Problem with security realms
Hi everyone! I have a problem that got the better of me yesterday, and I hope that I can get some hints here.
I'm trying to deploy an application as a *.war file on WebLogic (10.3.2.0), and in the web.xml file I have defined a security realm, but when it is deployed the default myrealm seems to be used insteadand logging in doesn't work.
In the web.xml file it looks like this:
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>mysystem-rest</realm-name>
</login-config>
In jaas.config:
mysystem-rest
xx.xxxxx.xxxxxxxxxxxxx.xxxxxxxxxxxxx.xxxxx.loginmodule required dataSourceName="java:comp/env/jdbc/MYSYSTEMDS";
Any ideas? Should I have a weblogic.xml file in the deployment?
Hi,
web.xml file must exist under the root element <web-app>.
Please refer the following to configure your web application. Let me know if it is useful:
http://docs.oracle.com/cd/E13222_01/wls/docs81/webapp/web_xml.html
http://docs.oracle.com/cd/E13222_01/wls/docs92/secwlres/secejbwar.html
http://docs.oracle.com/cd/E12840_01/wls/docs103/security/thin_client.html
Edited by: 901081 on May 31, 2012 1:56 PM
Similar Messages
-
I have a problem with JDBC Realm in Tomcat/Oracle/Win XP
I have a problem with JDBC Realm in Tomcat.
I have attached my server.xml file located in the
C:\Program Files\Apache Software Foundation\Tomcat 5.5\conf\server.xml
The Problem is that when I login I get the user name and password prompt but it does not resolve.
When I enter in the tomcat-users.xml password with memory realm uncommented it works fine.
C:\Program Files\Apache Software Foundation\Tomcat 5.5\conf\tomcat-users.xml
Is there a cache or something I need to reset for the JDBC Realm to work?
I have attached my tables and contents as well...
Did I miss something????
Thanks
Phil
server.xml
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
<!-- Global JNDI resources -->
<GlobalNamingResources>
<!-- Test entry for demonstration purposes -->
<Environment name="simpleValue" type="java.lang.Integer" value="30"/>
</GlobalNamingResources>
<!-- Define the Tomcat Stand-Alone Service -->
<Service name="Catalina">
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector
port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
<!-- Define the top level container in our container hierarchy -->
<Engine name="Catalina" defaultHost="localhost">
<!--
<Realm className="org.apache.catalina.realm.MemoryRealm" />
-->
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="oracle.jdbc.driver.OracleDriver"
connectionURL="jdbc:oracle:thin:@localhost:1521:orcl"
connectionName="testName" connectionPassword="testPass"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name" />
<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
-->
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
</Server>
Tables
create table users
user_name varchar(15) not null primary key,
user_pass varchar(15) not null
create table roles
role_name varchar(15) not null primary key
create table user_roles
user_name varchar(15) not null,
role_name varchar(15) not null,
primary key( user_name, role_name )
select * from users;
----------------------+
| user_name | user_pass |
----------------------+
| tomcat | tomcat |
| user1 | tomcat |
| user2 | tomcat |
| user3 | tomcat |
----------------------+
select * from roles;
| role_name |
| tomcat |
| role1 |
select * from user_roles;
-----------------------+
| role_name | user_name |
-----------------------+
| tomcat | user1 |
| role1 | user2 |
| tomcat | tomcat |
| role1 | tomcat |
-----------------------+Jan 2, 2008 11:49:35 AM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Jan 2, 2008 11:49:35 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 734 ms
Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.9
Jan 2, 2008 11:49:35 AM org.apache.catalina.realm.JDBCRealm start
SEVERE: Exception opening database connection
java.sql.SQLException: oracle.jdbc.driver.OracleDriver
at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:684)
at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:758)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1004)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
at org.apache.catalina.core.StandardService.start(StandardService.java:450)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:683)
at org.apache.catalina.startup.Catalina.start(Catalina.java:537)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:271)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:409)
Jan 2, 2008 11:49:35 AM org.apache.catalina.core.StandardHost start
INFO: XML validation disabled
Jan 2, 2008 11:49:36 AM org.apache.catalina.core.StandardContext resourcesStart -
I gotta problem with security question recovery email I'd, mistakenly I entered wrong email I'd so now I want to edit that I'd plz help me
expresslane.apple.com to get a hold of itunes to reset them by email the only way
