Security and grants OWB 10.2.0.4.36

Similar Messages

• How to revoke and grant permission in java using Security Manager  ??

  I like to revoke and grant permission through java code..can anybody give me a sample code.

  Discussion is here:
  http://forum.java.sun.com/thread.jspa?threadID=731363

• Problem with ADF security and task flow calls

  Hi.
  I am using JDeveloper 11.1.2.0.0.
  I encountered a problem when tried to apply ADF security to my application.
  The way to reproduce the problem:
  1. Create new Fusion Web Application;
  2. Import Business Components from Tables from any existing schema and add at least one table to the ApplicationModule.
  3. Create "welcome page" (for instance, welcome.jsf). Add a button with fixed action outcome "test".
  4. Create test page, for instance, test.jsf. Drag and drop any view object from Data Controls onto the page and create a form with navigation controls. Add a button with fixed action outcome "return".
  5. Create bounded task flow, name it "test", drag and drop our test page on it - the page will be the default activity. Add a task flow return activity. Add a control flow case from the default view activity to the return activity, set From Outcome property to "return". So our return button should cause the task flow to exit.
  6. Open adfc-config.xml in diagram mode and place our welcome page on it. Then drag and drop the test task flow to create a task flow call activity. Add a control flow case from welcome page to task flow call activity, set the From Outcome property to "test". So our test button should call the test task flow.
  7. Configure application to run the unbounded task flow starting with Welcome view activity.
  At this point all works as expected: when application runs, the welcome page is displayed with test button. Pressing the test button results in displaying the test page, return button leads back to the welcome page.
  Now let's configure ADF Security.
  Run the ADF Security configuration wizard, choose ADF Authentication and Authorization.
  On the second page select Form-Based Authentication, check the Generate Default Pages flag.
  On the third page choose No Automatic Grants.
  On the next page keep the Redirect Upon Successful Authentication unchecked. Press Finish.
  Open jazn-data.xml to configure roles, users and resource grants:
  1. Create application role test-role.
  2. Grant the test-role privileges to view the test task flow.
  3. Create user and grant him the test-role.
  Now we have the public available welcome page and the test page with restricted access.
  When application runs, the welcome page is displayed as expected. Pressing the test button redirect us to auto-generated login page. After successful authorization the test page is displayed. But nothing happens if we click now the return button for the first time. When we click the return button once more, the application crushes with Error-500 and message "Target Unreachable, identifier 'bindings' resolved to null". The exact error trace depends on UI control bindings, but looks like this:
  javax.el.PropertyNotFoundException: //C:/Users/DUDKIN/AppData/Roaming/JDeveloper/system11.1.2.0.38.60.17/o.j2ee/drs/Test1/ViewControllerWebApp.war/test.jsf @10,120 value="#{bindings.Id.inputValue}": Target Unreachable, identifier 'bindings' resolved to null
       at com.sun.faces.facelets.el.TagValueExpression.isReadOnly(TagValueExpression.java:122)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:476)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.getReadOnly(EditableValueRenderer.java:390)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.wasSubmitted(EditableValueRenderer.java:345)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.decodeInternal(EditableValueRenderer.java:116)
       at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.decodeInternal(LabeledInputRenderer.java:56)
       at oracle.adf.view.rich.render.RichRenderer.decode(RichRenderer.java:342)
       at org.apache.myfaces.trinidad.render.CoreRenderer.decode(CoreRenderer.java:274)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.__rendererDecode(UIXComponentBase.java:1324)
  (the rest of lines skipped).
  Any suggestions?
  Edited by: user13307311 on Apr 16, 2013 11:39 PM

  @Lovin_JV_941794
  The welcome page is public available since it does not have appropriate PageDef file.
  Login page comes not from the welcome page, it comes after attempt to access the test page. So after the login succeeded the test page appears, because redirect to welcome page after successful login is not configured. I do not need to return the welcome page at this moment, I need to go to the test page.
  It seems the task flow call stack to be destroyed after redirect to login page.
  Edited by: user13307311 on Apr 17, 2013 12:45 AM

