ORA-53203: security violation
hello guys,
I wonder if someone can help me. I've got a proc that writes out a file into a dir. It's been working all along and all of a sudden when I execute the proc I get the error on the subject. Does anybody know how to resolve this error? Please see my code below, i'm executing it through Toad.
<PROCEDURE avs(errbuf OUT NOCOPY VARCHAR2,
retcode OUT NOCOPY NUMBER,
p_avs_batch IN VARCHAR2) IS
v_eft_date VARCHAR2(100);
BEGIN
v_eft_date := TO_CHAR(SYSDATE, 'DD-MON-RRRR_HH24_MI_SS');
g_payment_batch := p_avs_batch;
g_file_name := 'IS_AVS'||v_eft_date||'.txt';
g_file_id := utl_file.fopen(g_dir_name,
g_file_name,
'W');
utl_file.put_line(g_file_id,
create_avs_hdr_fn);
create_avs_line_fn(g_file_id);
create_avs_trailer(g_file_id);
utl_file.fclose_all;
IF (update_tables != TRUE) THEN
Fnd_File.put_line(Fnd_File.LOG, 'Failed to update payment batch tables. Cancel the batch');
END IF;
EXCEPTION
WHEN OTHERS THEN
Fnd_File.put_line(Fnd_File.LOG, 'Print Error - eft' || SUBSTR(SQLERRM, 1, 250));
END avs;
--AVS Function
FUNCTION create_avs_hdr_fn RETURN CHAR IS
TYPE avs_header_file IS RECORD(l_record_type VARCHAR2(2),
l_service_type VARCHAR2(4),
l_cats_user_id VARCHAR2(5),
l_seq_number VARCHAR2(5),
l_date_created VARCHAR2(8),
l_time_created VARCHAR2(6),
l_indicator VARCHAR2(4),
l_filler VARCHAR2(66) );
avs_hdr_file avs_header_file;
l_blank VARCHAR2(66) := ' ';
l_return VARCHAR2(100) := NULL;
BEGIN
avs_hdr_file.l_record_type := 'AH';
avs_hdr_file.l_service_type := 'ACCV';
avs_hdr_file.l_cats_user_id := 'DIM16';
avs_hdr_file.l_seq_number := '00001';
avs_hdr_file.l_date_created := TO_CHAR(SYSDATE, 'RRRRMMDD');
avs_hdr_file.l_time_created := TO_CHAR(SYSDATE, 'HH24MISS');
avs_hdr_file.l_indicator := 'TEST';
avs_hdr_file.l_filler := LPAD(l_blank, 66, ' ');
l_return := l_return||avs_hdr_file.l_record_type;
l_return := l_return||avs_hdr_file.l_service_type;
l_return := l_return||avs_hdr_file.l_cats_user_id;
l_return := l_return||avs_hdr_file.l_seq_number;
l_return := l_return||avs_hdr_file.l_date_created;
l_return := l_return||avs_hdr_file.l_time_created;
l_return := l_return||avs_hdr_file.l_indicator;
l_return := l_return||avs_hdr_file.l_filler;
l_return := l_return;
RETURN UPPER(l_return);
EXCEPTION
WHEN OTHERS THEN
Fnd_File.put_line(Fnd_File.LOG, 'Print Error - create_avs_hdr_fn'||SUBSTR(SQLERRM, 1, 250));
END create_avs_hdr_fn;
PROCEDURE create_avs_line_fn(p_file_id IN utl_file.file_type) IS
TYPE avs_line_rec IS RECORD( l_record_type VARCHAR2(2),
l_seq_number VARCHAR2(5),
l_branch_code VARCHAR2(6),
l_account_number VARCHAR2(13),
l_acc_type VARCHAR2(1),
l_reg_number VARCHAR2(13),
l_initials VARCHAR2(5),
l_company_name VARCHAR2(30),
l_filler VARCHAR2(76));
avs_ln_rec avs_line_rec;
l_blank VARCHAR2(13) := ' ';
l_blank1 VARCHAR2(5) := ' ';
l_blank2 VARCHAR2(25) := ' ';
l_return VARCHAR2(100) := NULL;
l_branch_code VARCHAR2(20) ;
l_bank_account_num VARCHAR2(30) ;
l_customer_name VARCHAR2(30) ;
CURSOR c_line_detail IS
SELECT ap_bank_accounts_all.attribute1,
ap_bank_accounts_all.bank_account_num,
hz_parties.party_name
