REPOST: where is weblogic.security.servlet.encodeXSS?

http://e-docs.bea.com/wls/docs81/servlet/progtasks.html
suggests to use
weblogic.security.servlet.encodeXSS
to encode output string to prevent cross-site scripting.
my question is simple:
where is weblogic.security.servlet.encodeXSS?
I cannot find it anywhere under WL installation dir.
-Thx

There is a bug in documentation.
encodeXSS is in
weblogic.servlet.security.Utils
You're welcome

Similar Messages

New to Weblogic Security

I have an ORACLE database which contains a table of 100s of users and passwords with their group information. I developed a Webapplication (in Tomcat) in which one of the servlets works as authenticator for the user logging in by fetching row from the datbase and validating him.(This is a simple authentication)
Now I have switched to Weblogic platform 8.1 SP2 and am completely new to Weblogic Security. I want to use Weblogic security features for my application and the users & groups should be retrieved from the database for authentication.
How can I do this ? Any clear-cut steps ?
Where can I find them in documentation ?
Please help me...Urgent !!

I found it in
Weblogic Administration Console Home -> Summary of Security Realms->myrealm->Providers.
Click on new Authentication provider button-> you will see 'TrustServiceIdentityAsserter' as one of the types.

Weblogic.security.acl.internal.AuthenticatedSubject not resolved

Hi guys,
when I try to implement that code:
CallbackHandler handler = new URLCallbackHandler(username,
password);
Subject mySubject =
weblogic.security.services.Authentication.login(handler);
weblogic.servlet.security.ServletAuthentication.runAs(mySubject, request);
// Where request is the httpservletrequest object.
in my servlet I get that issue in workshop 9.2:
The type weblogic.security.acl.internal.AuthenticatedSubject cannot be resolved. It is indirectly
referenced from required .class files
Any idea??
Thanks a lot
L.

solved!
simply import weblogic.jar in the project

Weblogic security authentication; question to interact with the realm

Hi, I have a quick question about weblogic security authentication....
We are using weblogic 81sp3. We have user-group info in an Novell eDirectory LDAP server.
Currently, a Novell Authenticator provider is configured under : Security > Realms > myRealm > Providers > Authentication This tells Weblogic from where to get the user and groups. Weblogic caches this information of the logged on users for certain time ( example : 60 secs ) after which it cleans the cache for all inactive users. We want to interact with the Weblogic cache. Add more user profile information to this cache and use it in our application .
Does somebody know how to programmatically interact with Weblogic user-group cache - read , write , update and delete user-group info in cache and control time to live for the cache ?

already checked
TTLCache class which weblogic provides. But they seem to depracetd it
help ?

SOAP handlers and the WebLogic Security Provider Framework

I am new to WebLogic... I am trying to understand the Weblogic security framework in terms of how a SOAP message would be processed. Do SOAP handlers get called before the configured security providers? after being processed by the Authentication provider? after being processed by the Authorization provider? or at some other point?

Thanks. But I have some questions about the seed:
- where is it stored?
- how is it encrypted?
- is the seed regenerated periodically? or under certain circumstances?
Regards,
Janice Pang
"Tom Hegadorn" <[email protected]> wrote:
>
>
Hi Janice,
If you choose to use the PrincipalValidatorImpl class in the
weblogic.security.provider package, the sign() implementation
will be the internal weblogic implementation. This implementation
generates a random seed and computes a digest based on the
random seed. I hope that helps you.
Regards,
Tom Hegadorn
Sr. Developer Relations Engineer
BEA Support
"Janice Pang" <[email protected]> wrote:
From the online documentations, it is said that this weblogic.security.provider.PrincipalValidatorImpl
"signs" the authenticated principals to make sure they are not altered
while they
are transported on the network.
The document also mentioned, as a suggested way to develop a customprincipal
validation provider, to use this class and extend the capabilities of
user and
group classes. What kind of private information from the server isused
for the
signature and where is that information stored?

