Page Security Problem

Similar Messages

• WebCenter page security problems

  We are running a CustomPortal which is connected to a local AD.
  When i try to setup the page security in runtime on the server iam getting errors:
  German Errormessage: Mitglieder konnten nicht aus dem Policy-Speicher abgerufen werden
  English translation: Members couldn't be loaded out of the policy repository.
  The CustomPortal is still running but when i try to change the page security this errorsmessage occurs every time.
  At the moment we are running WebCenter PS3

  Maybe it's a conflict in authorization providers. When you add a provider in your security realm, there should be a flag to set whether or not the authenticator is mandatory, optional and so on.
  The order in which the providers are set is also important. If for example your AD is set as the first provider and is a required authenticator, than you will get an error of that kind in your application.
  Go to your weblogic console and open the security realm. Open the provider tab
  Is the AD provider the first one or is the DefaultAuthenticator the first one?
  When you open the AD provider, how is the control flag set?
  What provider is the AD provider? Do you use the general LDAP provider or the ActiveDirectoryAuthenticator?

• I got this warning when i open a specific page on my website in IE : MuseJSAssert: Error calling selector function:Error: A security problem occurred.

  Hi,
  I found out when i'm in IE and go to the page 'Artists'
  and i click on a name, for example: 'Abel Equipe ELA/I Gomes'
  I get this warning :
  MuseJSAssert: Error calling selector function:Error: A security problem occurred.
  This is only in IE, not when i use Safari or Chrome
  this is the website link
  Any ideas how to solve this problem?

  There's an invalid hyperlink on the Abel Equipe ELA/I Gomes page on a bit of text that reads "with your input." You need to find this text within Muse, clear the hyperlink and enter a valid one.

• JHeadStart Security problem-error page cannot be found- role based security

  JHeadStart Security problem-error page cannot be found- role based security
  Good morning! How are you? I would need some help in a jheadstart 10.1.3.2 security case and I was wondering if you could give me a hand to go on. I create the Model project with tables of oe schema. Then in JHeadStart to perform security I follow the following steps: In ViewController/WEB-INF/web.xml – properties I do the following: login configuration: http basic authentication rfc 7617: realm:jazn.com
  Security roles : I define two roles: customer and administrator , Security Constraints: web_resources: All_pages, Url Patterns: faces/*. Then in Tools/Embedded OC4J Preferences/Global/Authentication JAZN/Realms/jazn.com/users: I define two users c1, password c1 and a1,password a1, roles/member users/ I attribute the roles to the relevant users c1—customer and a1—administrator. Then in application definition editor on service level I define security/use role based authorization=true , authorization type: JAAS and when access denied go to next group=true. On group level e.g.: ProductInformation: Authorization/Authorized Roles Permissions: administrator.On item level : Orders/Items/OrderTotal/Operations/Update Allowed: #{jhsUserRoles['administrator']},Then I generate the pages (run the jag) . The generation is completed successfully but when I run the View Controller project a “the website declined to show this webpage…(page cannot be found)’ is displayed. What should I do? I would appreciate it if you would help me on this issue! Thank you very much.

  Thand you very much for your reply! Unfortunately there is a specific restriction-convention in the project I work in. I am supposed to perform role based security with my own tables and no by the jheadstart’s ones. Could you find out what is my fault with the steps I follow trying to perform the process?
  To remind you my steps I paste the following again:
  JHeadStart Security problem-error page cannot be found- role based security
  Good morning! How are you? I would need some help in a jheadstart 10.1.3.2 security case and I was wondering if you could give me a hand to go on. I create the Model project with tables of oe schema. Then in JHeadStart to perform security I follow the following steps: In ViewController/WEB-INF/web.xml – properties I do the following: login configuration: http basic authentication rfc 7617: realm:jazn.com
  Security roles : I define two roles: customer and administrator , Security Constraints: web_resources: All_pages, Url Patterns: faces/*. Then in Tools/Embedded OC4J Preferences/Global/Authentication JAZN/Realms/jazn.com/users: I define two users c1, password c1 and a1,password a1, roles/member users/ I attribute the roles to the relevant users c1—customer and a1—administrator. Then in application definition editor on service level I define security/use role based authorization=true , authorization type: JAAS and when access denied go to next group=true. On group level e.g.: ProductInformation: Authorization/Authorized Roles Permissions: administrator.On item level : Orders/Items/OrderTotal/Operations/Update Allowed: #{jhsUserRoles['administrator']},Then I generate the pages (run the jag) . The generation is completed successfully but when I run the View Controller project a “the website declined to show this webpage…(page cannot be found)’ is displayed. What should I do? I would appreciate it if you would help me on this issue! Thank you very much.

