Restricted access Simple File Deployment

Hello,
I have installed CPS on tomcat on a Windows testing box. I've
configured it and Contribute to use a stagging server.
Everything is working great. However, on the web page for the
Simple File Deployment service (
http://<server:<port>/.../customservices/filedeployer/>
for testing purposes I'm not using SSL - is that required?) anyone
can access this page. Well I want to limit that to only a few.
Right now I'm using the File-bases authentication model.
Reading the contribute publishing services manual I read:
"When you extend this service, consider adding the following
functionality:
• Authentication and permissions
You can add authentication functionality to limit access to
the service.
Tip: Macromedia strongly recommends that you add
authentication. To do so, you can simply
copy the settings file and save it as a separate service in a
subfolder for each website, or you can
write you own security interface to handle multiple
websites."
I'm confushed by this. 1) what settings file? I have two
types of settings.xml files (one for determing live and staging
servers and another that has info for webservers, approvals and
etc.) but they dont have any authenticaion info for CPS server.
2) what folders on what server is the above statement
refering to?
Thank you very much.

I believe you need ColdFusion for Simple File Deployment and
the other options you mention - VERY expensive. For publishing, use
RoboCopy - it's free.

Similar Messages

  • Again question about restricting access to files through URL?

    I found many topics about this, but every time it is some special case.
    I want to ask it simple. How can I restrict access to some files in my application through entering URL in Browser, no matter if I am logged or not.
    For example I have included JSP files with jspf extension. I don't want to access them through url. How can I do this?

    May be it will work, but it seems somehow workaround decision - one half of jsp files in one place and another part in other place.
    Message was edited by:
    cheltsov

  • Restrict access to files

    Hi,
    i'm trying to restrict acccess to all the files ending with ~ in my server , i couldn't do it. I try to deny access for files ending with ~. I have sun one webserver 6.1 sp1 in a sunfire solaris 9 machine. i tryed to do what is written in the documentation using the wildcard *.*~ and deny all order but this close all the server not only the ~ files. i don't know what happen why the server can't understand.
    May be is imposible to restrict files in all the server?
    thanks!

    meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
    ylapin, the following should do what you want:<Client uri="*\\~">
    PathCheck fn="deny-existence"
    </Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

  • Restrict access to files with JAAS

    Hi,
    I would like to restrict access based on a JAAS-autenticated user to a file named
    c:/foo.txt. I have written some code that checks if the autenticeted user has
    access to the file, but how and where do I grant the user access with JAAS in
    WebLogic Server 6.
    FilePermission filePerm = new FilePermission("c:/foo.txt", "read");
    java.security.AccessController.checkPermission(filePerm);
    thanks
    /Chriz

    meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
    ylapin, the following should do what you want:<Client uri="*\\~">
    PathCheck fn="deny-existence"
    </Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

  • How to restrict access to a deployed web application

    I have a web application (ear-file) and i want to configure NetWeaver so that only certain users can use the web application.
    How/where to configure the Application server to reach that goal?

    Hi Ludger,
    You can create J2EE Security Roles:
    http://help.sap.com/saphelp_nw04/helpdata/en/c2/e13e4045796913e10000000a1550b0/frameset.htm
    Regards,
    Siddhesh

  • CPS Simple File Deployer corrupts XLSX and DOCX files when copying to server. Solutions?

    When Contribute Publishing Service Simple File Deployment copies XLSX and DOCX files from our staging server to the live production web server, it is corrupting them.  The resulting file on the live web server is a few bytes different in size.  I published a 9015-byte docx file to our staging server using Dreamweaver (or Contribute).  The resulting file on the staging server opens correctly and remains 9015 bytes.  Then, using CPS Simple File Deployer, I deployed the file from our staging server to our live web server.  The resulting file on the live web server is 9017 bytes, and it won't open.  Something similar happens with XLSX files.  It works fine with XLS, DOC, Html etc.  Well, there is an issue with dependent files unless I synchronize with Dreamweaver, but that's another story.
    Once File Deployer has corrupted the files, opening them brings a message, such as "Excel has found unreadable content in filename.xlsx. . . ".  With Word, it says "The Office Open XML file filename.docx cannot be opened because there are problems with the contents . . . The file is corrupt and cannot be opened."  Sometimes the docx files can be recovered, but that doesn't help. 
    When I take the same original docx file and put it on the web server with an FTP program, it remains 9015 bytes and opens successfully on the live web server.
    For several reasons, such as many users updating the website with Adobe Contribute and not let them use FTP directly to the live server, we need to keep the staging server and use File Deployer (or something) to deploy the changed files from the staging server to the live website.
    I read somewhere that the programming code the uploads files can have problems and fail to work properly with Office 2007 files.  I don't have access to CPS's core.ctc and deployfile.cfc files, and I don't have Cold Fusion. 
    Any suggestions?
    Dean

