Sandbox security denying CFINDEX from indexing a collection (Solr/CF9)

Similar Messages

• CF10 Sandbox Security prevents CFCOLLECTION create from working

  Hello, everyone,
  I've got CF10 installed on my dev system.  I've created several Solr collections.  I have turned on Sandbox Security, and added defined directory permissions for C:/ColdFusion10/cfusion/collections and C:/ColdFusion10/cfusion/jetty folders.  I have edited both paths so that NOTHING is disabled.
  If Sandbox is on and I remove a collection from within CFAdmin, when I try to use the CFCOLLECTION action="create" tag, I get java.io.filePermission "read" access denied messages.
  If I turn off Sandbox, the tag runs fine.
  What else do I need to do in order for CFCOLLECTION action="create" to work while Sandbox is on?
  V/r,
  ^_^

  Hi, Charlie!  Thanks for chiming in.  (Also, sorry for delay in responding..)
  Yes, when the collection is created in CFAdmin, the collection IS creating the folders in C:\ColdFusion10\cfusion\collections.
  When I create them with CFCOLLECTION, I am specifying the same path to the collections folder.
  For the Sandbox, CF10 installs with three items in the Sandbox, already:
  (ColdFusion WEB-INF system directory)
  (ColdFusion CFIDE system directory)
  C:/ColdFusion10/cfusion/wwwroot/
  I have added to this list:
  C:/ColdFusion10/cfusion/jetty/
  C:/ColdFusion10/cfusion/collections/
  For each of the two I added, I edited them both:
  Data Sources - ALL DATASOURCES enabled
  CF Tags - All tags enabled, none disabled
  CF Functions - All functions enabled, none disabled
  Files/Dirs - Each path (with two entries, each: / and /-) set for Read, Write, Delete
  Server/Ports - ALL IP:ports are open, no restrictions
  Others - ALL runtimes enabled, none disabled
  I have gone in to look at the settings for wwwroot.  With one exception, it is identical to the above.  That one exception is that all runtimes (under Others) are disabled, none enabled.
  V/r,
  ^_^

• Sandbox Security Issue (MIDI Not Working In Applet)

  Hi all,
  I'm having problems getting javax.sound.midi to work in a java applet. It works fine when I run the applet from within JGrasp, but when I try to run the applet from an HTML file there is no sound. From what info I've found, it seems like my problem has to do with the sandbox security so the applet is not being able to access the computer's sound card, but I still haven't found a solution or a work around to that problem (after about 2 weeks worth of searching). The world of applet security is all new territory for me.
  I am running the html file off of my hard drive and I have my test program's class file in the same directory. I have tried both firefox and internet explorer web browsers (and also did the "allow blocked content" in internet explorer).
  I have no other sound sources playing or paused that would interfere with the web browser playing (it works in JGrasp and immediately after closing JGrasp completely it doesn't work in the web browser).
  Any help help in getting this figured out would be greatly appreciated. An example of an open source MIDI Java applet that I can pick apart to figure out what I need to make this work would be fantastic. Thanks in advance!
  Here are the codes to my test program and HTML file:
  PlayMIDI.html
  <html>
  <body>
  <CENTER><applet code="PlayMIDI.class" width="1000" height="500"></applet></CENTER>
  </body>
  </html>PlayMIDI.java
  import java.awt.*;
  import java.awt.event.*;
  import javax.swing.*;
  import javax.swing.event.*;
  import java.net.*;
  import javax.sound.midi.*;
  public class PlayMIDI extends JApplet
      public void init()
          MIDITest play = new MIDITest(0);
          play.playSong(100);
  class MIDITest
      private final int C4 = 60;                                        // C4 is the note middle C
      private final int MF = Integer.MAX_VALUE / 2;        // MF stands for mezzo forte -- medium loud
      private int iTimbre;                                                 // midi instrument number
      private Synthesizer synth;                                        // get the java synthesizer
      private MidiChannel [] channels;                              // get an array of channels.  This is the number of notes that can sound simultaneously     
      // Creates a midi synthisizer using the supplied instrument "patch".
      //   instrument numbers can vary from 0 to 127
      public MIDITest(int instrumentNumber)
          iTimbre = instrumentNumber;
          try 
          {   synth = MidiSystem.getSynthesizer();                                   //synth = MidiSystem.getSynthesizer();
              synth.open();                                                                           // open the synthesizer
              synth.loadAllInstruments(synth.getDefaultSoundbank());     // make all instruments available
              channels = synth.getChannels();
              channels[0].programChange(0, iTimbre);                                   // set the instrument for the channel 0
          catch (Exception e)
          {  System.out.println(e);
      public void playSong(int tempo)
          int quarter     = 60000;
          int eigth     = 30000;
          int half          = 120000;
          int whole     = 240000;
          int D4 = C4 + 2;
          int E4 = C4 + 4;
          int G4 = C4 + 7;
          int A4 = C4 + 9;
          int B4 = C4 + 11;
          try
          {   channels[0].noteOn(E4, MF);                         // start the instrument on channel 0 sounding
              channels[0].noteOn(B4, MF);
              channels[0].noteOn(G4, MF);
              channels[0].noteOn(D4, MF);
              Thread.sleep(whole / tempo);                         // sleep causes the program to wait the given number of milliseconds
              channels[0].noteOff(E4, MF);                         // stop the sound on the instrument on channel 0
              channels[0].noteOff(B4, MF);
              channels[0].noteOff(G4, MF);
              channels[0].noteOff(D4, MF);
          catch (Exception e)
          {   System.out.println(e);
  }