How to execute WebLogic security related commnads?

Hello All
I am just learning Oracle WebLogic and humbly request you for all your help. I installed Oracle WebLogic Server 11g Release 1 (10.3.3) on my Windows XP desktop. I could able create and cluster manage servers, configure WebLogic plug-in to Sun Java Web Server (I installed that on my Windows XP desktop) etc. Now I am reading the documentation about security and wants to run some of the commands as shown below
1) weblogic.security.SSL.protocolVersion (Command-line argument lets you specify which protocol is used for SSL connections)
2) Dweblogic.security.SSL.enableJSSE=true|false (System property to enable and disable JSSE SSL)
I am not sure how to execute this commands. As I cannot execute these commands from the AdminServer console, the only way left is C:\ prompt on my desktop. So I figured out the security directory under C:\Oracle\Middleware\user_projects\domains\Domain1\security on my desktop and tried to execute the commands unsuccessfully from C:\
C:\Oracle\Middleware\user_projects\domains\Domain1\security>weblogic.security.SSL.protocolVersion
'weblogic.security.SSL.protocolVersion' is not recognized as an internal or exte
rnal command,
operable program or batch file.
Where I can execute these commands and your help is very much appreciatecd?
Thanks

Hi,
"weblogic.security.SSL.protocolVersion" is only a System property Not a Executable command. This flag is just to tell the JVM to use which version of SSL implementation. This is a System Property which is needs to be enabled in the JAVA_OPTION part of your JVM/Server startScript.
Like if you are starting WebLogic server then U must apply this System property in the server start Scipt JAVA_OPTION variable:
Edit Apply the "startWebLogic.sh" and then add the following like below:
<font color=maroon> *export JAVA_OPTION="${JAVA_OPTIONS} -Xmx1024m -Xms1024m -Dweblogic.security.SSL.protocolVersion=SSL3"* </font>
Below are the meaning of this flag values.
-Dweblogic.security.SSL.protocolVersion=SSL3—Only SSL V3.0 messages are sent and accepted.
-Dweblogic.security.SSL.protocolVersion=TLS1—Only TLS V1.0 messages are sent and accepted.
-Dweblogic.security.SSL.protocolVersion=ALL—This is the default behavior.
Or Suppose if you want to run some standalone Java Program which Uses SSL and if you want to tell the JVM to use SSL3 implementation then you can do something like this:
*java <font color=red>-Dweblogic.security.SSL.protocolVersion=SSL3</font> HelloWorld*
Thanks
Jay SenSharma
*http://middlewaremagic.com/weblogic (Middleware Magic Is Here)*

Weblogic Security Queries

Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to store the information
of users,groups etc
2)Perform identity management to manage roles and permissions This includes the
ability to define users, resources, and abstract concepts such as a user role
or a group
3)The final requirement is access management. This is the enforcement of which
users have access to what information. It includes authentication and authorization
mechanisms to make sure someone is who they claim to be and that they have the
authority to get the information they requested, and access management to enforce
the permissions
I need to achieve these requirements for my Portal application. My queries for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticate users
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providers etc they
seem to be tightly coupled to the embedded LDAP. In order to solve my requirements
on 2 and 3 what are the approaches that are available.
3)I also have tried to create a new Realm that the Iplanet authentication provider
configured to authenticate against iPlanet LDAP and also the other default providers
that come along with
weblogic to do authorization checks. When I try to start my server I get the following
errror and the server does not start.
<Nov 28, 2003 4:58:31 PM GMT+05:30> <Critical> <Security> <BEA-090404> <User weblogic
is not permitted to boot the server; The
server policy may have changed in such a way that the user is no longer able to
boot the server.Reboot the server with the administrative user account or contact
the system administrator to update the server policy definitions.>
The WebLogic Server did not start up properly.
Reason: weblogic.security.SecurityInitializationException: User weblogic is not
permitted to boot the server; The server policy
may have changed in such a way that the user is no longer able to boot the server.Reboot
the server with the administrative us
er account or contact the system administrator to update the server policy definitions.
Can anyone suggest me any ways to solve my queries and if you could provide some
input on how to solve my requirements that will be very useful and we are WLS
shop so the solution should be within the reach of weblogic server security

