Question about login in Pipeline Component
Dear All,
I'm working on registering a new user. Soon after user submits registration, an InputProcessor
will validate its registration data. If success, a Pipeline Component will create
a user via UserManager.createUser() method and then will set properties via ProfileWrapper.setProperty()
method. But before I can setProperty I need to login user. I'm think of using ServletAuthentication.weak()
method to do so, but I don't know how to get a HttpServletRequest object or HttpSession
object. Can anyone tell me how to do it? Also, will it be any trouble to logout if
I use this way to login user?
Thanks in advance for your help.
Tim
Tim,
You can get the HttpServletResponse from the PipelineSession from inside you
PipelineComponent (with signature):
PipelineSession process(PipelineSession pipelineSession,
java.lang.Object requestContext)
By calling:
reponse (HttpServletResponse) = pipelineSession.getRequestScopedAttribute(
WebFlowConstants.HTTP_SERVLET_RESPONSE,
pipelineSession.getContext().getCurrentNamespace(), context );
From the reponse you can get the HttpSession by simply calling getSession.
Let me know if you have any problems.
Sincerely,
Daniel Selman
"Tim" <[email protected]> wrote in message
news:3d32cdc3$[email protected]..
>
Dear All,
I'm working on registering a new user. Soon after user submitsregistration, an InputProcessor
will validate its registration data. If success, a Pipeline Component willcreate
a user via UserManager.createUser() method and then will set propertiesvia ProfileWrapper.setProperty()
method. But before I can setProperty I need to login user. I'm think ofusing ServletAuthentication.weak()
method to do so, but I don't know how to get a HttpServletRequest objector HttpSession
object. Can anyone tell me how to do it? Also, will it be any trouble tologout if
I use this way to login user?
Thanks in advance for your help.
Tim
Similar Messages
-
I got 2 questions regarding to login,
1. I'm on a 8i DB, when it is shutdown, I want to login again.
for "sqlplus internal", it says connect to an idle DB.
for "sqlplus sys/password", it says
ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist
SVR4 Error: 2: No such file or director
is this normal? I'm pretty sure my /etc/system is OK and the shutdowns are clean.
set shmsys:shminfo_shmmax=805306368
set shmsys:shminfo_shmmin=200
set shmsys:shminfo_shmmni=200
set shmsys:shminfo_shmseg=200
set semsys:seminfo_semmni=4096
set semsys:seminfo_semmsl=500
set semsys:seminfo_semmns=4096
set semsys:seminfo_semopm=100
set semsys:seminfo_semvmx=32767
2. For OS user authentication, I understand if the user is a DBA, I would put him in group "dba", then set remote_login_passwordfile=none.
My question is: how about a regular user? OS authenticaion is only for DBA?
I may just got myself confused, please give me a hint. thanks.I understand now. The problem was the syntax.
I used
sqlplus terry/pass as sysdba
which should be
sqlplus "..."
and the second question is clear as well.
Thanks,
Terry -
Question about writting a cutom component
I have an area in my application window (0,0 to 500,500) in whcih I do all my drawing. underneath I have a bunch of boxes I drew to represent buttons. Now in my draw area I wish to always display the exact mouse cursor x,y coordinates. But to use mouseEntered, it has to be attached to a component. Is there a way to define a custom component for my draw area, so that the area throws the mouseEntered event? Is there another way of fixing the problem?
this is how you would do it with a custom component.
