realm-name problem

Hi,
I'd installed a Weblogic 8.1 Server and I develop a want configure my webapp a specified Realm.
In Bea documentation I saw that the weblogic-application.xml descriptor has a tag <real-name>. I write in this tag the realm-name of my custom realm, but Weblogic doesn't found this Realm.
I try to write the default Realm (myrealm), but also I get the same error. The only way that I found to test my Realm has been, setting my custom realm as default Realm, but this isn't a correct solution for me.
How have I write the Realm Name in this tag?
What is the correct way to config a webapp with specified Realm?

Does not sound right to me.
On 1/27/2011 9:58 AM, Allan B. Clausen wrote:
> I have a multi User Source environment with 10.3.1.
>
> There are several user sources with both eDirt and Ad User Sources.
> This is normally not a problem, as we stamp in the Realm name in the
> registry. The user always gets the right realm.
>
> But there is a problem.
>
> Scenario:
> User "XYZ" is present in Realm 7.
> When he logs in, he logs in as user XYZ in realm 7, and it works
> perfectly.
>
> Eexcept for one scenario.
> If user XYZ is ALSO present in Realm 2, the policies will grab the
> policies for user XYZ in Realm 2 in stead of realm 7.
> Apps and everything else is taken from Realm 7.
>
> It seems that the policy thingy is searching realms from top to bottom
> when trying to find the user.
>
> This particular user is using the Novell Client, and I'm not entirely
> shure if the problem is with AD also (they obviously don't use DLU or
> Roaming Profiles).
>
> Is this "working as designed"? or should I open an SR for this?
>
> Regards
> Allan
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner
Novell does not officially monitor these forums.
Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

Similar Messages

How to specify realm name when calling weak( ) method on ServletAuthentication class?

I've created a bunch of custom realms and for a specific user logon (form based "uname" and "pword"), the system knows exactly which custom realm to look up against. However, in using ServletAuthentication class, one can only specify realm name in strong(req, res, realmName), not the weak() method. Any clue?
-john

Hi John,
Did you find the answer to this question? I'm having a similar problem when calling the ServletAuthentication.assertIdentity() method.
Cheers,
Vidar

Web app authentication - realm-name in login-config

I work with WL 7 sp1 on linux
I created an authentication provider, and it worked great
as I added it to the default realm,
and asked for BASIC authentication.
Still when I tried to change the realm-name to MyOtherRealm,
it showed this name in the browser window,
but did not activate my login module.
I run getRealm in the servlet and got weblogicDEFAULT although I specifically
asked for another realm
Is it a known problem ? BEA please help

I'm not an expert on SJWS, but maybe this helps:
In AD the membership is stored in the 'member' attribute (not uniquemember), the objectclass is 'group' instead of 'groupofuniquenames' bbut you should rather use 'objectcategory=group' as this is not a MV attribute, same for samAccountName instead of cn.
Dependent on your ASD size the 'member=%d' filter should work. However this doesn't perform on bigger ADs.
Regards
Frerich
Btw. Has anybody an idea how to configure iPlanet web server against AD? It is searching for UID as default but I need 'em to search for samAccountName...

Help with add file name problem with Photoshop CS4

Frustrating problem: Help with add file name problem with Photoshop CS4. What happens is this. When I am in PS CS4 or CS3 and run the following script it runs fine. When I am in Bridge and go to tools/photoshop/batch and run the same script it runs until it wants interaction with preference.rulerunits. How do I get it to quit doing this so I can run in batch mode? Any help is appreciated. HLower
Script follows:
// this script is another variation of the script addTimeStamp.js that is installed with PS7
//Check if a document is open
if ( documents.length > 0 )
var originalRulerUnits = preferences.rulerUnits;
preferences.rulerUnits = Units.INCHES;
try
var docRef = activeDocument;
// Create a text layer at the front
var myLayerRef = docRef.artLayers.add();
myLayerRef.kind = LayerKind.TEXT;
myLayerRef.name = "Filename";
var myTextRef = myLayerRef.textItem;
//Set your parameters below this line
//If you wish to show the file extension, change the n to y in the line below, if not use n.
var ShowExtension = "n";
// Insert any text to appear before the filename, such as your name and copyright info between the quotes.
//If you do not want extra text, delete between the quotes (but leave the quotes in).
var TextBefore = "Lower© ";
// Insert any text to appear after the filename between the quotes.
//If you do not want extra text, delete between the quotes (but leave the quotes in).
var TextAfter = " ";
// Set font size in Points
myTextRef.size = 10;
//Set font - use GetFontName.jsx to get exact name
myTextRef.font = "Arial";
//Set text colour in RGB values
var newColor = new SolidColor();
newColor.rgb.red = 0;
newColor.rgb.green = 0;
newColor.rgb.blue = 0;
myTextRef.color = newColor;
// Set the position of the text - percentages from left first, then from top.
myTextRef.position = new Array( 10, 99);
// Set the Blend Mode of the Text Layer. The name must be in CAPITALS - ie change NORMAL to DIFFERENCE.
myLayerRef.blendMode = BlendMode.NORMAL;
// select opacity in percentage
myLayerRef.opacity = 100;
// The following code strips the extension and writes tha text layer. fname = file name only
di=(docRef.name).indexOf(".");
fname = (docRef.name).substr(0, di);
//use extension if set
if ( ShowExtension == "y" )
fname = docRef.name
myTextRef.contents = TextBefore + " " + fname + " " + TextAfter;
catch( e )
// An error occurred. Restore ruler units, then propagate the error back
// to the user
preferences.rulerUnits = originalRulerUnits;
throw e;
// Everything went Ok. Restore ruler units
preferences.rulerUnits = originalRulerUnits;
else
alert( "You must have a document open to add the filename!" );

