Security problem in Application
Hi i am having an Web Application that's developed in jdev 11.1.1.5 .it has security enabled.
I opened the jazn-data.xml and created a User,(Exactly the same UserName and Password that the application authorises.)gave all Enterprise Roles to it ,and selected Security Deployment Options.(Application Policies,Credentials,Users and Groups).
Now when i run a page in the application ,i see the Error 401--Unauthorized.
Please help me in this issue.ASAP.
Thanks in advance.
are using taskflow. the content u checking is within the task flow.explain with more detail
Similar Messages
-
Flex on Oracle Application Server 10g - security problems
Hi,
I'm working with Flex components (swf files), I'm trying to view them in a browser and i'm facing some security problems.
The server i'm trying to run the files on is: Oracle application server 10g on Unix server.
Please help me with the server's configuration to allow running swf files on it.
In the relation of Flex, there is a file that must be on the server's root named: "crossdomain.xml". This file defines which IPs can the swf object can take/get data from. Maybe there are configurations to that file that needs to be done on the server?
Thank you,
InbalNo. Not only it isn't certified, but it is also impossible to run forms compiled with the 11g compiler with the 10g runtime. For 11g there is a install bundle for the developer suite / application server.
cheers -
Problem with Application server
Hi All,
I'm facing problem with Application Server. When I installed the appserver and started it.. It started with the message " server has been started and some services will run at back". But when I tried stopping it using the stop default server i got the message that there is no server running but when i saw in the task manager i cud see two process running 1) appserver.exe and 2) imqbroker(something).exe so eventually I had to kill it.
Now when I'm trying to start the application server again its giving me this message "CLI156 Could not start the domain domain1" and below is the log file attached if its of any help
[#|2005-08-31T23:37:57.000+1000|WARNING|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|LAUNCHER005:Spaces in your PATH have been detected. The PATH must be consistently formated (e.g. C:\Program Files\Java\jdk1.5.0\bin; ) or the Appserver may not be able to start and/or stop. Mixed quoted spaces in your PATH can cause problems, so the launcher will remove all double quotes before invoking the process. The most reliable solution would be to remove all spaces from your path before starting the Appservers components. |#]
[#|2005-08-31T23:37:57.015+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|
C:/Program Files/Java/jdk1.5.0\bin\java
-client
-Xmx512m
-XX:NewRatio=2
-Dcom.sun.aas.defaultLogFile=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/logs/server.log
-Djava.endorsed.dirs=C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/endorsed
-Djava.security.policy=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/server.policy
-Djava.security.auth.login.config=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/login.conf
-Dsun.rmi.dgc.server.gcInterval=3600000
-Dsun.rmi.dgc.client.gcInterval=3600000
-Djavax.net.ssl.keyStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/keystore.jks
-Djavax.net.ssl.trustStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/cacerts.jks
-Djava.ext.dirs=C:/Program Files/Java/jdk1.5.0/jre/lib/ext;C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/lib/ext
-Djdbc.drivers=com.pointbase.jdbc.jdbcUniversalDriver
-Djavax.management.builder.initial=com.sun.enterprise.admin.server.core.jmx.AppServerMBeanServerBuilder
-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory
-Dcom.sun.enterprise.taglibs=appserv-jstl.jar,jsf-impl.jar
-Dcom.sun.enterprise.taglisteners=jsf-impl.jar
-Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl
-Dcom.sun.aas.configName=server-config
-Dorg.xml.sax.parser=org.xml.sax.helpers.XMLReaderAdapter
-Ddomain.name=domain1
-Djmx.invoke.getters=true
-Djavax.xml.parsers.DocumentBuilderFactory=com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl
-Dcom.sun.aas.promptForIdentity=true
-Dorg.xml.sax.driver=com.sun.org.apache.xerces.internal.parsers.SAXParser
-Dcom.sun.aas.instanceRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1
-Djavax.xml.transform.TransformerFactory=com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl
-Dcom.sun.aas.domainName=domain1
-Djava.util.logging.manager=com.sun.enterprise.server.logging.ServerLogManager
-Dproduct.name=Sun-Java-System/Application-Server
-Dcom.sun.enterprise.overrideablejavaxpackages=javax.faces,javax.servlet.jsp.jstl,javax.xml.bind,javax.help
-Dcom.sun.aas.configRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/config
-Djava.library.path=C:\Program Files\Java\jdk1.5.0\jre\bin\client;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\Java\jdk1.5.0\bin;.;C:\WINDOWS\System32;C:\WINDOWS;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Sun\AppServer\bin;;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\jre\jdk1.5.0\bin;.;
