Security Principal propagation from Web Server to App Server

Similar Messages

• Accessing Local Interface EJB from Web Container Oracle App Server 9.0.4

  Hi,
  I am developing a struts based small application, which calls a EJB which uses Local Interface from Struts ActionClass.
  I am getting NameNotFoundException. The exact exception is s mentioned below.
  05/03/29 16:15:49 javax.naming.NameNotFoundException: LoginRSL not found
  The deployment descriptors are as mentioned below.
  =============
  ejb-jar.xml
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd">
  <ejb-jar>
  <enterprise-beans>
  <session>
  <description>Session Bean ( Stateless )</description>
  <display-name>LoginRSL</display-name>
  <ejb-name>LoginRSL</ejb-name>
  <local-home>loginApp.model.LoginRHome</local-home>
  <local>loginApp.model.LoginL</local>
  <ejb-class>loginApp.model.LoginRSL</ejb-class>
  <session-type>Stateless</session-type>
  <transaction-type>Container</transaction-type>
  </session>
  </enterprise-beans>
  <relationships/>
  <assembly-descriptor>
  <container-transaction>
  <method>
  <ejb-name>LoginRSL</ejb-name>
  <method-name>*</method-name>
  </method>
  <trans-attribute>Required</trans-attribute>
  </container-transaction>
  </assembly-descriptor>
  </ejb-jar>
  orion-ejb-jar.xml
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <!DOCTYPE orion-ejb-jar PUBLIC "-//Evermind//DTD Enterprise JavaBeans 1.1 runtime//EN" "http://xmlns.oracle.com/ias/dtds/orion-ejb-jar.dtd">
  <orion-ejb-jar>
  <enterprise-beans>
  <session-deployment name="LoginRSL"/>
  </enterprise-beans>
  </orion-ejb-jar>
  I also tried adding following code to web.xml
  web.xml
  <ejb-local-ref>
  <ejb-ref-name>LoginRSL</ejb-ref-name>
  <ejb-ref-type>Session</ejb-ref-type>
  <local-home>LoginRHome</local-home>
  <local>LoginL</local>
  <ejb-link>LoginRSL</ejb-link>
  </ejb-local-ref>
  It is quite evident that it is not able to lookup the JNDI name.
  Can someone throw light on this? If someone has working sample of this, can you mail it to [email protected]?

  Nipun,
  WebLogic and OC4J are not the same thing. That's like saying Oracle and SQL Server are the same thing -- or C++ and Java are the same thing.
  I recall a posting to a forum (don't remember if it was this one), where the poster was complaining that some feature of the application server he had previously used, was not supported by OC4J. Turned out that the feature he was referring to, contradicted the J2EE specification -- which is why it wasn't available in OC4J. In other words, he didn't like the fact that OC4J was more compliant with the J2EE specification than his "other" application server. Go figure!
  So, if you haven't already done so, I suggest you verify that this feature of WebLogic is something that complies with the J2EE specifications -- before expecting OC4J to support the same feature.
  And if it's not clear, from the specifications, then every vendor is free to implement this feature (or not).
  So if it turns out that WebLogic is a more appropriate application server for you -- then why not just stick with it (and forget the others)?
  Good Luck,
  Avi.

• P13N Server and App Server on separate systems - strange ports opened

  Hi -
            We have a configuration using WebLogic Personalization Server 3.1.1 on one
            server and WebLogic Application Server 5.1 w/Service Pack 6 on another
            server. What we've seen with our firewall configuration is that it appears
            there are high-number random ports opened occasionally from the App Server
            to the P13N Server, which d not appear to be related to connection attempts
            (ex: port 42100). The only communication that we know should be happening
            between the two systems are T3-based JNDI lookups, LDAP lookup/update
            requests, and SQL queries. My questions, then, are as follows:
            1) In handling JNDI requests, are there any callbacks that can occur between
            the two servers in this configuration on a different port?
            2) When separating the P13N Server and App Server, are there any "private"
            ports opened between the two systems for management? As far as I know, the
            App Server should simply view the P13N Server as another client, but the
            firewall log would indicate that something is going on related to this.
            If anyone has a similar config and can provide some info related to
            potentially unseen port connections, please let me know. Thanks in advance!
            Andy
            [email protected]
            