    Try: 
    Open My Computer.
    Open the Tools menu and choose Folder Options...
    Select the File Types tab.
    Select the extension (for example DOC, or XLS) of the file that is slow to open.
    In the Details section, click [Advanced], and another dialog box will open. 
    In the Actions section, click Open then click [Edit...], and another dialog box will open.
    http://windowssecrets.com/forums/showthread.php/149672-10-9-2012-Updates-and-very-slow-opening-of-Office-files
    KR

  • Can't access shared files

    I have set up a shared folder in OS X 10.6 server for my workgroup. This folder is on the second hard drive (non-boot) of a two-drive Mac Mini server. When I log in I can see all the files, but whenever anyone else in the group logs in, they do not have permission. I setup permission for this shared point in server admin so that all members of the group have read and write permission. I verified this for each member using the Effective Permissions Inspector.
    Suggestions for how to gain access to the shared folder?

    I think you have your use of "dweeb" reversed. A dweeb knows what a SACL is. Or did I mix up dweeb and nerd again?
    File Services Access Control
    Server Admin in Mac OS X Server enables you to configure service access control lists (SACLs), which enable you to specify which users and groups have access to AFP, FTP, and SMB file services.
    Using SACLs enables you to add another layer of access control on top of standard POSIX and ACL permissions. Only users and groups listed in a SACL have access to its corresponding service. For example, if you want to prevent users from accessing a server’s AFP share points, including home folders, remove the users from the AFP service’s SACL.
    For information about restricting access to file services using SACLs, see “Setting SACL Permissions” on page 62.
    This text extracted from the Mac OS X Server File Services manual.

  • .war deployment and restricted access to admin activities

    Hi,
    1.
    Is there a way to configure the iAS7 to pick up the .war, .ear files from a directory and deploy those modules automatically? I am expecting a feature to be similar to that of the Tomcat. In Tomcat, if you copy your .war file in the web-apps directory, it automatically deploys the application.
    2.
    I am planning to restrict access rights to the developers through the web based admin application for iAS7.
    For ex: I only would like to allow the developer (non admin user) to deploy the applications but nothing else (not even restarting the server). Current web based admin interface allows the users to do everything, if logged in with the admin user. I read the documentation that mentions about distributed administration but I did not find any further doc on it.
    Any help on this is greatly appreciated.
    TIA
    Thirupati Panyala

    1. No currently SUN ONE appln server does not have such a facililty.It is planned for the future release.
    2. Distributed administration is not supported by S1AS

  • Error on load: System.IO.IOException: The process cannot access the file : error in event viewer when users want to view documents from this third party deployed scan solution

    Error on load: System.IO.IOException: The process cannot access the file
    '\\server1\SCANSHARED\.pdf' because it is being used by another process.
       at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
       at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
       at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share)
       at System.IO.File.WriteAllBytes(String path, Byte[] bytes)
       at abc.Scan.Layouts.ICC.Scan.View.Page_Load(Object sender, EventArgs e)
    I faced this  error in event viewer  when users want to view documents from this third party deployed scan solution
    here I have two WFS servers  and they configured with load balancing in F5 .
    when I enable both servers in F5 I receive this error messages in 2nd server,
    when users want to view documents
    adil

    Do you have antiVirus installed on the sharepoint servers?
    These folders may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint. If these folders are not excluded, you may see unexpected behavior. For example, you may receive "access denied" error messages when files
    are uploaded.
    Please follow this KB and exclude the folders from Scanning.
    http://support.microsoft.com/kb/952167
    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

