms.
Loading: ConfigurationManager ... 86617 ms.
Loading: LicensingManager ... 28 ms.
Loading: CacheManager ... 159 ms.
Loading: ServiceManager ...
Loading services.:
Service cross started. (75 ms).
Service memory started. (98 ms).
Service runtimeinfo started. (115 ms).
Service trex.service started. (87 ms).
Service file started. (156 ms).
Service timeout started. (159 ms).
Service userstore started. (19 ms).
Service jmx_notification started. (78431 ms).
Service p4 started. (188119 ms).
Service classpath_resolver started. (63 ms).
<af type="nursery" id="1" timestamp="Wed Aug 13 18:32:05 2008" intervalms="0.000">
<minimum requested_bytes="48" />
<time exclusiveaccessms="1.635" />
<nursery freebytes="0" totalbytes="209715200" percent="0" />
<tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<gc type="scavenger" id="1" totalid="1" intervalms="0.000">
    <flipped objectcount="253990" bytes="19242624" />
    <tenured objectcount="0" bytes="0" />
    <refs_cleared soft="644" weak="1" phantom="0" />
    <finalization objectsqueued="1363" />
    <scavenger tiltratio="50" />
    <nursery freebytes="190330424" totalbytes="209715200" percent="90" tenureage="10" />
    <tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
      <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
      <loa freebytes="86402048" totalbytes="86402048" percent="100" />
    </tenured>
    <time totalms="107.395" />
</gc>
<nursery freebytes="190328376" totalbytes="209715200" percent="90" />
<tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<time totalms="110.754" />
</af>
Service deploy started. (4055 ms).
Service bimmrdeployer started. (7 ms).
Service MigrationService started. (70 ms).
Service log_configurator started. (194277 ms).
Service locking started. (8 ms).
Service http started. (295 ms).
Service naming started. (626 ms).
Service failover started. (112 ms).
Service appclient started. (140 ms).
Service javamail started. (218 ms).
Service ts started. (220 ms).
Service jmsconnector started. (207 ms).
Service licensing started. (22 ms).
Service connector started. (212 ms).
Service configuration started. (32 ms).
Service iiop started. (316 ms).
Service webservices started. (706 ms).
Service dbpool started. (25283 ms).
<af type="nursery" id="2" timestamp="Wed Aug 13 18:33:36 2008" intervalms="91291.585">
<minimum requested_bytes="768" />
<time exclusiveaccessms="0.302" />
<nursery freebytes="0" totalbytes="209715200" percent="0" />
<tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<gc type="scavenger" id="2" totalid="2" intervalms="91293.279">
    <flipped objectcount="353647" bytes="28752016" />
    <tenured objectcount="0" bytes="0" />
    <refs_cleared soft="1056" weak="0" phantom="0" />
    <finalization objectsqueued="2858" />
    <scavenger tiltratio="50" />
    <nursery freebytes="180516672" totalbytes="209715200" percent="86" tenureage="11" />
    <tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
      <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
      <loa freebytes="86402048" totalbytes="86402048" percent="100" />
    </tenured>
    <time totalms="90.892" />
</gc>
<nursery freebytes="180514624" totalbytes="209715200" percent="86" />
<tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<time totalms="92.831" />
</af>
Service com.sap.security.core.ume.service started. (64165 ms).
Service tcdisdic~srv started. (815 ms).
Service security started. (911 ms).
Service classload started. (43 ms).
Service applocking started. (132 ms).
Service shell started. (216 ms).
Service tceCATTPingservice started. (21 ms).
Service telnet started. (60 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [service_ssl] and user [null] not generated; Consequences: keystore view [service_ssl] is not created for user [null]; Countermeasures:see log for details
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [TrustedCAs] and user [null] not generated; Consequences: keystore view [TrustedCAs] is not created for user [null]; Countermeasures:see log for details
Service webdynpro started. (699 ms).
Service keystore started. (952 ms).
Service ssl started. (56 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [TicketKeystore] and user [null] not generated; Consequences: keystore view [TicketKeystore] is not created for user [null]; Countermeasures:see log for details
Service ejb started. (1367 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Service tcseccertrevoc~service started. (286 ms).
Service tcsecsecurestorage~service started. (379 ms).
Aug 13, 2008 6:33:41 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Service servlet_jsp started. (1783 ms).
Aug 13, 2008 6:33:41 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Timed out services:
Service com.adobe~DataManagerService > hard reference to service jmx.
Service com.adobe~TrustManagerService > hard reference to service jmx.
Service cafumrelgroupsimp > hard reference to service cafummetadataimp.
Service com.adobe~PDFManipulation > hard reference to service jmx.
Service adminadapter > hard reference to service jmx.
Service pmi > hard reference to service tcsecdestinations~service.
Service jms_provider > hard reference to service jmx.
Service sld > service sld start method invoked.
Service jmx > service jmx start method invoked.
Service rfcengine > hard reference to service jmx.
Service tcsecsaml~service > hard reference to service adminadapter.
Service com.adobe~LicenseService > hard reference to service basicadmin.
Service com.adobe~DocumentServicesConfiguration > hard reference to service basicadmin.
Service tcsmdserver~service > hard reference to service jmx.
Service com.adobe~DocumentServicesDestProtoService > hard reference to service jmx.
Service cafummetadataimp > service cafummetadataimp start method invoked.
Service tcsecvsiservice > hard reference to service tcsecdestinationsservice.
Service tcsecdestinationsservice > service tcsecdestinationsservice start method invoked.
Service dsr > hard reference to service security.
Service monitor > hard reference to service jmx.
Service cafruntimeconnectivityimpl > service cafruntimeconnectivityimpl start method invoked.
Service tclmctcconfsservice_sda > hard reference to service jmx.
Service CUL > hard reference to service jmx.
Service tc.monitoring.logviewer > hard reference to service jmx.
Service apptracing > hard reference to service jmx.
Service com.adobe~XMLFormService > hard reference to service jmx.
Service tcsecwssecservice > service tcsecwssecservice start method invoked.
Service com.adobe~FontManagerService > hard reference to service jmx.
Service com.adobe~DocumentServicesLicenseSupportService > hard reference to service jmx.
Service com.adobe~DocumentServicesBinaries2 > hard reference to service jmx.
Service basicadmin > hard reference to service jmx.
[Framework -> criticalShutdown] 3 core services have timed out [adminadapter; jmx; basicadmin].
Aug 13, 2008 6:33:53 PM             com.sap.engine.core.Framework [Thread[Thread-1,5,main]] Fatal: Critical shutdown was invoked. Reason is: 3 core services have timed out [adminadapter; jmx; basicadmin].
</verbosegc>

