RDBMS Realm - Locking users

I am using the Rdbms Realm to control the access to my servlets.
Does anyone know how can I lock a user when he reach the maximum numbers of
retries ?
Thanks in advance
Alejandro

a> Does anyone know how can I lock a user when he reach the maximum
a> numbers of retries ?
You'll need to customise the RDBMS realm so that it keeps track of
this information for you.
     <b

Similar Messages

  • Unlocking user in RDBMS realm of portal

    Hi All,
    Does any body know where the information of a user being locked is stored in case
    oif RDBMS Realm ? In portal server, some user is locked b'coz of wrong password
    and I tried unlocking from weblogic console, but didn't work. Does any body having
    any idea on this ?
    Any suggestion is welcome.
    TIA,
    Sudarson

    Hi All,
    Does any body know where the information of a user being locked is stored in case
    oif RDBMS Realm ? In portal server, some user is locked b'coz of wrong password
    and I tried unlocking from weblogic console, but didn't work. Does any body having
    any idea on this ?
    Any suggestion is welcome.
    TIA,
    Sudarson

  • Problem creating user in RDBMS realm Using com.bea.wlpi.rdbmsrealm.RDBMSRealm

    Hi,
    I am currently using WLI 2.0 SP2 installation. Here is a very unusual thing I
    noticed. Can somebody tell me what is going on ???
    1 : I have set up the security realm as indicated in the config.xml file. As far
    as I understand, the caching realm entry has attribute pointing to the wlpiRDBMSRealm,
    which is a RDBMS implementation from the WLI 2.0 SP2 distribution.
    2: I start the server, open the WLS console, and create a new user through the
    console. I get no error message and it seems to work fine. ( I also click on the
    save it to database link, and it returns with msg that cache is refreshed ).
    3: I see an entry in the fileRealm.properties file, but no record is inserted
    in the WLSUSER table in the database.
    Since the RDBMS realm (from WLI distribution) is defined as basic
    realm implementation, should it not insert entry into the database, instead of
    the file realm.
    Is this a general problem ( any RDBMS realm ) or is it specific to the WLI ?
    Is there anything that I have not configured here that is causing this behavior
    Is it just refreshing the cache instead of inserting record in DB ?
    Why should it insert entry into fileRealm.properties ?
    Thanks,
    Girish
    [noaa1.zip]