import javax.swing.*;
import javax.swing.event.*;
import java.awt.*;
import java.awt.event.*;
import java.awt.geom.*;
public class CustomComp implements MouseListener{
public static void main(String[] args) {
new CustomComp();
public CustomComp(){
setupGUI();
displayFrame();
public void setupGUI(){
jc.addMouseListener(this);
jc.setPreferredSize(new Dimension(300, 300));
p.setBackground( Color.white );
p.setPreferredSize(new Dimension(300, 300));
// you may want to add jc to a container panel
public void displayFrame(){
fr.setContentPane(jc);
fr.pack();
fr.setLocationRelativeTo(null);
fr.show();
public class MyPanel extends JPanel{
public MyPanel(){ }
public void paint(Graphics g){
super.paint(g);
Graphics2D g2d = (Graphics2D)g;
public class MyComponent extends JComponent{
public MyComponent(){ }
public void paint(Graphics g){
super.paint(g);
Graphics2D g2d = (Graphics2D)g;
Rectangle2D.Double button = new Rectangle2D.Double(0, 0, 300, 300);
g2d.setPaint( buttoncolor );
g2d.fill( button );
// Mouse Listeners
public void mouseEntered(MouseEvent e) {
buttoncolor = Color.blue;
jc.repaint();
public void mouseExited(MouseEvent e) {
buttoncolor = Color.red;
jc.repaint();
public void mouseClicked(MouseEvent e) {}
public void mouseReleased(MouseEvent e) {}
public void mousePressed(MouseEvent e) {}
JFrame fr = new JFrame();
JPanel p = new MyPanel();
JComponent jc = new MyComponent();
Color buttoncolor = Color.red;
} -
Question about email setting: how do i change the setting so i need to login to check my email. Currently it automatically come to the inbox without the need to log in.
You don't. Email comes in either by push or when you invoke the email app. Ther is no password except when you first set up the account. If your iPad is not being used as your personal device and you need to shield emails from other users, then don't use the email app. Instead, use web mail if available from your provider.
-
A french question about a login
Et voilà,
WindowsUserName : TextData;
WindowsUserName = task.part.OperatingSystem.GetEnv(name='username');
Hope this helps
Fabrizio Genesio
Datasign AG für Informatik
ch. d'Eysins 53a
CH-1260 Nyon
Switzerland
Tel.: +41 22 361 04 04
Fax: +41 22 361 01 10
e-mail: fabrizio.genesiodatasign.ch
<mailto:fabrizio.genesiodatasign.ch>
URL: www.datasign.ch <http://www.datasign.ch>
-----Original Message-----
From: Olivier Andrieux [SMTP:oandrieuxaxialog.fr]
Sent: Thursday, 27 April 2000 11:53
To: Mailing Liste Forte
Subject: (forte-users) a french question about a login
Bonjour,
J'ai une petite question à vous soumettre:
Je voudrais réaliser une fenêtre de login avec Forté, mais pour
cela il me faudrait récupérer les informations
d'identification de chaque utilisateur sur le serveur
NT. Questionner le serveur en utilisant les mêmes noms et mots de passe
utilisateurs que le serveur.
Cela est-il possible ?
Je vous remercie par avance pour vos réponse .
A bientôt
Olivier.
Olivier Andrieux
Axialog Lille
France -
Image enduser workstation: question about ACF and Adobe Reader component
Our IT department is investigating what components should be included in the image for enduser workstations to ensure they will be able to work with interactive forms without any problem. I know ACF and Adobe Reader are the only requirements for endusers but I have some questions about this:
1. As of what version of Netweaver 2004s is it no longer a requirement to have the ACF component installed on the frontend to enable online interactive scenario's for endusers?
2. Can I recommend to allways install the very latest Adobe Reader version available in the market or is the Adobe Reader version depending on the SAP NetWeaver version we use?
kind regards
Angelique Heutinck
([email protected])Hi Angelique,
The non ACF version is called Zero Client Installation (ZCI)
ERP2005 SP 5 - Zero Client Installation (ZCI)
NW04S Stack 08
Reader 8.0 for ZCI, Reader 7.08 for ACF based forms. Don't use Reader 8 for ACF yet, since there is no installer working yet...
Cheers,
Noë -
Accessing user attributes from a pipeline component
Hello,
I'm using WLCS & WLPS 3.1. I use webflow and I have implemented the page
transition myself to work with the portal. Everything is working fine.
I'm planning to implement a complex step of a business process as a pipeline
component. For various reasons, this PC will be implemented as an EJB. To
perform its job, this PC needs to get information about the user that is
currently logged in. More specifically, it needs to lookup custom attributes
from the user profile (i.e. user property set).
So my question is : is this possible directly from the PC, or do I have to
populate the pipeline session with required information in the input
processor?
Thank you for your advice
NicolasHello Ture,
Thanks for both posts.
Nicolas
"Ture Hoefner" <[email protected]> wrote in message
news:[email protected]..
... To perform its job, this PC needs to get information about the userthat
is
currently logged in. More specifically, it needs to lookup customattributes
from the user profile (i.e. user property set).