FROM apps.hz_cust_accounts hz_cust_accounts,
apps.hz_cust_acct_sites_all hz_cust_acct_sites_all,
apps.hz_cust_site_uses_all hz_cust_site_uses_all,
apps.hz_parties hz_parties,
apps.ra_terms_tl ra_terms_tl,
apps.ap_bank_accounts_all ap_bank_accounts_all,
apps.ap_bank_account_uses_all ap_bank_account_uses_all
WHERE hz_cust_accounts.cust_account_id = hz_cust_acct_sites_all.cust_account_id
AND hz_cust_acct_sites_all.cust_acct_site_id = hz_cust_site_uses_all.cust_acct_site_id
AND hz_parties.party_id = hz_cust_accounts.party_id
AND ra_terms_tl.term_id = hz_cust_site_uses_all.payment_term_id
AND hz_cust_accounts.cust_account_id = ap_bank_account_uses_all.customer_id
AND ap_bank_account_uses_all.external_bank_account_id = ap_bank_accounts_all.bank_account_id
AND ap_bank_account_uses_all.customer_site_use_id IS NULL
AND hz_cust_site_uses_all.site_use_code = 'BILL_TO'
AND hz_cust_site_uses_all.primary_flag = 'Y'
AND ra_terms_tl.NAME LIKE 'D%'
AND ap_bank_accounts_all.bank_account_num /*IN ('1908422416','4051134040','62026988579','53420054107','200455095');*/ = '240157772';
BEGIN
OPEN c_line_detail;
FETCH c_line_detail
INTO l_branch_code,
l_bank_account_num,
l_customer_name;
CLOSE c_line_detail;
avs_ln_rec.l_record_type := 'AV';
avs_ln_rec.l_seq_number := '00001';
avs_ln_rec.l_branch_code := LPAD(l_branch_code, 6, '0');
avs_ln_rec.l_account_number := LPAD(l_bank_account_num, 13, '0');
avs_ln_rec.l_acc_type := '1';
avs_ln_rec.l_reg_number := LPAD(l_blank, 13, ' ');
avs_ln_rec.l_initials := LPAD(l_blank1, 5, ' ');
avs_ln_rec.l_company_name := RPAD(l_customer_name, 30, ' ');
avs_ln_rec.l_filler := LPAD(l_blank2, 25, ' ');
l_return := l_return||avs_ln_rec.l_record_type;
l_return := l_return||avs_ln_rec.l_seq_number;
l_return := l_return||avs_ln_rec.l_branch_code;
l_return := l_return||avs_ln_rec.l_account_number;
l_return := l_return||avs_ln_rec.l_acc_type;
l_return := l_return||avs_ln_rec.l_reg_number;
l_return := l_return||avs_ln_rec.l_initials;
l_return := l_return||avs_ln_rec.l_company_name;
l_return := l_return||avs_ln_rec.l_filler;
l_return := l_return;
utl_file.put_line(p_file_id, UPPER(l_return));
EXCEPTION
WHEN OTHERS THEN
Fnd_File.put_line(Fnd_File.LOG, 'Print Error - create_avs_line_fn'||SUBSTR(SQLERRM, 1, 250));
END create_avs_line_fn;
--avs trailer
PROCEDURE create_avs_trailer(p_file_id IN utl_file.file_type) IS
TYPE avs_trailer_rec IS RECORD( l_record_type VARCHAR2(2),
l_total_trans VARCHAR2(7),
l_filler VARCHAR2(91));
avs_tr_rec avs_trailer_rec;
l_blank VARCHAR2(91) := ' ';
l_return VARCHAR2(100) := NULL;
BEGIN
avs_tr_rec.l_record_type := 'AT';
avs_tr_rec.l_total_trans := '0000001';
avs_tr_rec.l_filler := LPAD(l_blank, 91, ' ');
l_return := l_return||avs_tr_rec.l_record_type;
l_return := l_return||avs_tr_rec.l_total_trans;
l_return := l_return||avs_tr_rec.l_filler;
l_return := l_return;
utl_file.put_line(p_file_id, UPPER(l_return));
EXCEPTION
WHEN OTHERS THEN
Fnd_File.put_line(Fnd_File.LOG, 'Print Error - create_avs_trailer'||SUBSTR(SQLERRM, 1, 250));
END create_avs_trailer;
Where is g_dir_name coming from?
