Restricting access by using custom buffer extension

Similar Messages

• Illegal Access Error : using Custom Tags

  Ive a very simple custom tag that try to print curent date on webpage but when I try to run it gives me following error
  java.lang.IllegalAccessError: try to access class com.sun.xml.tree.ParentNode from class org.apache.jasper.compiler.TagLibraryInfoImpl
  java.lang.IllegalAccessError: try to access class com.sun.xml.tree.ParentNode fr
  om class org.apache.jasper.compiler.TagLibraryInfoImpl
  Here is my jsp code
  <html>
  <head>
  <%@ taglib uri="http://127.0.0.1:8080/examples/cdate.tld" prefix="examples"%>
  </head>
  <body>
  The file is <examples:cdate/>
  </body>
  </html>
  here goes cdate.tld code
  <?xml version="1.0" encoding="ISO-8859-1" ?>
  <!DOCTYPE taglib PUBLIC "-//Sun Microsystems, Inc.//DTD JSP Tag Library 1.1//EN" "http://java.sun.com/j2ee/dtds/web-jsptaglibrary_1_1.dtd">
  <taglib>
  <tlibversion>1.0</tlibversion>
  <jspversion>1.1</jspversion>
  <shortname>examples</shortname>
  <uri>http://www.mycompany.com/taglib</uri>
  <info>An example tag library</info>
  <tag>
  <name>cdate</name>
       <tagclass>datex.DateTag</tagclass>
  <info>Returns Current Date</info>
  </tag>
  </taglib>
  here is web.xml entry
  <taglib>
       <taglib-uri>
            http://127.0.0.1:8080/examples/WEB-INF/cdate.tld
       </taglib-uri>
       <taglib-location>
            /WEB-INF/cdate.tld
       </taglib-location>
  </taglib>
  here is the taghandler class code
  package datex;
  import java.io.*;
  import java.util.Date;
  import javax.servlet.jsp.*;
  import javax.servlet.jsp.tagext.*;
  public class DateTag extends javax.servlet.jsp.tagext.TagSupport {
  private String date;
  public int doStartTag() throws JspException {
            StringBuffer html = new StringBuffer();
            date = new Date().toString();
       html.append("Current Date : ");
       html.append(date);
       try {
       pageContext.getOut().write(html.toString());
       } catch (IOException ioe) {
       throw new JspException(ioe.getMessage());
  return EVAL_BODY_INCLUDE;
  public void setDate(String s) {
  this.date = s;
  can any one plz hlp me

  when i put the struts tags into the subforld such as /web-inf/tags , the jsp page tell me parsing tags error.
  should i must put all this tags in the right fold?
  i configure the url location in the web.xml as the route /web-inf/tags/....tld why invalid?

• How to restrict employees from accessing managers data using custom security profile

  Hi,
  I am using custom security profile for restricting the employees from accessing supervisors details(PG.SEGMENT2=4). I have written the custom code as below :
  Responsibility :US Super HRMS Manager
  ASSIGNMENT.PERSON_ID
  IN
  (SELECT PAF.PERSON_ID FROM PER_ALL_PEOPLE_F PAF,
  PER_ALL_ASSIGNMENTS_F PF,
  PAY_PEOPLE_GROUPS PG,
  PER_PERSON_TYPE_USAGES_F PPU,
  FND_USER FNU
  WHERE PAF.PERSON_ID=PF.PERSON_ID
  AND :EFFECTIVE_DATE BETWEEN PAF.EFFECTIVE_START_DATE
  AND PAF.EFFECTIVE_END_DATE
  AND PF.PEOPLE_GROUP_ID=PG.PEOPLE_GROUP_ID
  AND :EFFECTIVE_DATE BETWEEN PF.EFFECTIVE_START_DATE AND PF.EFFECTIVE_END_DATE
  AND PPU.PERSON_ID=PAF.PERSON_ID
  AND PPU.PERSON_ID=PF.PERSON_ID
  AND :EFFECTIVE_DATE BETWEEN PPU.EFFECTIVE_START_daTE AND PPU.EFFECTIVE_END_DATE
  AND PAF.PERSON_ID=FNU.EMPLOYEE_ID
  AND PAF.PERSON_TYPE_ID =2
  AND PPU.PERSON_TYPE_ID
  IN(2,62)
  and PAF.person_id = FND_PROFILE.value('user_id')
  AND PG.SEGMENT2=8)
  and using "restrict the people visible to each other using this profile".
  I have assigned the security profile to HR user responsibility
  But when I query the supervisor name in HR User responsibility , it is not restricting me from viewing supervisor details.
  When I query for first time, its restricting me to view others details, but when I close that click on torch button and try searching, its allowing me to access manages details.
  Can any one please let me know what setups need to be done for restricting employees from viewing supervisors data.
  I have gone through the document "Understanding and Using HRMS Security in Oracle HRMS" but didn't got any idea.
  Please suggest.
  Thanks & Regards,
  Anusha.