-
HT5312 Problem with security question
I have Problem with security question
The Best Alternatives for Security Questions and Rescue Mail
1. Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
2. Call Apple Support in your country: Customer Service: Contact Apple support.
3. Rescue email address and how to reset Apple ID security questions.
An alternative to using the security questions is to use 2-step verification:
Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID. -
HT5699 Having problem with security question
Cannot get iTunes card to work having problem with security question
Alternatives for Help Resetting Security Questions and Rescue Mail
1. Apple ID- All about Apple ID security questions.
2. Rescue email address and how to reset Apple ID security questions
3. Apple ID- Contacting Apple for help with Apple ID account security.
4. Fill out and submit this form. Select the topic, Account Security.
5. Call Apple Customer Service: Contacting Apple for support in your
country and ask to speak to Account Security.
How to Manage your Apple ID: Manage My Apple ID -
Hello
I have a problem with security questions and i cant reset to my email
The error was
Exceeded Maximum Attempts
We apologize, but we were unable to verify your account information with the answers you provided to our security questions.
You have made too many attempts to answer these questions. So, for security reasons, you will not be able to reset password for the next eight hours.
Click here for assistance.
i waited more than eight hours. and back to my account but it is the same ( no change ) i cant find forgot your answers
http://www.traidnt.net/vb/attachment...134863-333.jpg
can you help me pleaseAlternatives for Help Resetting Security Questions and Rescue Mail
1. Apple ID- All about Apple ID security questions.
2. Rescue email address and how to reset Apple ID security questions
3. Apple ID- Contacting Apple for help with Apple ID account security.
4. Fill out and submit this form. Select the topic, Account Security.
5. Call Apple Customer Service: Contacting Apple for support in your
country and ask to speak to Account Security.
How to Manage your Apple ID: Manage My Apple ID -
TS1702 Having problems with Security questions to be able to download from the iTunes store
Having problems with Security questions to be able to download from the iTunes store
Security questions
Read this note for information on how to reset the security questions http://support.apple.com/kb/HT5312
This user tip may also help you Security Questions -
hello,I have a problem with security questions.i don't remember the answer,please help me. i don't know how to manage this
You need to ask Apple to reset your security questions; ways of contacting them include phoning AppleCare and asking for the Account Security team, clicking here and picking a method for your country, and filling out and submitting this form.
They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
(104775) -
I'm facing problem with security questions,
I'm facing problem with security questions,
please hlep me to solve it.http://support.apple.com/kb/HT5665
-
Problem with security in Weblogic 8.1
Hi, my name is Jesús Chávez Reyes and it is my first time in this forum.
My problem is related with security in WL 8.1 because I am new in this matter. My problem is :
I work in change completely the security of an enterprise application that is deployed in WebLogic 8.1 and your security is a based in a RDBMS Custom Realm in Compatibility Security.
This application is composed by 18 EJB and 4 web applications.
The objective of this change is:
1.- Use a external system for authentication (though a web service).
2.- If is possible: unbind security of WL for in a future deploy the application in other Server(Jboss for example).
I'm trying to implement security with Acegi and Spring in a one of the four web applications. I deleted all it has to do with security in deploy descriptors and deleted the realm.
At this point I can login in , using the Web Service of the external application, without difficulty.
The problem arises when the application makes an instance of the EJB's. This is the way how the application makes the instances of the EJB:
InitialContext context = new InitialContext( null );
Object = context.lookup(name); // name=GroupSessionFacade (JNDI Name of EJB)
EJBHome home = (EJBHome) objref;
+...+
GroupSessionFacadeHome home = (GroupSessionFacadeHome) objref;
groupFacade = home.create();
In this point GroupSessionFacadeHome home = (GroupSessionFacadeHome) objref the application throws ClassCastException. This happens with all EJB.