i have a error trying to start the java engine of a Solution Manager 4.0 SR2 on AIX with ibm jdk SR9
the next log is about the std_server0.out
i do not how to create the alias because i can not connect using Visual Administrator because the server not start
stdout/stderr redirect
node name   : server0
pid         : 995354
system name : SMS
system nr. : 00
started at : Wed Aug 13 18:26:36 2008
[Thr 1] Wed Aug 13 18:26:37 2008
[Thr 1] MtxInit: -2 0 0
<?xml version="1.0" ?>
<verbosegc version="200708_30">
SAP J2EE Engine Version 7.00   PatchLevel 108458.44 is starting...
Loading: LogManager ... 2643 ms.
Loading: PoolManager ... 2 ms.
Loading: ApplicationThreadManager ... 837 ms.
Loading: ThreadManager ... 54 ms.
Loading: IpVerificationManager ... 12 ms.
Loading: ClassLoaderManager ... 14 ms.
Loading: ClusterManager ... 226 ms.
Loading: LockingManager ... 68 ms.
Loading: ConfigurationManager ... 86617 ms.
Loading: LicensingManager ... 28 ms.
Loading: CacheManager ... 159 ms.
Loading: ServiceManager ...
Loading services.:
Service cross started. (75 ms).
Service memory started. (98 ms).
Service runtimeinfo started. (115 ms).
Service trex.service started. (87 ms).
Service file started. (156 ms).
Service timeout started. (159 ms).
Service userstore started. (19 ms).
Service jmx_notification started. (78431 ms).
Service p4 started. (188119 ms).
Service classpath_resolver started. (63 ms).
<af type="nursery" id="1" timestamp="Wed Aug 13 18:32:05 2008" intervalms="0.000">
<minimum requested_bytes="48" />
<time exclusiveaccessms="1.635" />
<nursery freebytes="0" totalbytes="209715200" percent="0" />
<tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<gc type="scavenger" id="1" totalid="1" intervalms="0.000">
    <flipped objectcount="253990" bytes="19242624" />
    <tenured objectcount="0" bytes="0" />
    <refs_cleared soft="644" weak="1" phantom="0" />
    <finalization objectsqueued="1363" />
    <scavenger tiltratio="50" />
    <nursery freebytes="190330424" totalbytes="209715200" percent="90" tenureage="10" />
    <tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
      <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
      <loa freebytes="86402048" totalbytes="86402048" percent="100" />
    </tenured>
    <time totalms="107.395" />
</gc>
<nursery freebytes="190328376" totalbytes="209715200" percent="90" />
<tenured freebytes="1724342296" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637940248" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<time totalms="110.754" />
</af>
Service deploy started. (4055 ms).
Service bimmrdeployer started. (7 ms).
Service MigrationService started. (70 ms).
Service log_configurator started. (194277 ms).
Service locking started. (8 ms).
Service http started. (295 ms).
Service naming started. (626 ms).
Service failover started. (112 ms).
Service appclient started. (140 ms).
Service javamail started. (218 ms).
Service ts started. (220 ms).
Service jmsconnector started. (207 ms).
Service licensing started. (22 ms).
Service connector started. (212 ms).
Service configuration started. (32 ms).
Service iiop started. (316 ms).
Service webservices started. (706 ms).
Service dbpool started. (25283 ms).
<af type="nursery" id="2" timestamp="Wed Aug 13 18:33:36 2008" intervalms="91291.585">
<minimum requested_bytes="768" />
<time exclusiveaccessms="0.302" />
<nursery freebytes="0" totalbytes="209715200" percent="0" />
<tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<gc type="scavenger" id="2" totalid="2" intervalms="91293.279">
    <flipped objectcount="353647" bytes="28752016" />
    <tenured objectcount="0" bytes="0" />
    <refs_cleared soft="1056" weak="0" phantom="0" />
    <finalization objectsqueued="2858" />
    <scavenger tiltratio="50" />
    <nursery freebytes="180516672" totalbytes="209715200" percent="86" tenureage="11" />
    <tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
      <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
      <loa freebytes="86402048" totalbytes="86402048" percent="100" />
    </tenured>
    <time totalms="90.892" />
</gc>
<nursery freebytes="180514624" totalbytes="209715200" percent="86" />
<tenured freebytes="1723791376" totalbytes="1728053248" percent="99" >
    <soa freebytes="1637389328" totalbytes="1641651200" percent="99" />
    <loa freebytes="86402048" totalbytes="86402048" percent="100" />
</tenured>
<time totalms="92.831" />
</af>
Service com.sap.security.core.ume.service started. (64165 ms).
Service tcdisdic~srv started. (815 ms).
Service security started. (911 ms).
Service classload started. (43 ms).
Service applocking started. (132 ms).
Service shell started. (216 ms).
Service tceCATTPingservice started. (21 ms).
Service telnet started. (60 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [service_ssl] and user [null] not generated; Consequences: keystore view [service_ssl] is not created for user [null]; Countermeasures:see log for details
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [TrustedCAs] and user [null] not generated; Consequences: keystore view [TrustedCAs] is not created for user [null]; Countermeasures:see log for details
Service webdynpro started. (699 ms).
Service keystore started. (952 ms).
Service ssl started. (56 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [TicketKeystore] and user [null] not generated; Consequences: keystore view [TicketKeystore] is not created for user [null]; Countermeasures:see log for details
Service ejb started. (1367 ms).
Aug 13, 2008 6:33:40 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Service tcseccertrevoc~service started. (286 ms).
Service tcsecsecurestorage~service started. (379 ms).
Aug 13, 2008 6:33:41 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Service servlet_jsp started. (1783 ms).
Aug 13, 2008 6:33:41 PM          com.sap.engine.services.keystore [Thread[_keystore_managed_system_thread_,10,SAPEngine_System_Thread[impl:5]_Group]] Fatal: Source: com.sap.engine.services.security.exceptions.BaseSecurityException: Security role with alias KeystoreAdministrator does not exist.; Description: system user based security support for view [securestorage] and user [null] not generated; Consequences: keystore view [securestorage] is not created for user [null]; Countermeasures:see log for details
Timed out services:
Service com.adobe~DataManagerService > hard reference to service jmx.
Service com.adobe~TrustManagerService > hard reference to service jmx.
Service cafumrelgroupsimp > hard reference to service cafummetadataimp.
Service com.adobe~PDFManipulation > hard reference to service jmx.
Service adminadapter > hard reference to service jmx.
Service pmi > hard reference to service tcsecdestinations~service.
Service jms_provider > hard reference to service jmx.
Service sld > service sld start method invoked.
Service jmx > service jmx start method invoked.
Service rfcengine > hard reference to service jmx.
Service tcsecsaml~service > hard reference to service adminadapter.
Service com.adobe~LicenseService > hard reference to service basicadmin.
Service com.adobe~DocumentServicesConfiguration > hard reference to service basicadmin.
Service tcsmdserver~service > hard reference to service jmx.
Service com.adobe~DocumentServicesDestProtoService > hard reference to service jmx.
Service cafummetadataimp > service cafummetadataimp start method invoked.
Service tcsecvsiservice > hard reference to service tcsecdestinationsservice.
Service tcsecdestinationsservice > service tcsecdestinationsservice start method invoked.
Service dsr > hard reference to service security.
Service monitor > hard reference to service jmx.
Service cafruntimeconnectivityimpl > service cafruntimeconnectivityimpl start method invoked.
Service tclmctcconfsservice_sda > hard reference to service jmx.
Service CUL > hard reference to service jmx.
Service tc.monitoring.logviewer > hard reference to service jmx.
Service apptracing > hard reference to service jmx.
Service com.adobe~XMLFormService > hard reference to service jmx.
Service tcsecwssecservice > service tcsecwssecservice start method invoked.
Service com.adobe~FontManagerService > hard reference to service jmx.
Service com.adobe~DocumentServicesLicenseSupportService > hard reference to service jmx.
Service com.adobe~DocumentServicesBinaries2 > hard reference to service jmx.
Service basicadmin > hard reference to service jmx.
[Framework -> criticalShutdown] 3 core services have timed out [adminadapter; jmx; basicadmin].
Aug 13, 2008 6:33:53 PM             com.sap.engine.core.Framework [Thread[Thread-1,5,main]] Fatal: Critical shutdown was invoked. Reason is: 3 core services have timed out [adminadapter; jmx; basicadmin].
</verbosegc>