  Hi All ,
  i solved the problem by using event 01 of header view and using the table "Extract" .
  Regards,
  Neha

• Custom File Extension for Microsoft Access Text Driver (*.txt, *.csv)

  I'm trying to use a custom file extension for the Microsoft Access Text Driver (*.txt, *.csv) driver.
  I have updated the FileExtns registry to have my new extension.
  When I issue the following it does not work.
  select [NoName] 
  from openrowset('MSDASQL'
             ,'Driver={Microsoft Access Text Driver (*.txt, *.csv)};
                  DefaultDir=c:\filedir'
             ,'select * from "file.lst"')
  If I make the file a .csv it works fine.  However, if it has an extension of not CSV or TXT (in this case .lst, which is in the registry setting) extension it throws the following error and cannot seem to find a solution to it. 
  OLE DB provider "MSDASQL" for linked server "(null)" returned message "[Microsoft][ODBC Text Driver] Cannot update. Database or object is read-only.". Msg 7350, Level 16, State 2, Line 1 Cannot get the column information from
  OLE DB provider "MSDASQL" for linked server "(null)".
  In addition, (although I can probably find this elsewhere), I need to have the first line 'BLANK' so that it does not miss data (there is no header row).  Is there  a way to use OPENROWSET without BULK to basically include all rows as data?
  Any help is appreciated.

  Hi,
  According to your description, I did a test with your script, and got the same message as your post. Usually, by default, the Microsoft Access Text Driver (*.txt, *.csv) supports the four extensions file, such as *.asc, *.csv, *.tab, *.txt. To solve this issue,
  I recommend you try to save the LST file in the above format, then use OPENROESET to get data from the supported extensions file in SQL Server.
  In addition, the
  OPENROWSET function is mainly used to retrieve remote data from an OLEDB data source, when you use OPENROWSET without BULK, provider_name is a necessary parameter in the script. However, the OPENROWSET (BULK...) is mainly called from a SELECT…FROM clause
  within an INSERT statement, when importing bulk data from a data file into SQL Server table. Thus if you need to import bulk data, you should use the basic  syntax: INSERT ... SELECT * FROM OPENROWSET(BULK...), also there are some alternatives, such as
  BULK INSERT
  and
  BCP .
  Thanks
  Lydia Zhang

• How do you restrict access to custom applications?

  When I create portlets, there is usually an associated "admin" functionality that needs to be created for each custom application. An example is a shopping cart that we just created, we needed admins to be able to go in and upload photos.
  The way that I do this is I create a new portlet "Shopping Cart Admin" and restrict access to it that way. However, because I usually add everything in the /remoteserver/shoppingcart/. folder to the gateway space (its too painful to add one by one), this means that I can't put admin.aspx in that folder. So I usually end up creating a NEW folder /remoteserver/shoppingcartadmin/ for the admin portlet.
  Long story short, its a lot of work. I know that I could try to use activity rights, but those seem very global. How do you control edit access to your custom portlets?

  Well, there are a few different ways to go about it. You could add a preferences page with the admin functionality, and then an admin would just have to click the little pencil in the portlet titlebar. No admin/edit access, no little pencil.
  I have often set the visibility of an ASPX control directly from activity rights, in OnPageLoad, if it isn't postback time. The activity rights should be inherited by the user, through the user's group. Best practise is to create empty groups called Roles, add activity rights to the Roles, and then have the actual groups (that contain users) inherit from one or more Roles.
  You already knew that part, I added it for the others. My personal definition of a portlet is 'polymorphous instance of a web service'.
  So:
  Role: Store Manager (has Edit Shopping Cart activity right)
  ^
  Group: Store Managers (has Store Manager parent group)
  User: Vladimir (inherits Edit Shopping Cart activity right)

