Problem with security role

Similar Messages

• Problem with Security Role mapping and LDAP

  Hi,
  In Oracle Internet Directory I've created a group called OIDGroup1.OIdGroup1 has 2 users : OIDuser1 and OIDuser2.
  OIDGroup1 is mapped to EjbRole1 (is a security role defined in ejb-jar.xml, EjbRole1 can do everything in the application).Now if I login as OIDuser1 or OIDuser2, application said that the user does not
  have authorization to execute some method. The mapping in my orion-application.xml is :
  <security-role-mapping name="EjbRole1">
  <group name="admin/OIDGroup1"/>
  </security-role-mapping>
  <jazn provider="LDAP" location="ldap://myhost:4032"><jazn-web-app auth-method="SSO"/></jazn>
  if I modified orion-application.xml like this :
  <security-role-mapping name="EjbRole1">
  <group name="admin/OIDGroup1"/>
  <user name="admin/OIDuser1"/>
  </security-role-mapping>
  then login as OIDuser1, it works. But it does not work with OIDuser2.
  That's is a problem for me because our customer can not manage the user/group
  easily : each time they have a a new user, instead of simply adding this user
  in the OIDGroup1 (with graphic interface of OIDAS), they have to modify
  orion-application.xml.
  Do you have any idea ?
  Thanks in advance
  regards

  I found the bug : in LDAP I've got a user also called OIDGroup1 (the same as group's name).

• I gotta problem with security question recovery email I'd, mistakenly I entered wrong email I'd so now I want to edit that I'd plz help me

  I gotta problem with security question recovery email I'd, mistakenly I entered wrong email I'd so now I want to edit that I'd plz help me

  expresslane.apple.com to get a hold of itunes to reset them by email the only way

• HT5312 Problem with security question

  I have Problem with security question

  The Best Alternatives for Security Questions and Rescue Mail
       1.  Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  An alternative to using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• HT5699 Having problem with security question

  Cannot get iTunes card to work having problem with security question

  Alternatives for Help Resetting Security Questions and Rescue Mail
       1. Apple ID- All about Apple ID security questions.
       2. Rescue email address and how to reset Apple ID security questions
       3. Apple ID- Contacting Apple for help with Apple ID account security.
       4. Fill out and submit this form. Select the topic, Account Security.
       5.  Call Apple Customer Service: Contacting Apple for support in your
            country and ask to speak to Account Security.
  How to Manage your Apple ID: Manage My Apple ID

• Hello I have a problem with security questions and i cant reset to my email  The error was   Exceeded Maximum Attempts  We apologize, but we were unable to verify your account information with the answers you provided to our security questions. You have

  Hello
  I have a problem with security questions and i cant reset to my email
  The error was
  Exceeded Maximum Attempts
  We apologize, but we were unable to verify your account information with the answers you provided to our security questions.
  You have made too many attempts to answer these questions. So, for security reasons, you will not be able to reset password for the next eight hours.
  Click here      for assistance.
  i waited more than eight hours. and back to my account but it is the same ( no change ) i cant find forgot your answers
  http://www.traidnt.net/vb/attachment...134863-333.jpg
  can you help me please

  Alternatives for Help Resetting Security Questions and Rescue Mail
       1. Apple ID- All about Apple ID security questions.
       2. Rescue email address and how to reset Apple ID security questions
       3. Apple ID- Contacting Apple for help with Apple ID account security.
       4. Fill out and submit this form. Select the topic, Account Security.
       5.  Call Apple Customer Service: Contacting Apple for support in your
            country and ask to speak to Account Security.
  How to Manage your Apple ID: Manage My Apple ID

• TS1702 Having problems with Security questions to be able to download from the iTunes store

  Having problems with Security questions to be able to download from the iTunes store

  Security questions
  Read this note for information on how to reset the security questions http://support.apple.com/kb/HT5312
  This user tip may also help you Security Questions

• HT201363 hello,I have a problem with security questions.i don't remember the answer. can you help me please

  hello,I have a problem with security questions.i don't remember the answer,please help me. i don't know how to manage this

  You need to ask Apple to reset your security questions; ways of contacting them include phoning AppleCare and asking for the Account Security team, clicking here and picking a method for your country, and filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (104775)

• I'm facing problem with security questions,

  I'm facing problem with security questions,
  please hlep me to solve it.

  http://support.apple.com/kb/HT5665

• Problem with security with action commands to Servlet...