Anyone else having problems with popups since the new security upgrade? can't get rid of them

anyone else having problems with popups since the new security upgrade? can't get rid of them

You may have inadvertently installed adware. You do not need to download or install anything to fix it. It ought not to be related to any Apple security update.
For a description of how this may have occurred, how to avoid it in the future, and for Apple's recommended actions read How to install adware. Apple's instructions are linked in the Recovery Procedure near the end of that document. Read and follow them carefully. Pay particular attention to the easily overlooked passages directing you to restart your Mac when required.

Tiger going crazy on iBook G4 with new security update and Safari 3

I'm running 10.4.11, 1.42GHz PPC G4 with 1.5GB of SDRAM.
So I ran software update where I noticed new Security Update and Safari update.
I tried to run the new Safari - Nothing, it's dead, no action! ( could hear hard drive but no action)
Today I tried running 'Software Update', it's spinning it's wheels, over and over again.
I'm sure Apple is working on sending me an email, as they got the skinny when the program crashed I forwarded the system message.
So a bit frustrated hear, I'm using Safari and getting to know Camino.
The Biggest frustration is that 'Mail' will not boot up so I use my internet to check mail, bummer.
So lets hope we get some info soon.
Loyal Apple User
Ken

If you are operating behind a proxy server, maybe this will help.
With regards to crashes from behind a proxy server, I came up with a work around!
I have been using Automatic proxy configuration using a .pac file. That seems to be causing the error.
After inspecting the .pac file, and following the if, ifelse path, at the very bottom is a proxy address and port for unclassified connections. Mine looks like this
proxy.sun.ac.za Port :####
I have put this into my System Preferences for all connection types, manually. This is found under, System Preferences: Built-in Ethernet: Configure Manually...
Then you need to go through the box on the left and check each box. As you do so, paste the default proxy address and port in the open boxes on the right.
Hope this work around helps. My Quicktime is still not working for my older .avi files.
bmyia

Securing a BPEL Process with username/password in 10g

securing a BPEL Process with username/password in 10g

use OWSM gateways..
create a gateway and define your policy in the gateway

Kernel Panics with new security update

Anyone else having this problem? Downloaded the new security update, installed, restarted (took a very long time to restart) the computer rebooted itself and then began to kernel panic every time I booted it. Works fine if I boot into windows so seems to be something the new software update broke. Anyone else having similar issues?

Well I am having a weird problem. This is my first post so I am not sure if I need to make a new post, but here goes.
I installed the Security Update 2007-005 (PowerPC) on May 31 on my MacBook Pro. I can't be certain but I think since I installed it I have a spinning ball and can't do much of anything. Like something is bogging it down. It will eventually stop but will start again the minute I do anything... something is just not right. I have tried all troubleshooting techniques but found it is not possible to even try them.
Safe Boot... It automatically decides to shut down before it gets to the safe boot screen.
Disk Utility... Restarting off the disk, yes, but when I run the program I get "could not unmount disk"
Trying to run fsck -y, in single user mode (command s)... I get "Volume is journaled. No checking performed. Use the -f option to force checking.
I have no idea what to do next. I guess I will try to reinstall my system off my disks. Does anyone have any ideas... please help this is taking up so much time.
macbook pro Mac OS X (10.4.9)