  Haakon,
  I think the BPEL forum is the better source to ask
  BPEL
  Frank

• How to track IP's of clients connecting to DB server through Apps Server

  My Application server address is like http://192.220.0.75:7779/forms90/f90servlet form=TEST.fmx&userid=@abc
  I can connect to Apps server from any computer using explorer with this address .
  for auditing when I connect to db server through Apps server then my audit table detect only server IP- 192.220.0.75 each time but when I connect by oracle DS or toad then my audit table detect each computers defferent IP address.
  how can I detect different users and IP addresses connecting to database server using apps server instead of apps server IP?

  You can try to use WebCache event_log, this one will show your clients IP or you can uncomment UseWebCacheIP ON in httpd.conf file, so you ensure that the access_log show the ip of the user and not of the server.
  Greetings.

• Using IIS 5.0 as web server to App Server 8.0 PE

  I am developing a site for a company which has IIS 5.0 as the web server. The sysad there would like to allow only IIS to receive request and hide the App Server internally. I read that one can configure IIS 5.0 to forward request to App Server 7.0. Can you do that in App Server 8.0? How? I have read a post on how to configure Apache to forward request to App Server 8.0 but I don't seem to understand. Sorry, I am very new to the area of App Server and Web server.
  My second question, Are there any advantages of configuring IIS 5.0 to accept request and forward any JSP/Servlet request to AP 8.0? How does the performance of HTTP service of AP 8.0 compared to that of IIS 5.0? Are there any performance or security or other issues associating with this option?
  Cheers,
  Nocell

  you could try this AS7 but it may work, have being looking at how to do this myself
  http://swforum.sun.com/jive/thread.jspa?forumID=114&threadID=19196
  John

• Configure security realm for external Access Manager in App server 8.1

  Hi All,
  I would like to protect my j2ee application using access manager running on an external host.
  I would like to configure the security realm in Sun app Server 8.1 for the external Access Manager
  external host & port of AM is:
  http://svrd234d.dnn.com.au:58765
  Please verify if these are the correct settings for the agentRealm configuration on Sun App server 8.1.
  classname="com.sun.amagent.as.realm.AgentRealm"
  property name="jaas-context" value="agentRealm"
  property name="base-dn" value="ou=People,dc=dnn,dc=com,dc=au"
  property name="hostURL " value="http://svrd234d.dnn.com.au:58765"

  Did you download AS8.1 agent under http://www.sun.com/download/products.xml?id=4266924d?
  If you can unjar am_as81_agent_2_1.jar after installing the J2EE agent, you will find AgentRealm.class under com.sun.amagent.as.realm.
  Please also note that page 161 of J2EE agent guide shows how to disable AgentRealm to better fit your agent policy mode. Check it out http://docs-pdf.sun.com/816-6884-10/816-6884-10.pdf
  Jerry

• Can't play podcast from iPhone 3gs iTunes app: server configuration error?

  so my podcast madness radio streams and downloads fine from a desktop computer.
  but on the iphone 3gs 3.0.1 i get the "server is not correctly configured" error when i try to play the same podcast in the iTunes iPhone app.
  any idea the reason for this?
  thanks!
  - will hall

  Hello Carpathianna,
  No judgment here on the music you listen to, I have that song too in my library. If iTunes is telling you that the song is missing and you purchased it from the iTunes Store, then just delete it from your iTunes library and then download your song again. Check out the articles below for more information.
  How to delete content you've downloaded from the iTunes Store, App Store, iBooks Store, or Mac App Store
  http://support.apple.com/kb/HT5772
  Download past purchases
  http://support.apple.com/kb/HT2519
  Regards,
  -Norm G.

• Migrating from web dynpro java app  nwds 7.0 to nwds 7.3

  Hi,
  is it possible to migrate web dynpro java app developed in nwds 7.0 to nwds 7.3 environment.
  I tried but lots of problem.
  Is there a blog?
  Regards.