  Hi ejp, thanks for the reply.
  I did some searching for applet signing and I found this:
  http://www.brendonwilson.com/projects/signed-java/
  "+Developers should be warned that signing alone is not enough to enable their Java applets to access resources normally restricted by the Java sandbox. Although signing provides proof of the integrity of the applet and validation of the author’s identity through trust-heirarchies, developers must also make use of the browser-dependent APIs to request permission from the user to perform restricted activities.+"
  So am I going to have to do ask permission from each browser in order to get access to the sound card for the MIDI to play or will the MIDI work without that?
  Also, I found this tutorial on signing applets. Does this look like a good one?
  http://www-personal.umich.edu/~lsiden/tutorials/signed-applet/signed-applet.html
  Thanks again,
  -tkr

• Sandbox security error

  how do i avoid sandbox security error
  i try to read data from other website that isn't my own
  i got this error:
  securityError no controlado: text=Error #2048: Violación
  de la seguridad Sandbox: SMSinfo.swf cannot read from
  http://jack.xtremdesign.net/SMSInfo/config.xml.
  src="/webforums/forum/images/i/expressions/face-icon-small-confused.gif"
  border="0">

  The crossdomain file must go on the server serving the data
  you are trying toaccess, not on your server.
  If this is not possible, then you must make this call from a
  server, instead of the Flex client. This is called using a proxy,
  and no, you can't just set that property on the dataservice tag.
  Search google for some pre-built proxy code.
  Tracy

• Flex/Flash Sandbox security

  I am a new Flex user and have encountered a security problem
  with loading existing flash movies from my Flex Builder
  application. The flash movie in question loads additional movie
  clips at execution time. My flex app uses network services such as
  HTTPService.
  When the flash movie Publish Settings are set to "access
  network only" the flex app runs but the flash created movie is
  unable to load the additional movie clips from the local file
  system. When the flash movie is set to "access local files only" I
  get a sandbox security error flom flashplayer.
  How can I fix this problem? is there anyway to configure the
  flex app to use network services and allow called flash created
  movies to movie load clips from the local file system?
  We're talking Flex 3, Flash 8 and Flashplayer 9
  Any help would be appreciated.

  Hmmm... May need to use AIR, or else upload those local
  assets to server then download. Strange but maybe this is
  so.

• Access security denied user.dir and jaxp.debug

  Hi all,
  I have a big problem. I must provide an applet at lots of clients but I can't set their java.policy file.
  The process must be transparency of them.
  Then I can't use signed applet.
  When I launch my applet, I have a exception :
  access security denied user.dir and jaxp.debug
  My exception came when I use the class XPathAPI from jakarta.
  Thanks.

  Did you ever find a solution? I am having the same problem and would really appreciate any help that you can give.
  Thanks in advance.

• Error while invoking a WS-Security secured web service from Oracle BPEL..