    Hi,
    I turned on the caching realm through the WLS Console, (Security).
    After this I get a very unusual error, which seems to be comming
    from the RDBMS implementation class (from WLI 2.0 SP2 distribution).
    Here is the msg that I get while WLS server boots (the WLS server boots ok, but
    WLPI does not initialize) ....
    Unable to initialize WebLogic Process Integrator:
    SQL Exception: ResultSet not open, operation 'next' not permitted. Verify that
    autocommit is OFF.
    at c8e.k.j.l_(Unknown Source)
    at c8e.k.j.l_(Unknown Source)
    at c8e.k.j.j_(Unknown Source)
    at c8e.k.n.checkIfClosed(Unknown Source)
    at c8e.k.n.movePosition(Unknown Source)
    at c8e.k.n.movePosition(Unknown Source)
    at c8e.k.n.next(Unknown Source)
    at com.bea.wlpi.rdbmsrealm.RDBMSDelegate.getGroup(RDBMSDelegate.java:425)
    at com.bea.wlpi.rdbmsrealm.RDBMSRealm.getGroup(RDBMSRealm.java:235)
    at weblogic.security.acl.CachingRealm.getGroup(CachingRealm.java:1120)
    at weblogic.ejb20.deployer.SecurityRoleMapping.lookupPrincipal(SecurityRoleMapping.java:243)
    at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:96)
    at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:128)
    at weblogic.ejb20.deployer.SecurityRoleMapping.isPrincipalInAnyRole(SecurityRoleMapping.java:174)
    at weblogic.ejb20.deployer.MethodInfoImpl.checkAccess(MethodInfoImpl.java:214)
    at weblogic.ejb20.internal.MethodDescriptor.checkAccess(MethodDescriptor.java:285)
    at weblogic.ejb20.internal.BaseEJBObject.preInvoke(BaseEJBObject.java:90)
    at weblogic.ejb20.internal.StatelessEJBObject.preInvoke(StatelessEJBObject.java:55)
    at com.bea.wlpi.server.plugin.PluginManagerCfgBeanEOImpl.init(PluginManagerCfgBeanEOImpl.java:1301)
    at com.bea.wlpi.server.initlistener.InitListenerBean.onMessage(InitListenerBean.java:151)
    at weblogic.ejb20.internal.MDListener.execute(MDListener.java:221)
    at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:175)
    at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:1933)
    at weblogic.jms.client.JMSSession.execute(JMSSession.java:1892)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.Kernel.execute(Kernel.java:250)
    at weblogic.jms.client.JMSSession.pushEnvelope(JMSSession.java:1779)
    at weblogic.jms.client.JMSCallback.pushEnvelope(JMSCallback.java:69)
    at weblogic.jms.frontend.FESession.execute(FESession.java:1972)
    <Aug 22, 2001 11:56:01 AM MDT> <Notice> <WebLogicServer> <WebLogic Server started>
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    --------------- nested within: ------------------
    com.bea.wlpi.rdbmsrealm.RDBMSException: caught SQL exception - with nested exception:
    [SQL Exception: ResultSet not open, operation 'next' not permitted. Verify that
    autocommit is OFF.]
    at com.bea.wlpi.rdbmsrealm.RDBMSRealm.getGroup(RDBMSRealm.java:242)
    <Aug 22, 2001 11:56:01 AM MDT> <Notice> <WebLogicServer> <ListenThread listening
    on port 7101>
    at weblogic.security.acl.CachingRealm.getGroup(CachingRealm.java:1120)
    at weblogic.ejb20.deployer.SecurityRoleMapping.lookupPrincipal(SecurityRoleMapping.java:243)
    at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:96)
    at weblogic.ejb20.deployer.SecurityRoleMapping.getSecurityRolePrincipals(SecurityRoleMapping.java:128)
    at weblogic.ejb20.deployer.SecurityRoleMapping.isPrincipalInAnyRole(SecurityRoleMapping.java:174)
    at weblogic.ejb20.deployer.MethodInfoImpl.checkAccess(MethodInfoImpl.java:214)
    at weblogic.ejb20.internal.MethodDescriptor.checkAccess(MethodDescriptor.java:285)
    at weblogic.ejb20.internal.BaseEJBObject.preInvoke(BaseEJBObject.java:90)
    at weblogic.ejb20.internal.StatelessEJBObject.preInvoke(StatelessEJBObject.java:55)
    at com.bea.wlpi.server.plugin.PluginManagerCfgBeanEOImpl.init(PluginManagerCfgBeanEOImpl.java:1301)
    at com.bea.wlpi.server.initlistener.InitListenerBean.onMessage(InitListenerBean.java:151)
    at weblogic.ejb20.internal.MDListener.execute(MDListener.java:221)
    at weblogic.ejb20.internal.MDListener.onMessage(MDListener.java:175)
    at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:1933)
    at weblogic.jms.client.JMSSession.execute(JMSSession.java:1892)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.Kernel.execute(Kernel.java:250)
    at weblogic.jms.client.JMSSession.pushEnvelope(JMSSession.java:1779)
    at weblogic.jms.client.JMSCallback.pushEnvelope(JMSCallback.java:69)
    at weblogic.jms.frontend.FESession.execute(FESession.java:1972)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    "Girish Gupte" <[email protected]> wrote:
    >
    >
    >
    Hi,
    I am currently using WLI 2.0 SP2 installation. Here is a very unusual
    thing I
    noticed. Can somebody tell me what is going on ???
    1 : I have set up the security realm as indicated in the config.xml file.
    As far
    as I understand, the caching realm entry has attribute pointing to the
    wlpiRDBMSRealm,
    which is a RDBMS implementation from the WLI 2.0 SP2 distribution.
    2: I start the server, open the WLS console, and create a new user through
    the
    console. I get no error message and it seems to work fine. ( I also click
    on the
    save it to database link, and it returns with msg that cache is refreshed
    3: I see an entry in the fileRealm.properties file, but no record is
    inserted
    in the WLSUSER table in the database.
    Since the RDBMS realm (from WLI distribution) is defined as basic
    realm implementation, should it not insert entry into the database, instead
    of
    the file realm.
    Is this a general problem ( any RDBMS realm ) or is it specific to the
    WLI ?
    Is there anything that I have not configured here that is causing this
    behavior
    Is it just refreshing the cache instead of inserting record in DB ?
    Why should it insert entry into fileRealm.properties ?
    Thanks,
    Girish

  • Creating New Users for RDBMS realm

    I am currently creating new users in the RDBMS realm
    by an EJB that will insert into the "Users" table. Is this
    the correct way to create users or should I be calling
    methods on classes in examples.security.RDBMSRealm?
    Thanks
    Bill.

