Policy files URGENT

Hello
I have a question regarding the local and global policy file. The union of these are used, but what will happend if
- the global policy file allows to write to a file and the local denies this?
- the local policy file allows to write to a file and the global denies this?
-the global file allows grants permission to read to a file while the local policy file allows to write AND read this file
I am a bit confused about the union thing. Seems like the last one will allow both read and writing to the file but the first one seems strange to me. What is the union of allowing something and denying the same?
As I understand the global and local policy file are equal when it comes to what is beeing granted to code...
Thanks alot!!! for help.. I have my exam tomorrow and need to know cos Im confused!!

Well fist of all it is urgent since I have a exam
tomorrow morning and replies after this doesnt hekp
me to much.there may be some here that would sympathize with you.
Also telling me to try my self while sitting on your
"high horse looking down" mentality is crap. actually, jverds mentality may be quite different that what you percieve.
I believe from past experience that a much different description would
describe his mentality and response. I think what i am saying is that
you jump to conclusions.
I could
but I would have to install Java and since Im having
a teoretical exam this takes time Ill rather spend on
other material.it would be time well served and MOST likely to be more
productive than jumping to conclusions.
I understand perfectly that you dont want to help,with an open mind, you may come to other conclusions
but coming with statments that takes you longer time
to write then the answer is plain stupid.not if you understand that suggestions may help you in the long
run even if they aren't what you expect. graciously accepting help as
it is given is much better than making demands and lashing out with
a "help me the way i want to be helped" mentality.
Just keep
it to your self. more instructions and suggestions?
I asked kindly a question that needs
a yes/no and I cant see the big problem.re-reading this post with an open mind might lead you to a conclusion that
you would have been better served with a response like.
Thank you for your help jverd, but currently i have no access to a computer
with java and since i have an exam tomorrow and did not study when i should
have, i am in need of more suggestions. Thank you for your patience.
walker

Similar Messages

Urgent: JAAS authorization policy file

Hi.
I just decided to implement JAAS technology in my 3-tiered application. I did authentication, but can not beleive that the only way to specify authorization is to place all grants in one ore more text files and specify this(ose) file(s) in batch file running my application. I do not think that it is secure. The same for authentication. It is possible to redirect my application to pass through some other LoginModule and so on.
I gues there is some other way to store jaas config and policy files. Please help me to get that way.
Thanks in advance,
Kanan

the default file-based LoginContext configuration and Policy-based permission files are certainly rudimentary.
it is for this reason that the javax.security.auth.login.Configuration and java.security.Policy implementations are pluggable. instead of defining only one way of storing the data, it is possible to develop custom implementations to store data in any way a developer desires.
you can directly subclass either of these abstract classes and then programmatically set your subclass in the VM via the respective "setConfiguration" or "setPolicy" methods. or you can statically specify your custom implementation in the login.configuration.provider or policy.provider security property (set inside the java.security file inside the ~jre/lib/security directory of your installation).
both of these options should be documented in the Configuration and Policy javadocs.
in the Configuration case, J2SE 5.0 introduced a new constructor on the javax.security.auth.login.LoginContext class that can take a Configuration object as an input parameter. this gives you extra flexibility for managing login configuration entries per LoginContext.
your custom implementations would then need to manage the configuration and permission data as it so desires (perhaps in memory, perhaps on a server, or perhaps even in custom files).

How to create an application-specific policy file?

Hi Everybody:
I'm a .NET developer with C #. I have a few applications currently running on my computer using the ODP 10.1
Two weeks ago I installed on my computer the ODP 10.2 Release & now my previous applications have stopped working: when I try to make the connection to the database gives me this exception:
OraOLEDB (0x80004005)
ORA-12154: TNS: could not resolve the connect identifier specified
In FAQ section for ODP.NET I found the next:
Q: I have two .NET applications on the same machine running two different versions of ODP.NET. How do I ensure both these applications use the correct ODP.NET version?
A: Beginning with ODP.NET 10.1.0.3, the Oracle installer will register the following publisher policy DLLs in the Global Assembly Cache (GAC) that redirect 9.2, 10.1 and 10.2 ODP.NET applications to use the last installed version of ODP.NET: Policy.9.2.Oracle.DataAccess.dll and Policy.10.1.Oracle.DataAccess.dll.
ODP.NET 9.2 includes just the first policy DLL above. These policy files ensure that all your ODP.NET applications use the most recently installed version of ODP.NET.
You may undo the redirection manually. Policy DLLs can be de-installed through gacutil.exe using the /u option. Another approach is to navigate to the GAC directory (i.e. C:\WINNT\assembly) through the Windows Explorer and delete the policy folders. That will eliminate any policy enforcement for all your ODP.NET applications.
If you have applications on the same machine using different ODP.NET versions, you should create an application-specific policy file.
I'm trying to do that, but I don't know what is an application-specific policy file. Someone can give me an example of How can I create and application-specific policy file???
Regards