So my question is : is this possible directly from the PC, or do I haveto
populate the pipeline session with required information in the input
processor?Hello Nicolas,
I have not tried this myself. I think that the disconnect between the
pipeline session and the portal session is probably the fact that theattributes
in the portal session have their keys "fixed up" by prepending the portal
request URI. This is made possible by the
com.beasys.commerce.foundation.flow.jsp.DefaultDestinationDeterminer,which the
PortalDestinationDeterminer extends. It puts a "TRAFFIC.URI" attributeinto the
each request that goes through the FlowManagerServlet for the portal. Inthe
Acme exampleportal, the "SERVICEMANAGER.USER" attribute is put into theportal
HttpSession as "exampleportal.SERVICEMANAGER.USER".
If you want to get to the cached profile from your portal from yourpipeline
component (PC) then you would have to know that the name is "fixed up" tobe
"exampleportal.CACHED_PROFILE". There are probably several different waysyou
could get the "TRAFFIC.URI" information to your PC.
Ture Hoefner
BEA Systems, Inc.
2590 Pearl St.
Suite 110
Boulder, CO 80302
www.bea.com -
Custom pipeline component creates the folder name to archive messages
Hi
I have an requirement that a BizTalk application is receiving untyped messages and at the receive location the pipeline have to archive the incoming message with the specifications:
suppose I have an xml like
<PurchaseOrder>
<OrderId>1001</OrderId>
<OrderSource>XYZ</OrderSource>
<Code>O01</Code>
</PartyType>
In the pipeline component it has to read this xml and have to use OrderSource value 'XYZ' to create a archival folder and the message have to archive with file name '%MessageId%'
It has to be done by writing custom pipeline component where I am not familiar with c# coding, Can anyone please how to implement mechanism.
Thanks In Advance
Regards
Arun
ArunReddyHi Arun,
Use
BizTalk Server Pipeline Component Wizard to create a decode pipeline component for receive. Install this wizard. This shall help you to create the template project for your pipeline component stage.
Use the following code in the Execute method of the pipeline component code. This code archives the file based with name of the file name received.
public Microsoft.BizTalk.Message.Interop.IBaseMessage Execute(Microsoft.BizTalk.Component.Interop.IPipelineContext pc, Microsoft.BizTalk.Message.Interop.IBaseMessage inmsg)
MemoryStream tmpStream = new MemoryStream();
try
string strReceivedFilename = null;
DateTime d = DateTime.Now;
try
//Get the file name
strReceivedFilename = inmsg.Context.Read("ReceivedFileName", "http://schemas.microsoft.com/BizTalk/2003/file-properties").ToString();
if (strReceivedFilename.Contains("\\"))
strReceivedFilename = strReceivedFilename.Substring(strReceivedFilename.LastIndexOf("\\") + 1, strReceivedFilename.Length - strReceivedFilename.LastIndexOf("\\") - 1);
catch
strReceivedFilename = System.Guid.NewGuid().ToString();
originalStream = inmsg.BodyPart.GetOriginalDataStream();
int readCount;
byte[] buffer = new byte[1024];
// Copy the entire stream into a tmpStream, so that it can be seakable.
while ((readCount = originalStream.Read(buffer, 0, 1024)) > 0)
tmpStream.Write(buffer, 0, readCount);
tmpStream.Seek(0, SeekOrigin.Begin);
//ToDo for you..