Error while adding new security group in content server

Hi,
When i am trying to add new security group in UCM using User Admin applet i am getting following error:
Event generated by user 'weblogic' at host 'vpunvfpctnsz-07.ad.infosys.com:16200'. Unable to execute service ADD_GROUP and function insertGroupRow.
Unable to execute query 'IroleDefinition(INSERT INTO RoleDefinition (dGroupName, dRoleName, dPrivilege, dRoleDisplayName)
values ('Test_111', 'admin', 0, ''))'. ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated
java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated. [ Details ]
An error has occurred. The stack trace below shows more information.
!csUserEventMessage,weblogic,vpunvfpctnsz-07.ad.infosys.com:16200!$!csServiceDataException,ADD_GROUP,insertGroupRow!$!csDbUnableToExecuteQuery,IroleDefinition(INSERT INTO RoleDefinition (dGroupName\, dRoleName\, dPrivilege\, dRoleDisplayName)<br> values ('Test_111'\, 'admin'\, 0\, ''))!$ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated<br>!syJavaExceptionWrapper,java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated<br>
intradoc.common.ServiceException: !csServiceDataException,ADD_GROUP,insertGroupRow!$
at intradoc.server.ServiceRequestImplementor.buildServiceException(ServiceRequestImplementor.java:2071)
at intradoc.server.Service.buildServiceException(Service.java:2207)
at intradoc.server.Service.createServiceExceptionEx(Service.java:2201)
at intradoc.server.Service.createServiceException(Service.java:2196)
at intradoc.server.ServiceRequestImplementor.handleActionException(ServiceRequestImplementor.java:1736)
at intradoc.server.ServiceRequestImplementor.doAction(ServiceRequestImplementor.java:1691)
at intradoc.server.Service.doAction(Service.java:476)
at intradoc.server.ServiceRequestImplementor.doActions(ServiceRequestImplementor.java:1439)
at intradoc.server.Service.doActions(Service.java:471)
at intradoc.server.ServiceRequestImplementor.executeActions(ServiceRequestImplementor.java:1371)
at intradoc.server.Service.executeActions(Service.java:457)
at intradoc.server.ServiceRequestImplementor.doRequest(ServiceRequestImplementor.java:723)
at intradoc.server.Service.doRequest(Service.java:1865)
at intradoc.server.ServiceManager.processCommand(ServiceManager.java:435)
at intradoc.server.IdcServerThread.processRequest(IdcServerThread.java:265)
at intradoc.idcwls.IdcServletRequestUtils.doRequest(IdcServletRequestUtils.java:1332)
at intradoc.idcwls.IdcServletRequestUtils.processFilterEvent(IdcServletRequestUtils.java:1678)
at intradoc.idcwls.IdcIntegrateWrapper.processFilterEvent(IdcIntegrateWrapper.java:221)
at sun.reflect.GeneratedMethodAccessor120.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at idcservlet.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:87)
at idcservlet.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:305)
at idcservlet.common.ClassHelperUtils.executeMethodWithArgs(ClassHelperUtils.java:278)
at idcservlet.ServletUtils.executeContentServerIntegrateMethodOnConfig(ServletUtils.java:1592)
at idcservlet.IdcFilter.doFilter(IdcFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:94)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:414)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:138)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: intradoc.data.DataException: !csDbUnableToExecuteQuery,IroleDefinition(INSERT INTO RoleDefinition (dGroupName\, dRoleName\, dPrivilege\, dRoleDisplayName)
* values ('Test_111'\, 'admin'\, 0\, ''))!$ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated* at intradoc.jdbc.JdbcWorkspace.handleSQLException(JdbcWorkspace.java:2441)
at intradoc.jdbc.JdbcWorkspace.execute(JdbcWorkspace.java:584)
at intradoc.server.UserService.insertGroupRow(UserService.java:1201)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at intradoc.common.IdcMethodHolder.invokeMethod(IdcMethodHolder.java:86)
at intradoc.common.ClassHelperUtils.executeMethodEx(ClassHelperUtils.java:310)
at intradoc.common.ClassHelperUtils.executeMethod(ClassHelperUtils.java:295)
at intradoc.server.Service.doCodeEx(Service.java:549)
at intradoc.server.Service.doCode(Service.java:504)
at intradoc.server.ServiceRequestImplementor.doAction(ServiceRequestImplementor.java:1622)
... 39 more
Caused by: java.sql.SQLIntegrityConstraintViolationException: ORA-00001: unique constraint (DEV_OCS.PK_ROLEDEFINITION) violated
at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:89)
at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:135)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:210)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:473)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:423)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1095)
at oracle.jdbc.driver.T4CStatement.doOall8(T4CStatement.java:193)
at oracle.jdbc.driver.T4CStatement.executeForRows(T4CStatement.java:1028)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1379)
at oracle.jdbc.driver.OracleStatement.doScrollExecuteCommon(OracleStatement.java:5846)
at oracle.jdbc.driver.OracleStatement.doScrollStmtExecuteQuery(OracleStatement.java:5989)
at oracle.jdbc.driver.OracleStatement.executeUpdateInternal(OracleStatement.java:2012)
at oracle.jdbc.driver.OracleStatement.executeUpdate(OracleStatement.java:1958)
at oracle.jdbc.driver.OracleStatementWrapper.executeUpdate(OracleStatementWrapper.java:301)
at weblogic.jdbc.wrapper.Statement.executeUpdate(Statement.java:503)
at intradoc.jdbc.JdbcWorkspace.execute(JdbcWorkspace.java:564)
... 50 more
I checked in database , the security group Test_111 is not present in ROLEDEFINITION table.
What could be the issue?
Regards,
Minal

1) Try importing CMU bundle with 'Overwrite Duplicates' option unchecked .
2) In the CMU bundle, open file roles_guest.hda and see if 'guest' role has access to any group that start with special character or group you haven't created in the system..
Eg: guest
#AppsGroup
0
Also open securitygroups folder in CMU bundle, and see if you can find any groups that starts with special character or group you haven't created in the system.
3) Identify that group and execute below query in the UCM database.
select * from roledefinition where dgroupname= '#AppsGroup';
Replace '#AppsGroup' with the groupname you identified.
4) Solution would be to delete all the rows with dgroupname= '#AppsGroup' from the 'roledefinition' table.
delete from roledefinition where dgroupname= '#AppsGroup';
Replace '#AppsGroup' with the groupname you identified.

Create new Security Policy in UME is not available

Hello,
We are on NW CE 7.1 EHP1 and MII 12.1.7 build 47.
I have MII Super Administrator role, few custom roles and I also have Action "Manage_All" and I am able to perform most of the activities on UME but I don't see any option to create new security policies all I can do is modify the Default Security Policy and save it.
It never shows me an option to create new security policy and I am not sure what roles or actions I am missing.
1) Are there any roles or actions that my profile needs to have?
2) Is it something to do with NW CE version or MII version?
3) Has something gone wrong or have we missed some configuration while installing NW CE or MII?
Any suggestions will be of great help
Thanks,
Adarsh

Adarsh,
I am not a NW UME expert, but I know this issue has nothing to do with MII. Not sure if you have rights but providing the Administrators Group for the UME database should allow you to do this.
I would try posting this thread on the NW UME Forum. Modifying policies in NW has nothing to do with MII.
Just to verify what policies are you trying to change, I am assuming they are in NW UME and not MII, is this correct? If they are in MII can you be more specific.
Good luck.

Which 9i Client with 10g on Linux

Hi -
try to get SUSE Linux server 8.0 going with 10g standalone.
JDK is 1.4.2_01.
I have installed Oracle9i client and DB release 9.2.0.1 to get OCI connectivity.
The app server starts fine, JSP comes up ok but the moment I try to get an OCI connection it aborts.
This is the error:
Library=/home/oracle9i/Oracle9iDB/lib/libclntsh.so
Current Java Thread:
at oracle.jdbc.oci8.OCIDBAccess.make_c_state.....
I have downloaded the 9.2.0.1 JDBC dirver again but still the same...
Any help appreciated
Tks
Andre