Hi,
Binding redirection is a ".net thing" as opposed to a "odp.net thing", see if this helps:
http://msdn.microsoft.com/en-us/library/7wd6ex19(VS.71).aspx
Hope it helps,
Greg

How do you use .wsse policy file from Java Client?

I'd like to call a WSSE enabled web service from my Java client but setup my encryption/signing requirements with a .wsse policy file.
I know how to call a web service by programmatically setting up the security headers as described in:
http://e-docs.bea.com/workshop/docs81/doc/en/core/index.html
But how can I do the same thing by simply using a .wsse file?

import java.awt.*;
import java.applet.Applet;
import java.awt.event.*;
import java.net.*;
public class links extends java.applet.Applet {
   Panel panel = new Panel();
   public links(){
      super();
      add(panel);
      Link link = new Link(this,"Answers for programmers;- ","http://forum.java.sun.com");
      panel.add(link);
   public void init(){
      setVisible(true);
   public class Link extends Label implements MouseListener {
      Applet applet;
      Color fcolor = Color.blue;
      Color lcolor = Color.pink;
      String text;
      String word;
   public Link(Applet ap, String s, String s1){
      super(s);
         this.applet = ap;
         this.text = s;
         this.word = s1;
         addMouseListener(this);
      setForeground(fcolor);
   public void paint(Graphics g){
   super.paint(g);
      if (getForeground() == lcolor){
         Dimension d = getSize();
         g.fillRect(1,d.height-5,d.width,1);
   public void update(Graphics g){paint(g);}
   public void mouseClicked(MouseEvent e){
      try{
         URL url = new URL(word);
         applet.getAppletContext().showDocument(url,"_self");
      catch(MalformedURLException er){ }
   public void mouseEntered(MouseEvent e){
      setForeground(lcolor);
      setCursor(Cursor.getPredefinedCursor(Cursor.HAND_CURSOR));
      repaint();
   public void mouseExited(MouseEvent e){
      setForeground(fcolor);
      setCursor(Cursor.getDefaultCursor());
      repaint();
public void mousePressed(MouseEvent e){}
public void mouseReleased(MouseEvent e){}
   public static void main (String[] args){
      new links();
}

Server.policy file

The ejb I am developing is trying to delete the following file from a local filesystem (Linux SuSE 9.3 Pro) : /path/to/file/delete.me I get the following exception:
java.security.AccessControlException: access denied (java.io.FilePermission /path/to/file/delete.me delete)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
at java.security.AccessController.checkPermission(AccessController.java:427)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkDelete(SecurityManager.java:990)
at java.io.File.delete(File.java:869)
I tried to modify the server.policy file adding the following line:
permission java.io.FilePermission "/path/to/file/delete.me", "delete";
but nothing changes, even when I restart the application server (don't know even if it is necessary to restart). I am using Sun Java System Application Server Enterprise Edition 8.1. Any help is welcome...
Thanks in advance
null

I think I solved the problem. At least I managed to delete the file :-)
First I had to add the following line to JRE's java.policy file:
permission java.io.FilePermission "/path/to/file/delete.me", "delete";Then I added the following entry to the server's server.policy file:
grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-apps/MyApp-" {
permission java.io.FilePermission "/path/to/file/delete.me", "delete";
};like described here:
http://docs.sun.com/app/docs/doc/819-3659/6n5s6m58n?a=view#beabz
I hope this could help to someone with the same problem

Problem fetching policy-file-request

According to
http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_print.html
quote:
* A SWF file may no longer make a socket connection to its
own domain without a socket policy file. Prior to version
9,0,115,0, a SWF file was permitted to make socket connections to
ports 1024 or greater in its own domain without a policy file.
* HTTP policy files may no longer be used to authorize
socket connections. Prior to version 9,0,115,0, an HTTP policy
file, served from the master location of /crossdomain.xml on port
80, could be used to authorize a socket connection to any port 1024
or greater on the same host.
So with the tighter security measures, a policy file has to
be fetched on port 843 or on the same port on which a connection is
desired. That leads to another problem. The policy file request
made by the player has a simple format: clear text
<policy-file-request/> is sent as raw data bytes on
the ports.
As most firewalls block such raw data traffic (of unknown
protocols) on all the ports, this means that the policy file fetch
will fail almost always if the user is behind any firewall.
This will render all SWFs, that do not use well known ports,
unusable. Does anyone know what is the solution to this
problem? Or am I missing something here?