you might want to try the scripting forum howard:
http://www.adobeforums.com/webx?13@@.ef7f2cb

Document links a name problem

I am having an a href / a name problem after constructing my
newsletter for email dissemination. When I create the email and use
a href="article1" to a name="article1" it works on my computer to
take the viewer from the menu link to the document in the article
but when I send it out in a test email it attempts to find a
location on my computer.
Help please so I can send out my email newsletter.
Thanks
Voodoo

Hi David - yes, you and I both!! It has totally wrecked my data-base of Help links.
The more this issue is given air space maybe the better chance to rectify it. Surely it can't be too difficult to create a method whereby old URLs are transferred to the new system?

Change default realm name ("WebLogic Server")

Hi,
I'm using WLS5.1 and ACLs, now I'd like to change the realm name
coming up in the browser popup where now "Realm: WebLogic Server"
shows.How can I do this?
Thanks,
tino

Hi,
Not sure which version you use but try this link :
http://download.oracle.com/docs/cd/B25221_04/core.1013/b25209/ports.htm#BABFBDFI
L. Dreef

What info. to store in the web.xml tag realm-name for a LDAP authentication ?

Hello everybody,
I try to authentify users of my web-app with a full-LDAP directory (O.I.D : Oracle
Internet Directory),
using Weblogic 5.1.
So i have configured :
1) "weblogic.properties"
2) "ldaprealm.properties"
and then i have to configure the xml files for my web-app : "web.xml" and "weblogic.xml".
What kind of information must i put in the tag <realm-name>, under <login-config>
in "web.xml" file ?
Is it the same name which is mentionned in the weblogic.security.realmClass property
of the "weblogic.propertis" file ?
Is it another name ? Which one ?...
Could you send me a pair of a web.xml/weblogic.xml associated with a web-app,
in a LDAP authentication envirnoment ?
It would be a great help for me.
Thanks in advance.

Hi Sylvain,
Web-Application security works in exactly the same way whether you are using the LDAPRealm,
or just the fileRealm
To the web-application, it makes no difference whether a principal is in either LDAPRealm or
fileRealm
Here's working pair:
web.xml
<web-app>
<security-constraint>
<web-resource-collection>
<web-resource-name>myName</web-resource-name>
<url-pattern>/myDirectory/myFile.html</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>
myRole
</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>
myRole
</role-name>
</security-role>
</web-app>
weblogic.xml
<weblogic-web-app>
<description>WebLogic Descriptor</description>
<security-role-assignment>
<role-name>myRole</role-name>
<principal-name>myWLS_principal</principal-name>
</security-role-assignment>
</weblogic-web-app>
Here myWLS_principal should be a user or group that exists in either the WebLogic fileRealm
or the WebLogic LDAP realm (or other alternate realm -- it doesn't make a difference whether
this is LDAP, or NTRealm, or UnixRealm, or RDBMSRealm, or Custom Realm...)
Cheers
Joe Jerry
"Sylvain R." wrote:
Hello everybody,
I try to authentify users of my web-app with a full-LDAP directory (O.I.D : Oracle
Internet Directory),
using Weblogic 5.1.
So i have configured :
1) "weblogic.properties"
2) "ldaprealm.properties"
and then i have to configure the xml files for my web-app : "web.xml" and "weblogic.xml".
What kind of information must i put in the tag <realm-name>, under <login-config>
in "web.xml" file ?
Is it the same name which is mentionned in the weblogic.security.realmClass property
of the "weblogic.propertis" file ?
Is it another name ? Which one ?...
Could you send me a pair of a web.xml/weblogic.xml associated with a web-app,
in a LDAP authentication envirnoment ?
It would be a great help for me.
Thanks in advance.

