Rules in pfsense config

Hi:
We created and installed a pfsense router yesterday. The router is working as expected except for 1 thing, all of our wifi users are being blocked from getting to the internet now. All the wired works though. I tested to see if the service is being blocked and it is by the "Block private Networks" feature. I am thinking a firewall rule must be created to allow the wifi users to be let out but so far have not found any documentation to help me on that. Could someone eaither point me to, or explain a rule for me to setup that will fix this. Thanks
PS: All the wifi users are attempting to login through wireless routers that are not using the internet port on the lan side of the pfsense router.
This topic first appeared in the Spiceworks Community

Hi Frank,
Apologies for not replying sooner, I'd expected the forum to notify me when a reply was posted but I obviously hadn't set it to watch this thread!
I actually can't do it in the graphical navigation editor because of the from-view-id being * - however doing it through the overview dialog seems to work ok in my limited testing.
It seems as though it's the command completion logic that dies because it's immediately after it populates a 'half word' (if that makes sense!! ie, I type navi and jdev suggests navigation-case which I click on).
It would appear, to answer your question more directly, to only do it in the direct XML editing screen.
Regards,
Steve

Similar Messages

Problem w.r.t. JSF 2.0 with faces-config.xml

Hi All,
I am trying to evaluate the features of JSF2.0.
For that, I have created a very simple application with "JSF 2.0.2".
There is a page that displays a composite component and some other form related components (inputtext, commandbutton).
When I deploy my application without any faces-config.xml file, everything renders perfectly fine.
When I deploy the app with faces-config.xml (even an empty one without any configuration), none of the components get rendered.
Only the html elements get displayed.
I need to define some navigation-rules in my config file. I am not sure how to go further from here.
The app server I am using for deploying my app is GlassFish(v3).
Any help or pointers towards solving my problem are highly appreciated.
You can find the xhtml file, etc of my project below.
Thank you,
With best regards,
Praveen
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
     <context-param>
          <param-name>javax.faces.DEFAULT_SUFFIX</param-name>
          <param-value>.xhtml</param-value>
     </context-param>
     <servlet>
          <servlet-name>Faces Servlet</servlet-name>
          <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
          <load-on-startup>1</load-on-startup>
     </servlet>
     <servlet-mapping>
          <servlet-name>Faces Servlet</servlet-name>
          <url-pattern>*.jsf</url-pattern>
     </servlet-mapping>
</web-app>
faces-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE faces-config PUBLIC "-//Sun Microsystems, Inc.//DTD JavaServer Faces Config 1.1//EN" "http://java.sun.com/dtd/web-facesconfig_1_1.dtd">
<faces-config xmlns="http://java.sun.com/JSF/Configuration">
</faces-config>
resources->acicomp->namesection.xhtml
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:ui="http://java.sun.com/jsf/facelets"
      xmlns:f="http://java.sun.com/jsf/core"
      xmlns:h="http://java.sun.com/jsf/html"
      xmlns:composite="http://java.sun.com/jsf/composite">
<composite:interface>
</composite:interface>
<composite:implementation>
     <h:panelGroup>
     <h:panelGrid columns="2">
          <h:outputText value="Name: "/>
          <h:inputText value="myName"/>
          <h:outputText value="Company: "/>
          <h:inputText value="myComp"/>
     </h:panelGrid>
     </h:panelGroup>
</composite:implementation>
</html>
index.xhtml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:h="http://java.sun.com/jsf/html"
      xmlns:aci="http://java.sun.com/jsf/composite/acicomp">
<h:head>
     <title>JSF Test Program</title>
</h:head>
<h:body>
     <p>My Simple Test Program</p>
        <h:form id="testForm" >
            <p>TEST</p>
            <aci:namesection></aci:namesection>
            <h:inputText id="username" value="John" />
            <h:commandButton id="submit" action="response" value="Submit"/>
        </h:form>
</h:body>
</html>

I found the problem.
The dtd location of the faces-config.xml had to be changed. It was pointing to the schema of 1.1.
With the following faces-config.xml, my application worked perfectly fine.
<?xml version="1.0"?>
<faces-config xmlns="http://java.sun.com/xml/ns/javaee"
              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
              xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
              version="2.0">
</faces-config>

Functions/Risks/Rules update recommendadtion

Hello colleagues,
Recently I have started to work with RAR(CC) tightly. Some points are uncleared for me and I would very appreciated for some helps and advices.
We performed post-installation steps for RAR (uploaded SAPObjects, BP, Functions, Rules and so on). The first my question is reqarding daily support system.
1) May we upload own files with actions and permissions which made by concotenation of standard actions/permissions files with our actions/permissions files? Or we have to manage via RAR interface?
1.1 In case if we can upload own files, would it rewrite existing information or add missing information?
1.2 Why standard files(actions, permissions) content duplicated information? For example, tcode F.13 contains in action file and permission file. Would it be enough to include F.13 (tcode and auth. objects) only in permission file?
2) Regarding question #1, should we run rule generation reports every time after changing:
2.1 If we add new BP, Function
2.2 If we don't change BP, Functions, but add new transactions/permissions to Functions
3) Is it possible to perform risk analysis during run of Rule Generation job (config -> log. systems -> generate rules)?
4) How to restrict number of rules if we get message like this:
Risk: M014 has exceeded the maximum number of rules (46,655) that can be generated
Regards,
Artem Ivashkin