Common guys, someone has to know what to do here.
I have read all that I can read and tried all that I could
and the flash app is not accepting my policy file.

How to specify a policy file in a WS client (AXIS2)

I am trying to access a dot net web service and i want to make use of the policy file they gave me. i read that AXIS2 supports WS-Policy in the client side but i still can not figure out how to tell the client to use the file. I searched thouroghly for examples and searched through diffirent forums with no success. I found only similar questions with no answer. if somebody could help it would be appreciated.
Thank you

We you codegen a Policy annotated WSDL, the policies are get included in the stub. Hence you don't have to specify a separate Policy file.
But if you need to use a separate policy then you need to set them in the AxisDescription object that you use in the ServiceClient and OperationClient.
e.g.
ServiceClient serviceClient = new ServiceClient();
OperationClient operationClient = serviceClient
.createClient(ServiceClient.ANON_OUT_IN_OP);
FileInputStream fis = new FileInputStream("path-to-policy.xml");
Policy servicePolicy = PolicyEngine.getPolicy(fis);
AxisService axisService = serviceClient.getAxisService();
axisService.getPolicyInclude().setPolicy(servicePolicy);
If you need more information please repost this to [email protected] with a [AXIS2] subject prefix.

How to use a custum permission in the .policy file

Hi,
I am stuck with the problem of having a custum permission that extands java.security.BasicPermission.
I really want this permission to be checked from my .policy file, but when I try to include its location : c:\java_project\server\SpecialPolicy.class
it pops a message that file is not found. I have tried dots, different slashes (back and forward) and still have no luck. I need this custum permission to be checked so that I can allow special access from a certain codebase so that say if I try a dangerous method I can just simply check in the code;
this.getSecurityManager.checkPermission(new SpecialPermission("lol"));
Also I need a paramater option, but I cant think of any since its not a FilePermission that takes a name and attributes (read, write..) what does BasicPermission take and if I extend it what attribute should I pass in. I dont really care about how this permission works, i just use it to restrict access to a certain functions in code that are ran from specific codeBAse.
Please dont ask why I need this :)
Thanks in advance, the documentation on how to add custum policies is simply NOT THERE. thus I have to bug people around.

Hi
If you just have to add another permission it is easy.
Create a class extending the BasicPermission. Have an entry into
the policy file like
grant <Principal> {
permission <CumstomPermission> "lol"
}that should be all. If you do have a specific Principal, please
do not forget to add the Principal to the relevant Subject after login.
cheers
Projyal

Error in manifest or policy file

Can't run Dreamweaver CS6 or CC - checked my log files - I see:
Activation context generation failed for "F:\AdobeCC\Adobe Dreamweaver CC\Dreamweaver.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0. 7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.76 01.17514_none_41e6975e2bd6f2b2.manifest.
Ran fine a few days ago, now won't run at all. Hangs on start.