• Javascript security problem in IE/Netscape

  I am facing with the javascript security problem in IE/Netscape. I have solved this problem partially, but there are more issues involved.
  Here's the scenario:
  There is an HTML page on client's hard disk (main.htm) containing two frames:
  frame 1 contains a page that lies that is deployed from my server, say
  src="http://127.0.0.1:8080/MyApplication.htm"
  frame 2 contains a page that lies on the client's server, say
  src="http://www.clientside.com/clientPage.htm"
  My page in frame 1 wants to access the URL of the page in frame 2 (through a button click, say ). This is done in MyApplication.htm through javascript as:
  window.parent.frame2.location.href;
  Now when the above line is executed, i get the following error:
  In IE(5.0): "permission denied"
  In Netscape(4.7): "access disallowed from scripts at http://127.0.0.1:8080/MyApplication.htm to documents at another domain."
  (which is understandable)
  I have partially solved the above problem in Netscape, by granting access permissions to MyApplication.htm (page on my server) to access the
  "http://www.clientside.com/clientPage.htm" page at client's domain.
  This is done as follows:
  1. First enable code base principals in client's Netscape by adding the following line in prefs.js file of Netscape
  "user_pref("signed.applets.codebase_principal_support", true);"
  2. Secondly i must add the following line in java script of "MyApplication.htm"
  "netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserAccess");"
  Now when the client clicks the button on my frame he'll get a netscape window asking him to grant permissions to MyApplication.htm.
  After granting permission, MyApplication.htm can retrieve the URL of clientPage.htm (even if he browses to another url)
  As you can see this problem is solved partially, but i want that the page "main.htm" (which is now on the client's hard disk),
  must be deployed at client's server (in which case not even the above technique works).........what should i do? any alternates or other solution?
  Secondly i want this to work with IE too, (which should according to their documentation, but does not and is therfore a big IE bug-as mentioned on the net)
  Any sort of help in this case would greatly appreciated.
  Thanks
  Faisal Moin Khan

  i believe you are posting in the wrong forum.
  This forum is foro XML web services.

• Signed applets in 1.4.1: non-trust ignored: severe security problem?

  Hello all,
  I am signing applets with a developer certificate.
  Until know everything worked fine with Plugin 1.3.1.
  Know I changed to Plugin 1.4.1 and encountered a strange behaviour: When I open the HTML page with a browser (tried IE 5.5 and Mozilla 1.1) the certificate-question pops up. The problem: if I choose not to trust the certificate, the applets starts nevertheless and I can use the system clipboard inside my Applet (for what applets needs to be signed)!
  This looks like a severe security problem!
  Does anyone know anything about this? Can you reproduce this?
  thanx!
  Marcus

  Hi,
  I tried to reproduce what you said with plugin 1.4.0 (I don't have 1.4.1 yet) and IE6.0 (It doesn't have anything to do with the browser)
  My Java console said :
  "User has denied the priviledges to the code
  writeFile: caught security exception"
  The security seems to work OK in 1.4.0.
  I will have to try 1.4.1.
  Patrick