• Restrict access to users in customer line item display FBL5N

  Hi all,
  We got a requirement from my client that, they want to restrict access of their users to view details of few customers  only. The user has a right to view FBL5N transaction code, but he cannot view all customers details.
  we created 4 customer account groups,we created like .. SD customers1
                               SD customers2
                               Onetime customers
                               FI customers
  These FI customers cannot be viewed by all users except who has authorization in Tcode  FBL5N, we need to restrict to display only SD and one time customers details.
  we have tried with Basis but its not working and its blocking to view all customers.
  anyone got this kind of requirement , Is it possible to restrict....please help me.
  Thanks
  Nagesh
  Edited by: nag on Dec 27, 2011 5:26 PM

  It is standard behaviour that the authorization object F_KNA1_GRP(account group authroization) is not checked
  in the transacion FBL5N. You can confirm this functionality in trans. SE24.
  As a workaround, I would suggest you to use the authorization object F_KNA1_BED Customer: Account Authorization
  If you assign an authorization group as the accouting group, perhaps you can get a similar functionality.
  Please note that for the 'drill-down' or direct call of FBL5N these objects are checked:
    F_BKPF_BLA Accounting Document: Authorization for Document Types
    F_BKPF_BUK Accounting Document: Authorization for Company Codes
    F_BKPF_GSB Accounting Document: Authorization for Business Areas
    F_BKPF_KOA Accounting Document: Authorization for Account Types
    F_BKPF_BED Accounting Document: Account Authorization for Customers
    F_KNA1_BED Customer: Account Authorization
    F_KNA1_BUK Customer: Authorization for Company Codes
  Kind Regards
  Soumya

• Using the Security Manager to restrict access to a single package

  After reading up on the Security Manager, the package.access property and the use of the [accessClassInPackage RuntimePermission|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#RuntimePermission] , it seemed to me that it would possible to set up the following: I have a security-sensitive code base packaged in a jar, and I want to make sure that only one client code base that I specify is permitted to access it. The idea here is to prevent malicious code from executing anything in the sensitive code base; the sensitive code is only accessible to one client that I name in a security policy file. Perhaps rather foolishly, I advised a client to consider this before testing out a sample myself, because much to my surprise, it appears to me that it isn't possible to get the Security Manager to do this at all. Am I missing something? I'm a bit startled by this conclusion -- it seems like such an obvious use for the Security Manager, I'm hard-pressed to be believe that it can't be done, and more inclined to suspect that I'm going about it wrong.
  Here's what I thought I could do: set up the package.access property so that it denies access to any package; then in the policy file, grant the RuntimePermission/accessClassInPackage to the client code base that is permitted to access the sensitive code.
  Of course, you wouldn't want the package.access property to exclude all packages in the global java.security file, because then no code could be accessed at all. It would be necessary to use the trick of resetting the package.access property within the code, as [illustrated in the secure coding guidelines|http://java.sun.com/security/seccodeguide.html#1-1a] .
  But the problem lies in the idea of "use the package.access property to deny access to +any+ package". There doesn't seem to be any way to use wildcards or the like with the property -- it has to specifically name packages (or package prefixes) to which access is forbidden. It wouldn't do to try to name the packages to which I'm trying to prevent access, since we're trying to prevent access from malicious code -- the attacker could just choose package names that aren't on the list. I'd really need to say that access is denied to all packages, except for those in the permitted code base, but the security mechanisms for package access don't seem to allow that.
  Moreover, the trick of changing the value of package.access can't be done within the client code -- otherwise, the attacker client would just set the property to his own purposes. But it can't really be done within the sensitive package either, because the whole idea is to prevent access to that package, and by the time it's busy setting the property, it's already too late, because the package has to have been accessed by a client to get there at all.
  It seems to me that this a symptom of something I've never really understood about the design of the Security Manager -- you can grant permissions to specific code bases, but you can't revoke permissions from specific code bases, let alone all code bases. What I want to do here is grant access permission to one specific code base and revoke it from all others. There doesn't seem to be any way to express that with the mechanisms of the Security Manager.
  The more I look at it, the more it seems that there's just no way to use the Security Manager this way -- set up package access so that a specific code base can only be accessed by one specific client code base. There are surely other ways to get the effect that I'm looking for, but as far as I can tell, none of them involve restricting package access (for example: define a custom permission, grant it only to the permitted client. and check against that permission within the sensitive code base; meaning that the sensitive code has to be accessible to anyone in the first place). This conclusion really surprises me (not to mention my bit of embarrassment with the client); wouldn't this be precisely the sort of thing the Security Manager ought to be good for?