Hi - This is the full log file dump
An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : 11 occurred at PC=0x4F4344A6
Function=kpuhhalo+0x26
Library=/home/oracle9i/Oracle9iDB/lib/libclntsh.so
Current Java thread:
     at oracle.jdbc.oci8.OCIDBAccess.make_c_state(Native Method)
     at oracle.jdbc.oci8.OCIDBAccess.logon(OCIDBAccess.java:458)
     - locked <0x44790228> (a oracle.jdbc.oci8.OCIDBAccess)
     at oracle.jdbc.driver.OracleConnection.<init>(OracleConnection.java:374)
     at oracle.jdbc.driver.OracleDriver.getConnectionInstance(OracleDriver.java:515)
     at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:345)
     at com.evermind.sql.DriverManagerDataSource.getConnection(DriverManagerDataSource.java:181)
     at com.evermind.sql.DriverManagerConnectionPoolDataSource.getPooledConnection(DriverManagerConnectionPoolDataSource.java:36)
     at com.evermind.sql.OrionPooledDataSource.getPooledConnection(OrionPooledDataSource.java:543)
     at com.evermind.sql.PooledConnectionUsage.getPooledConnection(PooledConnectionUsage.java:22)
     at com.evermind.sql.OrionPooledDataSource.getConnection(OrionPooledDataSource.java:323)
     at com.evermind.sql.OrionCMTConnection.setConnection(OrionCMTConnection.java:188)
     at com.evermind.sql.OrionCMTConnection.intercept(OrionCMTConnection.java:138)
     at com.evermind.sql.OrionCMTConnection.setAutoCommit(OrionCMTConnection.java:476)
     at com.evermind.sql.FilterConnection.setAutoCommit(FilterConnection.java:61)
     at Util_Connect.DataBase.getPoolConnection(DataBase.java:32)
     - locked <0x49132008> (a java.lang.Class)
     at Util_Connect.DataBase.getPoolConnection(DataBase.java:16)
     - locked <0x49132008> (a java.lang.Class)
     at SystemImpact.getConnection(SystemImpact.java:219)
     at SystemImpact.service(SystemImpact.java:70)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
     at oracle.security.jazn.oc4j.JAZNFilter.doFilter(JAZNFilter.java:356)
     at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:614)
     at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:317)
     at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:784)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:270)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:112)
     at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
     at java.lang.Thread.run(Thread.java:534)
Dynamic libraries:
08048000-0804e000 r-xp 00000000 03:03 105430 /usr/java/j2sdk1.4.2_01/bin/java
0804e000-0804f000 rw-p 00005000 03:03 105430 /usr/java/j2sdk1.4.2_01/bin/java
40000000-40015000 r-xp 00000000 03:03 9433 /lib/ld-2.2.5.so
40015000-40016000 rw-p 00014000 03:03 9433 /lib/ld-2.2.5.so
40017000-4001f000 r-xp 00000000 03:03 104801 /usr/java/j2sdk1.4.2_01/jre/lib/i386/native_threads/libhpi.so
4001f000-40020000 rw-p 00007000 03:03 104801 /usr/java/j2sdk1.4.2_01/jre/lib/i386/native_threads/libhpi.so
40020000-40021000 r--s 00000000 03:03 111578 /home/oracle9i/jdev905/j2ee/home/applib/Util_Connect.jar
40021000-4002f000 r-xp 00000000 03:03 9455 /lib/libpthread.so.0
4002f000-40037000 rw-p 0000d000 03:03 9455 /lib/libpthread.so.0
40037000-40039000 r-xp 00000000 03:03 9443 /lib/libdl.so.2
40039000-4003b000 rw-p 00001000 03:03 9443 /lib/libdl.so.2
4003b000-40158000 r-xp 00000000 03:03 9439 /lib/libc.so.6
40158000-4015f000 rw-p 0011c000 03:03 9439 /lib/libc.so.6
40164000-4055e000 r-xp 00000000 03:03 104807 /usr/java/j2sdk1.4.2_01/jre/lib/i386/client/libjvm.so
4055e000-4057a000 rw-p 003f9000 03:03 104807 /usr/java/j2sdk1.4.2_01/jre/lib/i386/client/libjvm.so
4058c000-4059e000 r-xp 00000000 03:03 9446 /lib/libnsl.so.1
4059e000-405a0000 rw-p 00011000 03:03 9446 /lib/libnsl.so.1
405a2000-405c3000 r-xp 00000000 03:03 9444 /lib/libm.so.6
405c3000-405c5000 rw-p 00020000 03:03 9444 /lib/libm.so.6
405c5000-405c9000 rw-s 00000000 03:03 65409 /tmp/hsperfdata_oracle9i/1835
405c9000-405d9000 r-xp 00000000 03:03 104812 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libverify.so
405d9000-405db000 rw-p 0000f000 03:03 104812 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libverify.so
405db000-405fb000 r-xp 00000000 03:03 104813 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libjava.so
405fb000-405fd000 rw-p 0001f000 03:03 104813 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libjava.so
405fd000-40611000 r-xp 00000000 03:03 104815 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libzip.so
40611000-40614000 rw-p 00013000 03:03 104815 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libzip.so
40614000-41fac000 r--s 00000000 03:03 110214 /usr/java/j2sdk1.4.2_01/jre/lib/rt.jar
41ff6000-4200c000 r--s 00000000 03:03 104842 /usr/java/j2sdk1.4.2_01/jre/lib/sunrsasign.jar
4200c000-420e7000 r--s 00000000 03:03 110215 /usr/java/j2sdk1.4.2_01/jre/lib/jsse.jar
420e7000-420f8000 r--s 00000000 03:03 104843 /usr/java/j2sdk1.4.2_01/jre/lib/jce.jar
420f8000-42651000 r--s 00000000 03:03 110216 /usr/java/j2sdk1.4.2_01/jre/lib/charsets.jar
446f9000-446fc000 r--s 00000000 03:03 104839 /usr/java/j2sdk1.4.2_01/jre/lib/ext/dnsns.jar
