Restrict URL Access using location directive

Similar Messages

• Restrict URL Access when linking from report

  I have an application that will be a little like a wizard in that I need to control how users get to a form, so I would like to prevent them from being able to just going straight to that page and entering data into the form. I tried using various session state security options, including No URL Access, but that blows up when I try to link from a report to that form for editing purposes.
  Is there some way I can link from the report if the target page restricts URL access, and can get a get a brief overview (or point me to some documentation) on the various branch types? I can't find a good explanation anywhere and I'm hoping that solves my problem.
  thanks.

  Hi,
  1.
  What about using an Authorization Scheme and then using Security of Page Attributes.
  In fact it is schema of users, roles, and passwords.
  2.
  f?p=App:Page:Session:Request:Debug:ClearCache:itemNames:itemValues:PrinterFriendly
  f?p=6000:6004:&SESSION.::NO:6003:MY_ITEM1,MY_ITEM2,MY_ITEM3:1234,,5678
  This example:
  * Runs page 6004 of application 6000 and use the current session ID
  * Clears the current session's cache for items on page 6003
  * Indicates debug information should be hidden (NO)
  * Sets the value of MY_ITEM1 to 1234, sets the value of MY_ITEM2 to null
  (indicated by the comma used as placeholder), and sets the value of MY_ITEM3 to 5678
  - Into Column Attributes/Column Link/Link Text pick an icon.
  - Select for Attributes/Column Link/Target “URL” for table Emp_Address and into URL field type:
  javascript: popupURL('f?p=&APP_ID.: 6004:&SESSION…………');
  You can use the value of any Item. Then in the URL link page check that item.
  Moreover, you can use f?p=&APP_ID.: 6004:&SESSION…..My_Item:#ReportColumnName#.......
  I hope this would help.
  Konstantin

• Restricting Wireless Access using ACS 3.3

  We are currently running ACS 3.3 and I am trying to figure out how to restrict Wireless access to specific user groups. Our current setting is using PEAP and ACS as the Radius. Our user database is mapped to Windows 2003 AD. I've got the PEAP working and the radius authentication is also working but I cannot seem to figure out how to restrict the wireless access to specific Windows/ACS groups.
  Erik

  Hi,
  On ACS 3.3.x You can certinly achive this, al you have to do is configure NAR( Network Access Restriction) Here is the link which should provide you further informatio on it.
  http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a00801a8fd0.shtml
  -Parm

• Navigation Target : Nav URL : Accessing an Iview directly

  Hi,
  I have a BI portal as producer fedearetd to NWP consumer.
  I want to provide a direct URL of an iview located on producer portal  to the customer accessing consumer portal.
  I can see there is this way, creating a nav URL...but not sure how can I do that?
  http://<xyz>/irj/portal?NavigationTarget=navurl://<f1bfd4df279ecf27d95ce39cd28d307c>
  can anyone please guide,
  How to access producer portal iview directly on consumer portal
  How to get the nav url ie. <f1bfd4df279ecf27d95ce39cd28d307c>...what is this keycode stands for?
  Awaiting reply!
  Thanks,
  Smita Thorat

  Hi Smita,
  As shown below, the PCD path of the portal object is the Navigation target.
  http:/myServer:50000/irj/portal?NavigationTarget=ROLES://portal_content/myFolder/myRole
  This can be hashed and shortened to form the Short URL as shown below
  http:/myServer:50000/irj/portal?NavigationTarget=navurl://b3d6d9ebac16a46574d62757803b05d4
  Short URL can be enabled and disabled depending upon the requirements.
  Check the links below for detail description to enable short URL:
  http://help.sap.com/saphelp_nw70ehp2/helpdata/en/43/014421d21d6fade10000000a11466f/frameset.htm
  http://help.sap.com/saphelp_nw70ehp2/helpdata/en/49/330b66fd695aa8e10000000a42189d/frameset.htm
  Hope it Helps.
  Regards,
  Khushboo

• Restricting Internet access using ARD

  I am trying to restrict students for accessing the internet using ARD. Students accounts are set using Workgroup Manager. Under preferences, I did not allow Dock.app or Safari in the list of aproved applications. I also only selected applications I allow them to use to be in the dock and did not allow them to merge their dock.
  One group still has Safari listed in the dock.
  The others can still get to the internet using dashboard and going to weather settings.
  How can I eliminate this access.