Artem
yes all your questions are related to rules.
request you to divide them in two part and create new thread ...
that will be very helpful
Regarding :
) May we upload own files with actions and permissions which made by concotenation of standard actions/permissions files with our actions/permissions files? Or we have to manage via RAR interface?
"yes you can upload your own files, by modifiying the standard rule file. However be very cautious, the rate of error is very high. And extra TAB or RETURN and your rules will not be generated"
1.1 In case if we can upload own files, would it rewrite existing information or add missing information?
"Yes it will overwrite existing data"
1.2 Why standard files(actions, permissions) content duplicated information? For example, tcode F.13 contains in action file and permission file. Would it be enough to include F.13 (tcode and auth. objects) only in permission file?
"that is must, the program which generate rules. First create rules at Action level and based on Action level, Persmission level rules are generated"
regards,
Surpreet

Transported Alert rule not visible in RWB - Alert Configuration

Hi ,
I have Transported Alert rule Using Below mentioned blog ..
Know How to Transport Only the Required Alert Rules !!!
I have followed the following Procedure
1. Go to Transaction SE16 Data browser.
2. Give the table name as SXMSALERTRULES and hit F7. Then Execute (F8).
3. Copy the ALERTHASHVAL field value of the entries that needs to be transported.
4. Go to transaction SE10 and Create a Workbench Request.
5. Select the Task under Workbench Request and Go to Menu Request/Task -> Change Type and select Development/Correction.
6. Double click the task and go to edit mode.
7. Enter Program ID: R3TR, Object: TABU, Objects Name: SXMSALERTRULES, press Enter and click on Functions.
8. Paste the ALERTHASHVAL field value copied in Step-3 and Save.
Now I can see the transported entries in SXMSALERTRULES table . But when I check RWB- Alert Configurations .. There is no new entry for above transported rule ...
Please tell me what is missing or where am i wrong ...

Yes, My problem is Resolved ....
Solution : -
After Transport All Alert Rules, - >
I created Manual entry for any one of the alert rule from Alert Configuration. ->
Then automatically all other transported rule came into visible state ....
So now i can see all my transported rule in Alert Config...
I dont Know , How does it happaned .. But it worked for me ... All rules got visible to me only after creating a manual entry for amy one of the alert rule ...
Hope it helps someone else ...
Guys thanks for all your comments ...
Regards
PS

[Faces] Criterias for multiple faces-config.xml files...

Hi, I'm working in a big development proyect migrating an ERP. We know the mechanics of having multiple "faces-config" files, but is there some recommendation about the number of pages supported, or the total file size, or any other? We have found that jDeveloper has serious performance problems (in the development environment) with a big number of pages and navigation rules in one config file, but will it be the same if there are a lot of config files?
Has someone come to the same questions? Can someone share his or her experience on this particular matter?
Thanks for your

See Re: Very slow performance in Jdeveloper

Copying Rules

I have two BM servers. I am using iManager to maintain those servers. Is there a way to copy just one rule from one servers configuration to another, so I don't have to retype all of the entries that are in the rule?
Also, is there a way to take a text file and either import that file into a rule or is there a way to copy and past mulitple websites from a text file, like there was in NWAdmin?
Thanks,
Ken

In article <[email protected]>, Melnikok wrote:
> I have two BM servers. I am using iManager to maintain those servers. Is
> there a way to copy just one rule from one servers configuration to
> another, so I don't have to retype all of the entries that are in the
> rule?
BM 3.9, correct? Are you at sp1? You can copy and paste rules from one
server to the other with both versions, but the sp1 patch (iManager plugin
updates) makes it a lot easier to copy rules and proxy configs.
I don't know that you can copy just a single rule though.
If you are careful, when you export the rules to a file, you can edit the
resulting xml file with a text editor and insert (or delete) a rule.
>
> Also, is there a way to take a text file and either import that file
> into a rule or is there a way to copy and past mulitple websites from a
> text file, like there was in NWAdmin?
>
Again, manually modifying a saved xml file would probably be the thing to
try.
For the easiest way, by far, of adding lists of web sites into a rule, you
want to use LinkWall, which is based on lists of web sites in text
files...
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Java logical rule evaluator

Does anyone have a class method which will tak a logical rule from a configuration file and evaluate it to true or false. For example...
Specify a rule in a config file e.g.
Filed1.equals(field2);
This would then be read by the evaluator method and true / false would be output..
Many thanks

it's a little bit different from what I want to know...
but still, this is a good link...thanks!
i just want to restate my question...it seems a little vague..
from what I know, java provided logical fonts...these are monospaced, serif, sansserif, dialog and dialoginput...
in order to used them for let say for printing, they should be mapped to actual physical font that actually exist in the system. and the mapping is specified in the font.properties file and the runtime environment do the mapping using the physical font secified for that particular logical font...
now my problem is, what is the benefit or advantages of having or providing java's own logical font when one can use the actual physical font directly in creaing font instance?
i hope this is a little clearer...
thanks..

CSS 11500 config required

Hi i have 2 CSS configued on active passive mode and 3 servers behind CSS for port 8080 service allowed. I want to allow my inside network to access these severs behind CSS for new port 3366...can anybody provide with the config for the same

You need to configure the Service Interfaces for the servers again with the new port.lie the below example:-
Existing Server config:-
service Test-001_Int1_8080
ip address <>
port 8080
protocol tcp
keepalive type tcp
active
new Service interface config:-
service Indy-001_Int1_3366
ip address <>
port 3366
protocol tcp
keepalive type tcp
active
then it is the new content rule and other config stuff..

Number of risks / rules

Hello GRC guys,
I am very new to GRC and currently i am trying to set up a demo system.
After doing some basic steps in RAR, i soon found a good description for "configuration steps after installation".
And as soon as i found this guide a question arose:
referring to
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/d052816c-ae5b-2b10-8fb0-f0cdea038378
Why do they have more than 170.000 violations, and we have NONE?? I followed the steps provided in RULE UPLOAD of config guide and found the new SP08 for delta upgrading rules.
Looking at "Rule Architect" -> Rule Library, Action Level, we have about 16.000 active rules.
Why do they so many more rules than we have?