446fc000-44700000 r--s 00000000 03:03 101780 /home/oracle9i/jdev905/j2ee/home/lib/ejb.jar
4c780000-4c7ab000 r--p 00000000 03:03 17293 /usr/lib/locale/en_US/LC_CTYPE
4c7ab000-4c7c2000 r-xp 00000000 03:03 140792 /home/oracle9i/Oracle9iClient/lib/libocijdbc9.so
4c7c2000-4c7c3000 rw-p 00016000 03:03 140792 /home/oracle9i/Oracle9iClient/lib/libocijdbc9.so
4c7c3000-4c7c4000 r-xp 00000000 03:03 140700 /home/oracle9i/Oracle9iClient/lib/libwtc9.so
4c7c4000-4c7c6000 rw-p 00000000 03:03 140700 /home/oracle9i/Oracle9iClient/lib/libwtc9.so
4cd15000-4cd31000 r--s 00000000 03:03 104838 /usr/java/j2sdk1.4.2_01/jre/lib/ext/sunjce_provider.jar
4cd31000-4cd3e000 r--s 00000000 03:03 104841 /usr/java/j2sdk1.4.2_01/jre/lib/ext/ldapsec.jar
4cd3e000-4cdfa000 r--s 00000000 03:03 110217 /usr/java/j2sdk1.4.2_01/jre/lib/ext/localedata.jar
4cdfa000-4d364000 r--s 00000000 03:03 101805 /home/oracle9i/jdev905/j2ee/home/oc4j.jar
4d364000-4d372000 r--s 00000000 03:03 101801 /home/oracle9i/jdev905/j2ee/home/lib/servlet.jar
4d372000-4d413000 r--s 00000000 03:03 101800 /home/oracle9i/jdev905/j2ee/home/lib/ojsp.jar
4d413000-4d42c000 r--s 00000000 03:03 101794 /home/oracle9i/jdev905/j2ee/home/lib/jndi.jar
4d42c000-4d42e000 r--s 00000000 03:03 101788 /home/oracle9i/jdev905/j2ee/home/lib/jdbc.jar
4d42e000-4d569000 r--s 00000000 03:03 101681 /home/oracle9i/jdev905/j2ee/home/iiop.jar
4d569000-4d573000 r--s 00000000 03:03 101682 /home/oracle9i/jdev905/j2ee/home/iiop_gen_bin.jar
4d573000-4d57a000 r--s 00000000 03:03 101790 /home/oracle9i/jdev905/j2ee/home/lib/jms.jar
4d57a000-4d57d000 r--s 00000000 03:03 101798 /home/oracle9i/jdev905/j2ee/home/lib/jta.jar
4d57d000-4d5d4000 r--s 00000000 03:03 101792 /home/oracle9i/jdev905/j2ee/home/lib/jmxri.jar
4d5d4000-4d5e4000 r-xp 00000000 03:03 104818 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libnet.so
4d5e4000-4d5e5000 rw-p 0000f000 03:03 104818 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libnet.so
4d5e5000-4d5e9000 r--s 00000000 03:03 101784 /home/oracle9i/jdev905/j2ee/home/lib/javax77.jar
4d5e9000-4d5ee000 r--s 00000000 03:03 101777 /home/oracle9i/jdev905/j2ee/home/lib/connector.jar
4d5ee000-4d5ef000 r--s 00000000 03:03 104201 /home/oracle9i/jdev905/lib/xsqlserializers.jar
4d5ef000-4d5f8000 r-xp 00000000 03:03 9450 /lib/libnss_files.so.2
4d5f8000-4d5f9000 rw-p 00008000 03:03 9450 /lib/libnss_files.so.2
4d5f9000-4d601000 r--s 00000000 03:03 101785 /home/oracle9i/jdev905/j2ee/home/lib/javax88.jar
4d601000-4d66e000 r--s 00000000 03:03 104194 /home/oracle9i/jdev905/lib/dms.jar
4d66e000-4d67d000 r--s 00000000 03:03 101778 /home/oracle9i/jdev905/j2ee/home/lib/cos.jar
4d67d000-4d6fb000 r--s 00000000 03:03 101796 /home/oracle9i/jdev905/j2ee/home/lib/jsse.jar
4d6fb000-4d6fd000 r--s 00000000 03:03 101795 /home/oracle9i/jdev905/j2ee/home/lib/jnet.jar
4d6fd000-4d700000 r--s 00000000 03:03 101787 /home/oracle9i/jdev905/j2ee/home/lib/jcert.jar
4d700000-4d70c000 r--s 00000000 03:03 101776 /home/oracle9i/jdev905/j2ee/home/lib/activation.jar
4d70c000-4d751000 r--s 00000000 03:03 101799 /home/oracle9i/jdev905/j2ee/home/lib/mail.jar
4d751000-4d857000 r--s 00000000 03:03 101868 /home/oracle9i/jdev905/javavm/lib/jasper.zip
4d857000-4d8ff000 r--s 00000000 03:03 104200 /home/oracle9i/jdev905/lib/xmlparserv2.jar
4d8ff000-4d906000 r--s 00000000 03:03 101786 /home/oracle9i/jdev905/j2ee/home/lib/jaxp.jar
4d906000-4d920000 r--s 00000000 03:03 101782 /home/oracle9i/jdev905/j2ee/home/lib/jaas.jar
4d920000-4d961000 r--s 00000000 03:03 101684 /home/oracle9i/jdev905/j2ee/home/jazn.jar
4d961000-4d9ee000 r--s 00000000 03:03 101763 /home/oracle9i/jdev905/j2ee/home/jazncore.jar
4d9ee000-4db0e000 r--s 00000000 03:03 101872 /home/oracle9i/jdev905/jdbc/lib/classes12dms.jar
4db0e000-4dcce000 r--s 00000000 03:03 101873 /home/oracle9i/jdev905/jdbc/lib/nls_charset12.jar
4dcce000-4dd17000 r--s 00000000 03:03 104240 /home/oracle9i/jdev905/soap/lib/soap.jar
4dd17000-4dd3f000 r--s 00000000 03:03 104268 /home/oracle9i/jdev905/webservices/lib/wsserver.jar
4dd3f000-4dd63000 r--s 00000000 03:03 104266 /home/oracle9i/jdev905/webservices/lib/wsdl.jar
4dd63000-4de18000 r--s 00000000 03:03 104235 /home/oracle9i/jdev905/rdbms/jlib/aqapi.jar
4de18000-4de80000 r--s 00000000 03:03 101789 /home/oracle9i/jdev905/j2ee/home/lib/jem.jar
4de80000-4deb9000 r--s 00000000 03:03 101781 /home/oracle9i/jdev905/j2ee/home/lib/http_client.jar
4deb9000-4dec6000 r--s 00000000 03:03 104165 /home/oracle9i/jdev905/jlib/jssl-1_1.jar
4dec6000-4dfd9000 r--s 00000000 03:03 104167 /home/oracle9i/jdev905/jlib/ldapjclnt9.jar
4dfd9000-4dfde000 r--s 00000000 03:03 104160 /home/oracle9i/jdev905/jlib/javax-ssl-1_1.jar
4dfde000-4e052000 r--s 00000000 03:03 104247 /home/oracle9i/jdev905/sqlj/lib/runtime12ee.jar
4e052000-4e438000 r--s 00000000 03:03 104249 /home/oracle9i/jdev905/sqlj/lib/translator.jar
4e438000-4e46b000 r--s 00000000 03:03 101779 /home/oracle9i/jdev905/j2ee/home/lib/crimson.jar
4e46b000-4e472000 r--s 00000000 03:03 111582 /home/oracle9i/jdev905/j2ee/home/applib/WizPPMED.jar