What is "Realm-Name" about ? How do I remove that ?

Hi
When I try to run a php file locally,
I get this message
"To view this page, you must log in to area “Realm-Name” on localhost:8888."
What is this and where can I read more about this concept ?
How do I remove this message ?
Any help is appreciated.

InDesign has an online help function; searching for 'overset text' yields this:
http://community.adobe.com/help/search.html?q=overset%20text&hl=en_US&lr=en_US&l=indesign_ product_adobelr&site=indesign_cs5_all&self=1&filter=0
Try the following experiment to see how it works: draw a text frame, fill it with Placeholder Text, then toggle to the black arrow and make the text frame a bit smaller. Hey presto, Overset Text.
In summary, 'overset text' is simply Too Much Information. Text that has not been placed. Text for which there is no room allocated in your text frames.
You can best delete it using the Story Editor (look in the help for that), which helpfully shows you what part of a story is overset -- but, would you really want to delete this? (Perhaps you would, since you never noticed it was missing in the first place.) Another way of getting rid of it is placing your text cursor at the very end of the last visible sentence in the last text frame -- the one with a glaringly obvious Warning Signal Red Plus in its lower right corner -- and press Cmd+Shft+End keys to select everything up to the end of the story, then press Backspace.

How can one use one specific security realm per application ? The realm-name attribute of the login-config tag of web.xml does not make any difference

Hi,
I have different sets of users coming from different databases and using different
roles mapping for each of my web applications. I would like to configure a specific
security realm per application in my weblogic server 7.0 . Is it possible ?
I try to specify the realm-name of the login-config tag from the web-xml deployement
descriptor but it doesn't make any difference. The default realm is always used.
I also would like to tell the Weblogic server to use the default realm in case
the realm isn't specified or isn't found. For example, the default would contains
my admin users.
Thanks a lot for your answer.
Iz

I thik this is a common mistake the ralm-name tag in the deployment descriptor is used
just by the browser for display purposes (when it opens the basic auth dialog box) so as
of now there is only 1 active realm which can have multiple providers as Kevin pointed
out
Kevin Lewis wrote:
WebLogic 7 now ignores the realm-name tag (I found that out yesterday).
My understanding is that there is only one realm active at a time for a domain
(I would be interested in being contradicted in this).
However, you can have multiple providers in each category of a realm: authentication,
authorization, etc. Therefore, what you can do is key authentication, et al,
off of some other information. We have our users enter their company, for example,
and use the TextInputCallback to get it. You could also encode something in the
initial page, based on the URL they hit, or whatever, and get that back in your
callback.
You can store that information in your own Principal implementation, and key off
of that in your authorization provider, going to a different database as appropriate,
or abstaining when a specific provider doesn’t have anything to say about a subject.
Anyway, there should be a way to do it, even if it's more complex than you would
have hoped.
--Kevin

Name Problem while creating Proxy

Dear All,
While creating a proxy we are getting warning with regards to NAMES PROBLEM.
Under Names Problem tab there are 3 comments:
1. Object Already Exists
2. Name already exists
3. Special Character / underscore at position 30 deleted.
As per my understanding the objects already exists, but I have deleted those objects create earlier by deleting the proxy.
Is there any way from where we can delete already deleted objects?
Is it because of Cache refresh, if yes than please tell how to refresh Cache in ECC system?
While activating any Functional Module in same ECC system, I can see all earlier created objects although I have deleted all of them while deleting proxy objects.
Please help!!
Regards
Edited by: Chanakya Sharma on Jun 21, 2010 11:16 AM

> 1. Object Already Exists
> 2. Name already exists
> 3. Special Character / underscore at position 30 deleted.
>
> As per my understanding the objects already exists, but I have deleted those objects create earlier by deleting the proxy.
Table structures are not deleted automatically. Check in SE80 for all objects created with SPROXY.
The issue could happen also, when name of data type, message type and message interface is equal. Then the creation ot the data type objects fails, is there is already an object related to message type.
For proxy genaration you should name all ojects with a prefix, like DT for data type.