  • How to restrict users to access the files directly from /irj/go/km/docs/doc

    Dear Experts,
    I have made a folder in KM where I have saved some files, and also I have made a application from where user can access those files.
    But the users are able to access the files by directly typing the path of the file in internet explorer, I have to restrict it that the user should not be able to access the files directly.
    Please give your helpful suggestions.
    Warm Regards
    Upendra Agrawal
    Edited by: Upendra Agrawal on May 15, 2009 4:49 PM

    Hello,
    You can have a link/button react to a mouse clic by reading the KM document and putting it on the htpp flux with the correct header (this is the same kind of code that is used when you generate the pdf). As the file access is in you server-code, user will not have access to the URL...
    an exemple for the WD Java (coming from this [PDF|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/d0cc41cb-9576-2b10-99a6-ab90ef28c73b]), with slight modifications :
    public void exportToPDF( ) {
       //@@begin exportToPDF()
       ByteArrayOutputStream outputStream = null;
       outputStream = new ByteArrayOutputStream();
       // read the file with KM API and copy it to the outputStream
       showPopUp(WDWebResourceType.PDF, outputStream, "PDF Out Put");
       outputStream.close();
    //@@end
    regards
    Guillaume

  • Accessing the files in OBIEE deployment folder. IIS vs OC4J

    Hi,
    I want to access the files like CSS in the OBIEE deployment folder.
    I know how to access the files in the deployment folder when the application is hosted on IIS.
    For Example:
    I have Hosted a .net application on IIS.
    The application deployment folder is sampleApplication. The URL will be something like - http://localhost/sampleApplication/samplePage.
    And if i have a CSS file under Styles folder in sampleApplication folder, the file can be accessed Like - http://localhost/sampleApplication/Styles/style.css.
    I want to do the same for OBIEE hosted on OC4J. I want to access the CSS files through the URL.
    Where will be the CSS files and How will they be accessed through the URL.
    Http://localhost:9704/..??
    Thanks in advance.

    I found that filenames are case sensitive on the iphone but not on the simulator so check that.

  • A custom filter or module, such as URLScan, restricts access to the file.

    My btns do not work, I think becuase I added this:
    import flash.display.Sprite;
        import flash.net.navigateToURL;
        import flash.net.URLRequest;
        import flash.net.URLVariables;
    to my time line code in an attempt to get four btns to funtion out correctly with a navigateToURL  "_self".
    Now the IIS browser reads "custom filter or module, such as URLScan, restricts access to the file".
    Where can I find these filters and destroy them...please?
    Sabby76

    You might want to find out what purpose the filter(s) serve(s) before destroying (disabling/removing) it/them. For example, URLScan is there to prevent potentially harmful requests from being processed by IIS, and is configurable.

  • Simple file server accessible remotely with managed access. Do I need ML Server for this?

    Hello,
    I have a  Mac Mini that will be dedicated to serving 15 folders of documents to 7 people. It would be great if each person had their own password and I'd like to be able to decide what folders each user will have access to. The people need to be able to access the files from home and on the office network.
    Do I NEED to run OS X server for this Or can i accomplish this in OS X?
    I have to get this running quickly and I may not have time for the ML Server learning curve (even though it has been simplified).
    I tried to get ML server running on my machine a few weeks ago but got stuck. If setting up ML server with JUST the file server is dramatically easier I will try again. Can anyone please suggest a tutorial that takes me through simply setting up a remotely accessible file server with managed access with ML Server?
    V