Hi Florian,
It seems you have missed something. Can you tell me what systems you are connecting from GRC?
We have uploaded standard rules and we have 32 risks starting F0*. We have ECC 5.0 as backend system for which these risks stand.
Please reupload them one by one again-
SAP provides action and permission rules for SAP ERP, APO, CRM, and SRM systems.
Sequence-
Business Process Text File
Function Text Files
Function Authorization Text Files
Rule Set Text File
Risk Text Files
Scheduling Rule Generation
You can get steps of upload from AC 5.3 config guide.
Once upload is successful, please reschedule User,Role,Profile full sync. After successful completion, reschedule full sync Batch Risk Analysis(User,Role,Profile), critical actions for role/profile, and Management Reports.
After succesful completion, you shoudl be able t osee management reports.
Regards,
Sabita

ADF Faces useWindow attribute

I am trying to open a Dialog window using an af:CommandLink. It is not opening a new window, only navigating to the page as normal. Is there anything obvious I am doing wrong? I have also seen this syntax
useDialog="true"
The IDE is rejecting this as not part of the tld. It may have been part of an earlier version of ADF Faces?
Here is the script from the page
<af:table   var="row"
            value="#{accountBacking.accounts}"
            rows="5"
            banding="row"
            styleClass="table.sample"
            binding="#{accountBacking.table}"
            >
.......Trimmed for relevance.........
    <af:column formatType="icon">
        <f:facet name="header">
            <af:outputText value="Edit"/>
        </f:facet>
        <af:commandLink useWindow="true"
                        action="#{accountBacking.editAccountAction}"
                        partialSubmit="true">
            <af:objectImage source="/images/edit-blue.gif"/>
        </af:commandLink>
    </af:column>
.......Trimmed for relevance.........
</af:Table>

I figured it out. In older examples where useDialog was used, the return value from the action was "process:something". This was also defined as a navigation rule in faces-config.xml
I found an example from oracle that uses the useWindow attribute. Instead of "process:something" it should be "dialog:something"
Here is the example
http://www.oracle.com/webapps/online-help/jdeveloper/10.1.3/state/content/navId.4/navSetId._/vtTopicFile.jsf_apps%7Cadfcreate%7Caf_acommandanddialog~html/