    Thanks a lot for the guideline.
    I can able to create multiple users using Import option of the user administration but i have one more question regarding the same.
    What about the password setting of these newly created users. Or can the set the password field in test file?? Because when we export the user, it is not showing any Password field.
    Thanks & Regards,
    Prashant

  • Creating Users with RDBMS realm

    "I am currently creating new users in the RDBMS realm by an EJB that inserts into

    <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by [email protected]:
    Ralf,
    Your syntax looks right so it migth be something else. Could you please post the full example and I'll try it out here.<HR></BLOCKQUOTE>
    Sure:
    <?xml version = '1.0' standalone = 'yes'?>
    <SimpleUser>
    <UserName>eclark</UserName>
    <Password>ifs</Password>
    <DistinguishedNameSuffix>.ambiguity.com</DistinguishedNameSuffix>
    <AdminEnabled>false</AdminEnabled>
    <HomeFolderRoot>/home</HomeFolderRoot>
    <EmailAddressSuffix>@ambiguity.com</EmailAddressSuffix>
    <PrimaryUserProfileAcl refType="name">Private</PrimaryUserProfileAcl>
    </SimpleUser>
    Without the PrimaryUserProfileAcl-Tag, the example works fine and the user is created; but when including the tag, I get the 21000-Error. Our iFS-version is 1.0.8, maybe it's a bug that is fixed in version 1.1?

  • Disscuss of using RDBMS Realm

    Hi,
    Now maybe eveyone knows that the RDBMS Realm provided by weblogic 6.0 isn't production
    ready, and miss some functions, for examples, change password, or add group no.
    It is suprised for me that weblogic didn't support these basic functions of RDBMSRealm
    and didn't provide suitable documentation for implementing this RDBMS Realm.
    So I ask for help that if everyone know how to implement one function: changeCredential.
    I know the weblogic.management.configuration.Uer object has this method (User.changeCredential(oldPass,
    newPass)). I know I have to provide one additional database schema for updating
    user password. I know I should add a method in the RDBMSDelegate and RDBMSRealm
    classes. But I don't the suitable method signature, and couldn't find internal
    method call when the user click the "change" button changing password in the Console.
    Thank you very much for any idea or help. Also I'd like to deeply discuss other
    security issues.
    Is any project use the RDBMS realm?
    By the way, if anyone try to directly update the database tables as a means to
    implement this issues. I have tried this approach, and it seems work fine except
    for some catching delay. Can anyone tell me if this is an effective method?
    Thx

    This RDBMS Realm issue is really bother me too. I was wondering if anyone use the
    RDBMS Realm for production. it is difficult to find what the architecture the
    RealmMBean object and RealmManager is. Any idea let me know. Good luck.
    "andy Zhong" <[email protected]> wrote:
    >
    Hi,
    Now maybe eveyone knows that the RDBMS Realm provided by weblogic 6.0
    isn't production
    ready, and miss some functions, for examples, change password, or add
    group no.
    It is suprised for me that weblogic didn't support these basic functions
    of RDBMSRealm
    and didn't provide suitable documentation for implementing this RDBMS
    Realm.
    So I ask for help that if everyone know how to implement one function:
    changeCredential.
    I know the weblogic.management.configuration.Uer object has this method
    (User.changeCredential(oldPass,
    newPass)). I know I have to provide one additional database schema for
    updating
    user password. I know I should add a method in the RDBMSDelegate and
    RDBMSRealm
    classes. But I don't the suitable method signature, and couldn't find
    internal
    method call when the user click the "change" button changing password
    in the Console.
    Thank you very much for any idea or help. Also I'd like to deeply discuss
    other
    security issues.
    Is any project use the RDBMS realm?
    By the way, if anyone try to directly update the database tables as a
    means to
    implement this issues. I have tried this approach, and it seems work
    fine except
    for some catching delay. Can anyone tell me if this is an effective method?
    Thx

  • Groups within groups in RDBMS Realm

    I can see how the supplied RDBMS Realm schema supports groups that contain
    groups: you simply store a group name as the gm_member field in the
    groupmembers table.
    Does weblogic or the RDBMS Realm implementation in particular provide any
    special support for the concept of nested groups? What I mean is, I want to
    make a call like isUserInGroup(String userName, String groupName) and get
    back true if the user is either in the specified group or is in some group
    that is nested inside of the specified group.
    I can write my own little routine to recursively expand the groupmembers and
    determine if the user is contained in the specified group, but I wonder if
    that is reinventing the wheel.
    Thanks!

    Thanks for the helpful response, Terry! That was exactly the info I needed.
    John
    Terry <[email protected]> wrote in message
    news:[email protected]..
    RDBMSGroup's isMember method is inherited from the FlatGroup class, theAPI
    of which is athttp://www.weblogic.com/docs51/classdocs/javadocs/index.html.
    I quote
    isMember
    public boolean isMember(java.security.Principal member)
    Returns true if the passed principal is a member of the group. This method
    does a recursive search, so if a principal belongs to a group which is a
    member of this group, true is returned.
    So it looks like somebody already thought of that 'wheel' thing you were
    talking about, and you don't have to bother
    terry
    John Lindwall <[email protected]> wrote in message
    news:3a67b151$[email protected]..
    I can see how the supplied RDBMS Realm schema supports groups that
    contain
    groups: you simply store a group name as the gm_member field in the
    groupmembers table.
    Does weblogic or the RDBMS Realm implementation in particular provideany
    special support for the concept of nested groups? What I mean is, Iwant
    to
    make a call like isUserInGroup(String userName, String groupName) and
    get
    back true if the user is either in the specified group or is in somegroup
    that is nested inside of the specified group.
    I can write my own little routine to recursively expand the groupmembersand
    determine if the user is contained in the specified group, but I wonder
    if
    that is reinventing the wheel.
    Thanks!