Hi,
This is w.r.t the same query.
1)Where do you want your role and policy information stored? How is your role
and policy information defined? The WLS framework is limited to WLS resources
(ejbs,
webapps,jdbc connection pools, etc.)
Ans) The Roles and Policies are defined in the External LDAP.
"Anand" <[email protected]> wrote:
>
Hi,
Thanks for your replies. I have a couple of other queries which are as
follows:
1. How do we decouple the Embeded LDAP and connect to External LDAP Server
for
Authentication and Authorization( I prefer iPlanet LDAP Server)
2. Is Portal WLS resource ? If so I want to build a Access Control List.
3. Can you point me to any resource which guides me how to configure
iPlanet server
for authentication and Authorization. I am a novice. This tutorial/sample
should
include all necessary codes.
"Peter" <PeterB> wrote:
"Anand" <[email protected]> wrote in message
news:[email protected]...
Hi All,
My requirements are as follows:
1) Have a central repository like the iplanet Directory server to
store
the information
of users,groups etc
2)Perform identity management to manage roles and permissions Thisincludes the
ability to define users, resources, and abstract concepts such as
a
user
role
or a group
3)The final requirement is access management. This is the enforcementof
which
users have access to what information. It includes authentication
and
authorization
mechanisms to make sure someone is who they claim to be and that theyhave
the
authority to get the information they requested, and access managementto
enforce
the permissions
I need to achieve these requirements for my Portal application. Myqueries
for
the same are as follows
1)The default Weblogic authetication providers can be used to authenticateusers
located on iplanet Directory server.
2)But my doubt is with the authorization provider, Role Mapper providersetc they
seem to be tightly coupled to the embedded LDAP. In order to solvemy
requirements
on 2 and 3 what are the approaches that are available.The role mapper and authorization providers do store roles and policies
in
embedded
ldap server.
Where do you want your role and policy information stored? How is your
role
and policy
information defined? The WLS framework is limited to WLS resources (ejbs,
webapps,
jdbc connection pools, etc.)
3)I also have tried to create a new Realm that the Iplanet authenticationprovider
configured to authenticate against iPlanet LDAP and also the otherdefault providers
that come along with
weblogic to do authorization checks. When I try to start my serverI get
the following
errror and the server does not start.
WLS uses the server resource to determine if you can boot the server.
There
is a policy
that allows users with admin or operator role. The default for thatrole
is
member
of the administrators or operators group. You can change this role
expression with
the console.
Therefore, check to see if your boot user is a member of the administrators
group.
>

Weblogic.security.X509 alternative in WLS 9.1

Hi All
We have setup IIS 5.0 with 2 way SSL for client connection. We have also configured IIS weblogic proxy for Weblogic 9.1 using iisproxy.dll. The connection between IIS and WebLogic 9.1 is HTTP based. We are trying to get the client certificate in Weblogic 9.1 using the following code
java.security.cert.X509Certificate certs [];
certs = (java.security.cert.X509Certificate [])
request.getAttribute("javax.servlet.request.X509Certificate");
However the returned certificates are NULL.
We have also enabled Client Cert Proxy and Weblogic Plug-in in Weblogic 9.1 configuration.
We are trying to migrate from weblogic 8 to 9.1 and our previous code was as follows
weblogic.security.X509 [] certs = (weblogic.security.X509[])req.getAttribute("javax.net.ssl.peer_certificates");
This code work fine with the same IIS setup. Since weblogic.security.X509 is removed in WLS 9.1 we are forced to change our code.
Please help!
Message was edited by:
rmkandan