Have a look at this discussion Event ID 80 SideBySide

Java.lang.SecurityException: Jurisdiction policy files are not signed by t

Hi
*I am installing ECC6 onAIX 6.1 with oarcle 10g.*
*I am getting error in create secure store*
*Policy and security files are ok,*
aused by: java.lang.ExceptionInInitializerError
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
        at javax.crypto.Cipher.a(Unknown Source)
        at javax.crypto.Cipher.getInstance(Unknown Source)
        at iaik.security.provider.IAIK.a(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
        at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
        at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
        ... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
        at javax.crypto.b.<clinit>(Unknown Source)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        ... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.access$600(Unknown Source)
        at javax.crypto.b$0.run(Unknown Source)
        at java.security.AccessController.doPrivileged(AccessController.java:246)
        ... 20 more
ERROR      2009-07-07 14:10:47.063
           CJSlibModule::writeError_impl()
CJS-30050 Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
        at java.lang.reflect.Method.invoke(Method.java:391)
        at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
        at javax.crypto.Cipher.a(Unknown Source)
        at javax.crypto.Cipher.getInstance(Unknown Source)
        at iaik.security.provider.IAIK.a(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
        at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
        at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
        ... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
        at javax.crypto.b.<clinit>(Unknown Source)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        ... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.access$600(Unknown Source)
        at javax.crypto.b$0.run(Unknown Source)
        at java.security.AccessController.doPrivileged(AccessController.java:246)
        ... 20 more.
ERROR      2009-07-07 14:10:47.547 [sixxcstepexecute.cpp:960]
FCO-00011 The step createSecureStore with step key |NW_Onehost|ind|ind|ind|ind|0|0|NW_Onehost_System|ind|ind|ind|ind|2|0|NW_CreateDBandLoad|ind|ind|ind|ind|10|0|NW_SecureStore|ind|ind|ind|ind|8|0|createSecureStore was executed with status ERROR ( Last error reported by the step :Cannot create the secure store. SOLUTION: See output of log file SecureStoreCreate.log:
SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:61)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:60)
        at java.lang.reflect.Method.invoke(Method.java:391)
        at com.sap.engine.offline.OfflineToolStart.main(OfflineToolStart.java:81)
Caused by: java.lang.ExceptionInInitializerError
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:218)
        at javax.crypto.Cipher.a(Unknown Source)
        at javax.crypto.Cipher.getInstance(Unknown Source)
        at iaik.security.provider.IAIK.a(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at iaik.security.provider.IAIK.addAsJDK14Provider(Unknown Source)
        at com.sap.security.core.server.secstorefs.Crypt.<clinit>(Crypt.java:82)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        at com.sap.security.core.server.secstorefs.SecStoreFS.setSID(SecStoreFS.java:158)
        at com.sap.security.core.server.secstorefs.SecStoreFS.handleCreate(SecStoreFS.java:804)
        at com.sap.security.core.server.secstorefs.SecStoreFS.main(SecStoreFS.java:1274)
        ... 6 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
        at javax.crypto.b.<clinit>(Unknown Source)
        at java.lang.J9VMInternals.initializeImpl(Native Method)
        at java.lang.J9VMInternals.initialize(J9VMInternals.java:196)
        ... 17 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.a(Unknown Source)
        at javax.crypto.b.access$600(Unknown Source)
        at javax.crypto.b$0.run(Unknown Source)
        at java.security.AccessController.doPrivileged(AccessController.java:246)
        ... 20 more.).
what could be the problem ?
Please give me the soluation
regards
Vijay

Dear Juan
You are correct.
I downloaded correct file from IBM site , and Create Secure store step completed but innext step IMPORT JAVA DUMP
it gave error
n error occurred while processing service SAP ERP 6.0 Support Release 3 > SAP Systems > Oracle > Central System > Central System( Last error reported by the step : Execution of JLoad tool '/usr/java14_64/bin/java -classpath /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/launcher.jar -showversion -Xmx512m -Xj9 com.sap.engine.offline.OfflineToolStart com.sap.inst.jload.Jload /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/lib/iaik_jce.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jload.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/antlr.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/exception.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/jddi.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/logging.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/offlineconfiguration.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/opensqlsta.jar:/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar:/oracle/client/10x_64/instantclient/ojdbc14.jar -sec AGQ,jdbc/pool/AGQ,/usr/sap/AGQ/SYS/global/security/data/SecStore.properties,/usr/sap/AGQ/SYS/global/security/data/SecStore.key -dataDir /swdump/NW7.0_SR3_JAVA_COMP_51033513/DATA_UNITS/JAVA_EXPORT_JDMP -job /swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/IMPORT.XML -log jload.log' aborts with return code 1. SOLUTION: Check 'jload.log' and '/swdump/tmpinst/sapinst_instdir/ERP/SYSTEM/ORA/CENTRAL/AS/jload.java.log' for more information.
regards
vijjay