• Security And Cryptography

  I'm so much new in Java Card programming and know alittle about security and cryptions in Javacards..
  Would u please help me to start learning in these topics from basic, or introduce any refrences that learns basic security and encrypt & decrypt
  thanks all..
  Kind Regards
  Hana

  This feature is often implemented using a secure channel.
  basically you have to authenticate with the card before being able to acess any data.
  pros:
  avoid internal encryption, which is costly
  allows to authenticate and encrypt the real important thing : communication. The card internals are secure by design: there are light/frequency/temperature sensors to protect from tampering.
  cons:
  i don't know :)
  how does it work? with a shared key and 3 ways handshake.
  (card contains a key that was loaded previously)
  1 host generates a random string H and sends it to the card.
  2 card generates a random string C and sends enc(H) and enc(C)
  host verifies that dec(enc(C))==C This way, we are sure the card knows the same key as us.
  3 host sends enc(H)
  card verifies that dec(enc(H))==H This way the card is sure the host knows the same key as it.
  access to data is granted only if all these steps passes.
  the crypto alg is generally 3DES with 16 bytes keys and 8 byte datablocks, this algo is managed in the card HARDware, so it's fast.
  this sort of process is used in global platform. Read this doc for more information, this is a bible.
  If you use the global platform mechanism, you will get excellent security with few code to write.
  Note that there are many possibilities here, this one is only an example to help you get the idea.

• Security and/or filtering error in data form creation

  Hi,
  I am getting this error when I am trying to preview my data form.
  This is the first time I am creating an application and data form in Hyperion.
  The data form is multicurrency and plan type is Plan1.
  Row:
  Account members: Descendants(Account)
  Column:
  Year:Descendants(FY10)
  Period:Descendants(YearTotal)
  Page Dimension(s)
  Entity:Descendants(Entity)
  Scenario:Current
  Version:BU Version_1
  POV:
  Currency:USD
  Disabled all options in "Other options" and Not selected any business rukes.
  When selecting preview data form I am getting below error:
  Security and/or filtering has resulted in a required dimension not being represented on this data form
  I have not selected any security/filter settings as of now. Please suggest whats causing this.
  Thanks,

  Hi Jake,
  I did what you suggested,but I am still getting same error.
  Here I would like to point out that. I have selected my application to support multicurrency, but 'HSP_RATES' does not come in Dimension selection drop down. I can see 'HSP_RATES' in Performance settings tab, but I cant see it in Dimensions tab or Evaluation order tab.
  Is this causing problem? Should I add it manually?
  Thanks,
  Rajni.

• Securing file download with standard web security and ssl

  Hi,
  I want to put some files for download in my webapp. At the same time, I want to protect these files using standard servlet security and ssl. So I added <security-constraint> in my web.xml and configured tomcat to allow SSL connection. Now I got the files protected as I expected. When I try to access the file directly from browser, tomcat shows me the login page. However, after correct login, I.E. pops up an error saying something like "Internet Explorer cannot download XXX from XXX. The file could not be written to the cache.". The log file showed the following exception:
  javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1154)
       at com.sun.net.ssl.internal.ssl.AppInputStream.available(AppInputStream.java:40)
       at org.apache.tomcat.util.net.TcpConnection.shutdownInput(TcpConnection.java:90)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:752)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526)
       at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
       at java.lang.Thread.run(Thread.java:595)
  Caused by: javax.net.ssl.SSLException: java.net.SocketException: Connection reset by peer: socket write error
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1476)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1443)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1407)
       at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
       at org.apache.coyote.http11.InternalOutputBuffer.realWriteBytes(InternalOutputBuffer.java:747)
       at org.apache.tomcat.util.buf.ByteChunk.flushBuffer(ByteChunk.java:403)
       at org.apache.coyote.http11.InternalOutputBuffer.endRequest(InternalOutputBuffer.java:400)
       at org.apache.coyote.http11.Http11Processor.action(Http11Processor.java:961)
       at org.apache.coyote.Response.action(Response.java:182)
       at org.apache.coyote.Response.finish(Response.java:304)
       at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:281)
       at org.apache.catalina.connector.Response.finishResponse(Response.java:473)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:738)
       ... 4 more
  Caused by: java.net.SocketException: Connection reset by peer: socket write error
       at java.net.SocketOutputStream.socketWrite0(Native Method)
       at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
       at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
       at com.sun.net.ssl.internal.ssl.OutputRecord.writeBuffer(OutputRecord.java:283)
       at com.sun.net.ssl.internal.ssl.OutputRecord.write(OutputRecord.java:272)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:663)
       at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
       ... 15 more
  I've tried separating concerns, for example protect files but not require SSL, and enable SSL but do not protect files. Both works respectively but not together. I also tried using a download4j's DownloadServlet. Still doesn't work.
  Have any of you encouter the same situation? If so, could you enlight me what I did wrong? It maybe just a simple SSL configuration or something. Thanks in advance!
  Jack