  • How to setup RDBMS Realm.

    Hi
    Can some one tell me the basic steps to setup RDBMS Realm for resouces like
    pool, Servlets and EJB. I am trying to use the weblogic example code.
    Thanks in advance!!!
    jtaneja

    Please look into the previous posting of yours.
    -utpal
    "Amit" <[email protected]> wrote in message
    news:[email protected]..
    >
    Hi,
    I want to store user id, password, roles in the DB tables and providewebbased
    forms to create/modify user.
    How do I implement security relam for users stored in the DB table?
    Thanks and Regards,
    Amit

  • Example of RDBMS Realm

    Hi,
    I have just started out with EJB & weblogic security. I want to make a RDBMS realm in weblogic that connects to oracle dBase. Since I am new to security, I was wondering if anyone out there knew what fields would be added to a table that manages user?. Also how does a table manage ACLs? And last but not least, I noticed that when I was creating a RDBMS realm in weblogic console there is a tab that mentions that I have to write schema properties...what is this and what do I place in it. I have read all of the weblogic docs and there is nothing that addresses theses questions. I would really appreciate any help I can get.
    Thank you,
    Jay.
    P.S I am using weblogic 6.0 with sp1

    Is this a continuation of http://forum.java.sun.com/thread.jsp?forum=60&thread=159878
    It sure looks like it.
    Have you read this weblogic doc http://e-docs.bea.com/wls/docs61/adminguide/cnfgsec.html#1052867

  • Refreshing the RDBMS Realm

    I am using the RDBMS Realm that comes with Weblogic 6.0.
    We have created ejbs to create and insert our users and group members into
    the
    tables that the RDBMS Realm reads from .
    The problem is occasiounly the caching realm gets out of date. When a user
    tries
    to access a secured resource the attempts fails. After a few more attempts
    the
    cache will refresh itself and the access works fine.
    When I make changes to my user data how can I programmatically tell the
    caching
    realm to refresh itself. (The refresh through the console will not help me
    here).
    ...Or should I re-think the way I am creating and updating user data, i.e.
    should I
    only be doing this through the Realm class?
    Thanks

    s> 1. I get an Nullpointer exception on the flatgroups.java on some of the
    s> api's.
    s> like getAcls() ..etc.
    More details would be useful. Stack backtraces with line numbers.
    s> 4. Can i use weblogic.security.acl api's along with the RDBMS example.
    s> Logically speaking i could ... but why exceptions are raised.
    Insufficient information to be able to tell.
         <b
    Let us pray:
    What a Great System.
    Please Do Not Crash.
    ^G^IP@P6

  • WL51: Custom RDBMS realm interctions with CachingRealm

    I think I partially understand the interactions between a CachingRealm and a
    custom RDBMS realm (extending from ManageableRealm->AbstractListableRealm).
    One thing that confuses me is how to deal with FlatGroups that contain other
    groups.
    Suppose I use the first constructor of FlatGroup which defers the loading of
    members until a method is invoked. When my root group, "everyone" (of which
    all other groups ultimately belong to), is called to test membership of a
    user, each level in the group tree will be successively loaded since the
    members weren't pre-loaded. This sounds like it could be terribly slow,
    depending on the depth and width of the group tree.
    One optimization being considered is to pre-load each group with its
    immediate members. As each child group is added to its parent, it would
    recursively be adding its children. Thus, "everyone" would have a full tree
    of groups inside of it. However, havign been ecplitily loaded by the custom
    realm, they weren't pulled through the cache. The entire tree is present,
    but not accessible except through the "everyone" group.
    Is there a way to load these groups into the cache pro-actively so that the
    loading of a group and its children can be optimized (perhaps even using a
    connect by, if not using at least a single database call)?
    Regards,
    Brian.

    Hi.
    Try posting this in the security newsgroup.
    Regards,
    Michael
    "Brian J. Sayatovic" wrote:
    I think I partially understand the interactions between a CachingRealm and a
    custom RDBMS realm (extending from ManageableRealm->AbstractListableRealm).
    One thing that confuses me is how to deal with FlatGroups that contain other
    groups.
    Suppose I use the first constructor of FlatGroup which defers the loading of
    members until a method is invoked. When my root group, "everyone" (of which
    all other groups ultimately belong to), is called to test membership of a
    user, each level in the group tree will be successively loaded since the
    members weren't pre-loaded. This sounds like it could be terribly slow,
    depending on the depth and width of the group tree.
    One optimization being considered is to pre-load each group with its
    immediate members. As each child group is added to its parent, it would
    recursively be adding its children. Thus, "everyone" would have a full tree
    of groups inside of it. However, havign been ecplitily loaded by the custom
    realm, they weren't pulled through the cache. The entire tree is present,
    but not accessible except through the "everyone" group.
    Is there a way to load these groups into the cache pro-actively so that the
    loading of a group and its children can be optimized (perhaps even using a
    connect by, if not using at least a single database call)?
    Regards,
    Brian.--
    Michael Young
    Developer Relations Engineer
    BEA Support