  Hi.
  I have a webapplication that under its context has two diffenent
  maps, one is admin and the other one is user.
  I use an ActionRouter and has actions like list-clients.do.
  The admin map is restricted area described in web.xml.
  You have to be in AdminRole to get access.
  My problem is that if I log in as user, I can "shoot" actions commands
  like list-clients.do from the user area and Servlet maps to the proper
  jsp that is in the admin map. When I then try isUserInRole and so on
  there is only a quetstionmark. If I run from admin area the isUserInRole
  knows who is logged in.
  I put in the list-clients.do in the url like: http://myplace.com/users/list-clients.do and servlet reply with jsp from
  admin area.
  Anybody know why not the restricted area declared in the web.xml file
  works during that condition, and how to solve this?
  Heres my web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
  <web-app>
  <filter>
  <filter-name>loginfilter</filter-name>
  <filter-class>argus.web.util.LoginFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>loginfilter</filter-name>
  <url-pattern>/admin/*</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>loginfilter</filter-name>
  <url-pattern>/user/*</url-pattern>
  </filter-mapping>
  <servlet>
  <servlet-name>action</servlet-name>
  <servlet-class>argus.web.servlet.ActionServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>setup</servlet-name>
  <servlet-class>argus.web.servlet.SetupServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>action</servlet-name>
  <url-pattern>*.do</url-pattern>
  </servlet-mapping>
  <session-config>
  <session-timeout>0</session-timeout>
  </session-config>
  <security-constraint>
  <display-name>ArgusAdmin</display-name>
  <web-resource-collection>
  <web-resource-name>AdminAdaptor</web-resource-name>
  <url-pattern>/admin/*</url-pattern>
  <http-method>GET</http-method>
  <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>ArgusAdmin</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <display-name>ArgusUser</display-name>
  <web-resource-collection>
  <web-resource-name>UserAdaptor</web-resource-name>
  <url-pattern>/user/*</url-pattern>
  <url-pattern>/index.htm</url-pattern>
  <http-method>GET</http-method>
  <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>ArgusAdmin</role-name>
  <role-name>ArgusUser</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/login.htm</form-login-page>
  <form-error-page>/loginError.htm</form-error-page>
  </form-login-config>
  </login-config>
  <security-role>
  <role-name>ArgusAdmin</role-name>
  </security-role>
  <security-role>
  <role-name>ArgusUser</role-name>
  </security-role>
  </web-app>
  Many Thanks
  Ben

  The code you've shown us looks fine. The problem isn't in the form code you've listed. Is the form being included inside another form on index.jsp? Does index.jsp have any forms of it's own? Perhaps you aren't submitting the form you think you are submitting. Or, are you redirecting in your serlvet somewhere? Or are you forwarding the request somehow?
  I agree with the previous post - we need to see the HTML output that index.jsp results in.
  Michael

• Problem in security roles

  hi all
  i have a problem in my security roles .. two user that have same security role one of them have permission in account
  but another user does not have permission..

  Hi,
       Please check the team membership. Users could get additional rights due to following reasons:
  1) Team membership. Team could have the role assigned which gives you additional access.
  2) Specific record is shared with the user. In that case user will be able to see this record.
  3) Specific record is assigned to you. In that case user will be able to see this records.
  Hope this helps.
   Minal Dahiya
   blog : http://minaldahiya.blogspot.com.au/
   If this post answers your question, please click "Mark As Answer" on the post and "Vote as Helpful"