  My environment setup is:
  JDK 1.5.01
  Tomcat 5.5.7
  For downloading files, I just use plain old <a href> method. I simply right-click the link and choose "save target as...".
  Thanks,
  Jack

• Secure and non-secure access to the web application in one war

  Say we have one web application (in one war) which includes JSP, servlets and the security intercepter. There is one business requirement to have most of the JSP(s) accessed via HTTPS, but a few JSP(S) accessed via HTTP.
  My questions are:
  a. Is this possible, or a reasonable requirement or a good practice?
  b. if yes, what can we do to make it happen in the security intercepter implementation?
  c. If not, what is the technical reasons?
  Thanks much.

  a) Yes its is reasonable and good practive, there is an overhead using https, so you should only encrypt file you need to. When you use an online store, only account details / payments are https, the shop itself is http
  b) I dont really understand your difficulty. You can define a folder as 'secure' and put all your secure pages in this folder, leaving non secure files in a different folder. Whenever a page in the secure folder is accessed, https is automatically invoked.

• After AVG PC Tune up, software update message for security and stability update is available FireFox 3.6.18. Should I Update?

  My Dell laptop (Operating on Windows XP) was hit with multiple viruses - I could not open Mozilla Firefox or any other applications for that matter. After much time and many attempts, I was finally able to install and run an AVG Scan and then an AVG PC Tune up. 4,559 problems found and repaired. After the repairs, I received the following message:
  "Software Update - A security and stability update for Firefox is available: Firefox 3.6.18 - It is strongly recommended that you apply this update for Firefox as soon as possible. - an underlined link reading, "View more information about this update" and then 2 choices - "Ask Later" or "Update Firefox." Since part of the problem was with Firefox and some error messages pointed to that, I'm hesitant to click on any of the three options above. Can you help me to get past this error message, please. I am sending this from my home computer. Thank you. Diane

  Sometimes the updater gets in a funny state - Go to http://www.mozilla.org/en-US/firefox/new/ and download the full installer. Close Firefox and run the installer

• After upgrading to Mountain Lion I am not able to access "security and privacy" button under "system preferences". I like to activate "find my mac" but cannot access privacy setting after upgrade. Kindly advice.

  After upgrading to Mountain Lion I am not able to access "security and privacy" button under "system preferences". I like to activate "find my mac" but cannot access privacy setting after upgrade. Kindly advice.

• I have a 3rd generation iPod Touch and just did the update to IOS 5. Now I can't connect to my Netgear wifi router. My iPhone connects fine along with all of my other laptops etc. I have the router set with WPA-PSK [TKIP] security and an access list.

  I have a 3rd generation iPod Touch and just did the update to IOS 5. Now I can't connect to my Netgear wifi router. My iPhone connects fine along with all of my other laptops etc. I have the router set with WPA-PSK [TKIP] security and an access list. I've confirmed the mac address is included on that list and that the password is correct. Under choses netwrok I select the network and it just goes into a spin. I have tried removing the password and the access list settings and it still will not complete the connection to the router thus no internet access. The routers firmware is also up to date. This thing worked fine before this update and I've already tried to restore from backup. Any ideas or is the wifi nic bad in this thing with the new apple firmware update? Any fix?

  Thanks Bob, I don't know why but it all of a sudden worked a few days later. It's a mystery but at least problem solved.