When you are writing a file from the database to the servers files system then two things are checked.
1) has the Databace Account (your logon user) all the permissions to access the Oracle Directory (assuming you use Oracle Directories and not the unsecure UTL_FILE_DIR parameter). I think you have, since you would probably get a different error message.
2) Has the appropriate OS account the right to write (overwrite) this file? This means the file location must exists and the correct rights must be there. Usually this is the OS account Oracle (the one account that runs the database).
Furthermore it could be extremely helpful to remove all the when others exceptions. They just hide important information, like the line number where the error occurs.
it is currently unknown when the error happens. During the fopen the put_line or the fclose_all? Maybe even during the Fnd_File.put_line option, since you closed all files (bad habit) before executing this.
Similar Messages
-
ORA-47401: Realm violation for create table on SYS.REGISTRY$HISTORY
Hi i have 10.2.0.4 db with db vault on RHEL4. I am applying jan2010 patch on it. After applying patch when i am trying to recompile views i am facing the below error.(I am executing this after starting up database in upgrade mode)
SQL> @$ORACLE_HOME/cpu/view_recompile/view_recompile_jan2008cpu.sql
BEGIN
ERROR at line 1:
ORA-47401: Realm violation for create table on SYS.REGISTRY$HISTORY
ORA-06512: at line 16
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - Production
With the Partitioning, Oracle Label Security, OLAP, Data Mining,
Oracle Database Vault and Real Application Testing options
[oracle@rac1 view_recompile]$
Plese help me on this.
Regards,
snpPerhaps you are tripping over Bug 6928496. I suspect best bet is to open a SR with Oracle rather than hope for similar occurance within the user community.
-
Weblogic 10.3.0 - Security Violation when Group Membership Lookup enabled
Dear Admins,
We're running a Weblogic 10.3.0 cluster with our own software deployed.
We're using SQL authentication (JDBC to Oracle DB) to authenticate users.
Recently we've been tuning our WL cluster to improve performance, and have enabled Group Membership Lookup Hierarchy Caching.
Sometimes users log into our application and get inssuficient rights (or some other error). This appears to happen at random. Most of the times they can log in without problems.
We determined it's not something to do with the cluster, although it can happen on one node and the other node will work as normal.
In the Managed server we see this error (with test user):
Managed7Server.out00011:java.rmi.AccessException: [EJB:010160]Security Violation: User: 'test' has insufficient permission to access EJB: type=<ejb>, application=leanapps, module=process_general.jar, ejb=LaLifeProcessController,
method=create, methodInterface=Home, signature={}.
When we disable Group Membership Lookup Hierarchy Caching, this error never occurs.
