Running Security Manager in System 9

Similar Messages

• Has anyone tried Advanced Security Manager for System 9.0

  Hi All,
  I am having issues with Advanced Security Manager in system 9.0
  I am getting an error "essapin.dll" cannot be found.
  has anyone faced similar issue, if yes, how did you get around with that.
  thanks and regards.

  I got the problem solved.
  essapin.dll was with version 6.5 and from essapin.dll was replaced by essapinu.dll. Advanced Security Manager was searching for essapin.dll.
  I installed client version of 6.5, which got me essapin.dll.
  I am able to export all my filters with ASM now :-)

• Security manager enabled w/o -Djava.security.manager

  Hi all,
  I am facing an issue where java.policy is being enforced w/o a -Djava.security.manager specified on the command line.
  from ps -ef | grep java, I found the java process and it does not have -Djava.security.manager. However, when I modify jdk/jre/lib/security/java.policy, I can see the effect of the security setting when I restart the java process. I scanned through the source code, I do not find any setSecurityManager() API call either.
  Given the above, does anyone have suggestion on how the security manager is enabled in this case?
  Regards,
  Tom

  System.setProperty("java.security.manager","true");
  System.getProperties().setProperty("java.security.manager","true");
  Properties p = System.getProperties();
  p.setProperty("java.security.manager","true");
  // etc

• Specifying system properties/security manager for OC4J

  I have a couple of related questions regarding OC4J/orion.jar:
  1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
  2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
  Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
  rmission java.protocol.handler.pkgs write)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.System.setProperty(Unknown Source)
  at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
  at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
  at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
  So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
  Any help much appreciated.
  ..Hrishi

  Thanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
  So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
  Thanks.
  ..Hrishi
  Hi,
  You can try this :
  - Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
  if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
  - Launch OC4J :
  java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
  OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
  Maher

• What operating system do you need to run AirPort Management Utility v1 ?

  What operating system do you need to run AirPort Management Utility v1 ?
  TIA,
  John.

  Not sure what's not working for you with the AirPort Management Utility, but the following Apple article describes some missing functionality with OS X 10.2.x clients. (ref: http://docs.info.apple.com/article.html?artnum=107940)

• Cannot run Disk Manager in Full System Restore

  Hi,
  I'm trying to do a full client restore of Windows 8.1 with my Windows Server 2012 R2 Essentials (all Windows Updates installed on server), but on the screen where I select source and destination volume, and I click on "Run Disk Manager", I get
  error "Cannot load Microsoft Management Console". Same error occurs whether I start the Full System Restore via network over Client Restore Service, or via USB stick.
  I can think of a workaround to this, but I've used this earlier in previous Essentials/WHS versions and it has worked flawlessly, so I'm wondering if this is some regression in 2012 R2?
  UPDATE: For anyone wondering, the workaround for this was to boot with normal Windows ISO, go to Advanced settings -> Command prompt, and set up the volume using
  diskpart tool. Then going back to Full System Restore, and you can just select the correctly initialized target volume.
  Any comments?

  Hi,
  Few days ago system got in a weird state and had to do a full restore. Enabled network boot from BIOS, connected to Windows Server, chose disks (only restore BIG_SSD, i.e., C:) just normally without need to go to Disk Manager, as backup matched current drive.
  Perhaps the original issue was due to boot partition being on the secondary drive for some reason (drive D:), but I'm not sure if it was indeed the case.
  I have seen it before as well, that restores in Essentials don't work properly if you've chosen only to backup drive C:, but for some reason drive D: is the booting disk (although Windows is on C:). Why has it ended up like that, I don't know, but nowadays
  I always install Windows with just one hard drive connected especially if I want to get reliable backups to Essentials.
  Thank you everyone for feedback, will mark it as solved, although we perhaps got more questions than answers :)

• Rmi with security manager not working in netbeans

  Hello i'm trying to use rmi but get the error java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve) when i run it in netbeans. here is my code
  public static void main(String[] args) {
          if (System.getSecurityManager() == null) {
              System.setSecurityManager(new SecurityManager());
          try {
              String name = "Compute";
              Compute engine = new ComputeEngine();
              Compute stub =
                  (Compute) UnicastRemoteObject.exportObject(engine, 0);
              Registry registry = LocateRegistry.getRegistry();
              registry.rebind(name, stub);
              System.out.println("ComputeEngine bound");
          } catch (Exception e) {
              System.err.println("ComputeEngine exception:");
              e.printStackTrace();
      }It works if i don't have a security manager and it works with a security manager if i don't use netbeans to run it and use the command line. i need to use a secuirty manager because the client code is running in eclipse and it moans that there is no security manager if i run it without one
  this is the error i get when running with no security manager
  java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
       java.lang.ClassNotFoundException: takenoteremote.Compute (no security manager: RMI class loader disabled)
  Please help

  I have sort of got it to work, i took out the security manager and used the code base parameter on the command line, and put my interface into a jar file. I can only get it to work though on the command line, if i run it in netbeans it doesn't find the class in the jar file it needs.
  Any ideas?