//Access the receive message content using standard XPathReader to access values of OrderSource and construct file pathAccess the receive message content using standard XPathReader to acceess values of OrderSource and contruct the file path
string strFilePath = //Hold the value of the file path with the value of OrderSource
string strCurrentTime = d.ToString("HH_mm_ss.ffffff");
strFilePath += "\\" + strReceivedFilename + "_";
FileStream fileStream = null;
try
System.Threading.Thread.Sleep(1);
fileStream = new FileStream(strFilePath + strCurrentTime + ".dat", FileMode.CreateNew);
catch (System.IO.IOException e)
// Handle the exception, it must be 'File already exists error'
// Wait for 10ms, change the file name and try creating the file again
// If the second 'file create' also fails, it must be a genuine error, it'll be thrown to BTS engine
System.Threading.Thread.Sleep(10);
strCurrentTime = d.ToString("HH_mm_ss.ffffff"); // get current time again
string dtcurrentTime = DateTime.Now.ToString("yyyy-MM-ddHH_mm_ss.ffffff");
fileStream = new FileStream(strFilePath + strCurrentTime + ".dat", FileMode.CreateNew);
while ((readCount = tmpStream.Read(buffer, 0, 1024)) > 0)
fileStream.Write(buffer, 0, readCount);
if (fileStream != null)
fileStream.Close();
fileStream.Dispose();
if (originalStream.CanSeek)
originalStream.Seek(0, SeekOrigin.Begin);
else
ReadOnlySeekableStream seekableStream = new ReadOnlySeekableStream(originalStream);
seekableStream.Position = 0;
inmsg.BodyPart.Data = seekableStream;
tmpStream.Dispose();
catch (Exception ex)
System.Diagnostics.EventLog.WriteEntry("Archive Pipeline Error", string.Format("MessageArchiver failed: {0}", ex.Message));
finally
if (tmpStream != null)
tmpStream.Flush();
tmpStream.Close();
if (originalStream.CanSeek)
originalStream.Seek(0, SeekOrigin.Begin);
return inmsg;
In the above code, you have do a section of code which will access the receive message content using standard XPathReader to access values of OrderSource and construct the file path. I have
commented the place where you have to do the same. You can read the XPathReader about here..http://blogs.msdn.com/b/momalek/archive/2011/12/21/streamed-xpath-extraction-using-hidden-biztalk-class-xpathreader.aspx
If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
Question about the sentence in bold. What is the meaning behind this comment?
How would you separate the role of the AIA and CDP from a CA subordinate server? I can see where I add a CES and CEP server which has those as well, but I don't completely understand his comment. Because in this second step, (http://technet.microsoft.com/en-us/library/tlg-key-based-renewal.aspx)
he shows how to implement CES and CEP.
This is from the guide located at: http://technet.microsoft.com/library/hh831348.aspx
Step 3: Configure APP1 to distribute certificates and CRLs
In the extensions of the root CA, it was stated that the CRL from the root CA would be available via http://www.contoso.com/pki. Currently, there is not a PKI virtual directory on APP1, so one must be created.
In a production environment, you would typically separate the issuing CA role from the role of hosting the AIA and CDP.
However, this lab combines both in order to reduce the number of resources needed to complete the lab.
Thanks,
JamesMy concern is, they have a 2-3k base of xp systems, over this year they are migrating them to Windows 7. During this time they will also be upgrading hardware for the existing windows 7 machines. The turnover of certificates are going to be high, which
from what I've read here, it worries me.
http://blogs.technet.com/b/askds/archive/2009/06/24/implementing-an-ocsp-responder-part-i-introducing-ocsp.aspx
The application then can go to those locations to download the CRL. There are, however, some potential issues with this scenario. CRLs over time can get rather large
depending on the number of certificates issued and revoked. If CRLs grow to a large size, and many clients have to download CRLs, this can have a negative impact on network performance. More importantly, by
default Windows clients will timeout after 15 seconds while trying to download a CRL. Additionally,
CRLs have information about every currently valid certificate that has been revoked, which is an excessive amount of data given the fact that an application may only need the revocation status for a few certificates. So,
aside from downloading the CRL, the application or the OS has to parse the CRL and find a match for the serial number of the certificate that has been revoked.