4e472000-4e49b000 r--s 00000000 03:03 111583 /home/oracle9i/jdev905/j2ee/home/applib/wizprepaid.jar
4e49b000-4e49e000 r--s 00000000 03:03 111579 /home/oracle9i/jdev905/j2ee/home/applib/Util_XML.jar
4e49e000-4e518000 r--s 00000000 03:03 111581 /home/oracle9i/jdev905/j2ee/home/applib/WizIsis.jar
4e518000-4e577000 r--s 00000000 03:03 111572 /home/oracle9i/jdev905/j2ee/home/applib/ejbjar.jar
4e577000-4e698000 r--s 00000000 03:03 111576 /home/oracle9i/jdev905/j2ee/home/applib/ojdbc14.jar
4e698000-4e6ef000 r--s 00000000 03:03 111574 /home/oracle9i/jdev905/j2ee/home/applib/log4j-1.2.8.jar
4e6ef000-4e756000 r--s 00000000 03:03 111575 /home/oracle9i/jdev905/j2ee/home/applib/MtnIsisJar.jar
4e756000-4e758000 r--s 00000000 03:03 111577 /home/oracle9i/jdev905/j2ee/home/applib/Util_Class.jar
4e758000-4e75c000 r--s 00000000 03:03 111580 /home/oracle9i/jdev905/j2ee/home/applib/WizardNis.jar
4e75c000-4e796000 r--s 00000000 03:03 101387 /home/oracle9i/jdev905/BC4J/lib/bc4j_jclient_common.jar
4e796000-4e912000 r--s 00000000 03:03 101393 /home/oracle9i/jdev905/BC4J/lib/bc4jmt.jar
4e912000-4e952000 r--s 00000000 03:03 101395 /home/oracle9i/jdev905/BC4J/lib/collections.jar
4e952000-4e99c000 r--s 00000000 03:03 101391 /home/oracle9i/jdev905/BC4J/lib/bc4jhtml.jar
4e99c000-4e9ac000 r--s 00000000 03:03 101394 /home/oracle9i/jdev905/BC4J/lib/bc4jmtejb.jar
4e9ac000-4e9be000 r--s 00000000 03:03 101390 /home/oracle9i/jdev905/BC4J/lib/bc4jdomorcl.jar
4e9be000-4e9df000 r--s 00000000 03:03 101396 /home/oracle9i/jdev905/BC4J/lib/datatags.jar
4e9df000-4e9e5000 r--s 00000000 03:03 101389 /home/oracle9i/jdev905/BC4J/lib/bc4jctejb.jar
4e9e5000-4e9f9000 r--s 00000000 03:03 101392 /home/oracle9i/jdev905/BC4J/lib/bc4jimdomains.jar
4e9f9000-4eabf000 r--s 00000000 03:03 101386 /home/oracle9i/jdev905/BC4J/lib/adfm.jar
4eabf000-4eb7e000 r--s 00000000 03:03 101388 /home/oracle9i/jdev905/BC4J/lib/bc4jct.jar
4eb7e000-4eb84000 r--s 00000000 03:03 104168 /home/oracle9i/jdev905/jlib/ojmisc.jar
4eb84000-4eb96000 r--s 00000000 03:03 104230 /home/oracle9i/jdev905/ord/jlib/ordim.jar
4eb96000-4ebab000 r--s 00000000 03:03 104228 /home/oracle9i/jdev905/ord/jlib/ordhttp.jar
4ebab000-4ebb9000 r--s 00000000 03:03 104172 /home/oracle9i/jdev905/jlib/share.jar
4ebb9000-4ebc1000 r--s 00000000 03:03 104170 /home/oracle9i/jdev905/jlib/regexp.jar
4ebc1000-4ebd7000 r--s 00000000 03:03 104162 /home/oracle9i/jdev905/jlib/jdev-cm.jar
4ebd7000-4ec9d000 r--s 00000000 03:03 104195 /home/oracle9i/jdev905/lib/dsv2.jar
4ec9d000-4ed0d000 r--s 00000000 03:03 104237 /home/oracle9i/jdev905/rdbms/jlib/xsu12.jar
4ed0d000-4ed3c000 r--s 00000000 03:03 101771 /home/oracle9i/jdev905/j2ee/home/jsp/lib/taglib/jaxen-full.jar
4ed3c000-4edad000 r--s 00000000 03:03 101772 /home/oracle9i/jdev905/j2ee/home/jsp/lib/taglib/ojsputil.jar
4edad000-4ee08000 r--s 00000000 03:03 101774 /home/oracle9i/jdev905/j2ee/home/jsp/lib/taglib/standard.jar
4ee08000-4ee0e000 r--s 00000000 03:03 101773 /home/oracle9i/jdev905/j2ee/home/jsp/lib/taglib/saxpath.jar
4ee0e000-4ee34000 r--s 00000000 03:03 104198 /home/oracle9i/jdev905/lib/oraclexsql.jar
4ee34000-4f0ba000 r--s 00000000 03:03 104155 /home/oracle9i/jdev905/jlib/bigraphbean.jar
4f0ba000-4f169000 r--s 00000000 03:03 104154 /home/oracle9i/jdev905/jlib/bigraphbean-nls.zip
4f169000-4f2ad000 r--s 00000000 03:03 104164 /home/oracle9i/jdev905/jlib/jewt4.jar
4f2ad000-4f2e9000 r--s 00000000 03:03 104163 /home/oracle9i/jdev905/jlib/jewt4-nls.jar
4f2e9000-4f2ea000 r--s 00000000 03:03 101568 /home/oracle9i/jdev905/j2ee/home/default-web-app/WEB-INF/lib/looptags.jar
4f2ea000-4f2ee000 r-xp 00000000 03:03 104829 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libioser12.so
4f2ee000-4f2ef000 rw-p 00003000 03:03 104829 /usr/java/j2sdk1.4.2_01/jre/lib/i386/libioser12.so
4f2f3000-4f2f6000 r-xp 00000000 03:03 9448 /lib/libnss_dns.so.2
4f2f6000-4f2f7000 rw-p 00002000 03:03 9448 /lib/libnss_dns.so.2
4f2f7000-4f304000 r-xp 00000000 03:03 9456 /lib/libresolv.so.2
4f304000-4f306000 rw-p 0000c000 03:03 9456 /lib/libresolv.so.2
4f308000-4fbc2000 r-xp 00000000 03:03 139864 /home/oracle9i/Oracle9iDB/lib/libclntsh.so.9.0
4fbc2000-4fbfc000 rw-p 008b9000 03:03 139864 /home/oracle9i/Oracle9iDB/lib/libclntsh.so.9.0
Heap at VM Abort:
Heap
def new generation total 576K, used 505K [0x44700000, 0x447a0000, 0x44be0000)
eden space 512K, 93% used [0x44700000, 0x44777620, 0x44780000)
from space 64K, 42% used [0x44790000, 0x44796e10, 0x447a0000)
to space 64K, 0% used [0x44780000, 0x44780000, 0x44790000)
tenured generation total 4016K, used 2481K [0x44be0000, 0x44fcc000, 0x48700000)
the space 4016K, 61% used [0x44be0000, 0x44e4c7c8, 0x44e4c800, 0x44fcc000)
compacting perm gen total 11264K, used 11126K [0x48700000, 0x49200000, 0x4c700000)
the space 11264K, 98% used [0x48700000, 0x491dda60, 0x491ddc00, 0x49200000)
Local Time = Fri Sep 26 11:48:15 2003
Elapsed Time = 11
# The exception above was detected in native code outside the VM
# Java VM: Java HotSpot(TM) Client VM (1.4.2_01-b06 mixed mode)