The application work fine before of to use Acegi and remove all it has to do with security. I inspect the Object " objref " before and after and this happen:
BEFORE
Class Name: control.ejb.GroupSessionFacadek1696tHomeImpl
SuperClass : weblogic.ejb20.internal.StatelessEJBHome
Implement : weblogic.ejb20.internal.StatelessEJBHome , control.ejb.GroupSessionFacadeHome
AFTER
Class Name: control.ejb.GroupSessionFacadek1696tHomeImpl
SuperClass : weblogic.ejb20.internal.StatelessEJBHome
Implement : weblogic.ejb20.internal.StatelessEJBHome
Here The object no implements the InterfaceHome "control.ejb.GroupSessionFacadeHome" !!!!!!!!!, this is the cause of ClassCastException.
What is the problem? Is it a security problem? and if so what do I need to remove or add in the application and has no dependence on anything for the security of Web Logic?
The deploy descriptors are:
IN THE WEB APPLICATION
web.xml
+<ejb-ref>+
+<description>Reference to the GroupSessionFacade</description>+
+<ejb-ref-name>ejb/GroupSessionFacade</ejb-ref-name>+
+<ejb-ref-type>Session</ejb-ref-type>+
+<home>control.ejb.GroupSessionFacadeHome</home>+
+<remote>control.ejb.GroupSessionFacade</remote>+
+</ejb-ref>+
IN THE EJB
ejb-jar.xml
+<?xml version="1.0"?>+
+<!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar20.dtd'>+
+<ejb-jar>+
+<enterprise-beans>+
+<session>+
+<description>GroupSessionFacade</description>+
+<ejb-name>GroupSessionFacade</ejb-name>+
+<home>control.ejb.GroupSessionFacadeHome</home>+
+<remote>control.ejb.GroupSessionFacade</remote>+
+<ejb-class>control.ejb.GroupSessionFacadeEJB</ejb-class>+
+<session-type>Stateless</session-type>+
+<transaction-type>Container</transaction-type>+
+<ejb-ref>+
+<ejb-ref-name>ejb/UserManager</ejb-ref-name>+
+<ejb-ref-type>Session</ejb-ref-type>+
+<home>control.ejb.UserManagerHome</home>+
+<remote>control.ejb.UserManager</remote>+
+</ejb-ref>+
+<resource-ref>+
+....+
+ </enterprise-beans>+
+<assembly-descriptor>+
+<container-transaction>+
+<method>+
+<ejb-name>GroupSessionFacade</ejb-name>+
+<method-name>*</method-name>+
+</method>+
+<trans-attribute>NotSupported</trans-attribute>+
+</container-transaction>+
+</assembly-descriptor>+
+</ejb-jar>+
weblogic-ejb-jar.xml
+<?xml version="1.0"?>+
+<!DOCTYPE weblogic-ejb-jar PUBLIC+
+"-//BEA Systems, Inc.//DTD WebLogic 8.1.0 EJB//EN"+
+"http://www.bea.com/servers/wls810/dtd/weblogic-ejb-jar.dtd">+
+<weblogic-ejb-jar>+
+<weblogic-enterprise-bean>+
+<ejb-name>GroupSessionFacade</ejb-name>+
+<transaction-descriptor>+
+<trans-timeout-seconds>600</trans-timeout-seconds>+
+</transaction-descriptor>+
+...+
+<enable-call-by-reference>True</enable-call-by-reference>+
+<jndi-name>GroupSessionFacade</jndi-name>+
+</weblogic-enterprise-bean>+
+</weblogic-ejb-jar>+Hi,
This is the forum to discuss questions and feedback for Microsoft Visio, I'll move your question to the SSIS forum
http://social.technet.microsoft.com/Forums/sqlserver/en-US/home?forum=sqlintegrationservices
The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
George Zhao
TechNet Community Support -
On my desktop, I have been using Firefox V27 on Ubuntu 12.04 for some time. It uses secure sites - such as https://mozilla.org - and accepts the Security Certificates quite happily, so I am not even aware there is any issue.
My new laptop is Windows 8,1, and I have installed Firefox- the latest version.