Our settings (Security Realms -> myrealm -> Providers -> SQL Authenticator -> Performance):
Max Group Hierarchies In Cache: 5000 (we have approx. 2000 groups)
Group Hierarchy Cache TTL: 3600
provider specific settings :
Group Membership Searching: unlimited
Max Group Membership Search Level: 0
Also in Myrealm -> Performance we have set :
Enable WebLogic Principal Validator Cache
Max WebLogic Principals In Cache: 5000
If we put the TTL really low (default 60 seconds), the error hardly ever occurs. But we want to have cache that lasts longer then one minute.
This might be a bug, as we have other clusters running on WL 10.3.5, 12c where we use the same cache settings. This issue does not occur there.
I'm more then willing to provide more info or config files
Edited by: user5974192 on 21-nov-2012 5:17This is fixed now. Someone had defined a Servlet for the web service in web.xml that was preventing the EJB container to kick in.
Edited by: user572625 on Aug 25, 2011 11:54 PM -
Last night when i tried to sign a document i received the mesage below and after that it says this document can't be signed what can i do to fix this problem.
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Security Violation Error while running schedule task from OIM.
Hi All,
I am getting this error while running a custom java schedule task from OIM:
*Thor.API.Exceptions.tcAPIException [EJB:010160] Security Violation: User '<anonymous>' has insufficient permission to access EJB:*
type=<ejb>,application=Xellerate,module=xlDataObjectBeans.jar,ejb=tcReconciliationoperations,method=createDeleteReconciliationEvent
at Thor.API.Operations.tcReconciliationOperationsClient.createDeleteReconciliationEvent(UnKnown Source).
I got this error as soon as my code start creating Delete Reconciliation Event.
Note: I have already protected the JNDI Namespace.
Please provide some pointers.
Regards,
SunnyHi Rajiv,
Check this:
package com.centrica.iam.scheduletask;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import oracle.iam.connectors.common.ConnectorLogger;
import com.thortech.xl.dataaccess.tcDataSet;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.PreparedStatementUtil;
import com.thortech.xl.orb.dataaccess.tcDataAccessException;
import com.thortech.xl.scheduler.tasks.SchedulerBaseTask;
import Thor.API.tcResultSet;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcInvalidValueException;
import Thor.API.Operations.tcLookupOperationsIntf;
import Thor.API.Operations.tcReconciliationOperationsIntf;
import Thor.API.Operations.tcSchedulerOperationsIntf;
public class CustomFlatFile extends SchedulerBaseTask {
private static tcSchedulerOperationsIntf schedulerIntf;
private static tcLookupOperationsIntf lookupIntf;
private static tcReconciliationOperationsIntf reconIntf;
String sObjectName;
String LookupName;
String LookupName2;
String FileDirectory;
String FileName;
String File;
String delimeter;
String isDeleteTrue;
HashMap<String, String> attrMap = new HashMap();
HashMap<String, String> delMap = new HashMap();
HashMap<String, String> finalMap = new HashMap();
ArrayList list = new ArrayList();
public boolean isReconStopped;
public CustomFlatFile()
isReconStopped = false;
public void init()
LookupName = getAttribute("Attribute Lookup Name");
FileDirectory = getAttribute("Directory Path");
FileName = getAttribute("File Name");
delimeter = getAttribute("Delimeter");
sObjectName = getAttribute("Resource Object Name");
isDeleteTrue = getAttribute("Is Delete Allowed");
public void execute(){
try {
System.out.println("Start Exceute");
//Initiate lookupIntf
lookupIntf = (tcLookupOperationsIntf)getUtility("Thor.API.Operations.tcLookupOperationsIntf");
reconIntf=(tcReconciliationOperationsIntf)getUtility("Thor.API.Operations.tcReconciliationOperationsIntf");
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
attrMap = readLookup(LookupName);