• System preferences security and privacy is greyed how do i fix it? wifi connection to public not working ether

  system preferences's security and privacy are greyed out and it freezes how do i fix it? and when i try to connect to my school wifi it says that is not connected but it is how do i fix that too?

  Hello NoraV,
  It looks like your Security and Privacy pane is not loading at all, and is making the window unresponsive when you oepn it. I recommend checking your hard drive for errors with the following article:
  Disk Utility 12.x: Repair a disk
  http://support.apple.com/kb/PH5836
  If the issue is not resolved, try performing the steps in this article to boot to Safe Mode, then leave it to retest the issue:
  OS X: What is Safe Boot, Safe Mode?
  http://support.apple.com/kb/ht1564
  Starting up in Safe Mode
  To start up into Safe Mode (to Safe Boot), follow these steps.
  Be sure your Mac is shut down.
  Press the power button.
  Immediately after you hear the startup tone, hold the Shift key.
  The Shift key should be held as soon as possible after the startup tone, but not before the tone.
  Release the Shift key when you see the gray Apple logo and the progress indicator (looks like a spinning gear).
  After the logo appears, you should see a progress bar during startup. This indicates that your computer is performing a directory check as part of Safe Mode.
  To leave Safe Mode, restart your computer without holding any keys during startup.
  Thank you for using Apple Support Communities.
  All the best,
  Sterling

• Any ideas for security and parental control software yet???

  Just received two of the touchpads from the fire sale and gave them to my kids, both under 10.  I am very interested in limiting the sites that can be accessed through the browser, as well as a few other things.  Has anyone found a practical means of doing this?  I'd hate to give up on this and switch it over to Android, especially since there is only Gingerbread available.  But, I just don't know what else I can do about these.  Any ideas? 
  Thanks!
  Post relates to: HP TouchPad (WiFi)

  Please take this post with a grain of salt. I don't claim to be a security and parental control software expert, but I have researched these solutions and have some personal experience with them. That being said, here's some ideas to get you started.
  As speedtouch mentioned, OpenDNS is a fantastic solution for website filtering. They have a great set of filters that can be customized and are one of the easiest systems to set up. Simply install an updater app on one of your desktop computers (or directly on your router if it's supported), configure your router to use their DNS servers, and you're good to go. I personally use this system mysefl and it works really well. The only downside in my experience is that there is not a temporary override system (at least, not in the free version that I use). An example of when this might be handy: my wife goes clothes shopping and looking at new bras. Every once in a while, a perfectly legitimate site might get blocked (in this case, probably something I don't want my kid looking at but perfectly fine for my wife). The option to "temporarily override the block" or "temporarily allow" the site would be nice, but it doesn't exist.
  Another FANTASTIC solution that I've used in the past is the Astaro Security Gateway. They have a free home version of their "Software Appliance" that goes above and beyond OpenDNS. I haven't used it in a while, but when I did it was able to not only filter web sites but also monitor Instant Messaging and other online activites. It's a bit more involved as you need your own hardware (I used an old computer with 2 network cards and stuck it in between my router and my broadband modem), but the results are pretty powerful.
  The downside to all these solutions, however, is that they will only work when the TouchPad is on your network. If they connect to a neighbors network of if the go to a friends house, all of these systems will be moot because they are completely bypassed. The only way to monitor that content from ANY network would be to install an application on the device itself and to my knowledge, none exist.

• Error in Form.  - Security and or filtering has resulted in a Required dim

  Hi,
  When some of our users are trying to access forms, they are getting the error"Security and or filtering has resulted in a Required dimension not being represented on this data form'. How Do i resolve this issue. Do I need to go to the organization dimension and asign secuWe are on Hyperion planning 11.1.1.1.
  Prasad