-Dcom.sun.aas.instanceName=server
-Dcom.sun.aas.processLauncher=SE
-cp
C:/Program Files/Java/jdk1.5.0/lib/tools.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/appserv-rt.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\admin-cli.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-admin.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\dom.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote_optional.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\rmissl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xalan.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xercesImpl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-upgrade.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-ext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\activation.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-cmp.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-jstl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-launcher.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-logging.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee-svc.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jax-qname.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\mail.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\relaxngDatatype.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xsdlib.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/install/applications/jmsra/imqjmsra.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/jaxm-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/fscontext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/ant/lib/ant.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbclient.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbembedded.jar
com.sun.enterprise.server.PEMain
start
display
native|#]
[#|2005-08-31T23:38:03.515+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.resource.jms|_ThreadID=10;|JMS5023: JMS service successfully started. Instance Name = imqbroker, Home = [C:\Program Files\netbeans-4.1\SunAppServer8.1\imq\bin].|#]
[#|2005-08-31T23:38:03.515+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.system.core|_ThreadID=10;|CORE5098: AS Socket Service Initialization has been completed.|#]
[#|2005-08-31T23:38:15.796+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.system.tools.admin|_ThreadID=10;|ADM0001:MBeanServer initialized successfully|#]
[#|2005-08-31T23:38:16.484+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.system.core.security|_ThreadID=10;|SEC1143: Loading policy provider com.sun.enterprise.security.provider.PolicyWrapper.|#]
[#|2005-09-01T00:48:45.484+1000|WARNING|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|LAUNCHER005:Spaces in your PATH have been detected. The PATH must be consistently formated (e.g. C:\Program Files\Java\jdk1.5.0\bin; ) or the Appserver may not be able to start and/or stop. Mixed quoted spaces in your PATH can cause problems, so the launcher will remove all double quotes before invoking the process. The most reliable solution would be to remove all spaces from your path before starting the Appservers components. |#]
[#|2005-09-01T00:48:45.531+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|
C:/Program Files/Java/jdk1.5.0\bin\java
-client
-Xmx512m
-XX:NewRatio=2
-Dcom.sun.aas.defaultLogFile=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/logs/server.log
-Djava.endorsed.dirs=C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/endorsed
-Djava.security.policy=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/server.policy
-Djava.security.auth.login.config=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/login.conf
-Dsun.rmi.dgc.server.gcInterval=3600000
-Dsun.rmi.dgc.client.gcInterval=3600000
-Djavax.net.ssl.keyStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/keystore.jks
-Djavax.net.ssl.trustStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/cacerts.jks
-Djava.ext.dirs=C:/Program Files/Java/jdk1.5.0/jre/lib/ext;C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/lib/ext
-Djdbc.drivers=com.pointbase.jdbc.jdbcUniversalDriver
-Djavax.management.builder.initial=com.sun.enterprise.admin.server.core.jmx.AppServerMBeanServerBuilder
-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory
-Dcom.sun.enterprise.taglibs=appserv-jstl.jar,jsf-impl.jar
-Dcom.sun.enterprise.taglisteners=jsf-impl.jar
-Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl
-Dcom.sun.aas.configName=server-config
-Dorg.xml.sax.parser=org.xml.sax.helpers.XMLReaderAdapter
-Ddomain.name=domain1
-Djmx.invoke.getters=true
-Djavax.xml.parsers.DocumentBuilderFactory=com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl
-Dcom.sun.aas.promptForIdentity=true
-Dorg.xml.sax.driver=com.sun.org.apache.xerces.internal.parsers.SAXParser
-Dcom.sun.aas.instanceRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1