hi
Currently I am using
req.getHeader("WL-Proxy-Client-Cert")
to get the client certificate and then i do the following to get the X509 cert format
     if (pemCert != null && pemCert.length() > 0 ){
          pemCertBuff.append("-----BEGIN CERTIFICATE-----");
          pemCertBuff.append(pemCert);
          pemCertBuff.append("-----END CERTIFICATE-----");
     System.out.println("CertificateUtil:getFingerPrint: pemCertBuff --"+pemCertBuff.toString());
     X509Certificate certs = null;
     try {
          CertificateFactory cf = CertificateFactory.getInstance("X.509");
          ByteArrayInputStream bis = new ByteArrayInputStream(pemCertBuff.toString().getBytes());
          weblogic.security.PEMInputStream pemIs = new weblogic.security.PEMInputStream(bis);
          BufferedInputStream bufis = new BufferedInputStream(pemIs);
          certs = (X509Certificate)cf.generateCertificate(bufis);
     } catch (CertificateException e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
     } catch (IOException e) {
          // TODO Auto-generated catch block
          e.printStackTrace();
And I am able to get the certificate, but I need to know is there any other elegant way to get the certificate as we did using weblogic.security.X509 class?
Please help!!
Message was edited by:
rmkandan

Weblogic.security.KeyManagementException: java.io.EOFExceptio

I am getting the following error when I am use the certificate obtained from baltimore
instead of the default provided by weblogic.
private key that was generated by the Certificate Servlet.
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of severity "Error"
or worse will be displayed in this window. This can be changed at Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent security configu
ration, weblogic.security.KeyManagementException: java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread listening on
po
rt 7001>

I am getting the following error when I am use the certificate obtained from baltimore
instead of the default provided by weblogic.
private key that was generated by the Certificate Servlet.
<05-Mar-02 17:22:01 GMT> <Info> <Logging> <Only log messages of severity "Error"
or worse will be displayed in this window. This can be changed at Admin Console
mydomain> Servers> myserver> Logging> General> Stdout severity threshold>java.io.EOFException
at weblogic.security.Utils.inputByteArray(Utils.java:143)
at weblogic.security.ASN1.ASN1Utils.inputASN1Integer(ASN1Utils.java:120)
at weblogic.security.X509.input(X509.java:120)
at weblogic.security.X509.initialize(X509.java:81)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:09 GMT> <Alert> <WebLogicServer> <Inconsistent security configu
ration, weblogic.security.KeyManagementException: java.io.EOFException>
weblogic.security.KeyManagementException: java.io.EOFException
at weblogic.security.X509.initialize(X509.java:86)
at weblogic.security.Certificate.<init>(Certificate.java:59)
at weblogic.security.X509.<init>(X509.java:56)
at weblogic.t3.srvr.SSLListenThread.insertIntoCAChain(SSLListenThread.ja
va:232)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:411)
at weblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:297)
at weblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:942)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:403)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:169)
at weblogic.Server.main(Server.java:35)
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <WebLogic Server started>
<05-Mar-02 17:22:31 GMT> <Notice> <WebLogicServer> <ListenThread listening on
po
rt 7001>

Weblogic security - acegi

Hi,
My application was using acegi security for basic authentication and now I am trying to deploy it under weblogic9.2. I am facing a problem that I need to define the users in weblogic security also to get it authenticated and so browser asks user/password twice, once for weblogic and once for acegi. Can anybody where I might be making mistake.
My web.xml has this,
     <filter>
          <filter-name>Acegi Filter</filter-name>
          <filter-class>
               org.acegisecurity.util.FilterToBeanProxy
          </filter-class>
          <init-param>
               <param-name>targetClass</param-name>
               <param-value>
                    org.acegisecurity.util.FilterChainProxy
               </param-value>
          </init-param>
     </filter>
     <filter-mapping>
          <filter-name>Acegi Filter</filter-name>
          <url-pattern>/*</url-pattern>
     </filter-mapping>
Please inform me about the problem,
Best regards,
mik