• Access denied by Page security check

  Hi,
  I would like to allow access to page 1 only to users in the group 'CPY'
  i do un authorizzation scheme 'CPY_GROUP' (exists sql query type)
  SELECT '1'
  FROM GRP gr, USG ug, USR us
  WHERE gr.GRP_APP_ID='CRM'
  AND gr.GRP_ID = 'CPY'
  AND us.USR_ID = UPPER(:P101_USERNAME)
  AND us.USR_ID=ug.USG_USR_ID
  AND gr.GRP_ID=ug.USG_GRP_ID;
  on the page 1, on the security session, i pick 'CPY_GROUP' from select list
  when run my application with a user of 'CPY_GROUP' i have the error
  Access denied by Page security check
  Error      You are not authorized to access this function. (my Identify error message displayed when scheme violated)
  Any help?
  Thanks in advance
  km

  Hi Scott,
  I am facing a similar kind of problem. I am using :P101_USERNAME only in login page to check for user name and password. I have not used it in any of the further pages.
  But i am still getting the error "Access denied by Page security check". Please suggest me some solution.
  Thanks in advance,
  Anjali

• ERROR Msg: MuseJSAsset: Error calling selector function:Error: A security problem occurred.

  ERROR Msg: MuseJSAsset: Error calling selector function:Error: A security problem occurred.
  Just launched site using 1 of my 5 CC web-hosting chips. Using Adobe's hosting: ns1, ns2 & ns3.worldsecuresystems.com
  Concerned that the "• Assign a domain name (e.g., www.mycompany.com)" keeps coming up, even tho' I've launched???????????

  Hi,
  The MuseJSAsset error usually appears if there is any conflicting script on the page. Have you added your own code to the site using Insert HTML feature? If yes, please try removing it.
  Regarding your second concern, What is your site URL?
  Regards.
  Aish

• Sun Java security problems

  Please any one tel me about Sun Java security problems
  with Desktop application

  Hi.
  If you're using SSGD 4.41, please download the Admin guide from here:
  http://docs.sun.com/app/docs/doc/820-4907
  There, at page #41 you'll find useful info concerning "Client Connections and Security Warnings".
  Hope this helps,
  Rob

• Security problem - javascript?

  Hi
  I have a tabular multi row, where I have this javascript (in the header of the page) to validate the form:
  <script language="JavaScript1.1" type="text/javascript">
  function validate_tabularform()
  // for each question
  var submit = true;
  for (i=0; i<document.wwv_flow.f01.length; i++)
  // get value of importance and performance
  var DISC_PERCENT = parseFloat(document.wwv_flow.f05.value);
  var OFFER_PRICE = parseFloat(document.wwv_flow.f03[i].value);
  if(DISC_PERCENT>100 || DISC_PERCENT<0)
  alert ("&IMARS_ERROR_00001.")
  submit = false;
  break;
  if(OFFER_PRICE<0)
  alert ("&IMARS_ERROR_00002.")
  submit = false;
  break;
  if(submit)
  doSubmit('SUBMIT');
  </script>
  On my update/submit button i have this code for a url:
  javascript:validate_header();
  Is there some security problems with this method?
  Best Regrads
  Jesper Vels

  Hello,
  What do you mean by security problems?
  Javascript can be manipulated any number of ways on the client machine. You never want to do is only trust 'only' javascript for your validations. Javascript validations are a convenience for the user , so they don't have to do a submit before they see something is wrong, but data should always be revalidated on the server side before you put that data in.
  Carl