Bayes Error Question after Spamassassin Upgrade

I have just upgraded to Version 3.1.5 of the Spamassassin and I am getting the following readout when after I run spamassassin -D --lint
xserve1:/var/amavis root# spamassassin -D --lint
[18757] dbg: logger: adding facilities: all
[18757] dbg: logger: logging level is DBG
[18757] dbg: generic: SpamAssassin version 3.1.5
[18757] dbg: config: score set 0 chosen.
[18757] dbg: util: running in taint mode? yes
[18757] dbg: util: taint mode: deleting unsafe environment variables, resetting PATH
[18757] dbg: util: PATH included '/bin', keeping
[18757] dbg: util: PATH included '/sbin', keeping
[18757] dbg: util: PATH included '/usr/bin', keeping
[18757] dbg: util: PATH included '/usr/sbin', keeping
[18757] dbg: util: final PATH set to: /bin:/sbin:/usr/bin:/usr/sbin
[18757] dbg: message: ---- MIME PARSER START ----
[18757] dbg: message: main message type: text/plain
[18757] dbg: message: parsing normal part
[18757] dbg: message: added part, type: text/plain
[18757] dbg: message: ---- MIME PARSER END ----
[18757] dbg: dns: is Net::DNS::Resolver available? yes
[18757] dbg: dns: Net::DNS version: 0.59
[18757] dbg: diag: perl platform: 5.008006 darwin
[18757] dbg: diag: module installed: Digest::SHA1, version 2.10
[18757] dbg: diag: module installed: Archive::Tar, version 1.30
[18757] dbg: diag: module installed: IO::Zlib, version 1.04
[18757] dbg: diag: module installed: DB_File, version 1.814
[18757] dbg: diag: module installed: HTML::Parser, version 3.36
[18757] dbg: diag: module installed: MIME::Base64, version 3.05
[18757] dbg: diag: module installed: Net::DNS, version 0.59
[18757] dbg: diag: module installed: Net::SMTP, version 2.29
[18757] dbg: diag: module installed: Mail::SPF::Query, version 1.999001
[18757] dbg: diag: module installed: IP::Country::Fast, version 604.001
[18757] dbg: diag: module installed: Razor2::Client::Agent, version 2.82
[18757] dbg: diag: module installed: Net::Ident, version 1.20
[18757] dbg: diag: module not installed: IO::Socket::INET6 ('require' failed)
[18757] dbg: diag: module installed: IO::Socket::SSL, version 1.0
[18757] dbg: diag: module installed: Time::HiRes, version 1.68
[18757] dbg: diag: module installed: DBI, version 1.52
[18757] dbg: diag: module installed: Getopt::Long, version 2.34
[18757] dbg: diag: module installed: LWP::UserAgent, version 2.033
[18757] dbg: diag: module installed: HTTP::Date, version 1.47
[18757] dbg: ignore: using a test message to lint rules
[18757] dbg: config: using "/etc/mail/spamassassin" for site rules pre files
[18757] dbg: config: read file /etc/mail/spamassassin/init.pre
[18757] dbg: config: read file /etc/mail/spamassassin/v310.pre
[18757] dbg: config: read file /etc/mail/spamassassin/v312.pre
[18757] dbg: config: using "/usr/local/share/spamassassin" for sys rules pre files
[18757] dbg: config: using "/usr/local/share/spamassassin" for default rules dir
[18757] dbg: config: read file /usr/local/share/spamassassin/10_misc.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_advance_fee.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_anti_ratware.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_body_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_compensate.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_dnsbl_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_drugs.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_fake_helo_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_head_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_html_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_meta_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_net_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_phrases.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_****.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_ratware.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/20_uri_tests.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/23_bayes.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_accessdb.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_antivirus.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_body_tests_es.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_body_tests_pl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_dcc.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_dkim.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_domainkeys.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_hashcash.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_pyzor.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_razor2.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_replace.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_spf.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_textcat.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/25_uribl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_de.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_fr.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_it.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_nl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_pl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/30_text_pt_br.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/50_scores.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_awl.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_dk.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_dkim.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_spf.cf
[18757] dbg: config: read file /usr/local/share/spamassassin/60_whitelist_subject.cf
[18757] dbg: config: using "/etc/mail/spamassassin" for site rules dir
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_adult.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_bayes_poison_nxm.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum0.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum1.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_evilnum2.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_html.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_obfu.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_oem.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_random.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sare_stocks.cf
[18757] dbg: config: read file /etc/mail/spamassassin/70_sc_top200.cf
[18757] dbg: config: read file /etc/mail/spamassassin/99_FVGT_Tripwire.cf
[18757] dbg: config: read file /etc/mail/spamassassin/Chinese_rules.cf
[18757] dbg: config: read file /etc/mail/spamassassin/local.cf
[18757] dbg: config: read file /etc/mail/spamassassin/weeds.cf
[18757] dbg: config: using "/private/var/root/.spamassassin/user_prefs" for user prefs file
[18757] dbg: config: read file /private/var/root/.spamassassin/user_prefs
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::URIDNSBL from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Hashcash from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Hashcash=HASH(0x1c828d8)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::SPF from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::SPF=HASH(0x1d91a64)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Pyzor from @INC
[18757] dbg: pyzor: network tests on, attempting Pyzor
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Pyzor=HASH(0x1c66f5c)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::Razor2 from @INC
[18757] dbg: razor2: razor2 is available, version 2.82
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::Razor2=HASH(0x466db0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::SpamCop from @INC
[18757] dbg: reporter: network tests on, attempting SpamCop
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::SpamCop=HASH(0x468e68)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::AWL from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::AWL=HASH(0x1dd02d0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::AutoLearnThreshold from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::AutoLearnThreshold=HASH(0x1e34100)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::WhiteListSubject from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::WhiteListSubject=HASH(0x1e36be0)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::MIMEHeader from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::MIMEHeader=HASH(0x1e39d30)
[18757] dbg: plugin: loading Mail::SpamAssassin::Plugin::ReplaceTags from @INC
[18757] dbg: plugin: registered Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x1e3e260)
[18757] dbg: config: adding redirector regex: /^http:\/\/chkpt\.zdnet\.com\/chkpt\/\w+\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/www(?:\d+)?\.nate\.com\/r\/\w+\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/.+\.gov\/(?:.*\/)?externalLink\.jhtml\?.*url=(.*?)(?:&.*)?$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/redir\.internet\.com\/.+?\/.+?\/(.*)$/i