• Security manager & mention "Java Applet Window"

  A simple program that displays a frame with one button in it.
  The frame displays, no problem.
  When a security manager is added "System.setSecurityManager(new SecurityManager());"
  and the program is run again a "status bar" is added at the bottom of the frame
  mentioning "Java Applet Window".
  Why is that, and can it be suppressed ? (I am working in JDK 1.4)
  Any tip greatly appreciated

  I was dealing with this myself and just discovered that the adding the following line to my security policy removed the message:
  permission java.awt.AWTPermission "showWindowWithoutWarningBanner";

• Cannot assign custom security manager to repository

  Hello,
  I've been following the details on how to implement a read-only security manager (https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/e2ddd63d-0b01-0010-46bb-e092790068cb) and I have run into the following problem:
  After following the instructions for option B in the document (creating a security manager only) and  deploying my project, the new security manager appears in the list of managers on the admin screen (Content Management -> Repository Managers -> Security Manager) but it is not available in the drop down list of security managers for my repository. Without that entry I cannot apply the new security manager to my repository.
  According to the document, the new security manager should be part of this list but it is not even after I've restarted the J2EE engine.
  The document is dated May 2006 so perhaps there have been some changes to the system that are not covered in the document. We are running NW 7.0 SP14.
  Any help in determining why my custom security manager is not part of the security manager drop down list would be appreciated.

  Ok, after much decompiling and inspection of the standard KM security manager implementations I found the answer to my question.
  Basically I found that the security manager tutorial only applies if you plan on using your custom security manager with your own custom repository manager. You cannot apply a security manager created using that document to a standard KM repository manager.
  In my case I want to apply a custom security manager to a standard KM File System Repository. By inspecting the SFSRepositoryManager.cc.xml file I found the following entry:
  <attribute name="securitymgr.ref" type="ref" refType="/cm/repository_managers/security_managers/SecurityManager" mandatory="false" hotReload="true" />
  The refType value defines which security managers are displayed in the drop down list of available Security Managers at runtime for the repository manager. In order to get a custom security manager to be available you must define the cc.xml for your custom security manager so that it extends "SecurityManager" not "SecurityManagerMi" as the tutorial describes.
  Changing the extension means your security manager implementation must also change so that it extends com.sapportals.wcm.repository.manager.AbstractRepositorySubManager and implements com.sapportals.wcm.repository.manager.ISecurityManager.
  Now if only I could figure out how to reward points to myself .....

• Security Manager and Policy Files

  Hi all,
  I am writing a simple java rmi application, but understand it wont run without a Security Manager installed and a policy file.
  I think I have installed the security manger using the following in the main() method of my client application:
  System.setSecurityManager(new RMISecurityManager());However I am unsure how to use a policy file with this. I have looked on the internet, but it does not seem to be very well documented
  Please could you advise me how to create a policy file that will work for my application and where to place it in my application so that my application can use it.
  Any help would be greatfuly appreciated
  Thanx
  Aaron

  An RMI application doesn't need a security manager unless you are using the codebase feature.

• Cisco Security Manager IOPS for Storage (VM Deployent)

  Hi,
  I've been asked by a client about the Cisco Security Manager requirement to have 1TB of storage for events and another for archiving.
  They wish to know the IOPS requirement for this storage. Please could anyone assist in this ?
  Many thanks,
  Mark                 

  Hi,
  I'm not sure that I can really help you, but I can verify that on my CSM 4.5 server which is running normally, that service has a starup type of automatic and is in the "Started" state.
  You may want to check your system and application event logs to see if there are any messages that could explain why it stopped.
  Regards,
  Matt

• Tomcat50-jwsdp Security Manager and RMI

  I need to know how to configure the Tomcat 5.0 security manager to run RMI applications.
  I'm building a jax-rpc application that uses RMI to access a back-end process.
  I cannot run RMI because no security manager is running:
  java.rmi.RemoteException: java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
       java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
       java.lang.ClassNotFoundException: wxservice.remote.WebService$Listener (no security manager: RMI class loader disabled); nested exception is:
       java.rmi.ServerException: RemoteException occurred in server thread; nested exception is:
       java.rmi.UnmarshalException: error unmarshalling arguments; nested exception is:
       java.lang.ClassNotFoundException: wxservice.remote.WebService$Listener (no security manager: RMI class loader disabled)However, when I try to enable security using the command
  C:\tomcat50-jwsdp\bin\catalina.bat run -securityI get the following exception:
  java.security.AccessControlException: access denied (java.util.PropertyPermission org.apache.commons.launcher.waitForChild read)
          at java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
          at java.security.AccessController.checkPermission(AccessController.java:427)
          at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
          at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1285)
          at java.lang.System.getProperty(System.java:627)
          at org.apache.commons.launcher.ChildMain.run(ChildMain.java:199)Any help would be sincerely appreciated.