Realm Name

I am using weblogic 5.1 with service pack #6. I have setup Realm Name for weblogic server using property weblogic.httpd.authRealmName. I get Realm Name as 'null' for all the webApps that has been defined. So, how do I set Realm name for various webApp defined in that server.
Thanks in advance

Hi,
Due to this is an English forum, to get better help, please post your question on the forum below,
https://social.technet.microsoft.com/Forums/windowsserver/fr-FR/home?forum=winserverNAP
Best Regards.
Steven Lee
TechNet Community Support

Binding to OD (10.5.2) adds Computer accounts with client realm names

After applying “security Update 2008-002 v1.1 Server (leopard)” to a server running 10.5.2, clients were bumped from binding.
When I re-bind to OD, 2 new entries show up in computer accounts, one is the FQDN,( e.g., labtable6.physicslabs.uri.edu), the other is a Realm name (e.g. LKDC:SHA1.03344892C418CB16C250B59EAA7F93FEF79EF257.
Not only that, but in the list of principles in the Kerberos database, 2 entries for each machine are added to each service (e.g.,
afpserver/[email protected]
and
afpserver/LKDC:[email protected] ABS.URI.EDU.
Everything runs OK but I have to connect again to get AFP shares, but I cannot reconnect from the sidebar in finder, only from the Go menu, or a command.
All names in the DNS and Reverse IP lookups Resolve OK.
Has this happened to anyone else? I can fix the double entry in the computer accounts by just deleting the realm name, but I’m a bit worried about the double entry in the KDC.

Follow up
I used:
sso_util to remove the KDC on clients and
Kadmin to remove multiple entries in the KDC of the server.
Broke the bind (or whatever you call it) and bind again, no second entry in either Workgroup Manager’s Computer Accounts and no multiple service principles on the server’s KDC.
The following sight were helpful on this issue
http://forums.bombich.com/viewtopic.php?t=11834&highlight=lkdc
http://www.netmojo.ca/blog/2008/01/30/tiger-to-leopard-server-migration-part-fou r/
http://web.mit.edu/macdev/KfM/KerberosClients/KerberosApp/Documentation/using-os x.html#startup
I guess when I was installing Leopard LDAP I was using Tiger manuals and didn’t know about the “Back to My Mac” stuff.
My mistake:,the other issue with the finder sidebar is something different see:
http://discussions.apple.com/thread.jspa?messageID=5698233
Onward through the fog.

Connect to Server Login Name Problem

I have been troubleshooting some problems on two computers my father-in-law has.
One is an 2GHz Intel Core Duo iMac running Mac OS 10.4.11. We'll call this iMac 2G.
The second is an 800 MHz PowerPC G4 iMac running Mac OS 10.4.11. We'll call this iMac 800M.
I am attempting to file share the two computers. I can connect iMac 800M to the iMac 2G via "Connect to Server" fine. When I try to do the reverse, iMac 2G to the iMac 800M, the "Connect to Server" login window want to use the "Short Name" listed in the "Account" panel for the login name instead the full name.
Is there a way to fix this so that it will work with the full name will work in the login window?
Thanks.
BTW - I do not know if this matters but I used the "ChangeShortName" (version 1.3) utility to fix the short name problem in the iMac 2G. Everything work fine after running the program.

Never mind, there were two login information stored in the keychain. Deleting the old one seem to correct the problem.

GUI_DOWNLOAD field names problem

Hi,
I have a problem with the haederline with the column names in the downloaded file.
I'm using the function GUI_DOWNLOAD in the following way:
DATA: ls_fieldnames TYPE it_fieldnames,
        lt_fieldnames TYPE STANDARD TABLE OF it_fieldnames.
ls_fieldnames-fieldname = 'Column1'.
APPEND ls_fieldnames TO lt_fieldnames.
ls_fieldnames-fieldname = 'Column2'.
APPEND ls_fieldnames TO lt_fieldnames.
CALL FUNCTION 'GUI_DOWNLOAD'
    EXPORTING
      filename                = p_fname
      filetype                = 'DAT'
      codepage                = '4103'
    TABLES
      data_tab                = lt_table
      fieldnames              = lt_fieldnames
The problem now is, that the header line is shown a several times in the text file. that means, it appears at very first (as it should), but also appears a several times between the data lines again.
Does anyone have any idea what the problem is?
Thank you!

Hi,
If you are downloading the file into an EXCEL you can use the filetype 'DAT'.
Here you are downloading into an Text file. So please try with the Filetype 'ASC'.
Please try with this and also see what the pagecode 4103 does.
With Regards,
Sumodh.P

Host name problem

Hi,
whenever I excute the web application ,it is not showing the result.I found that there is a problem in configuring of host name by using the function module "RSBB_URL_PREFIX_GET".The value for E_URL_SERVER is in the format ls3022 rather than ls3022.wdf.sap-ag.de.
So it has the only host name but not the domain (including the extension).How can i change this value to complete host name(including the domain).
With rgds,
Anil

Hi Deepu,
Thank you for your help.
Could u clarify my silly doubt. If we are running the BW server on Unix,Is there any domain in this case.
With rgds,
Anil

realm-name problem

Similar Messages

Maybe you are looking for