[18757] dbg: config: adding redirector regex: /^http:\/\/(?:.*?\.)?adtech\.de\/.*(?:;|\|)link=(.*?)(?:;|$)/i
[18757] dbg: config: adding redirector regex: m'^http.*?/redirect\.php\?.*(?<=[?&])goto=(.*?)(?:$|[&\#])'i
[18757] dbg: config: adding redirector regex: m'^https?:/*(?:[^/]+\.)?emf\d\.com/r\.cfm.*?&r=(.*)'i
[18757] dbg: config: adding redirector regex: m'/(?:index.php)?\?.*(?<=[?&])URL=(.*?)(?:$|[&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/url\?.*?(?<=[?&])q=(.*?)(?:$|[&\#] )'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%2 0|..[=+\s])site:(.*?)(?:$|%20|[\s+&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/search\?.*?(?<=[?&])q=[^&]*?(?<=%2 0|..[=+\s])(?:"|%22)(.*?)(?:$|%22|["\s+&\#])'i
[18757] dbg: config: adding redirector regex: m'^http:/*(?:\w+\.)?google(?:\.\w{2,3}){1,2}/translate\?.*?(?<=[?&])u=(.*?)(?:$ |[&\#])'i
[18757] warn: config: failed to parse line, skipping: scare RCVD_IN_NJABL_SPAM 3.0
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::ReplaceTags=HASH(0x1e3e260) implements 'finish_parsing_end'
[18757] dbg: replacetags: replacing tags
[18757] dbg: replacetags: done replacing tags
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: config: score set 1 chosen.
[18757] dbg: message: ---- MIME PARSER START ----
[18757] dbg: message: main message type: text/plain
[18757] dbg: message: parsing normal part
[18757] dbg: message: added part, type: text/plain
[18757] dbg: message: ---- MIME PARSER END ----
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: dns: name server: 209.198.128.11, family: 2, ipv6: 0
[18757] dbg: dns: testing resolver nameservers: 209.198.128.11, 209.198.128.27
[18757] dbg: dns: trying (3) google.com...
[18757] dbg: dns: looking up NS for 'google.com'
[18757] dbg: dns: NS lookup of google.com using 209.198.128.11 succeeded => DNS available (set dns_available to override)
[18757] dbg: dns: is DNS available? 1
[18757] dbg: metadata: X-Spam-Relays-Trusted:
[18757] dbg: metadata: X-Spam-Relays-Untrusted:
[18757] dbg: metadata: X-Spam-Relays-Internal:
[18757] dbg: metadata: X-Spam-Relays-External:
[18757] dbg: message: no encoding detected
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'parsed_metadata'
[18757] dbg: uridnsbl: domains to query:
[18757] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl-lastexternal
[18757] dbg: dns: checking RBL sa-accredit.habeas.com., set habeas-firsttrusted
[18757] dbg: dns: checking RBL sbl-xbl.spamhaus.org., set sblxbl
[18757] dbg: dns: checking RBL sa-other.bondedsender.org., set bsp-untrusted
[18757] dbg: dns: checking RBL combined.njabl.org., set njabl-lastexternal
[18757] dbg: dns: checking RBL combined.njabl.org., set njabl
[18757] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois
[18757] dbg: dns: checking RBL list.dsbl.org., set dsbl-lastexternal
[18757] dbg: dns: checking RBL bl.spamcop.net., set spamcop
[18757] dbg: dns: checking RBL sa-trusted.bondedsender.org., set bsp-firsttrusted
[18757] dbg: dns: checking RBL combined-HIB.dnsiplists.completewhois.com., set whois-lastexternal
[18757] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs-lastexternal
[18757] dbg: dns: checking RBL dnsbl.sorbs.net., set sorbs
[18757] dbg: dns: checking RBL iadb.isipp.com., set iadb-firsttrusted
[18757] dbg: check: running tests for priority: 0
[18757] dbg: rules: running header regexp tests; score so far=0
[18757] dbg: rules: ran header rule __HAS_MSGID ======> got hit: "<"@lint_rules>"
[18757] dbg: rules: ran header rule NO_REAL_NAME ======> got hit: "[email protected]
[18757] dbg: rules: "
[18757] dbg: rules: ran header rule __MSGID_OK_DIGITS ======> got hit: "1159381766"
[18757] dbg: spf: no suitable relay for spf use found, skipping SPF-helo check
[18757] dbg: eval: all '*From' addrs: [email protected]
[18757] dbg: eval: all '*To' addrs:
[18757] dbg: spf: no suitable relay for spf use found, skipping SPF check
[18757] dbg: rules: ran eval rule NO_RELAYS ======> got hit
[18757] dbg: spf: cannot get Envelope-From, cannot use SPF
[18757] dbg: spf: def_spf_whitelist_from: could not find useable envelope sender
[18757] dbg: rules: ran eval rule __UNUSABLE_MSGID ======> got hit
[18757] dbg: spf: spf_whitelist_from: could not find useable envelope sender
[18757] dbg: rules: ran eval rule MISSING_HEADERS ======> got hit
[18757] dbg: rules: running body-text per-line regexp tests; score so far=3.188
[18757] dbg: rules: ran body rule __NONEMPTY_BODY ======> got hit: "I"
[18757] dbg: uri: running uri tests; score so far=3.188
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: bayes: not scoring message, returning undef
[18757] dbg: bayes: opportunistic call attempt failed, DB not readable
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=3.188
[18757] dbg: rules: running full-text regexp tests; score so far=3.188
[18757] dbg: info: entering helper-app run mode
[18757] dbg: info: leaving helper-app run mode
[18757] dbg: razor2: part=0 engine=4 contested=0 confidence=0
[18757] dbg: razor2: results: spam? 0
[18757] dbg: razor2: results: engine 8, highest cf score: 0
[18757] dbg: razor2: results: engine 4, highest cf score: 0
[18757] dbg: util: current PATH is: /bin:/sbin:/usr/bin:/usr/sbin
[18757] dbg: pyzor: pyzor is not available: no pyzor executable found
[18757] dbg: pyzor: no pyzor found, disabling Pyzor
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'check_tick'
[18757] dbg: check: running tests for priority: 500
[18757] dbg: plugin: Mail::SpamAssassin::Plugin::URIDNSBL=HASH(0x18796d0) implements 'check_post_dnsbl'
[18757] dbg: rules: running meta tests; score so far=3.188
[18757] info: rules: meta test DIGEST_MULTIPLE has undefined dependency 'DCC_CHECK'
[18757] info: rules: meta test SARE_OBFU_CIALIS has undefined dependency 'SARE_OBFU_CIALIS2'
[18757] info: rules: meta test FP_MIXED_****3 has undefined dependency 'FP_PENETRATION'
[18757] dbg: rules: running header regexp tests; score so far=4.666
[18757] dbg: rules: running body-text per-line regexp tests; score so far=4.666
[18757] dbg: uri: running uri tests; score so far=4.666
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=4.666
[18757] dbg: rules: running full-text regexp tests; score so far=4.666
[18757] dbg: check: running tests for priority: 1000
[18757] dbg: rules: running meta tests; score so far=4.666
[18757] dbg: rules: running header regexp tests; score so far=4.666
[18757] dbg: config: using "/private/var/root/.spamassassin" for user state dir
[18757] dbg: locker: safe_lock: created /private/var/root/.spamassassin/auto-whitelist.lock.xserve1.topequip.com.18757
[18757] dbg: locker: safe_lock: trying to get lock on /private/var/root/.spamassassin/auto-whitelist with 0 retries
[18757] dbg: locker: safe_lock: link to /private/var/root/.spamassassin/auto-whitelist.lock: link ok
[18757] dbg: auto-whitelist: tie-ing to DB file of type DB_File R/W in /private/var/root/.spamassassin/auto-whitelist
[18757] dbg: auto-whitelist: db-based [email protected]|ip=none scores 0/0
[18757] dbg: auto-whitelist: AWL active, pre-score: 4.666, autolearn score: 4.666, mean: undef, IP: undef
[18757] dbg: auto-whitelist: DB addr list: untie-ing and unlocking
[18757] dbg: auto-whitelist: DB addr list: file locked, breaking lock
[18757] dbg: locker: safe_unlock: unlink /private/var/root/.spamassassin/auto-whitelist.lock
[18757] dbg: auto-whitelist: post auto-whitelist score: 4.666
[18757] dbg: rules: running body-text per-line regexp tests; score so far=4.666
[18757] dbg: uri: running uri tests; score so far=4.666
[18757] dbg: rules: running raw-body-text per-line regexp tests; score so far=4.666
[18757] dbg: rules: running full-text regexp tests; score so far=4.666
[18757] dbg: check: is spam? score=4.666 required=2
[18757] dbg: check: tests=MISSING_HEADERS,MISSING_SUBJECT,NO_REAL_NAME,NO_RECEIVED,NO_RELAYS,TO_CC_ NONE
[18757] dbg: check: subtests=__HAS_MSGID,__MSGID_OK_DIGITS,__MSGID_OK_HOST,__NONEMPTY_BODY,__SANE_M SGID,__UNUSABLE_MSGID
[18757] warn: lint: 1 issues detected, please rerun with debug enabled for more information
I am concerned with the following -
[18757] dbg: bayes: no dbs present, cannot tie DB R/O: /private/var/root/.spamassassin/bayes_toks
[18757] dbg: bayes: not scoring message, returning undef
[18757] dbg: bayes: opportunistic call attempt failed, DB not readable
I know that I have a failure with the IO::Socket::INET6 also.
I am also not getting (never have gotten) the BAYES tag when I look at the Raw Source on Spam Emails. I am assuming that error above could be the issue.
Any help on this would be greatly appreciated. I love this discussion group and it has helped me out of a bind more than once!
Thanks in advance for your time.
G5 Power Mac Mac OS X (10.4.7)

