Secure map rendering and the tile server
Hi all,
The demos for secure map rendering that I've seen e.g. mapviewer.ear/web.war/demo/secure-mapping.html involve sending an XML map request directly to mapviewer, and they work OK.
However when I use a MVMapView JavaScript object and just pull back map tiles (no FOI), I see clear_user() being called but not set_user(). In other words my tiles are not being built securely. I don't see anything in the debug listing the values of cookies. Before I dig any deeper is secure map rendering expected to work with the tile server? Does the tile server know in such a case not to cache the tiles since one user's tile may contain different information than another user's view of the same tile?
When pulling back FOIs with a MVMapView I do see debug info about the values of cookies, and the username is stated correctly in the debug. But still set_user() is not called! I'm sure that at least FOIs should be queried securely???
BTW this is MapViewer 11gR1.
Thanks
Al
Currently users and roles are not used when rendering tiles.
Similar Messages
-
Secure Map Rendering on Javabean based API
Hi,
I need to apply secure mapping functionality using Mapviewer’s JavaBean based API. I’ve created a secure data source by adding the plsql_package="web_user_info" statement on the data source definition. For testing purposes I’ve used mvdemo data set and followed the steps of Secure Map Rendering Demo. I created "web_user_info" package on mvdemo schema as well as a view on CUSTOMERS table (create or replace view customers_view as select * from customers where account_mgr = web_user_info.get_user) and a geometry theme: mycystomers on that view.
I also added the appropriate authenticated web users to the OC4J container(e.g. alex) and assigned them the "users" role.
Finally I included the relative path of JSP Demo (with mapclient lib) that resides at http://server:port/mapviewer/demo/mapinit.jsp to the <security-constraint> element of web.xml file so that the data source can get the web user name from J2EE user:
<!-- For Secure Map Rendering demos only -->
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure mapping demo page</web-resource-name>
<description>MapViewer secure map rendering demo</description>
<url-pattern>/demo/secure-mapping.html</url-pattern>
<url-pattern>/demo/mapinit.jsp</url-pattern>
<url-pattern>/demo/map.jsp</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>secure_maps_role</role-name>
</auth-constraint>
</security-constraint>
After authenticating to the http://server:port/mapviewer/demo/mapinit.jsp JSP demo through mapviewer's login page that was automatically generated because of the security-constraint, I filled in the required fields asking for base map: demo_map. I also modified "demo_map" by adding "mycustomers" theme to it. Unlike Oracle Maps Map Rendering Demo (http://server:port/mapviewer/demo/secure-mapping.html) that displays only those customers that belong to the authenticated user, the generated map does not display any customer data at all.
Does Secure Map Rendering Demo apply just for the Oracle Maps Javascript API and the XML API or is there any other parameter that I’m missing and needs to be configured in order for it to run for the JavaBean based API as well?
Any help on the above matter would be really appreciated.
Thanks in advance.Hi,
The reason the JSP files did not show the secured customers, is because while you authenticated to the J2EE server when accessing these JSP files, the JSP file themselves did not authenticate to the J2EE server. In other words, there are two sessions involved. One session is between your browser and the J2EE server, which contains the authenticated user ID. This session is initiated when you try to open the mapinit.jsp page.
The other session is established when the JSP page (map.jsp) opens a new HTTP Connection to the server to send the XML map request generated from various JavaBean API calls. To be more specific, when the JSP page invokes MapViewer.run(), this method internally gathers all the themes/basemaps you have added to the client handle, then constructs a single XML map request out of these pieces of information. It then opens a HTTP connection back to the same server to send the XML doc to mapviewer for processing. The problem is that to the J2EE server this is a new session (initiated by map.jsp), and it does not contain any authentication info.
Because currently the JavaBean API does not support setting a cookie or user credential directly on its internal Http connections, there seems to be no easy work around for this issue for now. Please contact us offline if you would like to open an enhancement request.
Thanks
LJ -
Where can I find the file where the static mapping allocations of the DHCP server are stored?
In our company we are using DHCP to assign static ip addresses to our clients.