-Djavax.xml.transform.TransformerFactory=com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl
-Dcom.sun.aas.domainName=domain1
-Djava.util.logging.manager=com.sun.enterprise.server.logging.ServerLogManager
-Dproduct.name=Sun-Java-System/Application-Server
-Dcom.sun.enterprise.overrideablejavaxpackages=javax.faces,javax.servlet.jsp.jstl,javax.xml.bind,javax.help
-Dcom.sun.aas.configRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/config
-Djava.library.path=C:\Program Files\Java\jdk1.5.0\jre\bin\client;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\Java\jdk1.5.0\bin;.;C:\WINDOWS\System32;C:\WINDOWS;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Sun\AppServer\bin;;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\jre\jdk1.5.0\bin;.;
-Dcom.sun.aas.instanceName=server
-Dcom.sun.aas.processLauncher=SE
-cp
C:/Program Files/Java/jdk1.5.0/lib/tools.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/appserv-rt.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\admin-cli.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-admin.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\dom.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote_optional.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\rmissl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xalan.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xercesImpl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-upgrade.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-ext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\activation.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-cmp.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-jstl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-launcher.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-logging.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee-svc.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jax-qname.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\mail.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\relaxngDatatype.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xsdlib.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/install/applications/jmsra/imqjmsra.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/jaxm-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/fscontext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/ant/lib/ant.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbclient.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbembedded.jar
com.sun.enterprise.server.PEMain
start
display
native|#]
[#|2005-09-04T04:12:39.281+1000|WARNING|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|LAUNCHER005:Spaces in your PATH have been detected. The PATH must be consistently formated (e.g. C:\Program Files\Java\jdk1.5.0\bin; ) or the Appserver may not be able to start and/or stop. Mixed quoted spaces in your PATH can cause problems, so the launcher will remove all double quotes before invoking the process. The most reliable solution would be to remove all spaces from your path before starting the Appservers components. |#]
[#|2005-09-04T04:12:39.343+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.tools.launcher|_ThreadID=10;|
C:/Program Files/Java/jdk1.5.0\bin\java
-client
-Xmx512m
-XX:NewRatio=2
-Dcom.sun.aas.defaultLogFile=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/logs/server.log
-Djava.endorsed.dirs=C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/endorsed
-Djava.security.policy=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/server.policy
-Djava.security.auth.login.config=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/login.conf
-Dsun.rmi.dgc.server.gcInterval=3600000
-Dsun.rmi.dgc.client.gcInterval=3600000
-Djavax.net.ssl.keyStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/keystore.jks
-Djavax.net.ssl.trustStore=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/config/cacerts.jks
-Djava.ext.dirs=C:/Program Files/Java/jdk1.5.0/jre/lib/ext;C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1/lib/ext
-Djdbc.drivers=com.pointbase.jdbc.jdbcUniversalDriver
-Djavax.management.builder.initial=com.sun.enterprise.admin.server.core.jmx.AppServerMBeanServerBuilder
-Dcom.sun.enterprise.config.config_environment_factory_class=com.sun.enterprise.config.serverbeans.AppserverConfigEnvironmentFactory
-Dcom.sun.enterprise.taglibs=appserv-jstl.jar,jsf-impl.jar
-Dcom.sun.enterprise.taglisteners=jsf-impl.jar
-Djavax.xml.parsers.SAXParserFactory=com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl
-Dcom.sun.aas.configName=server-config
-Dorg.xml.sax.parser=org.xml.sax.helpers.XMLReaderAdapter
-Ddomain.name=domain1
-Djmx.invoke.getters=true
-Djavax.xml.parsers.DocumentBuilderFactory=com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl
-Dcom.sun.aas.promptForIdentity=true
-Dorg.xml.sax.driver=com.sun.org.apache.xerces.internal.parsers.SAXParser
-Dcom.sun.aas.instanceRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/domains/domain1