  Hi ,
  We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0).
  For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl/blog/1607/how-to-call-a-ws-security-secured-web-service-from-oracle-bpel]
  but sttill,after deploying it and passing values in it,we are getting the following error on the console :-
  &ldquo;Header [http://schemas.xmlsoap.org/ws/2004/08/addressing:Action] for ultimate recipient is required but not present in the message&rdquo;
  Any pointers in this regard will be highly appreciated.
  Thanks,
  Saurabh

  Hi James,
  Thanks for the quick reply.
  We've tried to call that web service from an HTML designed in Visual Studios with the same username and password and its working fine.
  But on the BPEL console, we are getting the error as mentioned.
  Also if you can tell me how to set the user name and password in the header of the parter link.I could not find how to do it.
  Thanks,
  Saurabh

• Calling secured web service from Pl SQL

  Hi
  I am trying to call a secured web service from pl/sql using utl_http.
  Is there a sample pl/sql program that i can refer to call a secured web service.
  sample soap header that am trying to acheive.
  <soap:Header>
  <wsa:Action>http://myactaction</wsa:Action>
  <wsa:MessageID>uuid:asdfadrewrwqr</wsa:MessageID>
  <wsa:ReplyTo>
  <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
  </wsa:ReplyTo>
  <wsa:To>http://myact</wsa:To>
  <wsse:Security soap:mustUnderstand="1">
  <wsse:UsernameToken wsu:Id="SecurityToken-321321">
  <wsse:Username>mordfsafsdae</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">werwqrewrwe</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  Thanks a ton in advance

  Hi,
  On way we can call a web service is to pass the Web Service URL to UTL_HTTP package:
  Sample Web Service URL
  ===================
  lv_url :=
  'http://67.97.189.151:8888/plsqlsample/dbfunc?invoke=placeOrder'
  || '&'
  || 'param0=1'
  || '&'
  || 'param1=1'
  || '&'
  || 'param2=1';
  Sample Call using UTL_HTTP
  =====================
  SELECT UTL_HTTP.request (lv_url)
  INTO lv_result
  FROM DUAL;
  Thank you.
  Regards,
  Balu

• Error when trying to access a secured web service from Forms 10g 10.1.2.3

  Hello,
  I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
  java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
  javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
  DECLARE
  jo ora_java.jobject;
  pdfObject ora_java.jobject;
  pdf     varchar2(900);
  rv varchar2(100);
  ex ora_java.jobject;
  BEGIN
  JO := SEARCHSOAPCLIENT.new;
  SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
  SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
  pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
  pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
  message(pdf);
  message(' ');
  EXCEPTION
  WHEN ORA_JAVA.JAVA_ERROR then
  message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
  WHEN ORA_JAVA.EXCEPTION_THROWN then
  ex := ORA_JAVA.LAST_EXCEPTION;
  :error := Exception_.toString(ex);
  END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
  import oracle.webservices.transport.ClientTransport;
  import oracle.webservices.OracleStub;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Stub;
  public class SearchSoapClient {
      private webservicesproxywebcontent.proxy.SearchSoap _port;
      public SearchSoapClient() throws Exception {
          ServiceFactory factory = ServiceFactory.newInstance();
          _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
          this.setUsername("weblogic");
          this.setPassword("welcome1");
          System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
       * @param args
      public static void main(String[] args) {
          try {
              webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
              System.out.println("calling " + myPort.getEndpoint());
          } catch (Exception ex) {
              ex.printStackTrace();
       * delegate all operations to the underlying implementation class.
      public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
          return _port.quickSearch(queryText, extraProps);
      }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
  Kind Regards
  Carlos

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Cannot secure delete items from trash: 180 items (pictures, files, folders) remain even if I check "remove all items"

  I cannot secure delete items from trash: 180 items (pictures, files, folders) remain even if I check "remove all items".  Macbook Pro, 10.6.8

  Maybe the items are locked.
  Mac OS X 10.6 Help: Shortcuts for working with items in the Finder
  Shortcuts for working with items in the Finder Command (⌘)-Shift-DeleteEmpty the Trash without any warning or when it contains locked filesCommand (⌘)-Shift-Option-Delete
  http://docs.info.apple.com/article.html?path=Mac/10.6/en/cdb_cpmvfky.html

• Can Someone Tell me how to Secure my webpage from Copying? Thanks!