System.out.println(attrMap.toString());
readFile();
if (isDeleteTrue.equalsIgnoreCase("true"))
performDelete();
System.out.println("Finish Execute");
public void performDelete()
System.out.println("Start Perform delete");
int k = list.size();
System.out.println("list size " + list.size());
try
Thread.sleep(15000);
/* Hashtable ahashtable[] = new Hashtable[k];
Hashtable hashtable = new Hashtable();
for (int i=0;i<k;i++)
hashtable.put("User Id", list.get(i));
ahashtable[i] = hashtable;
System.out.println(list.get(i));
Set set = reconIntf.provideDeletionDetectionData(sObjectName, ahashtable);
System.out.println("Set--" + set.toString());
tcResultSet tcresultset = reconIntf.getMissingAccounts(sObjectName, set);
System.out.println("tcresultset - " + tcresultset.getRowCount());
if (!(tcresultset.isEmpty()))
long l[] = reconIntf.deleteDetectedAccounts(tcresultset);
for (int i1=0;i1<l.length;i1++)
System.out.println("delete recon key " + l[i1]);
//Get the existing list of Managed users
tcDataSet tcdataset = new tcDataSet();
tcDataSet tcdataset1 = new tcDataSet();
String query = "select orf.orf_fieldname,prf.prf_columnname, sdk.sdk_name from orf, sdk, pkg, tos, prf, obj " +
"where pkg.obj_key = obj.obj_key and pkg.pkg_key = tos.pkg_key and tos.sdk_key is not null " +
"and tos.sdk_key=sdk.sdk_key and tos.tos_key=prf.tos_key and prf.prf_iskey='1' and prf.orf_key=orf.orf_key " +
"and orf.orf_parent_orf_key is null and obj.obj_name='" + sObjectName + "'";
tcdataset.setQuery(getDataBase(), query);
tcdataset.executeQuery();
String FFName = tcdataset.getString("prf_columnname");
String FName = tcdataset.getString("sdk_name");
String ROFName = tcdataset.getString("orf_fieldname");
System.out.println("form- " + FName + " Field- " + FFName);
query = "select " + FFName + " from " + FName + " udtable, oiu a, ost b " +
"where udtable.orc_key=a.orc_key and a.ost_key=b.ost_key and b.ost_status!='Revoked'";
System.out.println(query);
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
int i = tcdataset1.getRowCount();
ArrayList list1 = new ArrayList();
String s1 = null;
System.out.println("N. of rows--" + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
//Getting the existing list of unmanaged users
query = "select distinct (b.rcd_value) from rce a, rcd b, orf c, obj d where a.rce_key=b.rce_key and " +
"b.orf_key=c.orf_key and c.orf_fieldname='" + ROFName + "' and a.rce_status!='Event Linked' " +
"and a.obj_key = d.obj_key and d.obj_name='" + sObjectName + "'";
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
i = tcdataset1.getRowCount();
System.out.println("No. Of Unmanaged Users " + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
int k1 = list1.size();
System.out.println("list1 size--" + k1);
for (int j1=0;j1<k1;j1++)
delMap.clear();
delMap.put(ROFName, (String)list1.get(j1));
System.out.println(delMap.toString());
long l = reconIntf.createDeleteReconciliationEvent(sObjectName, delMap);
System.out.println("delete recon key--- " + l);
catch (Exception exception)
exception.printStackTrace();
public void readFile(){
String s = "readFile()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
File = getFile();
BufferedReader reader = new BufferedReader(new FileReader(new
File(File)));
String line = "";
int k = attrMap.size();
String value[] = new String[k];
String Header[]= new String[k];
if (delimeter.equalsIgnoreCase("|"))
delimeter = "\\" + delimeter;
line = reader.readLine();
Header = line.split(delimeter);
while((line = reader.readLine()) != null)
value = line.split(delimeter);
k = value.length;
for (int i = 0;i<k;i++){
finalMap.put(attrMap.get(Header), value[i]);
System.out.println(finalMap.toString());
System.out.println("Start Ignoring Event");
if (!(reconIntf.ignoreEvent(sObjectName, finalMap)))
System.out.println("Not Ignored");
long l1 = reconIntf.createReconciliationEvent(sObjectName, finalMap, true);