  You're looking at this back to front. The security policy file is there for the client to decide how much access he is going to give this application, not for to application to restrict who can use it. If you want to control what used to be called 'state orientation' you can do that directly by looking down the stack trace inside your code.

• Restrict Access to Page Using a password.php Instead of Server Behavior

  I previously used "log in" and "restrict access to page" server behaviors for my client portal when I only had one client. I had my username and password stored in mySQL database. I recently have gained more clients that all needed to be redirected to their own customized landing page when logged in. Because of this, I used a password.php to store the usernames and passwords and to redirect to different pages. Now, I am wondering how I can restrict access to these pages (i.e. someone won't be able to access the pages by typing the url) since I will not be connecting to a database anymore.

  I'm also confused by your statements.
  >Now, I am wondering how I can restrict access to these pages
  >(i.e.  someone won't be able to access the pages by typing the url)
  >since I  will not be connecting to a database anymore.
  It doesn't matter where you store the credentials - database or php file - the techniques for restricting access will be similar. I really don't understand why you moved away from the database when you got more clients. The more data you need to manage, the more reason to store it in a database.
  After logging in, most sites direct users to the same page, yet pull user specific data from the database. If for some reason you can't do this and need to built individual pages for each client, then store the 'landing' page for the client in the php file or database. Restrict access to each page by comparing the logged in name with an allowed login name. Or a more dynamic approach would be to dynamically pass the page name to a database query that validates that it's ok for the logged in user to access.
  Also, these questions are more appropriate for the app dev forum.

• How to use customer extension table for schedule line for shopping cart ?

  Dear Experts,
  One of our client wants to have schedule lines in shopping cart item. I am thinking of using customer extension table at item level for shopping cart. Could you please help me on  how I should proceed with the appending the structures so that the end user can fill the shopping cart schedule line details?
  Which fields should I consider in such cases?
  Thanks and regards,
  Ranjan

  Hi.
  I guess you use SRM 7.0. Please go to IMG.
  SRM -> SRM Server -> Cross-Application Basic Settings -> Extensions and Field Control (Personalization) -> Create Table Extensions and Supply with Data
  Regards,
  Masa

• ASA WebVPN. How do you restrict access to users in an AD group using LDAP?

  Hi All,
  I am trying to configure separate WebVPN connection profiles to give different portal bookmark contents to users based on their AD group membership.  This has been very difficult, even though I beleive it should be easy.
  The login page of teh ASA by default has a dropdown to allow default users to access the default portal and the SSL VPN client connection.
  There are two other portals that I would like to restrict access to based on AD group membership.  I have set these up to be selected by URL.
  The biggest problem is, I have no way of knowing how to go about this.  The AAA LDAP options show a group membership search, which I have configured, but I cannot say "Profile X is restricted to AD group CarpetBaggers", so that if soneone that is NOT a carpetbagger tries to log in, it fails.
  I can only do an all or nothing scenario.
  It would be nice to use Dynamic Access Policies to do this, and I have created a few, but they do NOT seem to work when the drop down aliases or URLs are in use.  So how do I go about using them in this scenario?  Turning off the aliases or URLs is not really an option right now.
  Scenario 1 would work the best for me.  Restrict access to profiles/groups based on AD group membership using LDAP.
  Scenario 2 would be an ideal longer term solution.
  Any thoughts, ideas or assitance would be greatly appreciated.
  Cheers

  This is exactly what i was looking for, and Nelson is correct.  When you enter the DAP configuration for a profile click on "Advanced" and there is the option to create a logical expression.  The guide (ther is a button to access this) is really helpful, with a couple of examples.  This is what i used:
  assert(function()
     if ( (type(aaa.ldap.distinguishedName) == "string") and
          (string.find(aaa.ldap.distinguishedName, "OU=Users") ~= nil) )
  then
         return true
     end
     return false
  end)()
  from the debug dap you can see what Users relates to;
  DAP_TRACE: Username: MyUsername, aaa.ldap.distinguishedName = CN=Mr B,OU=Users,OU=Site ******,DC=CH,DC=Mycompany,DC=com
  My admin account fails to get me in to the same profile:
  DAP_TRACE: dap_add_to_lua_tree:aaa["ldap"]["distinguishedName"]="CN=Admin Mr B,OU=Admin Users,OU=Site *****,DC=CH,DC=Mycompany,DC=com"
  Thanks
  Andrew

• Getting this message when trying to access our cameras, how to fix? This address is restricted This address uses a network port which is normally...