With the above limitations, which mostly revolve around scalability, it is clear that there are some drawbacks to using CRLs. Hence, the introduction of Online Certificate
Status Protocol (OCSP). OCSP reduces the overhead associated with CRLs. There are server/client components to OCSP: The OCSP responder, which is the server component, and the OCSP Client. The OCSP Responder accepts status
requests from OCSP Clients. When the OCSP Responder receives the request from the client it then needs to determine the status of the certificate using the serial number presented by the client. First the OCSP Responder determines if it has any cached responses
for the same request. If it does, it can then send that response to the client. If there is no cached response, the OCSP Responder then checks to see if it has the CRL issued by the CA cached locally on the OCSP. If it does, it can check the revocation status
locally, and send a response to the client stating whether the certificate is valid or revoked. The response is signed by the OCSP Signing Certificate that is selected during installation. If the OCSP does not have the CRL cached locally, the OCSP Responder
can retrieve the CRL from the CDP locations listed in the certificate. The OCSP Responder then can parse the CRL to determine the revocation status, and send the appropriate response to the client. -
A quick question about WebDynpro SLD and R/3 with concurrent users
Hello ,
I have a very quick question about Webdynpros and SLD connecting to an R/3 system, when you configure a webdynpro to connect to an R/3 system using SLD, you configure a user name and password from the R/3 for the SLD to use. What I would like to know is when I have concurrent users of my webdynpro, how can I know what one user did in R/3 and what another user did? Is there a way for the users of the web dynpro to use their R/3 credentials so SLD can access the R/3? Like dynamically configuring the SLD for each user?
- I would like to avoid leaving their their passwords open in the code ( configuring two variable to get the users username and password and use these variables as JCO username and password )
Thanks Ubergeeks,
GuyHi Guy
You will have to use Single Sign On to achieve this. In the destination you have defined to connect to R/3 , there is an option to 'useSSO' instead of userid and password. This will ensure that calls to R/3 will be with the userid that has logged into WAS. You wont need to pass any passwords because a login ticket is generated from WAS and passed on to R/3. The userid is derived from this ticket.
For this to happen you will have to maintain a trust relation ship between R/3 and your WAS ,there is detailed documentation of this in help files. Configuration is very straight forward and is easy to perform
Regards
Pran -
Custom Pipeline Component stopped changing input filename
Hi
In my project, I have a custom pipeline component to change the input file name. I use it in the receive pipeline decode stage. It was working initially when I had only a receive pipeline and custom pipeline component in my solution. later I introduced
two schemas, an orchestration, map and a send pipeline. The rename is not working anymore. Please help.
receive adapter: FILE
send adapter: FTP
Custom pipeline component: (File Name Setter)
Receive pipeline:
decode: custom pipeline component to rename the filename
disassemble: flatfile disassembler conecting to a document schema
Map:
Schema 1 to Schema 2 (transforms from Windows to Unix format)
Orchestration:
receive message
transform using map above
send message
Exception Handler
Send pipeline:
FlatFile assembler
manibestMay be its not working now, because in the orchestration which you have added,
you’re constructing a new message from the received message and the context properties from the Received message is not copied across to the newly constructed message. So when you use “%SourceFileName%” macro in the send port,
the ReceivedFileName context property is missing in the newly constructed message which is sent out.
So in your Orchestration, while constructing (in MessageAssignment shape) the outbound message from the Received message, copy the context property of the Received message to the newly constructed message. Something like this
//This line copies all the context properties from received message to the outputted message
msgOutputted (*)= msgReceived(*)
//or
//This line just copies the receive file name context property from received message to the outputted message
msgOutputted (FILE.ReceivedFileName)= msgReceived (FILE.ReceivedFileName).
If you’re not using the Orchestration or constructing the new message (even in map), then just add the schemas/orchestration or any pipeline would not affect the ReceiveFileName code. May be in this case, debug the pipeline and also check whether the outputted
message has ReceivedFileName in its context property.
If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
Question about Customizable Components in JDev 10.1.3.2 version
Hi,
I have some some questions about new ADF features.
1) As we see at the image: http://www.sttb.pl/jakub/customComp.JPG custom component doesn't display polish letters. How to resolve it ?
2) In command components (button or link) there is enable new value for Action attribute: frame.addContent - what is that and how to use it ?
3) How to use <cust:showDetailFrame> facets ?
Regards
KubaI can help you with 3)
o Adding Customization to a JSF Application - demonstration
o WebCenter Tutorial
o WebCenter Developer's Guide
Peter -
Basic questions about JAAS capabilities
I've never used JAAS for authentication or authorization in a Java app before. Can somebody that has (or at least has some experience and knowledge about JAAS) please answer the following couple of basic questions about it? (I know I could probably answer these myself with a few hours of reading.)
1. Can I use JAAS to restrict the users that can execute specific methods of my code?
2. If the answer to #1 is yes, is there a way to programmatically determine if a JAAS login user has the permissions to run a method before actually calling that method. In other words, can I ask something like canUserExecute(method) or do I have to just put the call to the method in a try/catch and catch a security exception of some type?