  One option is to send the unix command:
  ipfw add 2005 deny tcp from any to any 80 out xmit en0
  This will block the standard internet port. If the computers are restarted then it will go back to normal. To get rid of the rule without actually restarting use this command.
  ipfw delete 2005
  Note: They have to be done with the root (or admin) user.
  PowerBook G4 15in, Xserve, G5 Dual 2ghz,   Mac OS X (10.4.3)  
  PowerBook G4 15in, Xserve, G5 Dual 2ghz,   Mac OS X (10.4.3)  

• Restricting Wireless Access using BT Home Hub

  Hi
  I am trying to set up my BT home hub so that my daughter can only have limited access (fed up with her being on FB 24/7!)
  I thought I had done by using the set up access mode, but I have a feeling that this is not working all the time.  Has any one else managed to successfully do this? 
  Thank you for reading and would be grateful of any advice as this is driving us to the brink!

  Did you follow the intructions on this site?
  http://bt.custhelp.com/app/answers/detail/a_id/113​64/~/what-is-bt-access-control-and-how-do-i-set-it​...
  Are you sure that she is not simply bypassing it via the hub manager?
  You could change the hub manager password.
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• Restrict aaa access using command authorization windows acs3.6

  i need to enable aaa users to shut and unshut interfaces but nothing else. i already have all the users and groups setup but when i modify the command auth set to include "configure" "permit term" they are given unrestricted access.
  any help appreciated

  On the router there's a:
  aaa authorization config-commands
  command, make sure you have that in. You then have to set up command authorization on the TACACS server to allow "interface permit any", "shutdown" and "no shutdown" commands.

• URL Access

  I have a script that uses URL Access to upload a file. The script works fine except lately the AppleEvent has been timing out. At first I thought this was from the server being down but, I could always access the server through FTP. Now I am wondering if this could be a port problem. Has anyone else ran into this problem? Does anyone know what ports URL Access uses?
  PowerBook G4 1Ghz   Mac OS X (10.2.x)  

  Without knowing more about your script it's very hard to tell, but the fact you say it times out might be relevant.
  Are you uploading large files? What's your bandwidth limit?
  Is it possible that the file is so large and/or your bandwidth limited so it's taking too long for URL Access Scripting to complete the upload, so AppleScript times out thinking it's hung?
  One thing to try would be wrapping the commands in a 'with timeout' block, like:
  with timeout of 600 seconds
  tell application "URL Access Scripting"
  -- your commands here
  end tell
  end timeout
  Now AppleScript will wait up to 10 minutes for URL Access Scripting to do its thing before timing out.

