OC4J and default security manager

Similar Messages

• Catalyst 3750x and 4510R and Cisco Security Manager

  Hi,
  I just downloaded and install trial (evaluation) version of Cisco Security Manager 4.3. In supported devices list I saw Cisco Catalyst 3750 and 4510R but when I try to add it I got for 3750:
  Invalid device: Device is a switch and cannot be mapped to a Generic Router model.
  Please verify the selected device type, OS version and device configuration
  For 4510R:
  Invalid device: Version 03.03.00.SG (N/A) is not supported for the device type of Cisco Catalyst 4510R Switch Please verify the selected device type, OS version and device configuration
  We need to make a purchase decision but for it we need to import all of our devices and perform some tests.
  Thanks in advance for your replies!
  BR, Vasily.

  I figured this out on my own -- change Compatibility mode of the installer to be Windows 8 (which is same OS version as Windows 2012) and it installs just fine.

• Weblogic 6.1 and -Djava.security.manager license failed

  I just tried to run (under jbuilder6), weblogic 6.1 sp3 (evaluation) and I have
  got a :
  $$$$$$$$$$$$$$$$ License Exception $$$$$$$$$$$$$$$$
  Unable to start WebLogic Server !!
  Null public key
  $$$$$$$$$$$$$$$$ License Exception $$$$$$$$$$$$$$$$
  The VM parameters I use are :
  -ms64m -mx64m
  -Djava.library.path=C:/bea/wlserver6.1/bin
  -Dbea.home=C:/bea
  -Dweblogic.Domain=cyradeladomain -Dweblogic.Name=name
  -Djava.security.policy==C:/bea/wlserver6.1/lib/weblogic.policy --Dweblogic.management.password=xxxxxxx
  -Djava.security.manager
  -Djava.security.debug=failure
  Did I missed some VM parameters ? What should I do to bypass this error?
  thanks!

  I'm getting the same problem running weblogic 7.0 with sp 1.
  Any other ideas on how to solve it?
  "kirann" <[email protected]> wrote:
  do you need to run the server with java security manager if not required
  then remove -Djava.security.manager
  else given full permission to the code based weblogic is in!
  thanks
  kiran
  "ezablith" <[email protected]> wrote in message
  news:3ddce60a$[email protected]..
  I just tried to run (under jbuilder6), weblogic 6.1 sp3 (evaluation)and I
  have
  got a :
  $$$$$$$$$$$$$$$$ License Exception $$$$$$$$$$$$$$$$
  Unable to start WebLogic Server !!
  Null public key
  $$$$$$$$$$$$$$$$ License Exception $$$$$$$$$$$$$$$$
  The VM parameters I use are :
  -ms64m -mx64m
  -Djava.library.path=C:/bea/wlserver6.1/bin
  -Dbea.home=C:/bea
  -Dweblogic.Domain=cyradeladomain -Dweblogic.Name=name
  -Djava.security.policy==C:/bea/wlserver6.1/lib/weblogic.policy --Dweblogic..management.password=xxxxxxx
  -Djava.security.manager
  -Djava.security.debug=failure
  Did I missed some VM parameters ? What should I do to bypass this error?
  thanks!

• Cannot start OC4J instance after specifying default java.security.manager

  Hi All,
  I am using OracleiAS 10.1.3.4 and trying to make use of the new User and Role APIs introduced in 10.1.3.1.
  While trying to get an object of IdentityStore using the following code, I got this error -
  java.security.PrivilegedActionException: oracle.security.idm.ConfigurationException: java.security.AccessControlException: access denied (oracle.security.jazn.JAZNPermission getOC4JIntegrationData)
  oidFactory = (IdentityStoreFactory) AccessController.doPrivileged(
  new PrivilegedExceptionAction()
  public Object run() throws IMException
  IdentityStoreFactoryBuilder builder =
  new IdentityStoreFactoryBuilder();
  return builder.getIdentityStoreFactory();
  I then tried specifying the default security manager in start JAVA options for my oc4j instance - Djava.security.manager. I also verified that my java policy file is present under $ORACLE_HOME/j2ee/oc4j_soa/config/java2.policy. But the issue is - once I put this default secirity manager in startup options in opmn.xml, the oc4j instance does not get started, it gives following error -
  08/12/30 02:58:22 Start process
  Dec 30, 2008 2:58:24 AM com.evermind.server.XMLDataSourcesConfig parseRootNode
  INFO: Legacy datasource detected...attempting to convert to new syntax.
  08/12/30 02:58:29 WARNING: Application.setConfig Application: default is in failed state as initialization failed.
  java.lang.ExceptionInInitializerError
  08/12/30 02:58:29 Error initializing server: Application: default is in failed state as initialization failed
  08/12/30 02:58:32 Fatal error: server exiting
  Any idea ? Any pointers please ?
  Thanks,
  Ankit