-Djavax.xml.transform.TransformerFactory=com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl
-Dcom.sun.aas.domainName=domain1
-Djava.util.logging.manager=com.sun.enterprise.server.logging.ServerLogManager
-Dproduct.name=Sun-Java-System/Application-Server
-Dcom.sun.enterprise.overrideablejavaxpackages=javax.faces,javax.servlet.jsp.jstl,javax.xml.bind,javax.help
-Dcom.sun.aas.configRoot=C:/Program Files/netbeans-4.1/SunAppServer8.1/config
-Djava.library.path=C:\Program Files\Java\jdk1.5.0\jre\bin\client;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\Java\jdk1.5.0\bin;.;C:\WINDOWS\System32;C:\WINDOWS;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\lib;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\Program Files\netbeans-4.1\SunAppServer8.1\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Sun\AppServer\bin;;C:\Program Files\Java\jdk1.5.0\bin;.;C:\Program Files\jre\jdk1.5.0\bin;.;
-Dcom.sun.aas.instanceName=server
-Dcom.sun.aas.processLauncher=SE
-cp
C:/Program Files/Java/jdk1.5.0/lib/tools.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/appserv-rt.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\admin-cli.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-admin.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\dom.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jmxremote_optional.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jsf-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\rmissl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xalan.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xercesImpl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-upgrade.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-ext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\activation.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-cmp.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\appserv-jstl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-launcher.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\commons-logging.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\j2ee-svc.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jax-qname.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxr-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\jaxrpc-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\mail.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\relaxngDatatype.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\saaj-impl.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib\xsdlib.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/install/applications/jmsra/imqjmsra.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/jaxm-api.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/imq/lib/fscontext.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/lib/ant/lib/ant.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbclient.jar;C:/Program Files/netbeans-4.1/SunAppServer8.1/pointbase/lib/pbembedded.jar
com.sun.enterprise.server.PEMain
start
display
native|#]
[#|2005-09-04T04:13:50.453+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.resource.jms|_ThreadID=10;|JMS5035: Timed out after 60000 milliseconds while trying to verify if the JMS service startup succeeded.|#]
[#|2005-09-04T04:13:50.453+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.resource.jms|_ThreadID=10;|JMS5037: Check permissions of MQ instance directory C:\Program Files\netbeans-4.1\SunAppServer8.1\imq\var\instances|#]
[#|2005-09-04T04:13:50.453+1000|INFO|sun-appserver-pe8.1_01|javax.enterprise.resource.jms|_ThreadID=10;|JMS5036: More details may be available in the log file for the JMS service broker instance imqbroker. Please refer to the JMS provider documentation for the exact location of this log file.|#]
[#|2005-09-04T04:13:50.453+1000|SEVERE|sun-appserver-pe8.1_01|javax.enterprise.system.core|_ThreadID=10;|UnknownException during startup. Disable quick startup by setting system property com.sun.enterprise.server.ss.ASQuickStartup to false
com.sun.appserv.server.ServerLifecycleException: [C4003]: Error occurred on connection creation [127.0.0.1:7676]. - cause: java.net.ConnectException: Connection refused: no further information
at com.sun.enterprise.jms.JmsProviderLifecycle.checkProviderStartup(JmsProviderLifecycle.java:427)
at com.sun.enterprise.server.ss.ASLazyKernel.startASSocketServices(ASLazyKernel.java:54)
at com.sun.enterprise.server.PEMain.run(PEMain.java:274)
at com.sun.enterprise.server.PEMain.main(PEMain.java:220)
Caused by: com.sun.messaging.jms.JMSException: [C4003]: Error occurred on connection creation [127.0.0.1:7676]. - cause: java.net.ConnectException: Connection refused: no further information
at com.sun.messaging.jmq.jmsclient.ExceptionHandler.getJMSConnectException(ExceptionHandler.java:233)
at com.sun.messaging.jmq.jmsclient.ExceptionHandler.handleConnectException(ExceptionHandler.java:180)
at com.sun.messaging.jmq.jmsclient.PortMapperClient.readBrokerPorts(PortMapperClient.java:176)