    OS X client can serve files to remote clients, via both SMB/CIFS and AFS; via the Windows and OS X fiel services.  That's cheap, uses hardware you already have, and works fine.
    Most NAS boxes don't do distributed authentication.  Typically, you have credentials for the box at most.  Some of the mid- and upper-end boxes do offer distributed authentication, but that means having that authentication around.  At the low end, an Apple Time Capsule is a reasonable NAS box, and you can add an external disk.   And can be used for backups via Time Machine, too.  The mid- and upper-end boxes from Synology have a reputation for capabilities and flexibility.  There are (many) other vendors.
    I'm not a huge fan of LogMeIn for various reasons that I won't get into here, but that service does work for accessing hosts.  I don't know if that allows access to NAS directly, but I'd tend to doubt it.  You'd need to check with both LogMeIn and with the specs for whatever NAS box you're using.  
    Given the choice, I'd use a VPN.
    Using a VPN does mean you can control — at the VPN level — who can access your private network, so that can provide a broad-brush form of access control to your NAS device or your OS X client or your OS X Server box, if you go that route.
    I don't prefer to openly serve files to the internet, as the underlying protocols have occasionally had security issues and vulnerabilities, and the internet gremlins will find and will poke at any open ports and any accessible file servers.  I prefer to configure these services via VPN.
    VPNs are also more involved to set up, where LogMeIn can be simple.
    As mentioned previously, I'm also not a huge fan of the host-based VPN servers in OS X, though those do work.  The gateway boxes I've been using in the last year or so are probably not a good choice for a user that isn't familiar with networking  — the boxes provide a user interface that very definitely expect the user to understand IP and routing and related, but is both self-consistent and quite powerful — and they're cheap for what they can do, and they do work nicely.  ZyXEL ZyWALL USG series.  If you are evaluating any of these firewall boxes, then I'd definitely encourage downloading the manuals and making sure you can understand the available information.  The server-grade firewall boxes are almost inherently flexible and thus complex devices.
    One of the easiest ways is to work with somebody that does this sort of thing to sort through the options and requirements and trade-offs available here, and potentially to set up your VPN or NAS or server configuration for you.  (Disclosure: I offer this.)

  • Unable to restrict afp folder access using File Sharing in System Prefs

    If I share files using AFP, and authenticate using a standard account from another machine on the LAN, I can browse and access ALL files and folders on the machine, not just those specified under "Shared Folders" in System Preferences->Sharing->File Sharing. Machine is running OS 10.6.5.

    ...You shouldn't be able to authenticate as a user/account that is not on the local machine.
    Also for each item listed in Sharing Preferences, you have to specify POSIX permissions for specific users, check to make sure 'everyone' isn't set to read and write.

  • How to read a file which as restricted access

    Hi all.
    Lets say I have two users User1 and User2
    I have created a servlet which needs to read a file.
    Lets say the owner of the file is User1.
    So User2 cannot access this file.
    This is on windows platform.
    The problem is that the Servlet cannot know owner of its user.
    Servlet run's as anonymous, so the user as to enter his userName and Password.
    This is fine with me.
    But after this how do I use this to read that file.
    I have no clue on how to use this information to read this file.
    Examples if any will be very helpful.
    Thanks for your help in advance.

    Well, you'd hardly write a servlet that can access any file on your server, not exactly good security. Rather it needs to be confined to specific files or, at least, specific directories. The server can't change it's user identity, so it needs access to all files, but it's easy enough for the serlvet to have some mapping which tells it which files may be server to which users.

Maybe you are looking for

  • How to get the list of installed maps in OviMaps 3...

    Is it possible somehow to get the list of maps which are downloaded and installed to OviMaps 3.03? Map loader seems not to help

  • Check spelling with foreign words

    I am using InDesign CS4 to create documents which mix foreign words and phrases in standard US English. The problem is that when I use Check Spelling, it flags as misspelled many properly-spelled non-English words. When these suspect words have accen

  • Idoc ORDER05 Supressing fields

    Hi All,           I am new to IDoc's. In a case, when we were sending 8 IDOCs (ORDERS05), the size was 2 MB and the frequency was hourly. If there is a heavy load on the system then 100 IDOCs may be needed to send in an hour which will increase the l

  • Service for vf02 permanently locks the invoice number

    Hi, I have created one service for VF02 transaction as given in this path: default_host --->sap --->bc --->gui --->sap --->its --->VF02 I am calling this service in an external window browser from my Web Dynpro application. Problem is => if I cloase

  • Change status of Follow-Up with an action profile

    Hi, I would like to create an action profile for the following function: After creating an opportunity with a Follow-UP (quotation), I would like to change the status of the quotation if the opportunity is saved. Is there any BADI which provides such