Now we are forced to change the ip address range. To prevent changing each allocation
of mac-address to ip-address manually with the admin tool i would like to change the allocation
in the file where the allocations are saved. The reason ist that i just have to use copy & paste for all
the allocations.
So how is the file named and where can I find the file where
the static mapping allocations of the DHCP server are stored? Is it just an ASCII file?
Must i note anything when i change the file manually?From man bootpd:
BOOTP/DHCP STATIC BINDINGS
Static IP address to ethernet address bindings are stored in the /etc/bootptab file and in Open Directory. Bindings specified in the /etc/bootptab file take precedence over those in Open Directory.
See bootptab(5) for more information about the /etc/bootptab file.
For Open Directory, bootpd looks at the /Computers records for the following properties:
/etc/bootptab is a standard text file, while the records in Open Directory can be manipulated either through the command line, or via Workgroup Manager. -
Is it more secure to turn off the DHCP server in router?
I read that it is more securer to turn off the DHCP server in the router?
Is this true?If you google the question you'll find articles claiming that disabling autmatic DHCP makes a router more secure. For example: http://netsecurity.about.com/od/quicktip1/qt/qtwifistaticip.htm
On the other hand, there are articles debunking this (and other ideas) as myths:
http://www.zdnet.com/blog/ou/the-six-dumbest-ways-to-secure-a-wireless-lan/43 -
I am facing a strange problem on new iphone 5 that I bought last week. The maps app and the places in photo gallery shows the pin and my location, however there is no information of locations. Tried to close the apps, phone restart, reset etc. I am accessing it via strong wireless connection and it works fine on other devices. Please help.
zapgrap wrote:
there is no information of locations.
Then no information exists. Use the Report a Problem button within the app to report it. -
I have two apple ID's but cannot remember the security question answers and the email address is no longer active - how can I access this account as it seems to be the one my icloud space is attached to. I haven't backed up my ipad or photos for a while.
Security questions:
https://discussions.apple.com/docs/DOC-4551
http://support.apple.com/kb/HT5312
If you don’t know your security questions, phone Apple (using the number listed here: http://support.apple.com/kb/HE57 ) and ask for the Account Security Team.
About 2-step verification of your Apple ID:
http://support.apple.com/kb/ht5570
This is also useful:
http://www.macworld.co.uk/ipad-iphone/news/?newsid=3463233&olo=email -
The error below makes absolutely no sense! I'm using Enterprise Core...yet I'm being told I can't use remote data sources:
w3wp!library!8!03/05/2015-19:08:48:: i INFO: Catalog SQL Server Edition = EnterpriseCore
w3wp!library!8!03/05/2015-19:08:48:: e ERROR: Throwing Microsoft.ReportingServices.Diagnostics.Utilities.OperationNotSupportedException: , Microsoft.ReportingServices.Diagnostics.Utilities.OperationNotSupportedException: The feature: "The edition of Reporting
Services that you are using requires that you use local SQL Server relational databases for report data sources and the report server database." is not supported in this edition of Reporting Services.;
Really? This totally contradicts the documentation found here:
https://msdn.microsoft.com/en-us/library/ms157285(v=sql.110).aspx
That article says remote connections are completely supported.
ARGH! Why does this have to be so difficult to setup?!?Hi jeffoliver1000,
According to your description, you are using Enterprise Core edition and you are prompted that you can’t use remote data sources.
In your scenario, we neither ignore your point nor be doubt with what you say. But actually we have met the case before that even though the SQL Server engine is Enterprise but the reporting services is still standard. So I would recommend you to find the
actual edition of reporting services you are using. You can find Reporting Services starting SKU in the Reporting Service logs ( default location: C:\Program Files\Microsoft SQL Server\<instance name>\Reporting Services\LogFiles). For more information,
please refer to the similar thread below:
https://social.technet.microsoft.com/Forums/en-US/f98c2f3e-1a30-4993-ab41-acbc5014f92e/data-driven-subscription-button-not-displayed?forum=sqlreportingservices
By the way, have you installed the other SQL Server edition before?