at com.sun.messaging.jmq.jmsclient.PortMapperClient.init(PortMapperClient.java:101)
at com.sun.messaging.jmq.jmsclient.PortMapperClient.<init>(PortMapperClient.java:54)
at com.sun.messaging.jmq.jmsclient.protocol.tcp.TCPConnectionHandler.<init>(TCPConnectionHandler.java:61)
at com.sun.messaging.jmq.jmsclient.protocol.tcp.TCPStreamHandler.openConnection(TCPStreamHandler.java:102)
at com.sun.messaging.jmq.jmsclient.ConnectionInitiator.createConnectionOld(ConnectionInitiator.java:281)
at com.sun.messaging.jmq.jmsclient.ConnectionInitiator.createConnection(ConnectionInitiator.java:107)
at com.sun.messaging.jmq.jmsclient.ConnectionInitiator.createConnection(ConnectionInitiator.java:92)
at com.sun.messaging.jmq.jmsclient.ProtocolHandler.init(ProtocolHandler.java:613)
at com.sun.messaging.jmq.jmsclient.ProtocolHandler.<init>(ProtocolHandler.java:1194)
at com.sun.messaging.jmq.jmsclient.ConnectionImpl.openConnection(ConnectionImpl.java:1894)
at com.sun.messaging.jmq.jmsclient.ConnectionImpl.init(ConnectionImpl.java:712)
at com.sun.messaging.jmq.jmsclient.ConnectionImpl.<init>(ConnectionImpl.java:293)
at com.sun.messaging.jmq.jmsclient.UnifiedConnectionImpl.<init>(UnifiedConnectionImpl.java:33)
at com.sun.messaging.jmq.jmsclient.QueueConnectionImpl.<init>(QueueConnectionImpl.java:32)
at com.sun.messaging.ConnectionFactory.createQueueConnection(ConnectionFactory.java:72)
at com.sun.messaging.jmq.admin.jmsspi.JMSAdminImpl.pingProvider(JMSAdminImpl.java:783)
at com.sun.enterprise.jms.JmsProviderLifecycle.waitForJmsProvider(JmsProviderLifecycle.java:335)
at com.sun.enterprise.jms.JmsProviderLifecycle.checkProviderStartup(JmsProviderLifecycle.java:396)
... 3 more
Caused by: java.net.ConnectException: Connection refused: no further information
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:525)
at com.sun.enterprise.server.ss.ASClientSocketImpl.connect(ASClientSocketImpl.java:175)
at java.net.Socket.connect(Socket.java:507)
at java.net.Socket.connect(Socket.java:457)
at java.net.Socket.<init>(Socket.java:365)
at java.net.Socket.<init>(Socket.java:178)
at com.sun.messaging.jmq.jmsclient.PortMapperClient.readBrokerPorts(PortMapperClient.java:156)
... 21 more
|#]
[#|2005-09-04T04:13:50.484+1000|SEVERE|sun-appserver-pe8.1_01|javax.enterprise.system.core|_ThreadID=10;|Exception while stoppping Lifecycle.
com.sun.appserv.server.ServerLifecycleException: MQ startup failed :[C4003]: Error occurred on connection creation [127.0.0.1:7676]. - cause: java.net.ConnectException: Connection refused: no further information
at com.sun.enterprise.jms.JmsProviderLifecycle.checkProviderStartup(JmsProviderLifecycle.java:376)
at com.sun.enterprise.jms.JmsProviderLifecycle.onShutdown(JmsProviderLifecycle.java:445)
at com.sun.enterprise.server.ss.ASLazyKernel.stopLifecycle(ASLazyKernel.java:175)
at com.sun.enterprise.server.ss.ASLazyKernel.stopMQ(ASLazyKernel.java:169)
at com.sun.enterprise.server.ss.ASLazyKernel.exitServer(ASLazyKernel.java:74)
at com.sun.enterprise.server.ss.ASLazyKernel.startASSocketServices(ASLazyKernel.java:67)
at com.sun.enterprise.server.PEMain.run(PEMain.java:274)
at com.sun.enterprise.server.PEMain.main(PEMain.java:220)
|#]
Thanks in advance
AjayThe VERY FIRST message in the server log gives you a hint as to what the problem might be. The server thinks you have spaces in your PATH to the application server. Therefore, the solution is to kill the server however you need to (task manager, whatever) and then reinstall it in a path that doesn't contain spaces. That's the low-hanging fruit here; if that doesn't work, well, then we will have to find some other solution.
-
How to deploy a secured ADF 11g application to WebLogic 10.3 server?
Hi,
I have just enabled security in our ADF 11g application, as descripbed in [chapter 29|http://download.oracle.com/docs/cd/E12839_01/web.1111/b31974/adding_security.htm#insertedID0] of the Fusion Developer's Guide. It works fine in the embedded WebLogic server of JDeveloper.
Now I'm trying to deploy to our WebLogic 10.3 server, which runs in production mode. I'm running into all sorts of problems. The WebLogic console seems to have hundreds of security related pages, I don't know which one I should use, let alone how to use it. The Fusion Developer's Guide doesn't cover deployment to a production server:
>
When the target server is configured for production mode, you typically handle the migration task outside of JDeveloper using tools like Oracle Enterprise Manager. For details about using tools outside of JDeveloper to migrate the policy store to the domain-level in a production environment, see the [Oracle Fusion Middleware Security Guide|http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/toc.htm].
>
However, this guide is of very little help to me. I found [chapter 7|http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/addlsecfea.htm#insertedID0], which says "The recommended tool is Fusion Middleware Control." I have no idea what "Fusion Middleware Control" is, where to get it and how to use it.