System.out.println("Recon Key--" + l1);
else
System.out.println("ignore event ---" + finalMap.toString());
list.add(finalMap.get("User Id"));
System.out.println(list.size() + "add--" +finalMap.get("User Id") );
finalMap.clear();
catch (Exception exception)
exception.printStackTrace();
public boolean stop(){
String s = "stop()";
//logger.setMethodStartLog(classname, s);
//logger.info(classname, s, "Stopping Reconciliation........");
isReconStopped = true;
//logger.setMethodFinishLog(classname, s);
return true;
FileFilter fileFilter = new FileFilter()
public boolean accept(File file)
String sFilePath = file.getName();
if( sFilePath.startsWith(FileName) )
return true;
else
return false;
public String getFile() throws FileNotFoundException, Exception{
String s = "getFile()";
//logger.setMethodStartLog(classname, s);
String s1;
File dir = new File(FileDirectory);
File[] files = dir.listFiles(fileFilter);
if (files.length ==0)
throw new FileNotFoundException();
if (files.length>1)
throw new Exception("Multiple Matches found for this file name");
s1 = files[0].toString();
//logger.setMethodFinishLog(classname, s);
return s1;
public HashMap readLookup(String s1){
String s = "readLookup()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
tcResultSet tc1= lookupIntf.getLookupValues(s1);
int i = tc1.getRowCount();
for (int j = 0;j<i;j++){
tc1.goToRow(j);
map.put(tc1.getStringValue("Lookup Definition.Lookup Code Information.Code Key"), tc1.getStringValue("Lookup Definition.Lookup Code Information.Decode"));
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
return map; -
Security violation exception with Weblogic cluster installation on OIm 9.1
Hi,
I have OIM9.1 installed on weblogic 8.1 SP4 in clustered environment, which more often than not seems to work fine. But some time I get following exception on server console/log file which causes certain provisioning task to be rejected...
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: javax.ejb.AccessLocalException: [EJB:010160]Security Violation: User: 'xelsysad
m' has insufficient permission to access EJB: type=<ejb>, application=Xellerate, module=xl
DataObjectBeans.jar, ejb=tcFormInstanceOperations, method=create, methodInterface=LocalHom
e, signature={}.
at weblogic.ejb20.internal.MethodDescriptor.checkMethodPermissionsLocal(MethodDesc
riptor.java:486)
at weblogic.ejb20.internal.StatelessEJBLocalHome.create(StatelessEJBLocalHome.java
:80)
at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_LocalHomeImpl.create(
tcFormInstanceOperations_2j82mm_LocalHomeImpl.java:93)
... 126 more
ERROR,19 Dec 2008 14:20:03,752,[XELLERATE.APIS],Class/Method: tcBaseUtilityClient/getLocal
Interface encounter some problems: {1}
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.in
Problem is, I get this exception only 4 out of 6 times (when it is least expected). I have googled, and tried all possible means but have't been able to resolve it. One more thing I am sure of is, it only comes with Weblogic installation not with Jboss. So there should be some configuration issue with weblogic installation.
Any suggestions would be useful...No Response???
Where are the good guys?? -
Security Violation during PATH Variable Substitution
Hi -
I' m trying to write a file with the receiver file adapter by the variable substitution feature from SP12 on.
Whereas the %filename% variable works fine, I get for the %path% variable an exception in the adapter engine, whenever I'm trying either
- to use an absolute path like "/tmp" or
- composed pathnames like "tmp/test" (that are based on $XIHOME/j2ee/cluster/server0)
Non-composed pathnames like $XIHOME/j2ee/cluster/server0/tmp by setting %path% to "tmp" work also.
Any clue?
I'm on AIX on SP12.
Here is the exception:
java.text.ParseException: Security violation encountered during variable substitution: Content of variable path is not safe
Thanks.