There are some information you might be able to find in a SpringOne presentation. It contains the latest information on Spring integration with WebLogic Server, Coherence, and TopLink, respectively. It cites http://www.interface21.com/pitchfork, which contains download links.
You might also would like to check the following link:
http://www.oracle.com/technology/tech/java/spring/index.html
http://www.infoq.com/news/Spring-WebLogic-EJB3
I am not pretty sure how much it is related to your doubt, however still posting so that those link can be found by anyone browsing for Spring query
/ed

Weblogic Security Programmatic Authentication API

Hi all,
I am trying to use weblogic authentication API with weblogic 11g and jdeveloper 11.1.1.2.
According to programming security document, we can use weblogic.security.SimpleCallbackHandler or weblogic.security.URLCallbackHandler class.
But i don't see any library to import those class.
where can i download those library?
With Regards,
Wai Phyo

Where can i get this Jar(com.bea.core.weblogic.security_2.0.1.0.jar). I have installed Weblogic10.3 on jdk1.6 and it has com.bea.core.weblogic.security_1.0.0.0_6-0-3-0.jar which does not have the weblogic.security.spi.AuthenticationProviderV2.
Any help on this will be really appreciated.
Thanks.
Ajay

Weblogic.security.provider.PrincipalValidatorImpl deprecated

http://edocs.bea.com/wls/docs103/javadocs/weblogic/security/provider/PrincipalValidatorImpl.html says the class is deprecated though the documentation(http://edocs.bea.com/wls/docs103/dvspisec/atn.html#wp1089150) suggests its use.
Anyone have any knowledge of the replacement api usage (com.bea.common.security.provider.PrincipalValidatorImpl) which does not seem to have a default constructor..

Same Problem here. It seems com.bea.common.security.provider.PrincipalValidatorImpl has no API Reference. and weblogic.security.provider.PrincipalValidatorImpl which is obviously for the WLS 8 release is deprecated.
Where to find an API Reference or some other documentation to com.bea.common.security.provider.PrincipalValidatorImpl ?

Weblogic.security.acl.realm.authentication... Exception

Hello All
the reason I'm moving a post-question from JMS to this section is people there
suggested this. anyway,
when I tried to use an applet which implemented MessageListener to send message,
I got the following exception ( the port 7001 had been granted to connect, resolve
in java.policy)
javax.naming.AuthenticationException [root exception is java.lang.SecurityException:Authentication
for user admin denied in realm webogic start server side trace: java.lang.SecurityException:Authentication
for user admin denied in realm weblogic at weblogic.security.acl.Realm.authentication(Realm.java
212) at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java 233) at weblogic.security.acl.internal.Security.authenticate(Security.java
135) at weblogic.kernel.bootSevicesImp.authenticat(BootServicesImp.java 119) at
weblogic.kernel.ExecuteThread.run(ExcuteThread.java:120 ..
My Question is why servlet or swing or other application out of applet don't generate
such exceptions even most codes are similar ? How to deal with this?
Thanks
John

Hello All
the reason I'm moving a post-question from JMS to this section is people there
suggested this. anyway,
when I tried to use an applet which implemented MessageListener to send message,
I got the following exception ( the port 7001 had been granted to connect, resolve
in java.policy)
javax.naming.AuthenticationException [root exception is java.lang.SecurityException:Authentication
for user admin denied in realm webogic start server side trace: java.lang.SecurityException:Authentication
for user admin denied in realm weblogic at weblogic.security.acl.Realm.authentication(Realm.java
212) at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java 233) at weblogic.security.acl.internal.Security.authenticate(Security.java
135) at weblogic.kernel.bootSevicesImp.authenticat(BootServicesImp.java 119) at
weblogic.kernel.ExecuteThread.run(ExcuteThread.java:120 ..
My Question is why servlet or swing or other application out of applet don't generate
such exceptions even most codes are similar ? How to deal with this?
Thanks
John