Long story short: I'm totally lost. I'm looking for a step by step guide on how to deploy a secured ADF 11g application to a WegLogic 10.3 server that is running in production mode. Any help is highly appreciated.Ok, I found a [very helpful blog post |http://andrejusb.blogspot.com/2009/01/practical-adf-security-deployment-on.html] by [Andrejus Baranovski|http://www.blogger.com/profile/04468230464412457426]. I wish Oracle's documentation was as clear as this...
The blog post refers to an article by Steve Muench, called [Simplified ADF 11g Application Credential and Policy Migration to Standalone WebLogic Servers|http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html]. This article presents an Ant script that migrates policies from JDeveloper to WebLogic, using some PFM. (See the last definition here.)
The problem is that Steve Muench's script assumes that JDeveloper and the standalone WebLogic are on the same machine. However, in a typical environment, such as the one I'm working in currently, this is not the case. In our case the developer stations are Windows machines, while our WebLogic server runs on a HP-UX machine. So the question is: how to perform this migration between two machines with different operating systems?
Regards,
Bart Kummel -
ADF Security to J2EE Container Managed Security Problems
Hi al!
I had ADF security enabled in my application. I've added roles and users to embedded OC4J Server Preferences..., configured authorization using pageDefs... (following the Introduction to ADF Security in JDeveloper 10.1.3.2 howto).
For the sake of friendlier user and roles management I decided to go to 2EE Container Managed Security (I want application manager in production environment to be able to manage users in only one place, not in DB table and extra for web app). I followed Frank Nimphius's Database Authentication and Authorization in J2EE Container Managed Security article.
Now I have some problems. I removed users and roles from embedded OC4J Server Preferences... (I believe this are used only for ADF security, am I right?). I can log to application with admin user account (app index page doesn't have any binds and even pageDef), but when trying to access admin pages I get 401 Unauthorized page.
What am I doing wrong, probably I've forgotten something? I'm a bit confused now with users and roles settings and ADF and container managed security.
Part of my web.xml file:
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<init-param>
<param-name>success_url</param-name>
<param-value>/faces/app/index.jspx</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>adfAuthentication</servlet-name>
<url-pattern>/adfAuthentication/*</url-pattern>
</servlet-mapping>
<security-role>
<description>Admins</description>
<role-name>admin_role</role-name>
</security-role>
<security-role>
<description>Users</description>
<role-name>user_role</role-name>
</security-role>
<security-role>
<role-name>oc4j-administrators</role-name>
</security-role>
<security-constraint>
<web-resource-collection>
<web-resource-name>AllAdmins</web-resource-name>
<url-pattern>faces/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin_role</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>AllUsers</web-resource-name>
<url-pattern>faces/app/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user_role</role-name>
<role-name>admin_role</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>oc4j-administrators</role-name>
<role-name>user_role</role-name>
<role-name>admin_role</role-name>
</auth-constraint>
</security-constraint>
Do I have to remove this adfAuthentication tags?
I know I've made things a bit complicated for me now and for anyone to help, but I hope I will get at least some pointers what to do now and maybe some explanation about roles in container managed security? Is it enaugh to have security constraints and roles defined in web.xml file or they have to be defined somewhere else also (beside the database)?
Thank you in advance!
Bye
PS
Maybe stack trace after login:
FINE: LoginConfigProvider.ctr: lmm=[LoginModuleManager: jznCfg=[JAZNConfig null], appConfigEntries={oracle.security.jazn.oc4j.CertificateAuthenticator=[javax.security.auth.login.AppConfigurationEntry@3625d0], oracle.security.jazn.tools.Admintool=[javax.security.auth.login.AppConfigurationEntry@eca6e7], oracle.security.jazn.oc4j.WebCoreIDSSOAuthenticator=[javax.security.auth.login.AppConfigurationEntry@c1c7c4], oracle.security.jazn.oc4j.DigestAuthenticator=[javax.security.auth.login.AppConfigurationEntry@221f81], oracle.security.wss.jaas.SAMLAuthManager=[javax.security.auth.login.AppConfigurationEntry@426e05], oracle.security.jazn.oc4j.JAZNUserManager=[javax.security.auth.login.AppConfigurationEntry@145240a], current-workspace-app=[javax.security.auth.login.AppConfigurationEntry@4120aa], oracle.security.wss.jaas.JAASAuthManager=[javax.security.auth.login.AppConfigurationEntry@1c78f98]}]
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option data_source_name = jdbc/TESTDbDS
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option table = APPLICATION_USER
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option groupMembershipTableName = APPLICATION_ROLE
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option usernameField = USR_EMAIL
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option passwordField = USR_PSW
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option groupMembershipGroupFieldName = ROLE_NAME
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option user_pk_column = USR_EMAIL
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option roles_fk_column = USR_EMAIL
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option pw_encoding_class = null
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option realm_column = null
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option application_realm = null
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule initialize
FINE: [DBTableOraDataSourceLoginModule] option casing = toupper
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
FINE: [DBTableOraDataSourceLoginModule]login called on DBTableLoginModule
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
FINE: [DBTableOraDataSourceLoginModule]Calling callbackhandler ...