  Cemil
  its very much possible to migrate the component to 7,3 platform. SAP NWDS 7,3 provides a migration wizard to help with the migration, after that you need to do some manual adjustments, like changing the deprecated APIs, fixing JAR dependency etc etc..
  Here is a guide on how to do it step by step
  http://help.sap.com/saphelp_nw73/helpdata/en/e9/546e60777641509a5e0dc5cd05675b/frameset.htm
  Hope this helps...

• Security Realm class for agentRealm in Sun App server 8.1

  hi All,
  Can someone tell me what the name of the agentRealm class is for configuring agentRealm in Sun app server 8.1. The Policy agent Guide for App server 7 has it as the following
  <auth-realm name="agentRealm"
  classname="com.sun.amagent.as.realm.AgentRealm">
  But I cannot find this class in the Agent Jars for App server 8.1 Policy Agents 2005 Q1
  Thanks for any help.

  Did you download AS8.1 agent under http://www.sun.com/download/products.xml?id=4266924d?
  If you can unjar am_as81_agent_2_1.jar after installing the J2EE agent, you will find AgentRealm.class under com.sun.amagent.as.realm.
  Please also note that page 161 of J2EE agent guide shows how to disable AgentRealm to better fit your agent policy mode. Check it out http://docs-pdf.sun.com/816-6884-10/816-6884-10.pdf
  Jerry

• Spool to PDF. Approach is Spool- app server then app server to local pdf

  Hello Experts,
  My requirement is: I want to create PDF file from spool number. As my program works in background and FM WS_DOWNLOAD/GUI_DOWNLOAD wonu2019t work in batch mode, I am trying to find its alternative.
  I am tiring to upload the internal table PDF[] return by FM CONVERT_OTFSPOOLJOB_2_PDF to application server. But while writing file in text mode, program dumps as it wont support all characters. Hence I am tiring to write in binary mode. Main problem occurs when I download the file from application server, I want to save that file in PDF format on local machine.
  I am able to download file from app server to local m/c but that pdf file does not open and says conversion problem. I am sure there must be some steps which I am missing. Might be there is some Fm which convert bin to Text/ASCII.
  Can anyone help me this?
  -Shweta

  If you can avoid using the spool and instead use OTF, this may be easier. Sorry if this doesn't apply.
  I tried going from SAPScript to OTF and writing the lines of the PDF table in binary mode but that didn't work for me for some reason.
  data: lv_pdf_file type xstring,
           lv_size type i,
           lt_pdf_lines type STANDARD TABLE OF tline.
  * pt_otf is passed from the CLOSE_FORM FM
  CALL FUNCTION 'CONVERT_OTF'
      EXPORTING
        FORMAT                      = 'PDF'
      IMPORTING
        BIN_FILESIZE                = lv_size
        BIN_FILE                    = lv_pdf_file
       TABLES
         otf                         = pt_otf
         lines                       = lt_pdf_lines
      EXCEPTIONS
        ERR_MAX_LINEWIDTH           = 1
        ERR_FORMAT                  = 2
        ERR_CONV_NOT_POSSIBLE       = 3
        ERR_BAD_OTF                 = 4
        OTHERS                      = 5
  open dataset lv_file for output in binary mode.
  transfer lv_pdf_file to lv_file.
  close dataset lv_file.

• ResultSet processed at the DB server or App Server???

  Well,
  If I have a ResultSet object that is fetched with a couple of records, where does the actual records stay???
  Are these records fetched into your App server, or they still are with your DB?? So, when I call "rs.next()", evidently does the App server need to fetch each and every record from the DB, if the latter is true??? If the former is true, how do you explain that the ResultSets and other related objects are scarce DB resources???
  Thx for your time.
  fun_one

