Restricting access to a particular servlet in Weblogic

Similar Messages

• How do I restrict access to JSP or servlet only through SSL Port

  Hi
  I want to restrict the access to few jsp and servlet only through SSL port,
  so how can I block the acces to those jsp and servlet through normal port??? We
  are using weblogic 5.1.
  Any help on this highly appreciated.
  Aruna

  Hi,
  To restrict access(56 bits or less). follow the below steps.
  1. Go to your Webserver instance ServerManager
  2. Click Preferences Tab ------> Encryption Preference
  ------> There disable "DES with 56 bit
  encryption and MD5 message authentication."
  for SSL 2.0 ciphers or SSL3.0 Ciphers. Which ever
  needed.
  3. Save and Restart the Webserver instance.
  The above steps are for 4.x version.
  Thanks,
  Daks.

• Best way to restrict access to documents (outside of the group or library level)

  Hi, we're thinking of implementing SharePoint Server 2013 Standard Edition for our organization. Many of our employees are research scientists working on proprietary information. From the (admittedly little) I understand about SharePoint, if a user wants
  to restrict access to a particular document to the 2 or 3 people with whom they're collaborating (and also have it not appear in the search results), they will have to email their power user to request that a new document library be created in which they can
  store their documents. Is that correct? In this case, what is the best way to handle item-level permissions? Users absolutely want to have the freedom to restrict access to their documents themselves rather than being forced to go to their power user. Thanks.

  Hi,
  Per my knowledge, if you want to restrict access to the documents to some users, then you need to have Manage Permissions permission to modify other users’ permission on the documents.
  If you do not have the Manage Permissions permission, I recommend to ask the site administrator to create a workflow as below to remove the corresponding users’ permission on the documents which you uploaded. You can start the workflow on the document you
  upload and then the permission of the users set on the workflow will be removed from the document.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Restrict access to particular websites in OS X Server 10.3

  Hi!
  Is there any way to restrict access to particular websites from the MAC OS X 10.3 server directly?
  Thanks!

  Restrict in what way?
  Limit access to specific client IP addresses?
  Require a username/password to access content?
  The former can be done, but requires manual tweaking of the config file (and may block subsequent editing via Server Admin).
  For the latter, use Server Admin -> (server) -> Web -> Sites -> (site) -> Realms to define a realm, then specify the users that can access the directory.
  Note that latter doesn't prevent someone sniffing the network to gain credentials to view the content - for that you need to couple the site with SSL encryption.

• Need to restrict access to multiple servlet applications on same box

  Hi!
  I have deployed two separate servlet applications to the same IAS. I need
  to restrict access to each application - that is requests from one source
  should only have access to one application and not the other. The web
  server we are using is IIS.
  Should I create a separate IAS to deploy the second application to? Can I
  restrict based on IP - that is port 80 is reserved to application 1 while
  port 81 is restricted to application 2? If so, how do I go about this? It
  appears that the web connector only receives on one port (default 80).
  Any help would be greatly appreciated.
  Sheila

  I see. So do you mean that I can override the port number in the proxy startup script itself? I can try doing that and see if it works fine.
  About Coherence 3.7, yes. I did see that it has some cool features about proxy discovery. But at this point I am stuck at using 3.6 and 3.6.1.
  Edited by: online19 on Jun 29, 2011 5:41 PM

• Restricting access for servlet

  Hi,
  I've two servlet urls:
  http://mymachine/servlet/f60servlet?config=One
  and
  http://mymachine/servlet/f60servlet?config=Two
  I want One to be open for internet and Two only open for intranet. With:
  <Location /servlet >
  order deny,allow
  deny from all
  allow from mynetwork
  </Location>
  in jserv.conf I can restrict access to my intranet but this restriction is applyied to both my applications.
  How can I restrict access for Two but not for One?
  I use iAS 1.0.2.2 on a Sun Solaris 8 machine and Forms6i patch 10.
  kind regards,
  Ivan