  Just installed Firefox for my boss, and ran into something I've not seen before. When trying to access our private camera system, that uses specific ports, I got this message: "This address is restricted - This address uses a network port which is normally used for purposes other than Web browsing. Firefox has canceled the request for your protection."
  Cannot find a setting in Firefox to correct this problem. Please help.

  Hello,
  Can you please check if either of these links help in the resolution of the issue
  # [http://kb.mozillazine.org/Network.security.ports.banned.override Firefox ports override]
  #[http://blog.christoffer.me/post/2012-02-20-how-to-remove-firefoxs-this-address-is-restricted/ Remove Firefox this address is restricted error]
  Thank you

• Use Custom Extension Web Item to Retrieve DSO Data Directly

  Hi experts,
  Is it possible to use Custom Extension Item in BEx WAD to retrieve DSO data directly? The idea is to display master data for a line item (e.g. customer name, id, address etc.) in the header section of a Web Template. If it is possible, how can I implement that?
  If not, is there any other possibility to fulfill the requirement?
  Thanks in advance.
  Regards,
  Joon

  Hi experts,
  any update on this?
  Thanks,
  Joon

• Problem with Restrict Access to Page with access level using ASP

  I'm using Dreamweaver CS3 with ASP-VBScript and an Access
  database. The pages were created from scratch for this project,
  using those tools all the way through.
  I've created a login page, an admin homepage, and add, edit,
  and list records pages for three tables. The login page uses the
  Server Behavior "Log in User", all other pages use the Server
  Behavior "Restrict Access to Page". All of these are based on an
  Access Level.
  Login seems to work correctly, and redirects to the admin
  homepage. From the admin homepage, I can open any other page as
  expected, and they initially display correctly. On the add and edit
  pages, however,
  submitting the form often results in getting logged out, but
  not always.
  Once this happens, I can log back in, but other problems will
  sometimes occur during that second login session. Sometimes,
  logouts will occur on pages that worked fine during the first login
  session. Sometimes, another session variable that I've setup
  manually will change when it shouldn't...as if there were two
  values stored for my session variable, and reloading the page
  changes to the other value.
  This
  post seems closest to my experience, but it doesn't look like
  there was really an answer beyond "I had to fight with it for a bit
  to get it to work":
  I suspected that there is some problem with session settings
  on the server. We have an almost identical tool on the same server
  that was developed with an older version of DW that works more
  reliably; it sometimes has problems with the initial login, but
  never has a problem after that.
  Has anyone experienced problems like this? Any suggestions
  for what to check? I'm really pulling my hair out since it's so
  unreliable...the kind of problem that goes away when you try to
  show someone and comes back when they leave.

  Hello,
  I was thinking that all I would need would be the username, although username and paswsword would be more secure.  There are about 50 users and no groups or levels.  They are all equal ... same level.
  The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held.  I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
  I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
  Any assistance greatly appreciated.
  thanks.

• A custom filter or module, such as URLScan, restricts access to the file.

  My btns do not work, I think becuase I added this:
  import flash.display.Sprite;
      import flash.net.navigateToURL;
      import flash.net.URLRequest;
      import flash.net.URLVariables;
  to my time line code in an attempt to get four btns to funtion out correctly with a navigateToURL  "_self".
  Now the IIS browser reads "custom filter or module, such as URLScan, restricts access to the file".
  Where can I find these filters and destroy them...please?
  Sabby76

  You might want to find out what purpose the filter(s) serve(s) before destroying (disabling/removing) it/them. For example, URLScan is there to prevent potentially harmful requests from being processed by IIS, and is configurable.

• Restrict access using PHP

  Hi,
  I created a PHP/MySQL site useing Dreamweaver CS3. I created a set of pages that display, add and edit manes in a database, this is working fine. When I add Restrict Access to the pages every time I go to a new page I am taken back to the login page. Is there a way to fix this problem?
  Thanks,
  Bob

  Hi,
  After logging in I am sent to the correct restricted access page, that part works. From that page when I try to go to another restricted access page I am sent back to the login page, I login again and I go to that page. Every time I try to go to another restricted access page after login I get sent back to the login page
  Thanks
  Bob