Weblogic.security.ldaprealmv2.LDAPRealmException

Environment:
WebLogic version: WebLogic Server 6.1 SP2 12/18/2001 11:13:46 #154529
jdk: 1.3.1
OS: Solaris 7
LDAP server: iPlanet Directory Server 5.0
Realm: LDAP2Realm CustomRealm weblogic.security.ldaprealmv2.LDAPRealm
ISSUE:
Certain LDAP users cause an Exception to propagate up to produce a 500
internal server error. How can one programmetically catch this
internal Exception? Why is this Exception thrown? I would have assumed
that the WebLogic realm componet would would prevent such Exceptions
from reaching the top?
NOTE1: Other users that exhast their login tries DO NOT produces this
Exception.
NOTE2: I know this could very well be a bug in the iPlanet Directory
Server 5.0 and/or the weblogic custom ream classes.
EXCEPTION:
<Apr 30, 2002 10:32:20 AM PDT> <Error> <HTTP>
<[WebAppServletContext(8204614,dailyrpts,/dailyrpts)] Servlet failed
with Exception
netscape.ldap.LDAPException: error result (19); Exceed password retry
limit. Please try later.; Constraint violation
at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4852)
at netscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1757)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
at netscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1303)
at netscape.ldap.LDAPConnection.bind(LDAPConnection.java:1613)
at weblogic.security.ldaprealmv2.LDAPDelegate.authenticate(LDAPDelegate.java:782)
at weblogic.security.ldaprealmv2.LDAPRealm.authUserPassword(LDAPRealm.java:60)
at weblogic.security.acl.AbstractListableRealm.authInternal(AbstractListableRealm.java:186)
at weblogic.security.acl.AbstractListableRealm.authenticate(AbstractListableRealm.java:127)
at weblogic.security.acl.AbstractListableRealm.getUser(AbstractListableRealm.java:110)
at weblogic.security.acl.CachingRealm.authenticate(CachingRealm.java:956)
at weblogic.security.acl.CachingRealm.getUser(CachingRealm.java:863)
at weblogic.security.acl.Realm.authenticate(Realm.java:200)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:262)
at weblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecurityModule.java:217)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java:155)
at weblogic.servlet.security.internal.FormSecurityModule.checkA(FormSecurityModule.java:169)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:144)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:2467)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
--------------- nested within: ------------------
weblogic.security.ldaprealmv2.LDAPRealmException: caught unexpected
exception - with nested exception:
[netscape.ldap.LDAPException: error result (19); Exceed password retry
limit. Please try later.; Constraint violation]
at weblogic.security.ldaprealmv2.LDAPDelegate.handleException(LDAPDelegate.java:884)
at weblogic.security.ldaprealmv2.LDAPDelegate.authenticate(LDAPDelegate.java:801)
at weblogic.security.ldaprealmv2.LDAPRealm.authUserPassword(LDAPRealm.java:60)
at weblogic.security.acl.AbstractListableRealm.authInternal(AbstractListableRealm.java:186)
at weblogic.security.acl.AbstractListableRealm.authenticate(AbstractListableRealm.java:127)
at weblogic.security.acl.AbstractListableRealm.getUser(AbstractListableRealm.java:110)
at weblogic.security.acl.CachingRealm.authenticate(CachingRealm.java:956)
at weblogic.security.acl.CachingRealm.getUser(CachingRealm.java:863)
at weblogic.security.acl.Realm.authenticate(Realm.java:200)
at weblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
at weblogic.security.acl.internal.Security.authenticate(Security.java:125)
at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:262)
at weblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecurityModule.java:217)
at weblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.java:155)
at weblogic.servlet.security.internal.FormSecurityModule.checkA(FormSecurityModule.java:169)
at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:144)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:2467)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