Load XML file from addon domain without cross-domain Policy file

Hello.
Assuming that there are two addon domains on the same server: /public_html/domain1.com      and      /public_html/domain2.com
I try to load XML file from domain2.com into domain1.com without using cross-domain policy file (since it doesn’t work on xml files in my case).
So the idea is to use php file in order to load XML and read it back to flash.
I’ve found an interesting scripts that seems to do the job but unfortunately I can't get it to work. In my opinion there is somewhere problem with AS3 part. Please take a look.
Here are the AS3/PHP scripts:
AS3 (.swf in www.domain1.com):
// location of the xml that you would like to load, full http address
var xmlLoc:String = "http://www.domain2.com/MyFile.xml";
// location of the php xml grabber file, in relation to the .swf
var phpLoc:String = "loadXML.php";
var xml:XML;
var loader:URLLoader = new URLLoader();
var request:URLRequest = new URLRequest(phpLoc+"?location="+escape(xmlLoc) );
loader.addEventListener(Event.COMPLETE, onXMLLoaded);
loader.addEventListener(IOErrorEvent.IO_ERROR, onIOErrorHandler);
loader.load(request);
function onIOErrorHandler(e:IOErrorEvent):void {
    trace("There was an error with the xml file "+e);
function onXMLLoaded(e:Event):void {
    trace("the rss feed has been loaded");
    xml = new XML(loader.data);
    // set to string, since it is passed back from php as an object
    xml = XML(xml.toString());
    xml_txt.text = xml;
PHP (loadXML.php in www.domain1.com):
<?php
header("Content-type: text/xml");
$location = "";
if(isset($_GET["location"])) {
    $location = $_GET["location"];
    $location = urldecode($location);
$xml_string = getData($location);
// pass the url encoded vars back to Flash
echo $xml_string;
//cURLs a URL and returns it
function getData($query) {
    // create curl resource
    $ch = curl_init();
    // cURL url
    curl_setopt($ch, CURLOPT_URL, $query);
    //Set some necessary params for using CURL
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
   //Execute the curl function, and decode the returned JSON data
    $result = curl_exec($ch);
    return $result;
    // close curl resource to free up system resources
    curl_close($ch);
?>

I think you might be right about permissions/settings on the server for php. Unfortunately I'm not allowed to adjust them.
So I wrote my own script - this time I used file path instead of http address of the XML file. It works fine in my case.
Here it is:
XML file on domain2.com:
<?xml version="1.0" encoding="UTF-8"?>
<gallery>
    <image imagePath="galleries/gallery_1/images/1.jpg" thumbPath="galleries/gallery_1/thumbs/1.jpg" file_name= "1"> </image>
    <image imagePath="galleries/gallery_1/images/2.jpg" thumbPath="galleries/gallery_1/thumbs/2.jpg" file_name= "2"> </image>
    <image imagePath="galleries/gallery_1/images/3.jpg" thumbPath="galleries/gallery_1/thumbs/3.jpg" file_name= "3"> </image>
</gallery>
swf on domain1.com:
var imagesXML:XML;
var variables:URLVariables = new URLVariables();
var varURL:URLRequest = new URLRequest("MyPHPfile.php");
varURL.method = URLRequestMethod.POST;
varURL.data = variables;
var MyLoader:URLLoader = new URLLoader;
MyLoader.dataFormat =URLLoaderDataFormat.VARIABLES;
MyLoader.addEventListener(Event.COMPLETE, XMLDone);
MyLoader.load(varURL);
function XMLDone(event:Event):void {
    var imported_XML:Object = event.target.data.imported_XML;
    imagesXML = new XML(imported_XML);
   MyTextfield_1.text = imagesXML;
   MyTextfield_2.text = imagesXML.image[0].attribute("thumbPath"); // sample reference to attribute "thumbPath" of the first element
php file on domain1.com:
<?php
$xml_file = simplexml_load_file('../../domain2.com/galleries/gallery_1/MyXMLfile.xml'); // directory to XML file on the same server
$imported_XML = $xml_file->asXML();
print "imported_XML=" . $imported_XML;
?>
Regards
PS: for those who read the above discussion: the first and the second script work but you must test which one is better in your situation. The first script will also work between two domains on different servers. No cross domain policy file needed.

How to install unlimited strength policy files with 2003 windows server

Hi all,
I am working on encryption AES 256 bit key encryption.
128 is default encryption key.But for use 256 bit encryption key need to add unlimited strength policy file with jdk.
That is working fine on windows xp.
Now problem
But when i run on client machine with operating system windows 2003 server standard.
I replaced all files under folder Java\jdk1.6.0_10\jre\lib\security with files which i am using on windows XP.
Restarted the computer after update files but on windows server 2003 256 bit key encryption not working.
Giving following exception
java.security.InvalidKeyException: Illegal key size or default parameters
     javax.crypto.Cipher.a(DashoA13*..)
     javax.crypto.Cipher.a(DashoA13*..)
     javax.crypto.Cipher.a(DashoA13*..)
     javax.crypto.Cipher.init(DashoA13*..)
     javax.crypto.Cipher.init(DashoA13*..)
Please suggest me how to run encryption on windows server 2003..
Thanks
Anu

anu1106 wrote:
I replaced all files under folder Java\jdk1.6.0_10\jre\lib\security with files which i am using on windows XP.Why? Why not just install the unlimited strength files in the normal way according to the installation instructions given in the distribution file?