• I accessed the page protected by ADF security using direct url access attac

  hi,
  I played with my application which is based on SRDemo code (with added ADF security handling protection of resources) using direct url access scenarios. I was able to access a protected page as authenticated but not authorized user. I'll try to explain what I did.
  There are two folders/web resources in my application, faces/folderA/* and faces/folderB/*.
  roleA only is configured to access first web resource and the roleB is configured to access the second resource.
  I used ADF security to authorize only roleA for page in folderA and to authorize only roleB for page in folderB.
  I configured error pages in web.xml:
  <error-page>
  <error-code>400</error-code>
  <location>faces/error/error400.jspx</location>
  </error-page>
  <error-page>
  <error-code>401</error-code>
  <location>faces/error/error401.jspx</location>
  </error-page>
  <error-page>
  <error-code>403</error-code>
  <location>faces/error/error403.jspx</location>
  </error-page>
  <error-page>
  <error-code>404</error-code>
  <location>faces/error/error404.jspx</location>
  </error-page>
  <error-page>
  <exception-type>java.lang.Throwable</exception-type>
  <location>faces/error/error500.jspx</location>
  </error-page>
  Other config params are:
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>infrastructure/ABLogin.jspx</form-login-page>
  <form-error-page>faces/error/error401.jspx</form-error-page>
  </form-login-config>
  </login-config>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AB Prototype</web-resource-name>
  <url-pattern>faces/ABAbout.jspx</url-pattern>
  <url-pattern>faces/ABHelp.jspx</url-pattern>
  <url-pattern>faces/ABLogout.jspx</url-pattern>
  <url-pattern>faces/ABWelcome.jspx</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>A</role-name>
  <role-name>B</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AZone</web-resource-name>
  <url-pattern>faces/folderA/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>A</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>BZone</web-resource-name>
  <url-pattern>faces/folderB/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>B</role-name>
  </auth-constraint>
  </security-constraint>
  <filter>
  <filter-name>adfBindings</filter-name>
  <filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
  <init-param>
  <param-name>unauthorizedErrorPage</param-name>
  <param-value>faces/error/error401.jspx</param-value>
  </init-param>
  </filter>
  <filter>
  <filter-name>adfFaces</filter-name>
  <filter-class>oracle.adf.view.faces.webapp.AdfFacesFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jsp</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jspx</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfFaces</filter-name>
  <url-pattern>*.jsp</url-pattern>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>ERROR</dispatcher>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfFaces</filter-name>
  <url-pattern>*.jspx</url-pattern>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  <dispatcher>ERROR</dispatcher>
  </filter-mapping>
  <servlet>
  <servlet-name>Faces Servlet</servlet-name>
  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>resources</servlet-name>
  <servlet-class>oracle.adf.view.faces.webapp.ResourceServlet</servlet-class>
  </servlet>
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <load-on-startup>2</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>/faces/*</url-pattern>
  </servlet-mapping>
  Once I authenticated as user in roleA I was trying to directly access URLs accessible only by users in roleB. In the beginning everything worked OK: I was dispatched to error401.jspx page with message Not authorized... etc.
  But I kept trying to access different URLs, like http://localhost:8988/AB/faces, http://localhost:8988/AB/faces/folderB, http://localhost:8988/AB/faces/folderB/pageB.jspx, http://localhost:8988/AB
  (not necessarily in that order, I played for a couple of minutes and the system would always dispatch to error401.jspx page if unauthorized attempt. But all of sudden, to my surprise, I got the pageB.jspx page while logged in as user belonging to roleA!)
  Not sure how that happened but the connectedUser on pageB (#{userInfo.authenticated}) shows that I am logged in as user whose role is A.
  I checked Authorization in ADF security and it is still correct: pageB is only accessible to roleB and pageA is only accessible to roleA.
  I hope I made some stupid mistake in my configuration?

  Hi,
  ADF Security is JAAS permission based and not container managed. Note that unless you explicitly configured ADF Security you don't use ADF Security but container managed security, which is all that I can see in your configurations.
  Not sure which version fo JDeveloper you use, but if you could change the following setting
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>AZone</web-resource-name>
  <url-pattern>faces/folderA/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>A</role-name>
  </auth-constraint>
  </security-constraint>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>BZone</web-resource-name>
  <url-pattern>faces/folderB/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>B</role-name>
  </auth-constraint>
  </security-constraint>
  to contain jspx file references instead of wildcards like in faces/folderB/* then what you see should no longer be possible. There was a known issue with the security settings in SRDemo that was caused by a defect in OC4J container managed security. I would expect this issue to be fixed in a more recent version of OC4J.
  However, the work around until then is to protect all JSPX files in a directory instead of using wild card matches
  Frank

• How to restrict users to access the files directly from /irj/go/km/docs/doc

  Dear Experts,
  I have made a folder in KM where I have saved some files, and also I have made a application from where user can access those files.
  But the users are able to access the files by directly typing the path of the file in internet explorer, I have to restrict it that the user should not be able to access the files directly.
  Please give your helpful suggestions.
  Warm Regards
  Upendra Agrawal
  Edited by: Upendra Agrawal on May 15, 2009 4:49 PM

  Hello,
  You can have a link/button react to a mouse clic by reading the KM document and putting it on the htpp flux with the correct header (this is the same kind of code that is used when you generate the pdf). As the file access is in you server-code, user will not have access to the URL...
  an exemple for the WD Java (coming from this [PDF|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0cc41cb-9576-2b10-99a6-ab90ef28c73b]), with slight modifications :
  public void exportToPDF( ) {
     //@@begin exportToPDF()
     ByteArrayOutputStream outputStream = null;
     outputStream = new ByteArrayOutputStream();
     // read the file with KM API and copy it to the outputStream
     showPopUp(WDWebResourceType.PDF, outputStream, "PDF Out Put");
     outputStream.close();
  //@@end
  regards
  Guillaume