• "Page Security cannot be asserted" error

  I have a page that depending on business logic will give various error dialogs (Y/N), however I keep getting the following error (when returning to self/calling page):<br>
  <<<b>Page Security cannot be asserted. The page has either expired or has been tampered.</b>>>
  <br><br>
  I've was getting this when I pressed no so I did a work around by explicitly forwarding to current page:<br>
  << super.setForwardURL(oapagecontext, true, "OA.jsp?page=/oracle/apps/per/[mypackages]/MyPagePG&akRegionApplicationId=800", true, hashmap1, "N", true);>><br><br>
  But after adding that, if I throw a validation exception (<<throw new OAException(..)>>) it gives me the same old error along with the one I specified in the exception constructor.<br><br>
  Is there something special about this foward? In other places I use the very same method to redirect to dialog without any problems.<br><br>
  Any ideas what causes this error?<br>
  -C
  <br><br>Source:<br>
  <<
  <br> String yes = oapagecontext.getMessage("AK", "FWK_TBX_T_YES", null);
  <br> String no = oapagecontext.getMessage("AK", "FWK_TBX_T_NO", null);
  <br> dialogPage.setOkButtonItemName(okButtonName);
  <br> dialogPage.setNoButtonItemName("No");
  <br> dialogPage.setOkButtonToPost(true);
  <br> dialogPage.setNoButtonToPost(true);
  <br> dialogPage.setPostToCallingPage(true);
  <br> dialogPage.setOkButtonLabel(yes);
  <br> dialogPage.setNoButtonLabel(no);
  <br> java.util.Hashtable formParams = new java.util.Hashtable();
  <br> if(appraisalId!=null){
  <br> formParams.put("AppraisalId", appraisalId);
  <br> }
  <br> if(objectiveId!=null){
  <br> formParams.put("pObjectiveId", objectiveId);
  <br> }
  <br> if(oapagecontext.getParameter("AddAnotherYes")!=null){
  <br> formParams.put("AddAnotherYes", oapagecontext.getParameter("AddAnotherYes"));
  <br> }
  <br> if(oapagecontext.getParameter("ApplyYes")!=null){
  <br> formParams.put("ApplyYes", oapagecontext.getParameter("ApplyYes"));
  <br> }
  <br> formParams.put("event", oapagecontext.getParameter("event"));
  <br> dialogPage.setFormParameters(formParams);
  <br> oapagecontext.redirectToDialogPage(dialogPage);
  >>

  I found the problem.<br><br>
  <b>HashMap hashmap = super.getKeyParams(oapagecontext);<br>
  hashmap.put("MyParam1", value)<br>
  hashmap.put("MyParam2", value)<br>
  hashmap.put("MyParam3", value)<br>
  </b><br><br>
  As it turns out, "MyParam1" was already pre-populated in the key hashmap and so when I tried to reset it, the framework noticed it was rekeyed and threw the mentioned error. Simply removing the line that inserts that param into the map fixed the problem.<br><br>
  So, the solution was to use the code inspector in debug mode to crawl the hashmap to see what key params were auto-populated.<br><br>
  hth,<br>-C

• Adobe reader 9 security problem?

  Yes, i recently read about this security problem with the PDF.  I would like to know what if anything has/is being done about it and does it affect all computers or just the corporate ones?  I also read there was a patch coming out about this and I would like to know where and how to get it if it is necessary.

  Well, don't let this scare you ... ... but a lot of software vulnerability information is out there if you just know where to look.
  Probably the most definitive source is the US CERT Vulnerabilities Database which is searchable at http://www.kb.cert.org/vuls/html/search.
  This database is maintained by the "United States Computer Emergency Readiness Team (CERT)" at Carnegie-Mellon University.  It's not the only database out there, but it's one of the best.
  Another thing to bear in mind is that Adobe has many large government contracts ... a huge amount of government documentation (e.g. IRS forms) are produced using PDF.  Therefore, you know that Adobe is informed when a vulnerability is discovered, and it has a positive-duty to participate in looking for them as well as resolving them.  If you keep your systems up-to-date you can expect that patches for them will be timely included.  (I am not, of course, saying that these expectations will invariably be met!)  Software development organizations do maintain, although they do not routinely externally publish, problem/resolution databases that are integrated into their version-control systems.
  Digging just a little bit deeper, I see that Adobe maintains "security advisories" among its support-page options.  (I see that the CERT advisories refer to these URLs.)  So, the information you are looking for is out there, and I'm sure that Adobe Support (note: I do not work for them...) can help answer specific questions ... especially if you have something like a CERT Advisory Number to refer to.
  Many folks imagine that software companies try to conceal their vulnerabilities, when in fact the exact opposite is true:  there is no such thing as "security by obscurity."  White-hat people work very studiously to "get the word out."  It is an international effort.
  It can be a bit disconcerting at first to see literally thousands of reports (some open, some closed) concerning a well-established product that you use every day.  Any exploit or vulnerability, realized or imagined, practical or theoretical, goes into that database:  "Knowledge is Power."