How do I apply JCE Jurisdiction Policy Files in oracle jvm

I have some java procedure using AES, while the default key size limit is 128.
For local java, I can easily replace Jurisdiction Policy Files in JDK OR JRE, But I do not know how to do such thing in oracle database(11g2) jvm

$ORACLE_HOME/jdk/jre/lib/security

How to assign special FilePermission in a policy file

Hi,
I'm using jaas 1.0 with JDK1.3.
I want a user to be able to specify a file (a password file : login-password) and to be able to access it before being authenticated. (and so without any permissions to access it)
I'd like to assign FilePermission not for a file in particulary but for files with an extension in particular (*.pwd in my example). How can I do it in a policy file ?
Check my code :
I am in the e:/dvpl directory.
if I specify that the file must be passwd2.pwd, that's ok, that works, but
if I want to give read permissions for all the files in conf/ or just for *.pwd, that doesn't work.
How can I do ?
//permission java.io.FilePermission "e:/dvpl/conf/passwd2.pwd", "read";
permission java.io.FilePermission "./conf/-", "read";
permission java.io.FilePermission "e:/dvpl/conf/-", "read";
permission java.io.FilePermission "e:/dvpl/conf/*.pwd", "read";Thanks for any help.
Yann P.
JOnAS The EJB Server
http://www.objectweb.org/jonas/index.html

if you want to give read permissions for all the files in conf:
permission java.io.FilePermission "\\dvp\\conf\\-","read";
Hope this help!

XMLSocket "Failed to load policy file" error

I am trying to use an XMLSocket.swf file, and it is not connecting. Do I need to open up a port on my server? I am trying to run this on a dedicated remote Windows 2008 server.
Here is the error from FlashFirebug:
     OK: Root-level SWF loaded: file:///C|/Users/vcaadmin/AppData/Roaming/Mozilla/Firefox/Profiles/70vbx4ys.default/exten sions/flashfirebug%40o%2Dminds.com/chrome/content/flashfirebug.swf
    OK: Root-level SWF loaded: http://speak-tome.com/flash/XMLSocket.swf
    OK: Searching for <allow-access-from> in policy files to authorize data loading from resource at xmlsocket://speak-tome.com:9997 by requestor from http://speak-tome.com/flash/XMLSocket.swf
    Error: Failed to load policy file from xmlsocket://speak-tome.com:9997
    Error: Request for resource at xmlsocket://speak-tome.com:9997 by requestor from http://speak-tome.com/flash/XMLSocket.swf has failed because the server cannot be reached.
My crossdomain.xml is saved to the root of the web directory and looks like:
    <?xml version="1.0"?>
    <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
    <cross-domain-policy>
    <site-control permitted-cross-domain-policies="master-only"/>
    <allow-access-from domain="*"/>
    <allow-http-request-headers-from domain="*" headers="SOAPAction"/>
    </cross-domain-policy>
I notice that both ports 843 and 9997 are closed for my domain (speak-tome.com - 72.167.253.16) when I check using a service such as yougetsignal.com/tools/open-ports. Do I need to get these ports open to get the policy file to work?

As a test, I uploaded my Flash/Gaia site into an existing site on my old host. And although the site actually works in this setting, when I run things in the FlashPlayerDebugger, I'm still getting Security Sandbox Violations - so (as adninjastrator suggested in earlier post), this may have nothing to do with the DNS changes - but perhaps with my setting things up wrong somewhere so that the Flashplayer is trying to access my local computer - maybe??
Debugger logs gives me this:
Error: Failed to load policy file from xmlsocket://127.0.0.1:5800
Error: Request for resource at xmlsocket://127.0.0.1:5800 by requestor from http://recreationofthegods.com/bin/main.swf has failed because the server cannot be reached.
*** Security Sandbox Violation ***
So, I've now uploaded the identical bin (which contains all the files for my site) - but I'm getting different behaviors on the two hosts.
On the new holistic servers, the site won't go past the first page: www.yourgods.com
On the 1&1 servers, I still get runtime errors in FlashPlayerDebugger - but the site runs ok - http://www.RecreationOfTheGods.com/bin/index.html
Posting those links in hopes someone with more experience in these sandbox issues can help steer me in the right direction.

Policy files URGENT

Similar Messages

Maybe you are looking for