  • Rdbms realm

    Hi,
    I tried creating rdbms realm in mydomain.
    I am able to see the rdbms realm users in the console when I click on users.
    I am not able to see the new groups or new members in old groups when I click
    groups. I can only see the old groups' entries.
    When I click on ACL I get the following
    weblogic.management.configuration.RealmException: RealmManager.listAcls - with
    nested exception: [security.rdbmsrealm.RDBMSException: RDBMSEnumeration.nextElement
    failed - with nested exception: [java.sql.SQLException: ResultSet has already
    been closed]] at weblogic.management.configuration.RealmManager.listAcls(RealmManager.java:203)
    at weblogic.management.console.pages._panels._mbean._acltable._jspService(_acltable.java:213)
    at weblogic.servlet.jsp.JspBase.service(JspBase.java:27) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:213)
    at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:1265)
    at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:1622)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    Any idea whats wrong? I am using the default dbschema
    I have the entries as listed below in my config.xml.
    <CachingRealm BasicRealm="defaultRDBMSRealmForOracle" Name="defaultCachingRealm"/>
    <Realm CachingRealm="defaultCachingRealm"
    FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
    <RDBMSRealm DatabaseDriver="weblogic.jdbc.oci.Driver"
    DatabasePassword="tiger"
    DatabaseURL="jdbc:weblogic:oracle:vogue"
    DatabaseUserName="scott" Name="defaultRDBMSRealmForOracle"
    Notes="I have changed the package to security.rdbmsrealm from examples.security.rdbmsrealm
    example. I am using the same schema(in the ddl) in oracle"
    RealmClassName="security.rdbmsrealm.RDBMSRealm" SchemaProperties="getGroupMembers=SELECT
    GM_GROUP, GM_MEMBER from groupmembers WHERE GM_GROUP = ?;deleteGroup2=DELETE FROM
    aclentries WHERE A_PRINCIPAL = ?;deleteGroup1=DELETE FROM groupmembers WHERE GM_GROUP
    = ?;addGroupMember=INSERT INTO groupmembers VALUES ( ? , ? );getUser=SELECT U_NAME,
    U_PASSWORD FROM users WHERE U_NAME = ?;getPermission=SELECT DISTINCT A_PERMISSION
    FROM aclentries WHERE A_PERMISSION = ?;deleteUser3=DELETE FROM aclentries WHERE
    A_PRINCIPAL = ?;getGroupNewStatement=false;deleteUser2=DELETE FROM groupmembers
    WHERE GM_MEMBER = ?;deleteUser1=DELETE FROM users WHERE U_NAME = ?;getAcls=SELECT
    A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries ORDER BY A_NAME, A_PRINCIPAL;getUsers=SELECT
    U_NAME, U_PASSWORD FROM users;getPermissions=SELECT DISTINCT A_PERMISSION FROM
    aclentries;getGroups=SELECT GM_GROUP, GM_MEMBER FROM groupmembers;getAclEntries=SELECT
    A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries WHERE A_NAME = ? ORDER BY A_PRINCIPAL;newUser=INSERT
    INTO users VALUES ( ? , ? );removeGroupMember=DELETE FROM groupmembers WHERE GM_GROUP
    = ? AND GM_MEMBER = ?"/>
    ananya