Best regards,
Qiuyun Yu
Qiuyun Yu
TechNet Community Support -
The lease timeout between avaiability group and the Windows Server Failover Cluster has expired
Hi,
I am having some issues where I get a lease timeout from time to time. I have a Windows 2012 Failover Cluster with 2 nodes and 2 SQL 2012 Always-on Availability Groups. Both nodes
are a physical machines and each node is the primary for an AG.
From what I understand if
the HealhCheckTimeout
is exceeded without the signal exchange the lease is declared 'expired' and the SQL Server resource dll reports that the SQL Server availability group no longer 'looks alive' to the Windows cluster manager. Here are the properties I have setup
which are the default settings:
LeaseTimeout - 20000
HealthCheckTimeout - 30000
VerboseLoging - 0>
FailureConditionLevel – 3
Here are the events that occur in the Application Event Viewer:
Event ID 19407:
The lease between availability group 'AG_NAME' and the Windows Server Failover Cluster has expired. A connectivity issue occurred between the instance of SQL Server and the Windows Server Failover
Cluster. To determine whether the availability group is failing over correctly, check the corresponding availability group resource in the Windows Server Failover Cluster.
Event ID 35285:
The recovery LSN (120881:37533:1) was identified for the database with ID 32. This is an informational message only. No user action is required.
SQl server logs are too long to post in this box but I can send them if you request.
The AG is setup to failover automatically but it did not failover. I am trying to figure out why the lease timed out. Thanks.From what I've been able to find out, this is due to an issue with the procedure sp_server_diagnostics. It sounds like the cluster is expecting this procedure to regularly log good status "Clean" in the log files, but the procedure is designed not
to flood the logs with "Clean" messages, so only reports changes, and does not make an entry when the last status was "Clean" and the current status is "Clean". The result is that the cluster looks to be unresponsive. However, once it initiates
the failover, the primary machine responds, since it was never really down, and the failover operation stops.
The end result is that there really never is a failover, but the database becomes unavailable for a few minutes while this is resolved.
I'm going to try setting the cluster's failure condition level to 2 (instead of 3) and see if that prevents the down time.
blogs.msdn.com/b/sql_pfe_blog/archive/2013/04/08/sql-2012-alwayson-availability-groups-automatic-failover-doesn-t-occur-or-does-it-a-look-at-the-logs.aspx -
How to bind the java client stub and the C++ server's skeleton?
hi, i'm currently working on a project which a java client invoke a C++ object.
i've wrote the idl and compile it using idl2cpp and a object is created.
then i try to compile my java client using vbjc Client. it was done without errors.
but when i try to run the client (after i run the smart agent and the C++ server) using vbj Client, it promts error which fail to load the class Client.java
and i've try to run my java client using jre (java Client), the program throws exception --> org.omg.CORBA.BAD_PARAM: minor code: 0 completed: No
so, wat's wrong with my codes actually??
it's urgent and i really need you all's help...
thanks a lot...below is my code:
TimeObject.cpp (C++ server)
#include "TimeImpl.h"
// USE_STD_NS is a define setup by VisiBroker to use the std namespace
USE_STD_NS
int main(int argc, char* const* argv)
try {
// Initialize the ORB.