Ok, so the only way to catch this is to create an "error-page" in the
web.xml file that will catch this exception-type. I hoping I could do
this in code somewhere...
Thanks!
Now I need to figure out why this Exceptionis being thrown!!
My Research:
http://developer.netscape.com/docs/manuals/dirsdk/jsdk30/exceptns.htm
http://developer.netscape.com/docs/manuals/dirsdk/jsdk30/exceptn1.htm
http://docs.iplanet.com/docs/manuals/dirsdk/jsdk41/Reference/netscape/ldap/LDAPException.html
CONSTRAINT_VIOLATION
An internal error occurred in the LDAP server.
Constant of Class
LDAPException
Syntax
public static final int CONSTRAINT_VIOLATION
Description
This exception corresponds to a result code of 19.
"kirann" <[email protected]> wrote in message news:<[email protected]>...
hi,
you can catch this by defining.. <exception> in the web.xml.. see that
dtd..
thanks
kiran
"Matrix" <[email protected]> wrote in message
news:[email protected]...
Environment:
WebLogic version: WebLogic Server 6.1 SP2 12/18/2001 11:13:46 #154529
jdk: 1.3.1
OS: Solaris 7
LDAP server: iPlanet Directory Server 5.0
Realm: LDAP2Realm CustomRealm weblogic.security.ldaprealmv2.LDAPRealm
ISSUE:
Certain LDAP users cause an Exception to propagate up to produce a 500
internal server error. How can one programmetically catch this
internal Exception? Why is this Exception thrown? I would have assumed
that the WebLogic realm componet would would prevent such Exceptions
from reaching the top?
NOTE1: Other users that exhast their login tries DO NOT produces this
Exception.
NOTE2: I know this could very well be a bug in the iPlanet Directory
Server 5.0 and/or the weblogic custom ream classes.
EXCEPTION:
<Apr 30, 2002 10:32:20 AM PDT> <Error> <HTTP>
<[WebAppServletContext(8204614,dailyrpts,/dailyrpts)] Servlet failed
with Exception
netscape.ldap.LDAPException: error result (19); Exceed password retry
limit. Please try later.; Constraint violation
at netscape.ldap.LDAPConnection.checkMsg(LDAPConnection.java:4852)
atnetscape.ldap.LDAPConnection.internalBind(LDAPConnection.java:1757)
atnetscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1294)
atnetscape.ldap.LDAPConnection.authenticate(LDAPConnection.java:1303)
at netscape.ldap.LDAPConnection.bind(LDAPConnection.java:1613)
atweblogic.security.ldaprealmv2.LDAPDelegate.authenticate(LDAPDelegate.java:78
2)
atweblogic.security.ldaprealmv2.LDAPRealm.authUserPassword(LDAPRealm.java:60)
atweblogic.security.acl.AbstractListableRealm.authInternal(AbstractListableRea
lm.java:186)
atweblogic.security.acl.AbstractListableRealm.authenticate(AbstractListableRea
lm.java:127)
atweblogic.security.acl.AbstractListableRealm.getUser(AbstractListableRealm.ja
va:110)
atweblogic.security.acl.CachingRealm.authenticate(CachingRealm.java:956)
atweblogic.security.acl.CachingRealm.getUser(CachingRealm.java:863)
at weblogic.security.acl.Realm.authenticate(Realm.java:200)
atweblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
atweblogic.security.acl.internal.Security.authenticate(Security.java:125)
atweblogic.servlet.security.internal.SecurityModule.checkAuthenticate(Security
Module.java:262)
atweblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecu
rityModule.java:217)
atweblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.
java:155)
atweblogic.servlet.security.internal.FormSecurityModule.checkA(FormSecurityMod
ule.java:169)
atweblogic.servlet.security.internal.ServletSecurityManager.checkAccess(Servle
tSecurityManager.java:144)
atweblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
ntext.java:2467)
atweblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
--------------- nested within: ------------------
weblogic.security.ldaprealmv2.LDAPRealmException: caught unexpected
exception - with nested exception:
[netscape.ldap.LDAPException: error result (19); Exceed password retry
limit. Please try later.; Constraint violation]
atweblogic.security.ldaprealmv2.LDAPDelegate.handleException(LDAPDelegate.java
:884)
atweblogic.security.ldaprealmv2.LDAPDelegate.authenticate(LDAPDelegate.java:80
1)
atweblogic.security.ldaprealmv2.LDAPRealm.authUserPassword(LDAPRealm.java:60)
atweblogic.security.acl.AbstractListableRealm.authInternal(AbstractListableRea
lm.java:186)
atweblogic.security.acl.AbstractListableRealm.authenticate(AbstractListableRea
lm.java:127)
atweblogic.security.acl.AbstractListableRealm.getUser(AbstractListableRealm.ja
va:110)
atweblogic.security.acl.CachingRealm.authenticate(CachingRealm.java:956)
atweblogic.security.acl.CachingRealm.getUser(CachingRealm.java:863)
at weblogic.security.acl.Realm.authenticate(Realm.java:200)
atweblogic.security.acl.Realm.getAuthenticatedName(Realm.java:233)
atweblogic.security.acl.internal.Security.authenticate(Security.java:125)
atweblogic.servlet.security.internal.SecurityModule.checkAuthenticate(Security
Module.java:262)
atweblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecu
rityModule.java:217)
atweblogic.servlet.security.internal.SecurityModule.beginCheck(SecurityModule.
java:155)
atweblogic.servlet.security.internal.FormSecurityModule.checkA(FormSecurityMod
ule.java:169)
atweblogic.servlet.security.internal.ServletSecurityManager.checkAccess(Servle
tSecurityManager.java:144)
atweblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
ntext.java:2467)
atweblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
:2204)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