• Not Using Index on File Server When Accessing User Files Directly on Server

  It appears to me that on a server with an indexed network share (Desktop Experience and Search Indexing roles/features installed), if you access the share directly on the server using its drive path, you can search the folders using the index, which
  is much faster and supports finding words inside of the files in seconds). However, if you access the same shared folder via its network path from the server itself, the server ignores the index. I have this experience/problem across all shared folders on
  the Windows 2012 R2 Server. Details and my most specific goal follows.
  In addition to a laptop, I frequently work directly on a Windows Server 2012 R2 computer. We have Redirected Folders set up on DFS (for failover redundancy) so that my Documents folder is in:
  \\network\redirections\user\documents. This all works fine on Windows 7 and 8 client computers connected to the network via Offline Files.
  The problem is on the server itself. The server has Desktop Experience enabled and Windows Search is installed. If I navigate manually through the DFS root folder to my documents folder, I can search and it properly uses the index. This proves the location
  is properly indexed. However, if I access the folders through the official "Documents" folder from the Folder Redirection (a network share pointing to the same server computer I'm working on), it performs an un-indexed search (slow and ignores file
  contents, but does find files eventually if the search term is in their filename). Is there a way to force the server to use the indexed search on the Redirected Folders (my Documents folder in particular) when working on that server when logged in locally
  on that server?
  I suspect a workaround would be to go into the Registry and manually change the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders to point to the local DFS folder instead of the network share name, but at least one problem
  with this is then if I save files with links to other files (e.g., a linked Excel table in a PowerPoint, a mail merge to Access database in Word, etc.) on the server computer, those links will point to d:\DFSroot\... (a physical drive on the computer) instead
  of \\network\redirections\user\... (a universally accessible network path) and so none of the other computers will be able to find the linked files, defeating one of the
  major benefits of using Redirected Folders.
  I can't believe that I need to choose between indexed searching and proper path names in saved files. Surely there is a way to use an indexed search on the server itself?
  If you need any more info to help me troubleshoot, please let me know.
  Thanks for any help,
  Colin

  Hi Colin,
  It seems that we can not use indexed search on DFS shares. Windows Search works well when users directly access the server. That is, the server is not made available through Distributed File System (DFS).
  For more detailed information, you could refer to the links below:
  Windows Search Service, Clustered File Services, DFS, Win7 Libraries
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/31ac4c16-948b-4ca4-b18f-3a339cdfd5b9/windows-search-service-clustered-file-services-dfs-win7-libraries?forum=winserverfiles
  Windows Browse and Organize Features
  https://technet.microsoft.com/en-us/library/dd744693(WS.10).aspx
  Best Regards,
  Mandy 
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• WebGate Error Report - The URL /access/sso is reserved for use by Oracle...

  We are getting a 500 error on the web gates when logging in.
  They have been working before, but are now reporting the error below.
  2010/01/27@07:09:25.632239 18521 33 WEB ERROR 0x0000151F /export/build40/Oblix/coreid1014/palantir/commonlib/src/apache2_req_info.cpp:170 "WebGate Error Report" Message^The URL /access/sso is reserved for use by Oracle Access Manager and has been used with incorrect parameters. ReqReq^POST /access/sso HTTP/1.1 ReqProto^HTTP/1.1 ReqHost^p1uawbsv1.portal.internal ReqStatLine^ ReqStatus^200 ReqRawUri^/access/sso ReqUri^/access/sso ReqFilename^/u01/app/oracle/product/11.1.1/ohs1/instances/instance1/config/OHS/ohs1/htdocs/access ReqPath^/sso ReqArgs^
  The configuration uses form based login
  Details for Authentication Scheme
  Level           1
  Challenge Method           Form
  Challenge Parameter           
  creds:userid password
  form:/oamsso/login.html
  action:/access/sso
  passthrough:no
  SSL Required           No
  Challenge Redirect           
  Enabled           Yes