  First of all, you don't have to use RMISecurityManager as the security manager at all. It's a legacy class from Java 1.1. times that the RMI tutorials continue to refer to, see this thread:
  http://forum.java.sun.com/thread.jsp?forum=58&thread=161874
  Secondly, it is tricky but Java 2 allows a security manager to be set more than once -- it all depends on whether the currently installed manager allows to be replaced [RuntimePermission("setSecurityManager") permission].
  Finally, if you expect that the user will define a security policy through command line, all you have to do is code something like this:
  if (System.getSecurityManager() == null)
     System.setSecurityManager(your_security_manager);to set yours only when nothing was set on the command line.
  Vlad.

• Disabling the Security Manager

  When the J2EE 1.4 refernce server is running with the Security Manager disabled the web based admin console stops working (some sort of JACC error),although asadmin seems to work fine. Which leads to a few questions :
  1. Is there a way to disable the Security Manager and use the web console ?
  2. Are there other downstream effects to running the server without the Security Manager enabled ? What other features can/will fail?
  Its nice to see Sun putting an emphasis on out of the box security, but using the Security Manager is a real pain during development and is overkill for alot of internal deployments.

  Hi,
  There is no mechanism to disable the SecurityManager in J2EE 1.4. JACC (JSR115) is a new spec that went into 1.4 that allowed for plugging authorization provider in the J2EE. This spec makes it mandatory for us to have the security manager on all the time.
  If you turn off the security manager, the web console should not work properly as it is a web app and has security permissions defined that are interpreted by our JACC provider.
  Downstream effects of running the server with security manager disabled, will mean that all checks that we have as part of the server policy will fail and ofcourse all applications that use authorization checks will fail too.
  We have spent considerable time from this release to improve the performance of the system with the security manager enabled. You should look out for the next release coming out that will have these optimizations.

• Ensuring applications use a Security Manager

  Is it possible to enable the use of a security manager by default for Java applications?
  I understand that I can enable a security manager by using the -Djava.security.manager command-line option to java and javaw. But to utilise that I need to modify all scripts that call java/javaw, and I need to remember to include it when running all future java applications I acquire.
  These are the possibilities I've looked at:
  1. A configuration file that stores default options to those commands (similar to the ide.cfg in Netbeans). To my knowledge this feature doesn't exist.
  2. A configuration file for specifying default system properties (the -D prefix indicates it's a system property to be passed to the VM). Again, to my knowledge such a feature doesn't exist.
  3. An option in the ${java.home}/lib/java.security "master security properties file" which forces security managers by default. I couldn't find any such option. In fact, I couldn't find any solid documentation about this master security properties file on the Java web site. (The only information I found was about the JAAS extensions to this file).
  Any help will be greatly appreciated.
  There are two further options I would like to try, but they are nontrivial.
  A. Move to a Unix-based platform where the java/javaw commands are likely to be implemented as shell scripts to which the default options can readily by added. Or if they are not can be seemlessly replaced with a shell script. (I would really like to do this, I've tried to make the switch thrice in the past but have so far encountered difficulties).
  B. Build new java.exe and javaw.exe executables that invoke the originals (perhaps renamed to java-unsafe.exe) with the required default options (perhaps even reading the options from a text file a la Netbeans).
  Thanks in advance. Hopefully there is something obvious I've overlooked that does this.
  P.-S. I notice another poster raised this issue last year, but it received no replies. That post can be found here:
  http://forum.java.sun.com/thread.jsp?forum=61&thread=301657

  For those following this thread I've managed to make one step towards ensuring that no Java code is run locally without a Security Manager.
  It's an OS-level solution protecting against code run by double-clicking a jar file. (Admittedly this is not something I do often, but it's a start).
  The OS is Windows 2000 Professional. To add this protection, I performed the following steps.
  1. Choose the 'Tools'|'Folder Options...' menu item from within Windows Explorer.
  2. Within the 'File Types' tab, select the 'JAR' extension and click 'Advanced'.
  3. Click 'New...'.
  4. Type something like 'run with manager' in the 'Action' field. Type cmd.exe /c "java.exe -Djava.security.manager -jar "%1" %* & pause.exe" in the other field. Click OK.
  5. Ensure that this 'run with manager' action is the default. (I believe that the 'Set Default' button is supposed to do this. It did not do so for me. On my setup the default action was always the action with the earliest alphabetically-listed name.)
  sudheesh_j: Do you have any recommendations as to how to contact Sun? Should I post a Feature Request, or is there a list or email address that I should contact?

• HP Protecttool Security Manager

  Dear Sir
            i have intalled hp protecttool security manager but it gives compitibality essue error.
  can you please solve my problem or to send me another link of software download for windows 8.1.
  Thank You

  Hi @MF3,
  Thank you for your query.
  I understand that you getting an incompatibility message when trying to install HP Protect Security Manager.
  Please read this post by Advice for asking the "Very Best Question by @ThatGarenGuy
  To begin with I would need more information.
  What is your exact model of HP notebook?
  How Do I Find My Model Number or Product Number?
  What Operating System  are you running?
  Regards
  Sparkles1
  I work on behalf of HP
  Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
  Click the “Kudos, Thumbs Up" on the bottom right to say “Thanks” for helping!