  Hi,
  I did open a tar with Oracle and the problem is solved by
  1) creating an alias for /servlet/f60servlet in zone.properties:
  servlet.f60listener.code=oracle.forms.servlet.ListenerServlet
  servlet.f60servlet.code=oracle.forms.servlet.FormsServlet
  servlet.f60servlet.initArgs=configFileName=/u01/app/oracle/product/8.0.6/forms60/server/formsweb.cfg
  servlet.f60listener1.code=oracle.forms.servlet.ListenerServlet
  servlet.f60servlet1.code=oracle.forms.servlet.FormsServlet
  servlet.f60servlet1.initArgs=configFileName=/u01/app/oracle/product/8.0.6/forms60/server/formsweb_internet.cfg
  In formsweb_internet.cfg is only the web-form app defined that should be open for internet
  2) in jserv.conf :
  <Location /servlet/f60servlet>
  order deny,allow
  deny from all
  allow from <mynetwork>
  </Location>
  <Location /servlet/f60servlet1>
  order deny,allow
  deny from all
  allow from all
  </Location>
  See also Doc ID: 180741.996 on metalink.
  Hi,
  I've two servlet urls:
  http://mymachine/servlet/f60servlet?config=One
  and
  http://mymachine/servlet/f60servlet?config=Two
  I want One to be open for internet and Two only open
  for intranet. With:
  <Location /servlet >
  order deny,allow
  deny from all
  allow from mynetwork
  </Location>
  in jserv.conf I can restrict access to my intranet
  but this restriction is applyied to both my
  applications.
  How can I restrict access for Two but not for One?
  I use iAS 1.0.2.2 on a Sun Solaris 8 machine and
  Forms6i patch 10.
  kind regards,
  Ivan

• How can you create a weblogic ID and restrict access within weblogic?

  for e.g. I would like to create an account 'x' in weblogic and give this user access to only 'security realms' within weblogic and NO other functionality.
  Is this possible?
  Thanks.

  In OBIEE 11g the weblogic roles follow the same type of logic as we all have come to enjoy from role based security.
  There are some default roles in WLS such as Deployer, Administrator, etc. defined by default in web logic.
  You can create a WebLogic user using the DefaultProider, Security Realm > Realm > User >New ...
  and then add that user to a group or directly to a new Policy Role.
  Take a look at the "Administrators" Group for an example of how it relates to the global "Admin" role under the Role & Policies tab.
  Finally, I don't think that you can isolate just the Security Realm for a Web Logic user. Take a look at this document to see what aspects you can provide privileges on,
  http://download.oracle.com/docs/cd/E14571_01/web.1111/e13747/types.htm#i1241945
  Cheers,
  Christian
  http://www.artofbi.com

• How do we restrict the user access for a particular G/L account

  Dear Experts,
  At our customer site, we follow master / derived role concept for authorisations.
  We have a requirement to restrictict user at G/l account authorisation level.
  I am aware that every g/l account account has a authorisaition group. But g/l account authorisation is a non-org value for which the present value is * for brgru, we cannot restrict by user/org. At our customer site the authorisations are provided at master role level for a designation and derived role is restricted for a plant, BA etc..
  Is there is any user parameter level restriction which can handle this requirement, i mean user parameter for specific g/l account, as we do LIF pid to restrict vendor level access.
  Appreciate your suggestions ASAP.
  Best regards,
  M.Kumaran

  Depends.
  What are you trying to protect? GL account masterdata (FS00) or FI document creation for specific GL accounts?
  Without knowing more about the design principles behind your roles, your release or other restrictions, I would suggest:
  (1) grouping off the GL accounts you want to protect in authorization groups (maintained via FS00);
  (2) deactivating either object F_BKPF_BES (if your trying to restrict FI document creation) or object F_SKA1_BES (if your trying to restrict access to GL account masterdata) or both in master/derived role;
  (3) create several separate roles that would contain only the aforementioned objects with access to specific GL account groups;
  (4) assign the roles from step 3 to users as required.
  Hope this helps.

• Is there a way of restricting access to columns in a BI BEANS report?

  Hi,
  I was wondering if there is a way to retrict access to a column in a BI BEANS crosstab report. The scenario is, if a particular user has the priviledges to see the profit column in a crosstab, but another user doesn't is there any way to stop the less restricted user from seeing this column using the same BI BEANS report?
  This is really the alternative to having 2 reports, 1 with the profit column and 1 without, and depending on what user is logged in, it will show one or the other.
  Regards,
  Scott.

  Hi Scott,
  This is an interesting question.
  If I presume you are talking about an OLAP data source where data does not reside in an Analytic Workspace, then the following is true :-
  The BI Beans respects database security and therefore the user has access to a particular schema(s) and table(s) in the database.
  When talking about cubes, you must remember a cube is mapped to a particular Fact table and dimensions.
  Because a Measure is a constituent sub-component of a cube, unless the measures are sourced from different fact tables with different user privileges, then it would be difficult to discriminate against users and hide columns or measures.
  Basically, what I am saying is:
  A cube is the finest granularity at which users can be differentiated.
  A cube maps to a fact table, hence this is the level at which the DB grants are applied.
  Unless measures belonged to different cubes, and hence different fact tables, then it would be impossible to discriminate against users and access to different columns/measures.
  What you could do however, at the BI Beans application level is :-
  Before displaying a presentation object, you could filter the Query programmatically and remove components which you did not want to display i.e. measures etc.
  This would require more leg work with the presentation object and filtering the embedded query, but would achieve the same effect. You would have to work out a method of validating users too and what they had access to.
  I hope this answers your Question.
  Should you require more information, please let us know.
  Many Thanks
  BI Beans
  Product Management

• Restrict Access to Page Issue...