Latest news!
I just looked at a spam email and I see that it is tagged here is the info
X-Spam-Status: No, hits=-1.827 tagged_above=-999 required=2 tests=BAYES_00,
DIET_1
Now I am still concerned about the error I listed above about the Bayes DB. Any help would be great.

How do I open a page in new window using af:commandLink?

Hi,
I have a requirement where I need to open the page in a new window on clicking the af:commandLink.
I could use af:goLink, but I cannot as I have to invoke the URL using http POST method. If I use af:goLink, all the parameters will be displayed in the URL. I do not want that.
I have the below code for the commandLink:
<af:commandLink text="Open new window" id="cl199bk"
styleClass="AFRighColLinkText"
action="dialog:openNewWindow"
useWindow="true" windowHeight="400"
windowWidth="800" immediate="true"/>
When I click the commandLink, the page gets opened but in the same window. I have the below controlflow-case in my taskflow:
<control-flow-case id="__71">
<from-outcome id="__133">dialog:openNewWindow</from-outcome>
<to-activity-id id="__72">openNewWindow</to-activity-id>
</control-flow-case>
Please let me know what to do to have the page opened in new window/tab.
Thanks in advance!

Hi Frank,
I tried that too and the page always opened in the same page even with dialog:action set and useWindow set to true. I had the navigation rule in adfc-config as well.
I got it done using the url-view activity.
I have created a new bounded task flow with the url-view activity as the default activity. I called this new task flow from the actionListener bean method on commandLink. Set the new task flow to url-invoke-allowed.
I have my parameters set in the url-view activity. With this the parameters are not shown in the URL.
That did the trick for me.
Thanks.

Not able to log out of application:JspServlet:unable to dispatch to request

We are developing our application on oracle ADF (jdev verison:10.1.3.2). and deploying it in the SOA server(version 10.1.3.1).
The problem with our application is that when the logout button is clicked the application gives the following error:
500 Internal Server Error
Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response. Please consult the application log for details.
When the application log is consulted it reads:
08/07/02 07:20:45.209 Buddy: JspServlet: unable to dispatch to requested page: Exception:java.io.FileNotFoundException: C:\product \10.1.3.1\OracleAS_2\j2ee\home\applications\Buddy\ Buddy\common\skins\common\Login.jspx (The system cannot find the path specified)
We have an application wherein a global navigation rule in faces-config is defined as
<navigation-rule>
<navigation-case>
<from-outcome>login</from-outcome>
<to-view-id>/common/Login.jspx</to-view-id>
<redirect/>
</navigation-case>
The file Login.jspx is present at
C:\product \10.1.3.1\OracleAS_2\j2ee\home\applications\Buddy\ Buddy\common\common\Login.jspx
But somehow the deployed version tries to find it at
C:\product \10.1.3.1\OracleAS_2\j2ee\home\applications\Buddy\ Buddy\common\skins\common\Login.jspx
I am not able to understand why the page is being searched in
~\skins\common\Login.jspx and not in ~\common\Login.jspx
Please help me out of this situation.
Buddhadev

Please post ADF questions to the JDeveloper forum. ADF is a component of JDeveloper and all the experts in ADF are in the JDeveloper forum.
-steve-