• Error processing a page. Problem reading document (110)

  This occurring following error message when opening a PDF file:
  "Error processing a page. Problem reading document (110)"
  Does anyone have any suggestions?

  When I encountered an error "there was a problem reading this document 110" in Acrobat Pro 11 on 28.7 MB CS6 file, it indeed was very frustrating.
  I solved my problem, but since I don't know which step benefitted me, I've to enumerate all the steps I took:
  Read below:
  1.1. I could copy the file anywhere on the drive, but couldn't 'save as' from Acrobat Pro.
  1.2. No document security was applied of any sort on the file.
  1.3. Still in the first tab of the document properties, all details under advance section were empty. No 'PDF Version' 'location' 'file size' etc were populated. Nothing.
  1.4. I couldn't change and save anything in any of property dialogue. I could comment on the text, but as soon as I tried to save, it gave an error (some sort of 'File reading' error).
  1.5. When I tried to extract a page (I tried many), it gave 'reading error'.
  1.6. I didn't try 'splitting error'. Since I was 100% sure, it'll give me same reading error.
  1.7. I opened the file in Firefox and tried saving it as pdf from there. But no error, but no save either.
  1.8. I ran 'Remove Hidden Information' from protection panel without any errors.
  1.9. I tried 'sanitize document' from the same tab, but didn't succeed.
  1.10. Then (here I think the problem was resolved), from Document Processing panel, I did some commands. 1st, 'Export all images', successfully. Then 'Remove all links', it found 0.
  1.11. Then in 'print production' panel, I clicked/tried to open acrobat distiller. The same opened, did some processing. But I don't know if it did something in solving the problem or not.
  1.12. Although I think my problem was resolved till now, but the last step I did was 'Saved As' the file (from the file menu) as a .ps file. Though I've not yet reopened/used that ps file (to convert it into a pdf file again). But around here I wanted to close the file and it asked me whether I wanted to save the file, I said yes. And it saved the file correctly. And I checked that in properties dialogue, the missing information was populated too.
  1.13. Sorry for so lengthy instructions, but I had no choice.

• Security problem with Google Recaptcha plugin

  Hi all,
  Found a security problem with Google Recaptcha plugin. If I delete the tag containing the recaptch(on some page) with Firebug, I can authorize myself without validating with Recaptcha. If someone knows how to fix this problem, I'll be be very thankful.
  Thanks in advance,
  Regards Ivan

  Hi Ivan,
  you can secure it by adding an "Item specified is NOT NULL" validation to your page.
  Will update the documentation and try to add a permanent fix in a new version of the plug-in.
  Thanks for letting us know!
  Patrick
  My Blog: http://www.inside-oracle-apex.com
  APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
  Twitter: http://www.twitter.com/patrickwolf

• MuseJSAsset: Error calling selector function:Error: A security problem occurred.

  Hi,
  Internet Explorer is popping up the error "MuseJSAsset: Error calling selector function:Error: A security problem occurred." on all but the Home page at: http://tolight.businesscatalyst.com/index.html. I saw the other post about the same issue and checked my mailto links but they look ok. Any other ideas?
  Thanks!

  David Healy,
  Do you have 1 particular .muse file that gives this 1009 error everytime when opening?
  If so, please send that .muse file to [email protected] along with an explanation of the problem. If your file is > 20MB, use a filesharing service like SendThisFile or Adobe SendNow.
  Also, you should have a file named 'MuseLog.txt' in your user Documents folder which should have some additional info about the error. Please attach that file to your email.
  The Adobe office is closed for a few more days for the holiday break, so it may be several days before you get any response.