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
FINE: [DBTableOraDataSourceLoginModule]Username returned by callback = admin
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
FINE: [DBTableOraDataSourceLoginModule]Username changed to case as defined by toupper to ADMIN
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]User query string: select USR_EMAIL,USR_PSW from APPLICATION_USER where USR_EMAIL= (?)
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]User primary key value found = ADMIN
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]Password encoded by: oracle.security.jazn.login.module.db.util.DBLoginModuleClearTextEncoder
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]User ADMIN authenticated successfully
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]Roles query string: select ROLE_NAME from APPLICATION_ROLE where USR_EMAIL= (?)
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]DBUser Principal Name: ADMIN
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule performDbAuthentication
FINE: [DBTableOraDataSourceLoginModule]DBRole Principal Name: admin_role
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule login
FINE: [DBTableOraDataSourceLoginModule]Logon Successful = true
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
FINE: [DBTableOraDataSourceLoginModule]Subject contains 0 Principals before auth
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
FINE: [DBTableOraDataSourceLoginModule]Local LM commit succeeded
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
FINE: [DBTableOraDataSourceLoginModule]Subject contains 2 Principals after auth
24.8.2007 10:17:19 oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule commit
FINE: [DBTableOraDataSourceLoginModule]Cleaning internal state!Hi there!
I have another question about this. I've modified a bit DBRolePrincipal class to see what's going on. At the beginning of the equals(Object another) method I added this lines:
log("method equals start",0);
log("another type = " + another.getClass(), 0);
if (another instanceof Principal)
Principal mine = (Principal)another;
log("Principal mine.getName() = " + mine.getName(), 0);
The result is this output (after navigating to page that gives 401 forbidden):
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.security.jazn.oc4j.JAZNUserAdaptor
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = admin_user
07/10/12 08:38:36 [DBRolePrincipal] method equals start
07/10/12 08:38:36 [DBRolePrincipal] another type = class oracle.adf.share.security.authentication.ADFRolePrincipal
07/10/12 08:38:36 [DBRolePrincipal] Principal mine.getName() = anyone
Why is the name of ADFRolePrincipal always anyone? When I sign in with this user the output says:
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User query string: select USERNAME,PASSWORD from ACTIVE_APP_USER_V where USERNAME= (?)
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User primary key value found = admin_user
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Password encoded by: oracle.sample.dbloginmodule.util.DBLoginModuleCearTextEncoder
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] User admin_user authenticated successfully
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Roles query string: select ROLE_NAME from ACTIVE_APP_ROLE_V where USERNAME= (?)
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] DBRole Principal Name: admin_role
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] DBUser Principal Name: admin_user
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Logon Successful = true
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Subject contains 0 Principals before auth
07/10/12 08:46:09 [DBUserPrincipal] method equals start
07/10/12 08:46:09 [DBUserPrincipal] another type = class oracle.sample.dbloginmodule.principals.DBRolePrincipal
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Local LM commit succeeded
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Subject contains 2 Principals after auth
07/10/12 08:46:09 [DBTableOraDatasourceLoginModule] Cleaning internal state!
Frank, if you haven't given up on this issue yet could you please try to explain this to me? Why doesn't admin_role principal never get compared in [equals[/i] method?
Thank you!