Using container managed form-based security in JSF

h1. Using container managed, form-based security in a JSF web app.
A Practical Solution
h2. {color:#993300}*But first, some background on the problem*{color}
The Form components available in JSF will not let you specify the target action, everything is a post-back. When using container security, however, you have to specifically submit to the magic action j_security_check to trigger authentication. This means that the only way to do this in a JSF page is to use an HTML form tag enclosed in verbatim tags. This has the side effect that the post is not handled by JSF at all meaning you can't take advantage of normal JSF functionality such as validators, plus you have a horrible chimera of a page containing both markup and components. This screws up things like skinning. ([credit to Duncan Mills in this 2 years old article|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form&more=1&c=1&tb=1&pb=1]).
In this solution, I will use a pure JSF page as the login page that the end user interacts with. This page will simply gather the input for the username and password and pass that on to a plain old jsp proxy to do the actual submit. This will avoid the whole problem of having to use verbatim tags or a mixture of JSF and JSP in the user view.
h2. {color:#993300}*Step 1: Configure the Security Realm in the Web App Container*{color}
What is a container? A container is basically a security framework that is implemented directly by whatever app server you are running, in my case Glassfish v2ur2 that comes with Netbeans 6.1. Your container can have multiple security realms. Each realm manages a definition of the security "*principles*" that are defined to interact with your application. A security principle is basically just a user of the system that is defined by three fields:
- Username
- Group
- Password
The security realm can be set up to authenticate using a simple file, or through JDBC, or LDAP, and more. In my case, I am using a "file" based realm. The users are statically defined directly through the app server interface. Here's how to do it (on Glassfish):
1. Start up your app server and log into the admin interface (http://localhost:4848)
2. Drill down into Configuration > Security > Realms.
3. Here you will see the default realms defined on the server. Drill down into the file realm.
4. There is no need to change any of the default settings. Click the Manage Users button.
5. Create a new user by entering username/password.
Note: If you enter a group name then you will be able to define permissions based on group in your app, which is much more usefull in a real app.
I entered a group named "Users" since my app will only have one set of permissions and all users should be authenticated and treated the same.
That way I will be able to set permissions to resources for the "Users" group that will apply to all users that have this group assigned.
TIP: After you get everything working, you can hook it all up to JDBC instead of "file" so that you can manage your users in a database.
h2. {color:#993300}*Step 2: Create the project*{color}
Since I'm a newbie to JSF, I am using Netbeans 6.1 so that I can play around with all of the fancy Visual Web JavaServer Faces components and the visual designer.
1. Start by creating a new Visual Web JSF project.
2. Next, create a new subfolder under your web root called "secure". This is the folder that we will define a Security Constraint for in a later step, so that any user trying to access any page in this folder will be redirected to a login page to sign in, if they haven't already.
h2. {color:#993300}*Step 3: Create the JSF and JSP files*{color}
In my very simple project I have 3 pages set up. Create the following files using the default templates in Netbeans 6.1:
1. login.jsp (A Visual Web JSF file)
2. loginproxy.jspx (A plain JSPX file)
3. secure/securepage.jsp (A Visual Web JSF file... Note that it is in the sub-folder named secure)
Code follows for each of the files:
h3. {color:#ff6600}*First we need to add a navigation rule to faces-config.xml:*{color}
    <navigation-rule>
<from-view-id>/login.jsp</from-view-id>
        <navigation-case>
<from-outcome>loginproxy</from-outcome>
<to-view-id>/loginproxy.jspx</to-view-id>
        </navigation-case>
    </navigation-rule>
NOTE: This navigation rule simply forwards the request to loginproxy.jspx whenever the user clicks the submit button. The button1_action() method below returns the "loginproxy" case to make this happen.
h3. {color:#ff6600}*login.jsp -- A very simple Visual Web JSF file with two input fields and a button:*{color}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
    <jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
    <f:view>
        <webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:textField binding="#{login.username}"
id="username" style="position: absolute; left: 216px; top:
96px"/>
<webuijsf:passwordField binding="#{login.password}" id="password"
style="left: 216px; top: 144px; position: absolute"/>
<webuijsf:button actionExpression="#{login.button1_action}"
id="button1" style="position: absolute; left: 216px; top:
216px" text="GO"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
        </webuijsf:page>
    </f:view>
</jsp:root>h3. *login.java -- implent the
button1_action() method in the login.java backing bean*
    public String button1_action() {
        setValue("#{requestScope.username}",
(String)username.getValue());
setValue("#{requestScope.password}", (String)password.getValue());
        return "loginproxy";
    }h3. {color:#ff6600}*loginproxy.jspx -- a login proxy that the user never sees. The onload="document.forms[0].submit()" automatically submits the form as soon as it is rendered in the browser.*{color}
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
version="2.0">
<jsp:output omit-xml-declaration="true" doctype-root-element="HTML"
doctype-system="http://www.w3.org/TR/html4/loose.dtd"
doctype-public="-W3CDTD HTML 4.01 Transitional//EN"/>
<jsp:directive.page contentType="text/html"
pageEncoding="UTF-8"/>
<html>
<head> <meta
http-equiv="Content-Type" content="text/html;
charset=UTF-8"/>
<title>Logging in...</title>
</head>
<body
onload="document.forms[0].submit()">
<form
action="j_security_check" method="POST">
<input type="hidden" name="j_username"
value="${requestScope.username}" />
<input type="hidden" name="j_password"
value="${requestScope.password}" />
</form>
</body>
</html>
</jsp:root>
{code}
h3. {color:#ff6600}*secure/securepage.jsp -- A simple JSF{color}
target page, placed in the secure folder to test access*
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:staticText id="staticText1" style="position:
absolute; left: 168px; top: 144px" text="A Secure Page"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>
{code}
h2. {color:#993300}*_Step 4: Configure Declarative Security_*{color}
This type of security is called +declarative+ because it is not configured programatically. It is configured by declaring all of the relevant parameters in the configuration files: *web.xml* and *sun-web.xml*. Once you have it configured, the container (application server and java framework) already have the implementation to make everything work for you.
*web.xml will be used to define:*
- Type of security - We will be using "form based". The loginpage.jsp we created will be set as both the login and error page.
- Security Roles - The security role defined here will be mapped (in sun-web.xml) to users or groups.
- Security Constraints - A security constraint defines the resource(s) that is being secured, and which Roles are able to authenticate to them.
*sun-web.xml will be used to define:*
- This is where you map a Role to the Users or Groups that are allowed to use it.
+I know this is confusing the first time, but basically it works like this:+
*Security Constraint for a URL* -> mapped to -> *Role* -> mapped to -> *Users & Groups*
h3. {color:#ff6600}*web.xml -- here's the relevant section:*{color}
{code}
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<description/>
<url-pattern>/faces/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name/>
<form-login-config>
<form-login-page>/faces/login.jsp</form-login-page>
<form-error-page>/faces/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>User</role-name>
</security-role>
{code}
h3. {color:#ff6600}*sun-web.xml -- here's the relevant section:*{color}
{code}
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
{code}
h3. {color:#ff6600}*Almost done!!!*{color}
h2. {color:#993300}*_Step 5: A couple of minor "Gotcha's"_ *{color}
h3. {color:#ff6600}*_Gotcha #1_*{color}
You need to configure the "welcome page" in web.xml to point to faces/secure/securepage.jsp ... Note that there is *_no_* leading / ... If you put a / in there it will barf all over itself .
h3. {color:#ff6600}*_Gotcha #2_*{color}
Note that we set the <form-login-page> in web.xml to /faces/login.jsp ... Note the leading / ... This time, you NEED the leading slash, or the server will gag.
*DONE!!!*
h2. {color:#993300}*_Here's how it works:_*{color}
1. The user requests the a page from your context (http://localhost/MyLogin/)
2. The servlet forwards the request to the welcome page: faces/secure/securepage.jsp
3. faces/secure/securepage.jsp has a security constraint defined, so the servlet checks to see if the user is authenticated for the session.
4. Of course the user is not authenticated since this is the first request, so the servlet forwards the request to the login page we configured in web.xml (/faces/login.jsp).
5. The user enters username and password and clicks a button to submit.
6. The button's action method stores away the username and password in the request scope.
7. The button returns "loginproxy" navigation case which tells the navigation handler to forward the request to loginproxy.jspx
8. loginproxy.jspx renders a blank page to the user which has hidden username and password fields.
9. The hidden username and password fields grab the username and password variables from the request scope.
10. The loginproxy page is automatically submitted with the magic action "j_security_check"
11. j_security_check notifies the container that authentication needs to be intercepted and handled.
12. The container authenticates the user credentials.
13. If the credentials fail, the container forwards the request to the login.jsp page.
14. If the credentials pass, the container forwards the request to *+the last protected resource that was attempted.+*
+Note the last point! I don't know how, but no matter how many times you fail authentication, the container remembers the last page that triggered authentication and once you finally succeed the container forwards your request there!!!!+
+The user is now at the secure welcome page.+
If you have read this far, I thank you for your time, and I seriously question your ability to ration your time pragmatically.
Kerry Randolph