3. Is it fairly simple to have JAAS authenticate against a Windows Domain or a LDAP server?
4. Are there programmatic ways to add or edit user information in JAAS?
Answer to any of these questions are greatly appreciated. I'll even toss a couple of Dukes to the people that answer each question. Thanks in advance.You might look at the AfterthoughtSoft-Secure product at http://www.advancedmodelingconcepts.com. It is designed to do just that and will easily allow you to connect to users/group repositories that are in anything from a simple text file all the way up to Kerberos V.
You can contact the author of the product (me) at bart dot jenkins at gd-ais dot com.
bart -
Hi Gurus!
I have a question about the following scenario:
The login in EP6 is with the NT User (adriano.oliveira), but to access the SAP applications I need to use another User (aoliveira - the size of the NT User is bigger than SAP User length).
I know this works with user mapping, but the problem is that each user will need to configure his mapping (5000 users). Then I think the option is to use the SAP Logon tickets.
My doubt is: Is it possible to validate a user id at login (in the EP6 SP10) and generate the client certificate with another user id???
Important: In the AD (Active Directory), for each NT User id, there is a field with the SAP User id. I could use this field...
Thanks for any help.
Regards,
AdrianoAdrianao,
You can maintain reference SAP Server.
http://help.sap.com/saphelp_nw04/helpdata/en/ed/845896b89711d5993900508b6b8b11/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/0b/d82c4142aef623e10000000a155106/content.htm
Hope this helps,
thanks,
Praveen -
Questions about Access Manager tutorials available in netbeans site
Hi
Thank you for reading my post
I have some questions about two tutoral which i find in :
http://www.netbeans.org/kb/55/amsecurity.html and
http://www.netbeans.org/kb/55/amsecurity-liberty.html
here is my problem :
we have some web services, now we want to have authentication applied for consumer who try to access our web services.
we need to have most possible flexibility because we may deploy the server for a customer with an already established Identity database ( Database Table with user details)
Also we need to have Transport level security using SSL.
I read and studied both of them and now i have some questions :
-I think Securing Web Services Using the SAML or UserNameToken is what we need for authentication and autorization of web service consumers?
is that right?
-Does Sun Java System Access Manager provide flexibility to authenticate user/password with a database table content?
-How we can apply roles in Sun Java System Access Manager when we authenticate users ?
ThanksImagine that we want to have an end to end security for our web services
we thought that we could use message level encryption to protect the soap message and also we should protect our web services from un-authenticated acess,
we will use userName token for this.
Our customer has large database which contains many user/password and role of those users.
some of web services should be available to higher role (manager) and not for all users.
so we should check a user role before we allows him/her to access a web service.
my question is whether Sun Access manager can help us with this? or there are other configuration or packages that we should apply to have this feature.
to explain more :
our client side is a swing application, users enter username/password to login into system. after they loged in, we send user/pass every time user want to request some data from some services. (is it good to send user/pass every time?)
We want Sun Access Manager to handle users authentication .
We also need to handle role related authorization, can Sun access manager handle this?
Thanks
Maybe you are looking for
-
My MacBook Pro Hard Drive recently gave me the gray folder with the question mark of death. Even as a Mac Newbie/Novice, I successfully installed a new hard drive and the OS (10.6.8) software from my installation discs. I have, however, lost the abil
-
Installer Disc Could Not Be Found - XP Performance
I'm trying to burn a copy of XP Performance on to my mac. I know for a fact that it works, so that's not really an issue. I used disc utility to make the .iso a disc image, burned the disc image, and it won't work. Restarted the comp with the disc in
-
After i downloaded my apps, the data is there in the usage but i cannot see any icon and i cannot open the app even via the app store. How can i fix this? Note: my restrictions are turned off at all times
-
WebVPN and certificates**nevermind!**
Does anyone have any experience with certs? I bought and installed a cert for the WebVPN product and I am still getting the ...do you really trust this? you don't know who is sending you this cert message...any links/comments would surely help me out
-
Volume different in FCP than in STP
Anyone have a problem with the volume of the XML file which you import back into FCP being to loud? What is the solution to having the volume the same as in STP?