  It sounds like the issue isn't related to provisioning. Instead, it sounds like a dimensional security issue (security assigned to individual members in your hierarchies). For example, perhaps the user doesn't have access to a particular scenario or entity?
  To edit dimensional security, sign into your Planning app as an administrator. Select <Administration>, <Dimensions>. Click on a member and select the "Assign Access" button. If that button isn't available, it means that security is not turned on for that dimension. To turn security on or off for a given dimension, select that dimension and press the "View" button. You should see a check box to "Apply Security".
  When I'm trying to debug this type of issue, I typically use the native Essbase spreadsheet add-in and Styles. Try to recreate your form in the spreadsheet add-in. Use the exact same members. (make sure you're signed in as the user who is having trouble with the form)
  In your Essbase options, select "Use Styles" in the display tab. Then select different styles for read only and read/write. It will quickly become apparent where you have security assigned. Then you go update your security in Planning, refresh, and your user should be able to access the form.
  Hope this helps,
  - Jake
  http://plandemonium.wordpress.com/

• Using AX as wireless router, how to set up w/ security and airtunes on XP

  I previously had a Linksys wireless router. I just purchased an Airport express to use as the wireless router (and remove the Linksys router) as well as use the Airtunes functionality.
  After some trial and error, I have been able to wireless connect my computer to the AX on it's own (the linksys router is now unplugged and out of the equation). I can connect to the internet fine on my PC (XP Pro SP2).
  Trouble is, when I use the Network Setup Assistant, it shows the apple network listed, but it can't connect to it, no matter how many times I try, reboot my machine or reboot the AX. I've tried both the "setting up a new network" and "editing an existing network" option, and in each selection, after a few minutes of trying to connect to the network, I just get a failure message.
  If I try and use the Admin utility, nothing shows up in the left-hand list window, and when I Press re-scan, still nothing shows (it doesn't even appear to scan).
  I'm not sure what I'm doing wrong. I can't find simple instructions on how to set up the AX as the only wireless router for a PC and set up security and Airtunes (I'm assuming enabling airtunes is done in these applications, as I haven't seen anything about that yet either).
  Any ideas on how this is done with a PC? Much thanks!
  Dell 4500 series

  I have found the 'DHCP Reservations' option on the AirPort Extreme to be buggy.  I seem to remember it causing IP conflicts for some reason.  I think what I remember is that if the computer with the reservation was off, and the DHCP server then handed out that IP to another DHCP client, then there would be a conflict when the reserved IP computer was turned back on.  Maybe it was an issue in ealier versions of the AE or OS X as the case may be, and maybe it's been corrected, but I've never bothered using it agian since the method I describe below has always worked without fail.  Also, I'm guessing DHCP Reservations would work fine if one manually enters IPs outside of the DHCP range but in the AE 'DHCP Reservation Setup Assistant' the IP options provided are within the DHCP range which to me makes no sense and increases the potential for IP conflicts.
  Here's what I do to setup a mixed environment of static and dynamic IPs on my network.  It works like a charm and does not require the DHCP server (beyond the distribution of dynamic IPs to hosts using DHCP).
  For machines on my network that are accepting services from the public network, I set them up with static IPs using the 'Manually' option (System Preferences/Network/Ethernet/Configure IPv4).  The settings for 'Router' IP address and 'DNS Server' IP address should both be set with your gateway/router LAN IP).  Use an IP address below or above the DHCP range of adresses (in AE/Internet/DHCP/DHCP Beginning & Ending Address).
  i.e. if my subnet is 10.0.1.1 and my DHCP range is 10.0.1.100 to 10.0.1.150, you could set the static IPs on your local hosts as 10.0.1.x where x = any number from 2 - 99 or from 151 - 200 as an example.
  All other machines and devices that do not require static routing are setup as DHCP clients and get a dynamic IP from the AE.  To me it's a simpler setup though it might take a little extra time to setup initially.
  John

• Hospital management and Grant management addon for SAP B1 2005A / 2007 A

  Dear friends,
  I like to know if any company has made any addon on Hospital management and Grant management for SAP B1 2005 A or SAP B1 2007 A , in english.
  In case anybody know pl provide the info in company website,contact info and some details on add-on features.
  Regards,
  Pankaj Gandhi.

  Hi there,
  Try these guys - I found them on the SSP catalog
  Quintegra Solutions Limited
  they have a certified add-on entitled  "Hospital Management & Information System"
  or
  PT MITRAIS
  http://www.mitrais.com/medical/medicalHospital.asp
  regards,
  Stella (Partner Service Advisor)