StefanHi Stefan,
did you check the flag 'Disable Security Checks' in the communication channel?
Regards
Stefan -
802.1X Port Based Authentication - IP Phone- MDA - Port Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI am currently trying to get 802.1x port authentication working on a Cat3550 against Win2003 IAS but the IAS log shows a invalid message-authenticator error. The 3550 just shows failed. When I authenticate against Cisco ACS (by simply changing the radius-server) it works perfectly.
However, I am successfully using IAS to authenticate WPA users on AP1210s so RADIUS appears to be OK working OK.
Are there special attributes that need to be configured on the switch or IAS? -
802.1X Port Based Authentication Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI believe , you need to configure re-authentication on this switch port:
! Enable re-authentication
authentication periodic
! Enable re-authentication via RADIUS Session-Timeout
authentication timer reauthenticate server -
Security violation error (error code 2148532330) in Acrobat Pro XI with Windows 8
I have two certificates, physically residing on the same (Belgian) government issued smart card. One is labeled "Authentication" (Intended usage: sign transaction), and the other is labeled "Signature" (Intended usage: sign document). I have been trying to add a signature to a pdf document in Acrobat Pro XI (trial) on WIndows 8 Home (64 bit). It works perfectly with the "Authentication" certificate, but all attempts with the "Signature" certificate yield the following error:
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330
The only relevant difference between both certificates that I have been able to spot, is in the "key usage" field of the certificate ("sign transaction" versus "sign document"). Any thoughts on what might be wrong?
Thanks.I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Security Violation on jQuery Ajax Request
Dear all,
I'm new to adobe air.
I'm developing with Aptana Web, did include the jquery library and tried an ajax call. Seems to work but I receive an error on the return string, {"d":"NOK"} - parsererror - Error: Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor) .
When I use the XMLHttpRequest() function as in the basic demo example I have no error.
Any ideas,i have same problem
$.ajax( {
data : data,
url : "http://127.0.0.1/json.php",
type : "POST",
dataType: "json",
processData: true,
success : function(data) {
alert(data)
error: function(XMLHttpRequest, textStatus, errorThrown){
alert("statusText: "+XMLHttpRequest.statusText+"\n"+
"responseText: "+XMLHttpRequest.responseText+"\n"+
"textStatus: "+textStatus+"\n"+errorThrown)
This problem arises when I use parameters [dataType: "json",processData: true] -
Security violation from using underscores template
When using the template-function of the well-known underscore.js library I get an error:
Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor).
In the browser this works fine. I don't see any security problems from using templates !?I made some more tests: This code
var compiled = _.template("hello: <%= name %>");
air.trace(compiled({name : 'moe'}));
works when executed in $(document).ready (jQuery), but
it fails in the air.InvokeEvent.INVOKE-eventlistener, which
is always triggered after document-ready.
Seems that everything is fine until the AIR-part of the app
is up. -
Security violation after logout
When I have a user logout I remove their EJBs and call
ServletAuthentication.done(). If the user tries to log in with a
different account they get a security violation. If they wait about
20-40 seconds and try again everything is okay.
Does anyone know why this happens?
Thanks,
MikeIt usually is unless you are running under Flex Builder
itself. FB allows itself access to almost anything. Running in a
browser is subject to the sandbox.
Actually, as I think about it, the cross domain file might
not help. A Flex app, running in a browser, cannot access the local
file system *at all*. (Again, unless running under FB)
You will probably have to put that file on the network
somewhere, even if it is on a webserver on your own machine.
I assume it can change? If it is static, compile it into the
swf.
Tracy -
OSM 'oms-internal' user Security Violation errors
Hi Guys,
Have anyone ever came accross similar Exceptions in managed server logs?
om.mslv.oms.OMSException: [EJB:010160]Security Violation: User: 'oms-internal' has insufficient permission to access EJB: type=<ejb>, application=oms, module=security.jar, ejb=OMSThreadTransactionListener, method=create, methodInterface=Home, signature={}.