• Problem with security in Weblogic 8.1

  Hi, my name is Jesús Chávez Reyes and it is my first time in this forum.
  My problem is related with security in WL 8.1 because I am new in this matter. My problem is :
  I work in change completely the security of an enterprise application that is deployed in WebLogic 8.1 and your security is a based in a RDBMS Custom Realm in Compatibility Security.
  This application is composed by 18 EJB and 4 web applications.
  The objective of this change is:
  1.- Use a external system for authentication (though a web service).
  2.- If is possible: unbind security of WL for in a future deploy the application in other Server(Jboss for example).
  I'm trying to implement security with Acegi and Spring in a one of the four web applications. I deleted all it has to do with security in deploy descriptors and deleted the realm.
  At this point I can login in , using the Web Service of the external application, without difficulty.
  The problem arises when the application makes an instance of the EJB's. This is the way how the application makes the instances of the EJB:
  InitialContext context = new InitialContext( null );
  Object   = context.lookup(name); // name=GroupSessionFacade   (JNDI Name of EJB)
  EJBHome home = (EJBHome) objref;
  +...+
  GroupSessionFacadeHome home = (GroupSessionFacadeHome) objref;
  groupFacade = home.create();
  In this point GroupSessionFacadeHome home = (GroupSessionFacadeHome) objref the application throws ClassCastException. This happens with all EJB.
  The application work fine before of to use Acegi and remove all it has to do with security. I inspect the Object " objref " before and after and this happen:
  BEFORE
  Class Name: control.ejb.GroupSessionFacadek1696tHomeImpl
  SuperClass : weblogic.ejb20.internal.StatelessEJBHome
  Implement : weblogic.ejb20.internal.StatelessEJBHome , control.ejb.GroupSessionFacadeHome
  AFTER
  Class Name: control.ejb.GroupSessionFacadek1696tHomeImpl
  SuperClass : weblogic.ejb20.internal.StatelessEJBHome
  Implement : weblogic.ejb20.internal.StatelessEJBHome
  Here The object no implements the InterfaceHome "control.ejb.GroupSessionFacadeHome" !!!!!!!!!, this is the cause of ClassCastException.
  What is the problem? Is it a security problem? and if so what do I need to remove or add in the application and has no dependence on anything for the security of Web Logic?
  The deploy descriptors are:
  IN THE WEB APPLICATION
  web.xml
  +<ejb-ref>+
  +<description>Reference to the GroupSessionFacade</description>+
  +<ejb-ref-name>ejb/GroupSessionFacade</ejb-ref-name>+
  +<ejb-ref-type>Session</ejb-ref-type>+
  +<home>control.ejb.GroupSessionFacadeHome</home>+
  +<remote>control.ejb.GroupSessionFacade</remote>+
  +</ejb-ref>+
  IN THE EJB
  ejb-jar.xml
  +<?xml version="1.0"?>+
  +<!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar20.dtd'>+
  +<ejb-jar>+
  +<enterprise-beans>+
  +<session>+
  +<description>GroupSessionFacade</description>+
  +<ejb-name>GroupSessionFacade</ejb-name>+
  +<home>control.ejb.GroupSessionFacadeHome</home>+
  +<remote>control.ejb.GroupSessionFacade</remote>+
  +<ejb-class>control.ejb.GroupSessionFacadeEJB</ejb-class>+
  +<session-type>Stateless</session-type>+
  +<transaction-type>Container</transaction-type>+
  +<ejb-ref>+
  +<ejb-ref-name>ejb/UserManager</ejb-ref-name>+
  +<ejb-ref-type>Session</ejb-ref-type>+
  +<home>control.ejb.UserManagerHome</home>+
  +<remote>control.ejb.UserManager</remote>+
  +</ejb-ref>+
  +<resource-ref>+
  +....+
  +     </enterprise-beans>+
  +<assembly-descriptor>+
  +<container-transaction>+
  +<method>+
  +<ejb-name>GroupSessionFacade</ejb-name>+
  +<method-name>*</method-name>+
  +</method>+
  +<trans-attribute>NotSupported</trans-attribute>+
  +</container-transaction>+
  +</assembly-descriptor>+
  +</ejb-jar>+
  weblogic-ejb-jar.xml
  +<?xml version="1.0"?>+
  +<!DOCTYPE weblogic-ejb-jar PUBLIC+
  +"-//BEA Systems, Inc.//DTD WebLogic 8.1.0 EJB//EN"+
  +"http://www.bea.com/servers/wls810/dtd/weblogic-ejb-jar.dtd">+
  +<weblogic-ejb-jar>+
  +<weblogic-enterprise-bean>+
  +<ejb-name>GroupSessionFacade</ejb-name>+
  +<transaction-descriptor>+
  +<trans-timeout-seconds>600</trans-timeout-seconds>+
  +</transaction-descriptor>+
  +...+
  +<enable-call-by-reference>True</enable-call-by-reference>+
  +<jndi-name>GroupSessionFacade</jndi-name>+
  +</weblogic-enterprise-bean>+
  +</weblogic-ejb-jar>+