  Ankit,
  Check your syntax for the datasource. If you migrated from file-based to OID, then you should look at this link:
  http://download.oracle.com/docs/cd/E12524_01/relnotes.1013/e12523/oc4j.htmThere is a known issue when migrating from file-based to OIM\OID. Navigate to:
  12.2 JAZNMigration Tool Does Not Migrate ADFPrincipal Type Correctly
  -Michael

• Specifying system properties/security manager for OC4J

  I have a couple of related questions regarding OC4J/orion.jar:
  1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
  2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
  Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
  rmission java.protocol.handler.pkgs write)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.System.setProperty(Unknown Source)
  at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
  at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
  at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
  So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
  Any help much appreciated.
  ..Hrishi

  Thanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
  So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
  Thanks.
  ..Hrishi
  Hi,
  You can try this :
  - Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
  if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
  - Launch OC4J :
  java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
  OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
  Maher

• Custom Security Manager or Security Event Interception from WebLogic Console

  Hello,
  I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
  Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
  I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
  I use Weblogic Server 6.0 sp2
  serge

  Hi Daniel,
  > a custom security manager for the standard CM Repository
  And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
  The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
  > java.lang.NoSuchMethodException: MySecurityManager.<init>
  This exception only complains about a missing constructor!? Have you implemented a default constructor?!
  > If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
  The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
  There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
  Hope it helps
  Detlev

• Security manager - applet - write/read files

  Hi.
  I've been trying to built a SecurityManager to allow my java applet to construct a file (*.txt or *.doc) on the server (webhosting provider) it came from. Unfortunately when I use the setSecurityManager method to set my Security Manager as the default Security Manager for that specific applet, the applet throws a SecurityException. It wouldn't allow me to change the Security Manager.
  I want to change the default Security Manager so that my applet can have permission to read and write to the specified file (*.txt or *.doc). I don't want to save any kind of files on the host computer even if I can do that, I only require to save my file (*.txt or *.doc) to the computer from were the applet's classes came from.
  Thank you!

  If there is a security manager already installed, this method first calls the security manager's checkPermission method with a RuntimePermission("setSecurityManager") permission to ensure it's ok to replace the existing security manager. This may result in throwing a SecurityException. Thus I think that you need to grant the setSecurityManager permission to your current SecurityManager to be able to replace it.

• Security Manager Performance

  Hi all,
  i have implemented a Repository Manager and a Security Manager with the help of the Tutorial from the Code Samples Section. Everything works fine, but the Performance of the Search is very bad. The Security Manager has serveral isAllowed Methods, but the framework always calls the atomic method "isAllowed(IResourceHandle, IPrincipal, IPermission)". This causes a great timedelay. In my case it will be much more effectiv to use the isAllowed-Methods with the Lists as Parameter. But i heard that it is not possible to force the framework to use this isAllowed-Methods.
  Can anyone tell me how i can increase the performance of the SecurityManager or how i can use the isAllowed Methods with the lists?
  Thank you very much for your answers!

  Hi Marcus,
  Unfortunately you have no possiblity to change the way the RF calls security managers.
  Is it possible for you to do reasonable caching within you security manager implementation?
  Best regards,
  Michael

• Security Manager Missing

  Welcome,
  I've installed Oracle 10g EE on Win XP and Enterprise Security MAnager is missing. I don't have esm.bat. How can I install ESM. Enterprise Manager works fine. I did not installed Internet Directory nor Single Sign On. Is that a problem?
  Thank You,
  Peter

  Enterprise Security Manager won't be found as an executable or batch script as you pretend. You have to install the administrative client and invoke this as:
  oemapp esm
  Enterprise security manager is a component launched with the Oracle Enterprise Manager Java console infrastructure.
  For a demo on esm you may want to read this Oracle By Example article: Enterprise User Security.
  ~ Madrid

• Signed code vs security manager

  i've seen tons of information on how to implement a security manager, and tons of information on signed code, but i haven't found information about WHY you choose with one over the other.
  we are implementing security is a very large desktop app.

  It's not an either/or decision. You can use both. If you use code signing and a security manager you can get more fine-grained control in your .policy file.