  thanks,
  the login post goes to /access/sso, but now i am getting 404 error /access/sso
  Below is what I currently have the following in httpd.conf, which is the same as in a working environment.
  The web gate policy resources include /portal and /public, but no mention of /access. How does web gate know how to intercept /access/sso?
  [2010-01-28T10:50:42.9609+11:00] [OHS] [ERROR:32] [OHS-9999] [core.c] [host_id: p1uawbs02] [host_addr: 10.252.16.223] [tid: 18] [user: oracle] [ecid: 0000Pa_5qz3BP9s5Gj0Fyf0001rV00009_] [rid: 0] [VirtualHost: main] File does not exist: /u01/app/oracle/product/11.1.1/ohs1/instances/instance2/config/OHS/ohs1/htdocs/access
  #*** BEGIN WebGate Specific ****
  LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libgcc_s.so.1"
  LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libstdc++.so.5"
  LoadModule obWebgateModule "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/apps/webgate/bin/webgate.so"
  WebGateInstalldir "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access"
  WebGateMode PEER
  <Location /access/oblix/apps/webgate/bin/webgate.cgi>
  SetHandler obwebgateerr
  </Location>
  <Location "/oberr.cgi">
  SetHandler obwebgateerr
  </Location>
  <LocationMatch "/*">
  AuthType Oblix
  require valid-user
  </LocationMatch>
  #*******Default Login page alias***
  Alias /oamsso "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oamsso"
  <LocationMatch "/oamsso/*">
  Satisfy any
  </LocationMatch>
  #*** END WebGate Specific ****

• Form 11g - Is is possible to block specific forms access when user directly type form name in url ?

  Hi everyone,
  We have XXF000.fmb, XXF001.fmb , XXF002.fmb , XXF003.fmb in 6i.
  For migration to 11g , we recompile these forms and move fmx to 11g form server under form_path.
  In 6i , we login for validation & responsibilities control in XXF000, So we can use account info to verify if user have priviledge to access XXF001, XXF002 and XXF003.
  But in 11g , we can access these forms vial url request , such as : http://<host>:<port>/forms/frmservlet?form=XXF000   ; http://<host>:<port>/forms/frmservlet?form=XXF001  ... etc
  These may cause some unexpected access and operations in functions.
  Is is possible to block specific forms access when user directly type form name in url ?
  Thanks.
  Hendry

  You need to alter your formsweb.cfg file, either directly or through the Fusion web interface. You need to set the following parameters:
  #this sets the default form for your application
  form=yourmenuform.fmx
  #this stops these parameters being entered in the URL, seperate different parameters with commas
  restrictedURLparams=form,pageTitle,HTMLbodyAttrs,HTMLbeforeForm,HTMLafterForm,log

• The URL /access/oblix/apps/webgate/bin/webgate.so is reserved for use by Or

  Hi,
  I am integrating OAM10g with Oracle E-Business Suite 11i(11.5.10.2). I have the following components/versions installed.
  OID 10.1.4.3
  Oracle Access Manager 10g (10.1.4.3)
  Oracle HTTP Server 11g
  Weblogic 10.1.4.3
  OAM WebGate 10g(10.1.4.3)
  Everything looks fine and I am getting the login page when I hit 'http://hostname:port/fndauth/OAMLogin.jsp" but it gives http 500 error when I give username/password and click on the login button. I see the following error in ohs.log.
  [2012-12-26T12:07:36.3007-05:00] [OHS] [ERROR:32] [OHS-9999] [apache2entry_web_gate.cpp] [host_id: dm1dszap02] [host_addr: 172.18.68.198] [tid: 2918448032] [user: appoimd] [ecid: 004oSHrYwUXEOPKMyUnZ6G0006mB0001eo] [rid: 0] [VirtualHost: main] The URL /access/oblix/apps/webgate/bin/webgate.so is reserved for use by Oracle Access Manager and has been used with incorrect parameters., referer: http://dm1dszap02.corp.nyx.com:7778/ebsauth_nfind4/OAMLogin.jsp
  [2012-12-26T12:07:36.3009-05:00] [OHS] [ERROR:32] [OHS-9999] [odl_log.c] [host_id: dm1dszap02] [host_addr: 172.18.68.198] [tid: 2918448032] [user: appoimd] [ecid: 004oSHrYwUXEOPKMyUnZ6G0006mB0001eo] [rid: 0] [VirtualHost: main] Request Failed for : /access/oblix/apps/webgate/bin/webgate.so, Resp Code : [500], referer: http://dm1dszap02.corp.nyx.com:7778/ebsauth_nfind4/OAMLogin.jsp
  Any help on this would be highly appreciated.
  Thanks,
  Imtiaz