  Hi,
  This is the forum to discuss questions and feedback for Microsoft Visio, I'll move your question to the SSIS forum
  http://social.technet.microsoft.com/Forums/sqlserver/en-US/home?forum=sqlintegrationservices
  The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
  George Zhao
  TechNet Community Support

• Why does my latest version of Firefox under Windows 8.1 always report problems with security certifactes - even on mozilla,com - when my latets version on Ubunt

  On my desktop, I have been using Firefox V27 on Ubuntu 12.04 for some time. It uses secure sites - such as https://mozilla.org - and accepts the Security Certificates quite happily, so I am not even aware there is any issue.
  My new laptop is Windows 8,1, and I have installed Firefox- the latest version.
  Whenever Firefox visits a secure site, it ALWAYS says that there is a problem with the security certificate - even at mozilla.org - and warns me away. I have to complete a security exemption.
  Why is this, and how can I fix it?
  Thanks in anticipation.

  unfortunately the fiddler2 issuer in certificates might be a sign of unwanted software present on your pc that is intercepting secure network traffic. please go into the system control panel and uninstall programs like BrowserSafeguard, BrowserSafe, SafeGuard or other software that sounds suspicious and didn't get installed by you intentionally.
  <br>_{reference: https://support.mozilla.org/en-US/questions/982532#answer-520145}
  afterwards, run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] & [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner].
  [[Troubleshoot Firefox issues caused by malware]]

• I am facing lots of problems with security while using Mozilla. How can I send you a detailed report for this?

  I am getting redirected to unknown sites whenever I open any site while using mozilla. Initially I thought that there is a problem with my device, but then I realized that this happens only when using mozilla, not with other browsers like chrome, IE, or opera.
  These sites are mainly having the message 'Ad by ShopDrop'..
  I am pasting below links to few sites to which I get redirected to
  http://offers.bycontext<i></i>.com/scjs/tb/ctxjs/index<i></i>.php?kw2=www.espncricinfo<i></i>.com&affid=1151&subaff_id=725_724&intformat=roll&nextpage=http%3A%2F%2Fwww.espncricinfo<i></i>.com%2F&ch=421&sbrand=ShopDrop&folder=v4.19&typrd=ctx&cu=32929&country=IN&original_country=IN
  http://add0n<i></i>.com/fastest-gmail.html?v=0.1.6&p=0.1.5&type=upgrade

  hello, you have various malicious addons present. please perform all these steps:
  # [[Reset Firefox – easily fix most problems|reset firefox]] (this will keep your bookmarks and passwords)
  # afterwards go to the firefox menu ≡ > addons > extensions and in case there are still extensions listed there, disable them.
  # finally run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] and [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner] to make sure that adware isn't present in other places of your system as well.
  [[Troubleshoot Firefox issues caused by malware]]

• CUA problem with composite role

  Hello experts, I have a problem with a composite role in my CUA parent system. If you look at the roles tab you will see one of the child roles has a name of child CUA system in the 'target sys' column. the rest all have 'user system'. Can anyone explain how this 'target sys' column is defined?
  Thanks
  Dave Wood

  I do not know if you have solved this issue, but the target system is defined within your single role on you menu tab.
  No what happens is that in transaction SM30 table SSM_RFC you define system variable linked to your logical system.
  This variable determines that when you import roles from another system by means of transaction PFCG > Read from other system from RFC and you select your variable the system will automatically default in the target system field the system it is suppose to go back to.
  So this way when you distibute the roles it will only go back to that particular target system, and you do not need to specify and guess where the role came from.
  Try removing that table entry in SM30 SSM_RFC and see if that way you will be able to remove the target system from the role.
  However it is not a bad thing to have activated. If you are working with position base authorizations and you have more than 1 system, you define 1 composite role for all the roles, for all the systems and you will be able to see where the composite resides by means of the target value.
  Hope this makes sense.
  Regards
  Sonja