  Hi this is my first time on Adobe forums, im regard myself as
  new to web design, im making my first proper website, for portfolio
  purposes. www.imaginationwebdesign.co.uk/port2 is the website..
  I am using Dreamweaver CS3 coding with HTML / PHP / MySQL
  My Issue:
  I have implemented Restrict Access to Page dependant upon
  User / Pass / Access Level.
  Access Levels are 1 and 3 and are stored on my MySQL
  Database.
  3 = Full Admin Rights
  1 = Minimal Admin Rights.
  Now, Whilst the Restrict access works, when Access Level 1
  attempts to display page only for Access Level 3, It's not
  redirecting to the "AccessDenied.php" page... instead a blank white
  page is being displayed and unless i press Back, it just stays
  blank and doesnt redirect.
  I have used the Server Behaviour Panel so the code is
  automatically generated but the source is:
  <?php
  if (!isset($_SESSION)) {
  session_start();
  $MM_authorizedUsers = "3";
  $MM_donotCheckaccess = "false";
  // *** Restrict Access To Page: Grant or deny access to this
  page
  function isAuthorized($strUsers, $strGroups, $UserName,
  $UserGroup) {
  // For security, start by assuming the visitor is NOT
  authorized.
  $isValid = False;
  // When a visitor has logged into this site, the Session
  variable MM_Username set equal to their username.
  // Therefore, we know that a user is NOT logged in if that
  Session variable is blank.
  if (!empty($UserName)) {
  // Besides being logged in, you may restrict access to only
  certain users based on an ID established when they login.
  // Parse the strings into arrays.
  $arrUsers = Explode(",", $strUsers);
  $arrGroups = Explode(",", $strGroups);
  if (in_array($UserName, $arrUsers)) {
  $isValid = true;
  // Or, you may restrict access to only certain users based
  on their username.
  if (in_array($UserGroup, $arrGroups)) {
  $isValid = true;
  if (($strUsers == "") && false) {
  $isValid = true;
  return $isValid;
  $MM_restrictGoTo = "AccessDeniedAdmin.php";
  if (!((isset($_SESSION['MM_Username'])) &&
  (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'],
  $_SESSION['MM_UserGroup'])))) {
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING)
  > 0)
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar .
  "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo);
  exit;
  ?>
  any help would be great to get the redirection working...
  I've tried this on several pages and it still doesnt work.
  Thank you and sorry if this is posted in the wrong area.
  David.

  Davidbirkin wrote:
  > I finally managed to solve the issue.. although, to me
  it was a rather strange
  > issue..
  Strange to you, perhaps, but it's a very common issue.
  > Before the Validation to check for Access level i had
  this line of code...
  >
  > <?php require_once('Connections/con1.php'); ?>
  >
  > No, i have moved that line of code to appear AFTER the
  access level validation
  > check, and it's all working fine... maybe it's the order
  i added the dynamic
  > functions to the Page, but now it is working...
  As I said in my original reply, the problem was almost
  certainly caused
  by an error that you couldn't see because the display of
  errors is
  turned off for security reasons. The Restrict Access to Page
  server
  behavior uses session_start(), which must come before there
  is any
  output to the browser. "Output" includes new lines or
  whitespace outside
  PHP tags. There is almost certainly an extra line at the end
  of
  con1.php, which would prevent the session from starting. In
  turn, that
  would generate an error, resulting in your blank page.
  The problem is closely related to the "headers already sent"
  error
  message that confuses most PHP beginners. Read about it here:
  http://docs.php.net/manual/en/function.header.php
  By the way, it sounds as though you are testing everything on
  a remote
  server, rather than testing locally before deploying to a
  remote server.
  That's a very bad idea, particularly if the display of errors
  is turned
  off. You should test files in a safe, local environment with
  error
  reporting turned to the highest level, and eliminate all
  errors before
  deploying to a live server. If you're testing locally, make
  sure that
  error_reporting in php.ini is set to E_ALL, and that
  display_errors is on.
  David Powers, Adobe Community Expert
  Author, "The Essential Guide to Dreamweaver CS3" (friends of
  ED)
  Author, "PHP Solutions" (friends of ED)
  http://foundationphp.com/

• Restricting access to reports for certain users

  Hi,
  We have few reports on a Multicube with Reporting unit authorization object. A certain group of users has this authorization. Now, we want a few of these users not to have access to one particular report on this multiprovider.
  Can anyone suggest a way to achieve this?
  Thanks,
  Abhishek.