  thanks,
  the login post goes to /access/sso, but now i am getting 404 error /access/sso
  Below is what I currently have the following in httpd.conf, which is the same as in a working environment.
  The web gate policy resources include /portal and /public, but no mention of /access. How does web gate know how to intercept /access/sso?
  [2010-01-28T10:50:42.9609+11:00] [OHS] [ERROR:32] [OHS-9999] [core.c] [host_id: p1uawbs02] [host_addr: 10.252.16.223] [tid: 18] [user: oracle] [ecid: 0000Pa_5qz3BP9s5Gj0Fyf0001rV00009_] [rid: 0] [VirtualHost: main] File does not exist: /u01/app/oracle/product/11.1.1/ohs1/instances/instance2/config/OHS/ohs1/htdocs/access
  #*** BEGIN WebGate Specific ****
  LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libgcc_s.so.1"
  LoadFile "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/lib/libstdc++.so.5"
  LoadModule obWebgateModule "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oblix/apps/webgate/bin/webgate.so"
  WebGateInstalldir "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access"
  WebGateMode PEER
  <Location /access/oblix/apps/webgate/bin/webgate.cgi>
  SetHandler obwebgateerr
  </Location>
  <Location "/oberr.cgi">
  SetHandler obwebgateerr
  </Location>
  <LocationMatch "/*">
  AuthType Oblix
  require valid-user
  </LocationMatch>
  #*******Default Login page alias***
  Alias /oamsso "/u01/app/oracle/product/11.1.1/ohs1/oam/webgate/access/oamsso"
  <LocationMatch "/oamsso/*">
  Satisfy any
  </LocationMatch>
  #*** END WebGate Specific ****

• How to use the direct bytebuffer in JNI? Accessing JDBC from C application.

  I am working on a project to access JDBC Driver within C application. The invocation JNI is used.
  To get better performance, I use the preparedStatement for dynamic sql. This need to transfer much parameter data from C to JDBC for PreparedStatement object in JVM. I think this maybe get improvements by using the new direct bytebuffer function from JDK1.4. However I cannot find an example code to get start. Could someone provide some ideas for this?
  Currently, I directly call JDBC API in C application through JNI, so there is no java codes. Only c file using JNI call.
  My understanding is to use the direct bytebuffer feature, I also need to have java codes to process the JDBC API call and then can share the same memory between Java and C. Please correct me if wrong.
  Any input is appreciated.

  tzhouxian wrote:
  thanks, jschell
  I am trying to get the best performance for the solution, using JDBC libs in a C application. So I am considering to use the direct bytebuffer in the solution to pass parameters to JDBC and get result sets from JDBC side.
  For your questions,
  1. Why don't you just write the database access in C?
  You mean to directly call JDBC API in C through JNI, right? My plan is to wrap the JDBC API by java and expose seldom interface to C native code, so reduce the JNI call between C and JAVA. If directly call the JDBC API call from C, the number of JNI call maybe more.
  No I mean what I said. In C, no java at all, why don't you write code to access the database?
  2. The database access itself is going to be slower than anything that you do in C or java.
  Exactly. I just want to find each potential points to get performance improvements for the whole solution. I also did some optimization work for the database call. The goal is to get the best performance from C application to database through JDBC libs.
  Then I suggest you profile it.
  3. Why don't you use import/export files and the database tools? This is often significantly faster with volume processing.
  Sorry, I am not very familar with some functions of JNI. Could you explain, " +Why don't you use import/export files and the database tools+"?
  Nothing to do with java, jni nor C.
  Major (or perhaps everything that is a real 'database') comes with additional tools. Amounst those tools will be command line tools capable of importing and exporting data from the database. In processing bulk data they will always be faster than anything you can do in JDBC.