    Hi Narin,
    I seem to have forgotten to mention that the problem got fixed when I set getGroupNewStatement
    to true.
    Anu
    "Narinder Gaheer" <[email protected]> wrote:
    Have you taken the RDBMSRealm example that comes with weblogic? If thats
    the case, that example doesn't implement Group related functionality
    as
    pointed out by many posts earlier on this newsgroup. You need to provide
    that implementation on your own.
    "ananya" <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    I tried creating rdbms realm in mydomain.
    I am able to see the rdbms realm users in the console when I clickon
    users.
    I am not able to see the new groups or new members in old groups whenI
    click
    groups. I can only see the old groups' entries.
    When I click on ACL I get the following
    weblogic.management.configuration.RealmException: RealmManager.listAcls-
    with
    nested exception: [security.rdbmsrealm.RDBMSException:RDBMSEnumeration.nextElement
    failed - with nested exception: [java.sql.SQLException: ResultSet has
    already>> been closed] atweblogic.management.configuration.RealmManager.listAcls(RealmManager.java:20
    3)
    atweblogic.management.console.pages._panels._mbean._acltable._jspService(_aclt
    able.java:213)
    at weblogic.servlet.jsp.JspBase.service(JspBase.java:27) atweblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
    :213)
    atweblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
    ntext.java:1265)
    atweblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
    :1622)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137) atweblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
    Any idea whats wrong? I am using the default dbschema
    I have the entries as listed below in my config.xml.
    <CachingRealm BasicRealm="defaultRDBMSRealmForOracle"Name="defaultCachingRealm"/>
    <Realm CachingRealm="defaultCachingRealm"
    FileRealm="wl_default_file_realm" Name="wl_default_realm"/>
    <RDBMSRealm DatabaseDriver="weblogic.jdbc.oci.Driver"
    DatabasePassword="tiger"
    DatabaseURL="jdbc:weblogic:oracle:vogue"
    DatabaseUserName="scott" Name="defaultRDBMSRealmForOracle"
    Notes="I have changed the package to security.rdbmsrealm fromexamples.security.rdbmsrealm
    example. I am using the same schema(in the ddl) in oracle"
    RealmClassName="security.rdbmsrealm.RDBMSRealm"SchemaProperties="getGroupMembers=SELECT
    GM_GROUP, GM_MEMBER from groupmembers WHERE GM_GROUP =?;deleteGroup2=DELETE FROM
    aclentries WHERE A_PRINCIPAL = ?;deleteGroup1=DELETE FROM groupmembersWHERE GM_GROUP
    = ?;addGroupMember=INSERT INTO groupmembers VALUES ( ? ,? );getUser=SELECT U_NAME,
    U_PASSWORD FROM users WHERE U_NAME = ?;getPermission=SELECT DISTINCTA_PERMISSION
    FROM aclentries WHERE A_PERMISSION = ?;deleteUser3=DELETE FROM aclentriesWHERE
    A_PRINCIPAL = ?;getGroupNewStatement=false;deleteUser2=DELETE FROMgroupmembers
    WHERE GM_MEMBER = ?;deleteUser1=DELETE FROM users WHERE U_NAME =?;getAcls=SELECT
    A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries ORDER BY A_NAME,A_PRINCIPAL;getUsers=SELECT
    U_NAME, U_PASSWORD FROM users;getPermissions=SELECT DISTINCT A_PERMISSIONFROM
    aclentries;getGroups=SELECT GM_GROUP, GM_MEMBER FROMgroupmembers;getAclEntries=SELECT
    A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries WHERE A_NAME = ?ORDER
    BY A_PRINCIPAL;newUser=INSERT
    INTO users VALUES ( ? , ? );removeGroupMember=DELETE FROM groupmembersWHERE GM_GROUP
    = ? AND GM_MEMBER = ?"/>
    ananya

  • WLS5.1 SP_9 RDBMS Realm problem

    Hi all,
    I am trying to configure the RDBMS realm examples that come with weblogic.
    I am getting an error saying the Table Users was not found.
    I created my own simple java class to check if the parameters from
    rdbmsrealm.properties are working fine, they are. Then why is weblogic not
    able to find the USERS table, where is it looking for this table.
    Any Help is highly appreciated.
    Ramesh
    Stack Trace :
    Unable to initialize server: examples.security.rdbmsrealm.RDBMSException:
    realm
    initialization failed, Connection.prepareStatement() failed on statement
    "SELECT
    U_NAME, U_PASSWORD FROM users WHERE U_NAME = ?", - with nested exception:
    [SQL Exception: Table 'USERS' does not exist.]
    fatal initialization exception
    Properties File :
    # - - - - - - ORACLE - - - - - - -
    driver=weblogic.jdbc.oci.Driver
    dbURL=jdbc:weblogic:oracle:bizpivot.india
    dbUser=ramesh
    dbPassword=******
    #getGroupNewStatement=false

    Hi all,
    Never Mind, I got it working. A couple of lines down the property lines,
    the Cloudscape URL was uncommented and hence the webloigc server was looking
    the USERS table in cloudscape instead of Oracle where I created them.
    I figured this out by modifying the LoadDDL,java and asking it to print the
    URL and other details that it read from the rdbmsldaprealm.properties file.
    Thank you all.
    Ramesh
    "ramesh" <[email protected]> wrote in message
    news:[email protected]..
    Hi all,
    I am trying to configure the RDBMS realm examples that come with weblogic.
    I am getting an error saying the Table Users was not found.
    I created my own simple java class to check if the parameters from
    rdbmsrealm.properties are working fine, they are. Then why is weblogicnot
    able to find the USERS table, where is it looking for this table.
    Any Help is highly appreciated.
    Ramesh
    Stack Trace :
    Unable to initialize server: examples.security.rdbmsrealm.RDBMSException:
    realm
    initialization failed, Connection.prepareStatement() failed on statement
    "SELECT
    U_NAME, U_PASSWORD FROM users WHERE U_NAME = ?", - with nestedexception:
    [SQL Exception: Table 'USERS' does not exist.]
    fatal initialization exception
    Properties File :
    # - - - - - - ORACLE - - - - - - -
    driver=weblogic.jdbc.oci.Driver
    dbURL=jdbc:weblogic:oracle:bizpivot.india
    dbUser=ramesh
    dbPassword=******
    #getGroupNewStatement=false