CORBA::ORB_ptr orb = CORBA::ORB_init(argc, argv);
/* // Initialize the BOA
CORBA::BOA_ptr boa = orb->BOA_init(argc, argv);
// Create the Time object
POA_Time::TimeSetting timesetting = new TimeSettingImpl("My TimeSetting");
// Export the newly created object
boa->obj_is_ready(timesetting);
// Ready to service requests
boa->impl_is_ready(); */
// get a reference to the root POA
CORBA::Object_var obj = orb->resolve_initial_references("RootPOA");
PortableServer::POA_var rootPOA = PortableServer::POA::_narrow(obj);
CORBA::PolicyList policies;
policies.length(1);
policies[(CORBA::ULong)0] = rootPOA->create_lifespan_policy(
PortableServer::PERSISTENT);
// get the POA Manager
PortableServer::POAManager_var poa_manager = rootPOA->the_POAManager();
// Create myPOA with the right policies
PortableServer::POA_var myPOA = rootPOA->create_POA("sntp_poa",
poa_manager,
policies);
// Create the servant
TimeSettingImpl timeServant;
// Decide on the ID for the servant
PortableServer::ObjectId_var managerId =
PortableServer::string_to_ObjectId("TimeManager");
// Activate the servant with the ID on myPOA
myPOA->activate_object_with_id(managerId, &timeServant);
// Activate the POA Manager
poa_manager->activate();
CORBA::Object_var reference = myPOA->servant_to_reference(&timeServant);
cout << reference << " is ready" << endl;
// Wait for incoming requests
orb->run();
catch(const CORBA::Exception& e) {
cerr << e << endl;
return 1;
return 0;
Client.java:
import java.net.*;
import java.io.*;
import java.util.*;
import java.lang.*;
public class Client
public static void main(String args[]) throws IOException, InterruptedException
try
// Initialize the ORB
System.out.println("Initializing the ORB");
org.omg.CORBA.ORB orb = org.omg.CORBA.ORB.init(args, null);
// Get the manager Id
byte[] managerId = "TimeManager".getBytes();
System.out.println("get the manager id");
// Locate an account manager. Give the full POA name and the servant ID.
Time.TimeSetting time =
Time.TimeSettingHelper.bind(orb, "/sntp_poa", managerId);
System.out.println("bind the object");
// Bind to the TimeSetting Object
//System.out.println("Binding to TimeSetting Object");
//Time.TimeSetting time = Time.TimeSettingHelper.bind(orb, "My TimeSetting");
SntpClient client = new SntpClient();
long Offset = client.synchronizeTime();
// Set offset
System.out.println("Setting offset to" + Offset);
time.offset((long)Offset);
// Set the system time
System.out.println("Setting system time");
time.SetTime();
} catch (org.omg.CORBA.SystemException e)
System.out.println("System Exception");
System.err.println(e); -
I can't remember my security question answers and the recovery email never comes.
Alternatives for Help Resetting Security Questions and Rescue Mail
1. Apple ID- All about Apple ID security questions.
2. Rescue email address and how to reset Apple ID security questions
3. Apple ID- Contacting Apple for help with Apple ID account security.
4. Fill out and submit this form. Select the topic, Account Security.
5. Call Apple Customer Service: Contacting Apple for support in your
country and ask to speak to Account Security.
How to Manage your Apple ID: Manage My Apple ID -
I forgot my security question answers and the info apple gave to me didn't help, how do I reset them, I also don't want to call them?
From http://support.apple.com/kb/HT5665 :
If you have three security questions and a rescue email address
sign in to My Apple ID and select the Password and Security tab to send an email to your rescue email address to reset your security questions and answers (the steps half-way down that page should give you a reset link)
If you have one security question and you know your Apple ID passwordsign in to My Apple ID and select the Password and Security tab to reset your security question.
If you have one security question, but don't remember your Apple ID passwordcontact Apple Support for assistance. Learn more about creating a temporary support PIN to help Apple confirm your identity when you contact Apple Support.
If you can’t reset them via the above instructions (you won't be able to add a rescue email address until you can answer your questions) then you will need to contact iTunes Support / Apple in your country to get the questions reset - which is likely to be by phone as they need to confirm your id and that it's your account.
Contacting Apple about account security : http://support.apple.com/kb/HT5699
When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312 -
Guys, I have forgotten my security question answers, and the rescue email I placed in with my apple id has been closed down as well (it was a university id, when I graduated, the email service expired). I need help changing my password.
The Three Best Alternatives for Security Questions and Rescue Mail
1. Use Apple's Express Lane.
Go to https://expresslane.apple.com ; click 'See all products and services' at the
bottom of the page. In the next page click 'More Products and Services, then
'Apple ID'. In the next page select 'Other Apple ID Topics' then 'Forgotten Apple
ID security questions' and click 'Continue'.