Does ADF security support sub-roles? If not are there plans to support it?

hi,
I have following scenario: there are dozens of regions and each region has dozen of facilities and each facility dozens of offices.
I would like to setup Office roles to have Query permission only and create a new role OfficeUpdate role that has update permissions for this office data, and at the same time to inherit permissions from Office role (e.g. Query permissions), so if I assign a user to Office role he will be able to query only and if I assign him to OfficeUpdate role he will be able to query and update the office data because privilege will be inherited from Office role.
User can be a member of different offices/facilities/regions. So I would like to, in order to simplify user management, to be able to assign a whole role as a member of another role. By doing this I wouldn't have to assign users to different roles all over again (all users assigned to a sub-role would automatically become members of main role as well) as this is time-consuming.
But it seems that ADF security does not support this. It seems that ADF security can only deal with roles and not sub-roles? Roles and sub-roles are supported by oc4j container but it seems that ADF security does not support it.
I would like first to be sure that my observation is correct, and if yes to find out if there are any plans to support sub-roles in future Jdev releases?
And also if somebody knows, if Acegi or JsfAcegi security supports role-sub-role privilege inheritance?

I created a testcase that excludes ADF Security and the same behavior can be reproduced, so the problem doesn't seem to be with ADF Security but JAZN.
Need to further track this issue, but so far it appears that a member role is not sufficient to authenticate and authorize a container managed constraint as used by ADF Security for authentication. This could be a problem with the embedded OC4J only but also a general problem with settings on the system-jazn-data.xml. This is what I need to further evaluate.
So for now I can't say that this isn't working in ADF Security because its not even getting there
Frank

Option to Create new Security Policy in UME is not available

Hello,
We are on NW CE 7.1 EHP1 and MII 12.1.7 build 47.
I have "Administrator" role, "MII Super Administrator" role, few custom roles and I also ensured that "Administrator" role has Action "Manage_All" and I am able to perform all of the activities on UME except that I don't see any option to create new security policies, all I can do is modify the Default Security Policy and save it.
It never shows me an option to create new security policy and I am not sure what roles or actions I am missing.
I need have different security polices for different users based on their roles.
1) Are there any roles or actions that my profile needs to have?
2) Is it something to do with NW CE version?
3) Has something gone wrong or have we missed some configuration while installing NW CE?
I had posted similar question in MII forum but was recommended to post in NW forums.
So any suggestions will be of great help
Thanks,
Adarsh

what is Security Policy ?

Default role with password - reality check

I support the database for an application. We upgraded from Oracle10 to Oracle11 9 months ago. Then recently we applied the OCT CPU.
The application admin says that they have a program that has recently stopped working that worked after the Oracle11 upgrade.
The application user has a default role which has a password. Is that possible? A default role with a password. Would this have ever worked in any version of Oracle?

Default role with password is a feature even available with Oracle XE. Default roles are activated without requiring role password in Oracle 10.2:
SQL> drop user admin cascade;
User dropped.
SQL> drop user test cascade;
User dropped.
SQL> drop role rwp;
Role dropped.
SQL> select * from v$version;
BANNER
Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product
PL/SQL Release 10.2.0.1.0 - Production
CORE 10.2.0.1.0 Production
TNS for 32-bit Windows: Version 10.2.0.1.0 - Production
NLSRTL Version 10.2.0.1.0 - Production
SQL>
SQL> create user admin identified by oraclexe;
User created.
SQL> grant create session, create table to admin;
Grant succeeded.
SQL> grant unlimited tablespace to admin;
Grant succeeded.
SQL> grant create user to admin;
Grant succeeded.
SQL> grant create role to admin;
Grant succeeded.
SQL>
SQL> create user test identified by oraclexe;
User created.
SQL> grant create session to test;
Grant succeeded.
SQL>
SQL> connect admin/oraclexe;
Connected.
SQL> create table t(x varchar2(10));
Table created.
SQL> insert into t values('admin OK');
1 row created.
SQL> commit;
Commit complete.
SQL> create role rwp identified by oraclexe;
Role created.
SQL> grant all on t to rwp;
Grant succeeded.
SQL> grant rwp to test;
Grant succeeded.
SQL>
SQL> connect test/oraclexe;
Connected.
SQL> select * from session_roles;
ROLE
RWP
SQL> select * from admin.t;
X
admin OK
SQL> insert into admin.t values('test OK');
1 row created.
SQL> commit;
Commit complete.
SQL> select * from admin.t;
X
admin OK
test OK
SQL>There have been changes between Oracle 10.2 and 11.2 because the same script fails in 11.2 unless the role is set with the password:
SQL> drop user admin cascade;
User dropped.
SQL> drop user test cascade;
User dropped.
SQL> drop role rwp;
Role dropped.
SQL> select * from v$version;
BANNER
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - Production
PL/SQL Release 11.2.0.1.0 - Production
CORE 11.2.0.1.0 Production
TNS for Linux: Version 11.2.0.1.0 - Production
NLSRTL Version 11.2.0.1.0 - Production
SQL>
SQL> create user admin identified by oraclexe;
User created.
SQL> grant create session, create table to admin;
Grant succeeded.
SQL> grant unlimited tablespace to admin;
Grant succeeded.
SQL> grant create user to admin;
Grant succeeded.
SQL> grant create role to admin;
Grant succeeded.
SQL>
SQL> create user test identified by oraclexe;
User created.
SQL> grant create session to test;
Grant succeeded.
SQL>
SQL> connect admin/oraclexe;
Connected.
SQL> create table t(x varchar2(10));
Table created.
SQL> insert into t values('admin OK');
1 row created.
SQL> commit;
Commit complete.
SQL> create role rwp identified by oraclexe;
Role created.
SQL> grant all on t to rwp;
Grant succeeded.
SQL> grant rwp to test;
Grant succeeded.
SQL>
SQL> connect test/oraclexe;
Connected.
SQL> select * from session_roles;
no rows selected
SQL> select * from admin.t;
select * from admin.t
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> insert into admin.t values('test OK');
insert into admin.t values('test OK')
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> commit;
Commit complete.
SQL> select * from admin.t;
select * from admin.t
ERROR at line 1:
ORA-00942: table or view does not exist
SQL>
SQL> set role rwp identified by oraclexe;
Role set.
SQL> select * from session_roles;
ROLE
RWP
SQL> select * from admin.t;
X
admin OK
SQL> insert into admin.t values('test OK');
1 row created.
SQL> commit;
Commit complete.
SQL> select * from admin.t;
X
admin OK
test OK
SQL>10.2 Security Guide says:
If you are granted a role protected by a password, then you can enable or disable the role by supplying the proper password for the role in a SET ROLE statement. However, if the role is made a default role and enabled at connect time, then the user is not required to enter a password.
11.1 and 11.2 Secuirty Guide says:
If a user is granted a role protected by a password, then you can enable or disable the role by supplying the proper password for the role in the SET ROLE statement. You cannot authenticate a password-authenticated role on logon, even if you add it to the list of default roles. You must explicitly enable it with the SET ROLE statement using the required password.
Edited by: P. Forstmann on 20 févr. 2010 10:28

New Security Feautres/Privs/Roles with 10g

Similar Messages

Maybe you are looking for