  A ResultSet is a Java object, so it resides on the application server. A ResultSet is associated with a database cursor, which resides on the database server.
  When you open a cursor, i.e. execute a query, the database figures out which rows match the query. The database servers builds a data structure of some sort in its memory, containing the selected data. The data structure is...cough...don't ask me, I don't know. Must be fairly significant to allow for transaction isolation, sorting, joins, ... If you just do "select * from foo" without a "where" clause, the db server may get by with a simpler data structure.
  The database then sends the first, say, 10 rows to the application server. The db server also says, "here's the data on the newly opened cursor, and let's call this cursor #22."
  After the application server has looped 10 times in while(res.next()), res.next() says to the db server, "dude, I have this cursor, #22, send me more data on it." The db server sends the next batch of 10 rows. This repeats until all rows are processed, or you close the ResultSet (aka close the cursor).
  Closing the ResultSet tells the database server that it can release the data structure that holds the stuff in the cursor. If you don't close the cursor, the data structure needs to stay there, reserving memory, in case you rewind it and start reading it over.
  So, a ResultSet + cursor take space on both the application server and at the db server.
  The number of rows that are fetched at a time can be adjusted; see setFetchSize(). It's a tradeoff between the number of times a round trip has to be made, vs. the memory it takes to keep the 10 or whatever rows in memory before res.next() gets to them.
  All of this depends on how the db server and the JDBC driver are implemented, but I'd guess the above is a pretty typical way of doing it.

• Communication Server Vs APP Server

  Dear frnds,
  I want to know,
  1. How to create 2 application server for single application?
  2. Each server will run in different machine with different Port.
  3. How communication server will distribute the request and send to the app.server?
  4. How should i mention the port id if i use two diff. ports for App.Server?
  Rgds,
  Dhaya.

  Dhaya,
  The forum does not work this way. One does not post one's homework, and expect someone else to do it. In addition, one is expected to have one's subject closely match the issue.
  As a bit of friendly advice:
  Try to solve the problem yourself. Then, if you run into doubt, you can bring those specific doubts here. You will be much more likely to get the help you need. People volunteer here to help other people learn.
  It seems you are new to this; I highly recommend this excellent guide, concerning proper etiquette in a technical discussion forum.
  Happy hacking,
  John

• Stop a stand-alone and web app from starting in an App Server

  I want to programmatically shut down an application from starting, e.g., mid-way in its start, if a certain condition is raised. I do not want code as System.exit(int) as this API will terminate the entire JVM and more than 1 application running in the JVM will be shut down. My goal is to stop the start process of only one application that is running in the same shared JVM. The JVM is running more than 1 application.
  Obviously, throwing a Runtime exception (throw new RuntimeException())does not stop the application - application still gets started.
  I want a solution that will work for both stand-alone application and a web application. However, if I have to use two different approaches (one approach for stand-alone, another for web), I will be fine with that approach.
  I am using WebSphere 6.1 as application server.
  Please suggest what are my options to stop the application from start for both stand-alone and web application.

  There is of course no general solution to that.
  Consider the following.
  1. Initial thread starts 10 threads, and then it exits.
  2. One thread determines that exit should occur.
  3. How do other threads get terminated?
  ...and a web application.Conceptually that is a bit suspect. If you don't want it to run then the simple solution is don't install it. In general you don't want a web app to "exit" if a known error condition occurs. For example it shouldn't exit if the database connection fails but instead the behavior should change until the database connection is restored.

• How keep track of caller from web page or app in your EJB

  I want to make a Security Handler for my EJB Server. I want apps / users to be able to log in. However, after they log in (for example from a web page), how do I keep track of who they are when they then make subsequent calls to EJBs?
  Where can I find out who they are?
  How do I standardize this for apps and web page callers?
  I know that for web servers to keep track of who the caller is for them, they need to store a handle on the client. Do I need to do this too?
  If I do keep smth on the client side that they send back/forth to me, does that not fit with the EJB standards?

  still unable to find answer. Hey, can I also ask: do I ask too obscure questions? I don't get most of them answered. Are they boring?

• Link to setup calendar subscription from web page or app?

  I have a web site that generates ical files (.ics). I'd like to put a link on a page that the user can click on which would launch the
  Settings->Mail, Contacts, Calendars->Add Account->Other->Add Subscribed Calendar
  area with the Server url pre-populated with the url to our site's ical file. I could obviously just post instructions for the user to follow for adding the subscribed calendar, but it would be much simpler if I could just launch that directly from a link or button.
  Is anything like this possible to do on a website? If not, can it be done if I write an iPhone/iPad app?

  I would suggest posting this in the iPhone Developers Forum.
  http://developer.apple.com/devforums/