Whenever Firefox visits a secure site, it ALWAYS says that there is a problem with the security certificate - even at mozilla.org - and warns me away. I have to complete a security exemption.
Why is this, and how can I fix it?
Thanks in anticipation.unfortunately the fiddler2 issuer in certificates might be a sign of unwanted software present on your pc that is intercepting secure network traffic. please go into the system control panel and uninstall programs like BrowserSafeguard, BrowserSafe, SafeGuard or other software that sounds suspicious and didn't get installed by you intentionally.
<br><sub>reference: https://support.mozilla.org/en-US/questions/982532#answer-520145</sub>
afterwards, run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] & [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner].
[[Troubleshoot Firefox issues caused by malware]] -
I am getting redirected to unknown sites whenever I open any site while using mozilla. Initially I thought that there is a problem with my device, but then I realized that this happens only when using mozilla, not with other browsers like chrome, IE, or opera.
These sites are mainly having the message 'Ad by ShopDrop'..
I am pasting below links to few sites to which I get redirected to
http://offers.bycontext<i></i>.com/scjs/tb/ctxjs/index<i></i>.php?kw2=www.espncricinfo<i></i>.com&affid=1151&subaff_id=725_724&intformat=roll&nextpage=http%3A%2F%2Fwww.espncricinfo<i></i>.com%2F&ch=421&sbrand=ShopDrop&folder=v4.19&typrd=ctx&cu=32929&country=IN&original_country=IN
http://add0n<i></i>.com/fastest-gmail.html?v=0.1.6&p=0.1.5&type=upgradehello, you have various malicious addons present. please perform all these steps:
# [[Reset Firefox – easily fix most problems|reset firefox]] (this will keep your bookmarks and passwords)
# afterwards go to the firefox menu ≡ > addons > extensions and in case there are still extensions listed there, disable them.
# finally run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] and [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner] to make sure that adware isn't present in other places of your system as well.
[[Troubleshoot Firefox issues caused by malware]] -
Any Problems With Security Update 2006-002
Hi a few weeks ago I updated my PowerBook G4 running Mac OS 10.3.9 to Apple Security Update 2006-001 and instantly my Dock Meny dissappeared after installation and Safari broke. My Dock Menu returned after installation but Safari remained broken.
In the end I simply reinstalled Mac OS X Panther from scratch, recreated my user account and copied my data (I had it saved) back to my Mac.
I don't want to run the risk of something like this happening again. I do not have Apple Security Update 2006-001 installed at this time but I do have Apple Security Updates from 2005 installed and 10.3.9 on my system.
If I install Apple Security Update 2006-002 on my Mac (will be updating from 2005 security updates) - not updating 2006-001 to 2006-002 but installing first 2006 Security Update for the first time could I run into any problems?
Want to hear from other users who have installed this update - have updated from 2006-001 and preferrably anyone who is installing this update directly (not over 2006-001) before updating myself.Ive got some serious problems with 2006-001 (and they wernt cured by installing 2006-002).
Photoshop and flash mx stopped working and I am unable to reinstall either!
Ive deleted all prefs, caches, everything associated with these apps.
Ive tried installing different versions of both apps - but to no avail.
Ive repaired disk permissions (even in single user mode) - and while that did straighten out a few incorrect permissions and uid's it did'nt fix my problems.
Totally at the end of my tether now, and getting impatient with Apple - this is my livelyhood and I cant afford to have downtime!
The "broken webkit" fiasco at the back end of last year was bad enough, but this just takes the p*!
Not happy - but hopeful that someone has a fix (preferably one that doesn't involve archive and restore).... -
Problems with Security Update 2006-002
Hi there,
I have problems with latest security update. I do not know what went wrong, but after installing "Security Update 2006-002 (PowerPC)" (1.0) on 2006-03-14 15:52:40 +0100: with Software Update from Tiger, my desktop (and probably not only desktop) is damaged.
The most visible thing is that all .html and .htm documents on my desktop does not have Safari icon anymore, they have some 'blank' icon and doubleclick on them DOES NOT start-up Safari, why?