Weblogic.security.Encrypt -and- Not enough space

This post has two questions.
I have a simple application on wls9.2 that is a web front end to the weblogic.security.Encrypt command line utility. It seems to work fine, but after a little bit of use I am seeing the following:
java.io.IOException: Not enough space
at java.lang.UNIXProcess.forkAndExec(Native Method)
at java.lang.UNIXProcess.<init>(UNIXProcess.java:53)
at java.lang.ProcessImpl.start(ProcessImpl.java:65)
at java.lang.ProcessBuilder.start(ProcessBuilder.java:451)
at java.lang.Runtime.exec(Runtime.java:591)
at java.lang.Runtime.exec(Runtime.java:429)
at java.lang.Runtime.exec(Runtime.java:326)
at encrypt.wls92Encrypt(Unknown Source)
at encrypt.doGet(Unknown Source)
at encrypt.doPost(Unknown Source)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:223)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3245)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2003)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1909)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1359)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
1) Here is the forking code:
try {
proc = Runtime.getRuntime().exec("java -Dweblogic.RootDirectory="+rootDir+" weblogic.security.Encrypt "+password);
BufferedReader bf=new BufferedReader(new InputStreamReader(proc.getInputStream()));
line=bf.readLine();
bf.close();
} catch (IOException e) {
Is there a better way to do this, without forking? Seems odd to execute a java call, in java, just to get the encrypted string. I'd like to call weblogic.security.Encrypt inline, but have been unable to do so.
2) Why would the Not enough space error creep up? Researching it, it seems like it is a swap problem, but that does not seem to be the case on our system. A top shows:
Memory: 8192M phys mem, 2769M free mem, 5004M swap, 5004M free swap
at the time of failure. Disk usage is looking great as well. The JVM heapsize is around 80% free. An lsof on the system shows about 150 open files on the managed server.
Any ideas on how to troubleshoot this would be appreciated.
Thanks

I use CCleaner from the AppStore to delete the 'useless' stuff. It's free and works great for me

REPOST: where is weblogic.security.servlet.encodeXSS?

Similar Messages

Maybe you are looking for