  Abhishek,
  Use S_RS_COMP authorization object to restrict by queries. You can create 2 roles based on this object, one role with access to all the queries. The second one will have access to all but one. You can assign this role to relevant people.
  Although, this is slightly more maintenance intensive as every time a new query is created, someone has to add the query to one fo the roles based on security required.
  -Saket

• What is the best way to restrict access to the page

  Hello Everyone,
  We are trying to restrict access to the web page that is being accessed by the applet. Currently it is public so anybody can view it just by entering URL in the address window. We tried to restrict its access to only certain IP Addresses but then we need to enter every client's address out there since applets execute on the client and not on the server.
  Is there any good way of restricting access to the web page from an applet?
  Any help will be greatly appreciated.
  Thanks,
  Y.M.

  Most web servers allow protection of web resources.
  In particular, apache allows .htaccess (or other, if changed in the root configuration) files to change the access to various resources, and IIS allows you to set up protection domains to restrict access to folders.

• PI Sender HTTP adapter restricting access by IP

  We have a web service hosted on PI and we would like to limit access to this web service to only one web service client application. This is a high volume interface and not particularly sensitive data so we are not really looking for the SSL overhead. Is there any way other than SSL or using the HTTP logon procedure of AS-ABAP to restrict access to this web service? For example, can we specify anywhere on the AS or in the configuration of the PI Sender HTTP adapter that only requests from a certain IP addresses be processed?

  If you do not care about security then pass some basic authentication in the form of userid and password in either the header fields or in the url parameters.  These could then be authenticated in the Web Service - though this is not ideal

• Restricting access to system queries

  Hi experts!
  Is it possible to restrict access to system queries (in SAP reports) for a particular user?
  Also, can we restrict inventory reports generated to a certain item group only for a particular user? example: item groups available are Spare Parts, Raw Mat, WIP & FG. The user should only be able to generate inventory reports concerning Spare Parts.
  thanks.
  regards,
  tessa

  Hi Tessa
  You can restrict Access to System Queries by providing NO AUTHORIZATION to the option Saved Query - System.
  The same can be set under
  Administration --> System Initialization --> Authorizations --> General Authorizations --> Reports --> Query Generator --> Saved Queries - System
  Hope this helps.
  Regards
  Rohan S. Kamble

• Restrict access to Purchase Co-ordinators by Vendors in ME51N

  Hi Experts,
  Please let me know how to restrict the access to Purchase Co-ordinators by displaying only limited Vendors(by Vendor Account Group) in ME51N.

  Davidbirkin wrote:
  > I finally managed to solve the issue.. although, to me
  it was a rather strange
  > issue..
  Strange to you, perhaps, but it's a very common issue.
  > Before the Validation to check for Access level i had
  this line of code...
  >
  > <?php require_once('Connections/con1.php'); ?>
  >
  > No, i have moved that line of code to appear AFTER the
  access level validation
  > check, and it's all working fine... maybe it's the order
  i added the dynamic
  > functions to the Page, but now it is working...
  As I said in my original reply, the problem was almost
  certainly caused
  by an error that you couldn't see because the display of
  errors is
  turned off for security reasons. The Restrict Access to Page
  server
  behavior uses session_start(), which must come before there
  is any
  output to the browser. "Output" includes new lines or
  whitespace outside
  PHP tags. There is almost certainly an extra line at the end
  of
  con1.php, which would prevent the session from starting. In
  turn, that
  would generate an error, resulting in your blank page.
  The problem is closely related to the "headers already sent"
  error
  message that confuses most PHP beginners. Read about it here:
  http://docs.php.net/manual/en/function.header.php
  By the way, it sounds as though you are testing everything on
  a remote
  server, rather than testing locally before deploying to a
  remote server.
  That's a very bad idea, particularly if the display of errors
  is turned
  off. You should test files in a safe, local environment with
  error
  reporting turned to the highest level, and eliminate all
  errors before
  deploying to a live server. If you're testing locally, make
  sure that
  error_reporting in php.ini is set to E_ALL, and that
  display_errors is on.
  David Powers, Adobe Community Expert
  Author, "The Essential Guide to Dreamweaver CS3" (friends of
  ED)
  Author, "PHP Solutions" (friends of ED)
  http://foundationphp.com/