  I am new to iweb and .mac. I have just punished my first page to my .web account. It has some family photos on it. How do I make it so that people cannot do a "save as" and copy the pictures that are on the web page?
  Thanks for your help,
  Steve.

  You cannot secure your images from copying; taking a screenshot will bypass any protection mechanism you can implement. If you want to disable only the Save As option, setting the pictures as background images may work. You may want to create a watermark on the posted images.
  (27183)

• How can I safely and securely get files from my mac.

  I want something like LogMeIn Pro but for free. ther is a free version it DOES support mac BUT not gettong files. I want to be able to securely get files from my mac from school or anywhere whitout paying!!
  I HAVE had a look on google, no help.

  Try versiontracker.com

• Getting a single value from an array collection

  I have an array collection that was created from an XML file
  through the HTTP Service. One of the nodes in the XML file was
  product_number and I can display all of the items in this node in a
  datagrid so I know the array has the name of the node in it.
  I would like to be able to retrieve a single item from the
  array collection (e.g. a product_number = to xxx) and assign it to
  a variable.
  I would also like to be able to assign all the items in a
  particlur column (e.g. all product_numbers) to separate variables
  at the same time.
  Any help would be greatly appreciated.

  You can apply a filterFunction.
  Or you can do it the brute force way: loop over the elements,
  and test for the value you want.
  As far as putting values into variables, I am not sure what
  you want.
  And this is not a Flex Builder question and should go in the
  General Discussion forum.
  Tracy

• Unable to consume secured Web service from a Dynpro application

  Hello,
  I have followed <a href="http://help.sap.com/saphelp_nw04/helpdata/en/c3/bac36a469e4c75aba646077e71516d/frameset.htm">this tutorial</a>
  in order to protect and consume a secured Web service from a Dynpro application using SAP logon ticket.
  The problem is that after implementing everything needed I  receive 401 Unauthorized when I am trying to consume it from the web dynpro side.
  If I manually transfer the request the credentials, before the execute i.e:
  modObj._setUser
  modObj._setPassword
  modObj.execute();
  I am able to call it, meaning the dynpro application doesn't transfer these credentials to the Webservice even though it's authentication property is set to true.
  Any idea how to solve it?
  Roy
  Message was edited by:
          Roy Cohen

  Try below steps
  • Add jars
  o security.class
  o tc/sec/destinations/interface
  • Setting WebDynpro project property
  o Project>Properties>Web Dynpro References-->Interface references
  &#61607; Name=tcsecdestinations~interface
  o Project>Properties>Web Dynpro References-->Service reference
  &#61607; Name=webservices
  &#61607; Name=tcsecdestinations~service
  • Dynamically Set httpdestination and Call web service
  final InitialContext ctx = new InitialContext();
  final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);
  if (dstService== null)
  throw new NamingException ("Destination service not available");
  final Destination destination = dstService.getDestination("HTTP"," DestinationName");
  // getting user name
  Properties destprop = destination.getDestinationProperties();
  String username = destprop.getProperty("USERNAME");
  String password = destprop.getProperty("PASSWORD");
  final HTTPDestination httpDestination = (HTTPDestination) destination;
  HttpURLConnection httpConnection = httpDestination.getURLConnection();
  String httpURL = String.valueOf(httpConnection.getURL());
  Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();
  obj._setUser( user );
  obj._setPassword(pass);
  obj._setEndPoint(httpURL);
  obj.execute();
  Rahul

• Converting from indexed color to grayscale no longer works in CS4

  I have a number of files to convert from indexed colors to grayscale. Did some but clicked "don't show me again" box on the Discard Colors warning. Now I can't make the conversion. Everything looks fine, but when I close file, then reopen, it's reverted to indexed colors - restarting Photoshop or the computer doesn't help.
  I'd appreciate any help....Thanks, Grant

  Grant,
  All your contact information is posted to the web. These forums are crawled by bots harvesting info.
  I don't think you want additional junk mail, unsolicited phone call scams, and possible attempts to crack your website, do you?
  People here recommend not to post contact info. Perhaps a forum moderator can remove your personal info, but you might be able to edit your post yourself.
  GIF only uses indexed color mode, So if you want your files to NOT be in the Indexed Color mode you need to save them as another file format like .png or .jpg