See here on the screenshot: http://www.jirkacech.com/files/Tiger-problemy-screeshot.png
note blank "apple - start.webarchive" also the Safari itself have somehow damaged icon, to same blank thing with triangle, possibly some 'generic app' or 'default.app' icon. It sits in the dock on 5th from left...(dont worry about real safari icon, that's newly added by me)
Also, on, second screenshot, http://www.jirkacech.com/files/Tiger-problemy-2.png you see that safari itself have some strange icon.
I am getting crazy, since I do not know what else is broken by last update.
I have tryed to repair permissions at least 3x, and also run update_prebindings and reboot, delete all system and user caches, and reboot.
Whole issue is system-wide, not only for one user.
iBook G4 Mac OS X (10.4.5) 1.33 GHz, 512 MB, 12-inchThe first thing you can try, if this is limited only to Safari icons, is to select on such icon, then press COMMAND-I to open the Get Info window. In the Open With section select Safari from the dropdown menu as the default app. Then click on the Change All button.
If this doesn't resolve the problem or if the problem extends to other appicons as well, then you may have some disk corruption resulting from not repairing the hard drive and permissions before doing the update. I suggest you do that:
Boot from your Tiger DVD. After the installer loads select Disk Utility from the Utilities menu. After DU loads select your OS X volume from the list on the left, click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported click on the Repair Permissions button. Wait until the operation completes, then quit DU and return to the installer. Now shutdown the computer for a couple of minutes and then restart normally.
If DU reports errors it cannot fix, then you will need Disk Warrior (3.0.3 for Tiger) and/or TechTool Pro (4.1.1 for Tiger) to repair the drive. If you don't have either of them or if neither of them can fix the drive, then you will need to reformat the drive and reinstall OS X. -
Having some problems with security certificates
Hello,
In some pages, e.g. Twitter, and pages that load FB comments sections, I'm having problems with the certificates and the pages won't load. I don't get an option to add an exception either, therefore I cannot access pages.
I have pasted the error details below. Here is some important info for you:
Version: 9.0.1 <-- Upgrading is NOT an option, this is a corporate machine
Connect via proxy: yes
I doubt very much that this is an issue with the connection, as IE and Chrome are NOT having this issue on the same connection.
Error I get:
This Connection is Untrusted
You have asked Firefox to connect securely to twitter.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.
Technical Details
twitter.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer)
Can anyone shed some light? The usual troubleshooting I've come across hasn't helped me much.Off the cuff it smells of a man-in-the-middle situation to me. As far as I know, Twitter does have a valid certificate, signed by Verisign. That IE and Chrome have no problem with it, could just mean they do not check resp. do let you know.
I'll have to pass here, because I would not know, how to turn this checking off in FX 9.0 - in any case I would think twice before doing it. The place to look would be Options > advanced > Encryption.
Hope somebody else joins us:)
PS: keeping you nailed down to Fx 9.0 version is unsafe - not just for you, but for your company as well.
Maybe you are looking for
-
hi to all i created a java program for validateing two date start date should be less than end date end date should be greater than start date and here is my code <code> package src; import java.io.BufferedReader; import java.io.InputStreamReader; im
-
Background Rendering in FCP 10.2 is not working
Is anyone else having an issue with background rendering not working in the new FCP 10.2 version? In fact even the render all function doesn't seem to be working properly since I upgraded. It only appears to be rendering small pieces at a time. It wo
-
Apps still in trial with cc photpgrapher plan subscribed, any help?
Hi all, I bought a photographer plan (PS and LR), after installing my apps are still in trial and asking for a licence code. I deletede all previous installations and prefs, tried the workaround suggested by Adobe (disconnect & reconnct my ID), but d
-
My macbook came with snow leopard, if I upgrade to Lion will I be able to use my restore disks in the future and if I do use my disks that brings me back to snow leopard, Will itunes remember I purchased Lion or will I have to purchase a second time
-
TAR archive ignored in package repository
hello, according to developer guide (2.6) TAR archives could be used as input format in application package repository. i copied one TAR archive to /opt/vmware/www/ISV/appliancePackages which is used as app repository in my profile. all RPM packages