• Java -Djava.security.manager -Djava.security.policy=myPolicy classfile

  Hi everybody and Sun's member,
  From the command line we can install security manager as follows :
  java -Djava.security.manager - Djava.security.policy=myPolicy
  is it possible to install security manager and policy file by our program. Sugestion pliz.
  Regards
  Gt

  Thanks for your sugesstion. With this command "java -Djava.security.manager - Djava.security.policy=myPolicy" we are installing Security Manager and Policy file. What will be the minimum code for the above command, as I want to install dynamically (I mean how to spacify and install Security manager and policy files by programatically). Appreatiating anybodies sugesstion.
  Regards
  Gt

• Default Administrator password in BI Administration Tool - Security Manager

  Hello all,
  I'm new to OBIEE and have recently been playing around in the BI Administration Tool to create my own repository (.rpd) metadata files from demo DBs. I selected "Manage" -> "Security" to open Security Manager and then set a logging level of 2 on the Administrator user.
  UNFORTUNATELY, there is a default password that apparently gets specified that I didn't notice, so when I closed my repository file and tried to re-open it, it is now challenging me for a password that I didn't set, don't know, and have not been able to find in documentation or posted threads anywhere.
  Has anyone else ever come across this problem before or know the default password? Any help would be greatly appreciated. Thanks guys.

  Guys,
  First, let me thank you all for you quick responses and willingness to give me a hand. It's greatly appreciated. And thanks Ally for noticing the name! Glad you liked it. :)
  Unfortunately, my problem still exists. None of the following passwords worked for me: <blank>, "Administrator", "administrator", or "ADMINISTRATOR".
  Also, I should clarify for the thread that I'm not using Paint.rpd or SH.rpd; I'm creating my own repository from scratch. For those who read this post and have literally 90 seconds to spare, I would ask you to try and recreate this same thing with me and see if it's just me (and if I'm crazy):
  1) Open OBI Administration Tool
  2) DO NOT open an existing repository, create a new one. Name it whatever; mine is the default "Metadata1.rpd"
  3) Don't bother adding any metadata to it, go immediately to "Manage" --> "Security" --> "Users" and open up the Administrator user by double-clicking it.
  4) Notice there is a "Password" and "Confirm Password" value already defined by default! DON'T change it (this is the password in question that I accidentally accepted). Just click the "OK" button without making any changes to that form.
  5) Save, close, and then try to re-open this repository you just created. It should be challenging you for a password now, right? And I bet it will not accept <blank> or any variation of "Administrator".
  Believe me, I know better now in the future to not let this happen. But I can't for the life of me figure out this password that was automatically populated and WHY there would be one there in the first place! I was walking through a lab that told me to open this security setting for Administrator to set a logging level, but it did not mention anything about a setting a password. So, I created a repository that I have now magically locked myself out of. :)
  Can anyone else please try to recreate this and let me know if it's just me or not? I am using BI Administration Tool version: 10.1.3.3.2.071217.1900.
  Thanks again guys.

• Load security manager by default?

  I'm trying to improve security on Windows XP desktop machines. On the system in question, it is impossible for an ordinary user to run exe or any script files that are not located in specific directories (as per a standard software restriction policy). Unfortunately it seems that this does not apply to jar files since they are just archives which are opened with the java virtual machine. Even if specifically blocking .jar extensions worked, it is still possible to change the file extension and still run it from the command line using eg 'javaw.exe -jar file.txt'.
  It seems like the java security manager would be useful to enforce this, or at least sandbox code from outside the trusted directories, but it seems that java trusts all code on the local machine regardless of where may have come from. While it is possible to specifically call the security manager per run of an application, or even include it in a shortcut or change the default action in windows to call it, it is still very easy to simply use the command line or a shortcut to get around this.
  Is it possible to force the security manager to always run whenever javaw.exe loads? Alternatively, is there any other way to prevent certain java code from executing short of actually removing the JRE (which would disable certain applications and web services)?
  Thanks

  hello, yes you can do that - for the principle method of locking certain preferences please refer to this article: http://kb.mozillazine.org/Locking_preferences
  in your case you'd have to put this line in your lockfile:
  lockPref("signon.rememberSignons", false);

• When I try to combine two pdf's, it asks for a permission password and says the documents are protected; however, I didn't put any protection/security in the documents.  I assume it is a default security under the enhanced security settings of the Acrobat

  When I try to combine two pdf's, it asks for a permission password and says the documents are protected; however, I didn't put any protection/security in the documents.  I assume it is a default security under the enhanced security settings of the Acrobat Pro XI which I recently purchased.

  Acrobat (Pro or Standard) does not apply a "default" protection. It appears that someone or some other process has applied protection.
  Be well...

• Security Manager and Policy Files

  Hi all,
  I am writing a simple java rmi application, but understand it wont run without a Security Manager installed and a policy file.
  I think I have installed the security manger using the following in the main() method of my client application:
  System.setSecurityManager(new RMISecurityManager());However I am unsure how to use a policy file with this. I have looked on the internet, but it does not seem to be very well documented
  Please could you advise me how to create a policy file that will work for my application and where to place it in my application so that my application can use it.
  Any help would be greatfuly appreciated
  Thanx
  Aaron

  An RMI application doesn't need a security manager unless you are using the codebase feature.