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcherEJB.processTimeout(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcher_86q3j1_EOImpl.processTimeout(EventDispatcher_86q3j1_EOImpl.java:142)
at com.mslv.oms.poller.a.handleNotification(Unknown Source)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor$ListenerWrapper.handleNotification(DefaultMBeanServerInterceptor.java:1732)
at javax.management.NotificationBroadcasterSupport.handleNotification(NotificationBroadcasterSupport.java:257)
at javax.management.NotificationBroadcasterSupport$SendNotifJob.run(NotificationBroadcasterSupport.java:322)
at javax.management.NotificationBroadcasterSupport$1.execute(NotificationBroadcasterSupport.java:307)
at javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.java:229)
at javax.management.timer.Timer.sendNotification(Timer.java:1237)
at javax.management.timer.Timer.notifyAlarmClock(Timer.java:1206)
at javax.management.timer.TimerAlarmClock.run(Timer.java:1289)
at java.util.TimerThread.mainLoop(Timer.java:512)
at java.util.TimerThread.run(Timer.java:462)
Any help appreciated!Could it be that the user should be assigned to groupd other then default
Edited by: 934200 on 07.06.2012 11:03 -
Switch por-security - - - Security Violation Count
I have some question with a device cisco 3400 metroaccess.
In a interface i have this config.
3400_METROACESS#sh run int g0/1
Building configuration...
Current configuration : 449 bytes
interface GigabitEthernet0/1
description
switchport access vlan 192
switchport port-security
switchport port-security violation restrict
bandwidth 800000
load-interval 30
media-type rj45
speed 1000
duplex full
mac access-group Block-Invalid-ERS-Frames in
service-policy input 800M
service-policy output LIMIT_QQ1
end
3400_METROACESS#sh port-security int g0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Restrict
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 5
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : XXXX.XXXX.XXXX:192
Security Violation Count : 3515----------------------------------------->what is the default parameter or the petitions permited, for the security violation take the action mode.
I have many logs from the int g0/1
Apr 23 16:08:37: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address XXXX.XXXX.XXXX on port GigabitEthernet0/1.
Thanks you for your help.
Best Regards!!The default (initial) count is 0, the number increases everything there is a violation.
you can reinitialize (clear) that counter by using the command : clear port-security all int g 0/1
Maybe you are looking for
-
Country of origin issue to be populated on Goods receipt
We have multiple vendor PART NUMBERS assigned to 1 vendor i.e N - 1 Relationship, if we maintain PIR , which can be used only for 1 vendor to 1 part number we cannot use PIR in this case as it is N - 1 Relation. So, the situation is we need to maint
-
Explain plan before and after ??
is there a way to find out what sql plan was before and what sqlp plan is right now ? i know we can look at dba_hist_sql_plan but not sure how to put it all togeather... i am on 10.2.0.3 i have a sql that running slow right now, i have the sql_id for
-
Additional, encrypted partition mounted as /Users
Recently I removed DVD-ROM drive from my MacBook Pro and installed 60GB SSD for system (in regular HDD bay) and my old HDD instead of DVD drive. My plan is to use fast SSD drive for system and the HDD for data. I would like to have my HDD partition m
-
DriveLock help unlock - known password, dead laptop
Hello, My HP Compaq 8510w died and I cannot get access to its hard drive, which was locked using DriveLock in BIOS. I know the password that was used to lock the drive, but it looks like DriveLock somehow mangles the password making it impossible to
-
Updating TABLEA based on values in TABLEB
Hi: I have the two following tables. I want to write a query which updates fields in TABLE1 based on certain values in TABLE2 1. Update SEVERITY in TABLE1 with SVRT_CD in TABLE2 for all TABLE1.INCIDENT = TABLE2.TKT_NBR 2. Update ESCALATION in TABLE1