  • How to Configure RDBMS Realm on WL6.0

    We are trying to replace the default File Realm on WL6.0 with RDBMS Realm. We
    have put the userId/password pairs in fnxuser table of the database, also we put
    "reserve" permission for weblogic. jdbc.connectionPool.fnxconnection in the acl2entries
    table (but for whatever reason, the fnxconnection setup won't show up when we
    bring up acl config page in the console, just those defaults show up such as weblogic.jdbc.connectionPool,
    weblogic.jdbc.connectionPool.oraPool, weblogic.jdbc.connectionPool.testPool).
    When we log in using one of the valid userid/password in the fnxuser table on
    the jsp page, we got the following error message:
    LoginBean::loginAttempt() - get DB name : dev711
    LoginBean::checkAccountStatus: Naming error:javax.naming.AuthenticationException
    [Root exception is java.lang.SecurityException:Authentication for user bobdev
    denied in realm weblogic]
    We have a Java Bean Login Bean to get the JNDI context, the code is as follows:
    Context ctx = FnxJndi.getJndiInitialContext(null);
    if (sDatabase != null)
    sDbname = sDatabase;
    else
    sDbname = (String) ctx.lookup(FnxJndi.getDefaultDbJndiKey());
                                  System.out.println("LoginBean::loginAttempt() - get DB name : "+sDbname);
    FnxJndi.deepBind(ctx, FnxJndi.constructUserDbnameJndiKey(sUsername), sDbname);
    The following is part of our config.xml. Is there something we did wrong or we
    missed? Any help is highly appreciated.
    Thanks in advance.
    Ting
    <Realm CachingRealm="CachingRealm" Name="RdbmsRealm"/>
    <FileRealm Name="wl_default_file_realm"/>
    <CachingRealm ACLCacheSize="1000" BasicRealm="RdbmsRealm"
    CacheCaseSensitive="true" GroupCacheSize="20"
    Name="CachingRealm" PermissionCacheSize="100" UserCacheSize="1000"/>
    <JDBCConnectionPool CapacityIncrement="10"
    DriverName="com.sybase.jdbc.SybDriver" InitialCapacity="40"
    MaxCapacity="500" Name="fnxconnection"
    Properties="user=d711dbo;password=fnxltd;server=SYB_AXE"
    RefreshMinutes="0" Targets="tingserver" URL="jdbc:sybase:Tds:axe:5000"/>
    <JDBCDataSource JNDIName="fnxdatasource" Name="fnxjdbcdatasource"
    PoolName="fnxconnection" Targets="tingserver"/>
    <RDBMSRealm DatabaseDriver="com.sybase.jdbc.SybDriver"
    DatabasePassword="fnxltd" DatabaseURL="jdbc:sybase:Tds:axe:5000"
    DatabaseUserName="d711dbo" Name="RdbmsRealm"
    RealmClassName="com.fnx.util.security.rdbmsrealm.RDBMSRealm" SchemaProperties="getGroupMembers=SELECT
    GM_GROUP, GM_MEMBER from group2members WHERE GM_GROUP = ?;addGroupMember=INSERT
    INTO group2members values (?, ?) WHERE GM_GROUP = ?;getUser=SELECT rtrim(user_ID),
    rtrim(user_ID) FROM fnxuser WHERE user_ID = ?;getPermission=SELECT DISTINCT A_PERMISSION
    FROM acl2entries WHERE A_PERMISSION=?;getAcls=SELECT A_NAME, A_PRINCIPAL, A_PERMISSION
    FROM acl2entries ORDER BY A_NAME, A_PRINCIPAL;getUsers=SELECT rtrim(user_ID),
    rtrim(user_ID) FROM fnxuser;getGroups=SELECT GM_GROUP, GM_MEMBER FROM group2members;getPermissions=SELECT
    DISTINCT A_PERMISSION FROM acl2entries;getAclEntries=SELECT A_NAME, A_PRINCIPAL,
    A_PERMISSION FROM acl2entries WHERE A_NAME = ? ORDER BY A_PRINCIPAL;newUser=insert
    into fnxuser values (?, ?);removeGroupMember=DELETE group2members WHERE GM_GROUP
    = ? and GM_MEMBER = ?"/>
    <PasswordPolicy Name="wl_default_password_policy"/>