2. Call Apple Support in your country: Customer Service: Contact Apple support.
3. Rescue email address and how to reset Apple ID security questions.
A substitute for using the security questions is to use 2-step verification:
Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID. -
Hi Experts,
I cannot send attachment beyond 1.5 MB, the MaxFileSize parameter is already set to 6 MB and the exchange server's limit is
10 MB.
What could be the issue?
aaBut I am able to send the same attachment from my web browser
aa
I am not expert in Exchange but web browser may not be using SMTP protocol? Check with your SMTP/Exchange Admin about "4.3.1 Message size exceeds fixed maximum message size"
4.3.1 is response from the server.
Balmukund Lakhani
Please mark solved if I've answered your question, vote for it as helpful to help other users find a solution quicker
This posting is provided "AS IS" with no warranties, and confers no rights.
My Blog |
Team Blog | @Twitter
| Facebook
Author: SQL Server 2012 AlwaysOn -
Paperback, Kindle -
Jbuilder 6 and the J2EE server.
I love Jbuilder and I have been using the J2EE Server(Through the Forte Ide) to develop a few J2EE applications. Is it possible to develop and deploy J2EE applications using only Jbuilder6 and the J2EE server.
NB: Applications are for educational purposes.I'm presently trying to get the Java Pet Store demo
http://interstagedemo.fs.fujitsu.com:8000/petstore/index.jsp
working in JBuilder 7 Enterprise, and I've made at least some headway (some of the JPS 1.3_01 source files aren't in the right subdirectories- per their package declarations- which I've reported to Sun and which they've promised to fix in v1.3_02). JPS works out-of-the-box with the Cloudscape database that's distributed with J2EE v1.3, but at the moment, I can't figure out how to make the JPS connect to Cloudscape through JBuilder.
Borland has their own J2EE server/container, and in fact I just received their 60-day trial on 2 CDs today ("Borland Solution for Java Trial" $19.90 US including shipping; includes JBuilder 7 Enterprise 30-day trial):
http://shop.borland.com/dr/v2/ec_MAIN.Entry10?V1=396710&PN=1&SP=10023&xid=39696&DSP=&CUR=840&PGRP=0&CACHE_ID=0
BES (Borland Enterprise Server) claims to be well-integrated with JBuilder, so it may be a better bet than trying to use the freebie J2EE server, at least to start off with. -
I forgot security question answer , and the link of reset don't appear
i forgot security question answer , and the link of reset don't appear
How to reset your Apple ID security questions.
Go to appleid.apple.com, click on the blue button that says 'Manage Your Apple ID'.
Log in with your Apple ID and password. (If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email)
Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'. This will generate an automated e-mail that will allow you to reset your security questions.
If that doesn't work, or there is no rescue email link available, then click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later.
Next, go to https://getsupport.apple.com
(If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services')
Choose 'More Products & Services', then 'Apple ID'.
A new page will open.
Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
Click the blue 'Continue' button.
Select the contact option that suits your needs best.
Maybe you are looking for
-
I have just requested my ipod nano 1st generation to be replaced using the scheme, i have entered the wrong postcode on the shipping of the replacement box, will it still come to my address? or how can i change it?
-
Checking User rights in CMC 3.2 : How to search for a user ?
Hello, We are in XI 3.2, and the rights applied on Public Folders are based on user groups, not individuals (hopefully). In the CMC, when we want, for support purpose, to check what is the results of these rights for a given user, the "Select" panel
-
Nodes unavailable for selection from the OUI Node Selection screen
After successfully installing the grid infrastructure, The second node is not available fr selection while installing the database software.I am installing Release 11.2.0.1 on OEL 5.8 running on Esxi. These are two nodes And am using /etc/hosts file
-
Cant open PS Elements 5.0 or catalog
This has been an intermittent problem. I can't open Elements 5.0. It hangs up when trying to load an old catalog. Is there a way to work around the issue. I only use PSE 5.0 for slide shows, all other work is done in the full version of Photoshop
-
Protecting Photos in IWeb Webpage
Is there additional ways to protect your photos from being downloaded from your webpage other than the Password Inspector button?