If you want login security on your web app, this is one way to do it. (the easiest way i have seen).
This method allows you to create a custom login form and error page using JSF.
The container handles the actual authentication and protection of the resources based on what you declare in web.xml and sun-web.xml.
This example uses a statically defined user/password, stored in a file, but you can also configure JDBC realm in Glassfish, so that that users can register for access and your program can store the username/passwrod in a database.
I'm new to programming, so none of this may be a good practice, or may not be secure at all.
I really don't know what I'm doing, but I'm learning, and this has been the easiest way that I have found to add authentication to a web app, without having to write the login modules yourself.
Another benefit, and I think this is key ***You don't have to include any extra code in the pages that you want to protect*** The container manages this for you, based on the constraints you declare in web.xml.
So basically you set it up to protect certain folders, then when any user tries to access pages in that folder, they are required to authenticate.
--Kerry

Dynamic Error Message from a Bundle Showed in a rich:fileUpload

Hello.
There is a way to show a dynamic error message from a bundle (i.e, There is a problem in the word {0} in line {1}.) in a rich:fileUpload after the Managed Bean method in fileUploadListener="#{MyManagedBean.myMethod}" attribute was performed? That's because the error message parameters are discovered only after the MyManagedBean.myMethod execution.
As far I know, I'm able only to show a static message with transferErrorLabel="#{myBundle.myErrorMessage}" attribute.
Here is my rich:fileUpload component code:
<rich:fileUpload id="upload"
     fileUploadListener="#{PlanilhaManagedBean.importar}"
     maxFilesQuantity="100"
     immediateUpload="true" listHeight="130" acceptedTypes="xls"
     addControlLabel="#{bundle.geralProcurarArquivo}"
     ontyperejected="alert('#{bundle.geralExtensaoInvalida}')"
     cancelEntryControlLabel="#{bundle.geralCancelar}"
     clearAllControlLabel="#{bundle.geralLimparTudo}"
     clearControlLabel="#{bundle.geralLimpar}"
     doneLabel="#{bundle.geralArquivoTransferidoComSucesso}"
     progressLabel="#{bundle.geralTransferindoArquivo}"
     stopControlLabel="#{bundle.geralParar}"
     stopEntryControlLabel="#{bundle.geralParar}"
     transferErrorLabel="#{bundle.geralErroNaTransferenciaDoArquivo}" /> Any idea?
Thanks in advance.

Hi, BalusC. Thanks for your reply.
I already tried that. I put a navigation-rule in faces-config.xml to the same page of the rich:fileUpload, but the rich:fileUpload component doesn't starts a get or a post request. So the navigation-rule is ignored and the page wasn't rendered again.
I also tried to put the <a4j:support ...> in the rich:fileUpload to re-render the <h:messages ...> component, but didn't work too. The <h:messages ...> wasn't re-render.
Thanks in advance.
Edited by: reolca on May 10, 2009 5:40 AM

Rules in pfsense config

Similar Messages

Maybe you are looking for