    Please look into the previous posting of yours.
    -utpal
    "Amit" <[email protected]> wrote in message
    news:[email protected]..
    >
    Hi,
    I want to store user id, password, roles in the DB tables and providewebbased
    forms to create/modify user.
    How do I implement security relam for users stored in the DB table?
    Thanks and Regards,
    Amit

  • RDBMS Realm Schema Properties - newbie looking for some general info

    I am new to the world of WL Security Realms. I am trying to better
    understand what is involved in setting up a RDBMS Security Realm and
    speficially the Schema Properties within that security realm.
    The situation that I am trying to solve right now is that I want to
    provide authentication for a given application using a "user list"
    from another DB that our application will have access to via JDBC.
    First off, would using the RDBMS security realm allow me to do
    something along these lines - ie access a "user list" from another DB?
    If YES, then what sort of things would have to be done from the
    schema properties standpoint in order to make this possible?
    Note that the other DB will also be an Oracle instance managed by
    WebLogic, the same as with our application, if it makes a difference
    in any way.
    Thanks for the help.
    Chris Baglieri

    You need to configure the schema so that it fits in with your database
    getGroupMembers=SELECT GM_GROUP, GM_MEMBER from groupmembers WHERE GM_GROUP
    = ?
    deleteGroup2=DELETE FROM aclentries WHERE A_PRINCIPAL = ?
    deleteGroup1=DELETE FROM groupmembers WHERE GM_GROUP = ?
    addGroupMember=INSERT INTO groupmembers VALUES ( ? , ? )
    getUser=SELECT U_NAME, U_PASSWORD FROM users WHERE U_NAME = ?
    getPermission=SELECT DISTINCT A_PERMISSION FROM aclentries WHERE
    A_PERMISSION = ?
    deleteUser3=DELETE FROM aclentries WHERE A_PRINCIPAL = ?
    deleteUser2=DELETE FROM groupmembers WHERE GM_MEMBER = ?
    getGroupNewStatement=true
    deleteUser1=DELETE FROM users WHERE U_NAME = ?
    getAcls=SELECT A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries ORDER BY
    A_NAME, A_PRINCIPAL
    getUsers=SELECT U_NAME, U_PASSWORD FROM users
    getGroups=SELECT GM_GROUP, GM_MEMBER FROM groupmembers
    getPermissions=SELECT DISTINCT A_PERMISSION FROM aclentries
    getAclEntries=SELECT A_NAME, A_PRINCIPAL, A_PERMISSION FROM aclentries WHERE
    A_NAME = ? ORDER BY A_PRINCIPAL
    newUser=INSERT INTO users VALUES ( ? , ? )
    removeGroupMember=DELETE FROM groupmembers WHERE GM_GROUP = ? AND GM_MEMBER
    = ?
    (Taken from bea's example RDBMS Realm)
    Modify this to fit in with your schema
    "Chris Baglieri" <[email protected]> wrote in message
    news:[email protected]...
    I am new to the world of WL Security Realms. I am trying to better
    understand what is involved in setting up a RDBMS Security Realm and
    speficially the Schema Properties within that security realm.
    The situation that I am trying to solve right now is that I want to
    provide authentication for a given application using a "user list"
    from another DB that our application will have access to via JDBC.
    First off, would using the RDBMS security realm allow me to do
    something along these lines - ie access a "user list" from another DB?
    If YES, then what sort of things would have to be done from the
    schema properties standpoint in order to make this possible?
    Note that the other DB will also be an Oracle instance managed by
    WebLogic, the same as with our application, if it makes a difference
    in any way.
    Thanks for the help.
    Chris Baglieri

Maybe you are looking for

  • I want to set up an iCloud account. Please Help

    I want to set up an iCloud account, and I am unable to do so, as iCloud says my apple ID is valid  but not an iCloud Account and I get no option to create an account. How do I accomplish this? I am using a Windows Computer and I don't own an iPhone o

  • How to use a decode function

    I want to use the following with decode, recently started on BODS. Can you please provide the steps to use decode function in source tabke fieldname is ordid and in target fieldname is Orderid decode(Order_ID = 1709,lpad(Order_ID,7,'700'),Order_ID) t

  • Can't access mask in gradiant tool in lightroom 2

    I have recently purchased Lightroom 2 and when using the gradiant tool I can't access the mask option? Also with the brush tool the erasure option does not always work. I'm working on a pc. Thank you. Mark

  • Why can't Premiere Pro CC start?

    It never moves past the loading screen and just crashes. It's run flawlessly in the past, just this night it's being difficult. I've tried rebooting Creative Cloud by logging in and out - and of course the PC. I've also tried running it in compabilit

  • Solution for "ACR Thumbnails changes from as shot".

    Enclosed is a good explanation of the phenomena of the ACR thumbnail changing color, saturation, or whatever when you initially click on it.  I believe his reference to the 4 auto check boxes is in edit/camera raw preferences. http://www.luminous-lan