BB -
Row-level security problem using VPD
Hi all,
I've implemented row-level security for my application using the following procedure:
1) Created a procedure for setting the context for the application:
PROCEDURE set_empno
IS
emp_id NUMBER;
BEGIN
BEGIN
SELECT empno
INTO emp_id
FROM SCOTT.EMP
WHERE upper(ename) = SYS_CONTEXT('USERENV', 'SESSION_USER');
DBMS_SESSION.SET_CONTEXT('emp_sel_context', 'empno', emp_id);
EXCEPTION
WHEN OTHERS THEN emp_id := 0;
END;
END;
2) Created the application context:
CREATE CONTEXT emp_sel_context USING secman.app_security_context;
In which secman is my security schema and app_security_context is the name of above procedure package.
3) Created a function to access the application context:
FUNCTION emp_sec(E1 VARCHAR2, E2 VARCHAR2) RETURN VARCHAR2
IS
e_predicate VARCHAR2(2000);
BEGIN
e_predicate := 'empno = SYS_CONTEXT(''emp_sel_context'', ''empno'')';
RETURN e_predicate;
END;
END;
4) Created a logon trigger:
CREATE OR REPLACE
TRIGGER INIT_CONTEXT AFTER
LOGON ON DATABASE
BEGIN
SECMAN.APP_SECURITY_CONTEXT.SET_EMPNO;
END;
5) Added a policy on scott.emp like this:
begin
dbms_rls.add_policy (
object_schema => 'SCOTT',
object_name => 'EMP',
policy_name => 'EMP_SEL_POLICY',
function_schema => 'SECMAN',
policy_function => 'EMP_SECURITY.EMP_SEC',
statement_types => 'SELECT',
update_check => TRUE
end;
My problem is that when a user queries the EMP table the above procedure does not work and 'no rows selected' is returned for each user that queries the table. Does anybody know which part of my procedure is wrong?
Any helps is really appreciated.
S/\EE|)i,
I suggest:
create another table emp1(logon with scott),this table only include empno,ename,then insert a few record,then modify
procedure set_empno as
PROCEDURE set_empno
IS
emp_id NUMBER;
BEGIN
BEGIN
SELECT empno
INTO emp_id
FROM SCOTT.EMP1
WHERE upper(ename) = SYS_CONTEXT('USERENV', 'SESSION_USER');
DBMS_SESSION.SET_CONTEXT('emp_sel_context', 'empno', emp_id);
EXCEPTION
WHEN OTHERS THEN emp_id := 0;
END;
END;
certainly ,you should grant select on emp1 to the user who will be test.
lixinzhu
2007/09/17 -
[Using SharePoint 2013 Enterprise SP1]
I would like to use SQL Server credentials in a Secure Store Target Application, and
this page makes it look like it's possible but when I attempt to use the new Target Application ID as authentication for a Data Connection in Dashboard Designer, I get a generic "Unable to access data source" with no error logged in SQL Server
logs.
I am able to use a Target Application with AD credentials to access the SQL db without a problem. Suggestions?Hi,
1. Make sure that the credential is set to
Secure Store Target Application. Navigate to the Central Administration. Click on the
Application Management. Click on the Manage Service Applications. Click on the
Secure Store Service Application. Select the application ID and from the ECB menu click on the
Set Credentials. Enter the Credential Owner, Windows User Name and the
Windows Password.
2. Make sure that in the Dashboard Designer “Use a stored account” is selected in the “Authentication” and the proper application ID is mentioned.
Please refer to the link below for more information:
http://www.c-sharpcorner.com/Blogs/14527/unable-to-access-data-source-the-secure-store-target-applic.aspx
Regards,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected] .
Rebecca Tu
TechNet Community Support -
Hello,
We are searching and investigating the security problems and needs in SAP Systems (the NetWeaver and R3).
We are looking for vulnerabilities from the network level up to the application and SAP-GUI level.
We would like to hear and learn from users on case studies and problems that occurred during implementing and running the SAP systems.
We would appreciate if you could contact us for further details.
Thank you.
<Contact information removed by forum moderator>
Message was edited by: Christian WippermannDear Alon,
Thank you for your interest in SAP Security. You are very welcome to investigate product security and to share your results with SAP ([email protected]). But this is exactly the place where SAP users should report security problems they may find. They should not report to other companies! That is why I removed your contact information and closed this thread.
To make myself clear: Please report security problems directly to [email protected] My collegues there will support to solve the issues.
Best regards,
Christian -
Cocoon2 weblogic (5.1 sp6) class loader security problem
Hello folks,
System:
Cocoon: v2.0
JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
OS: NT4 SP5
Servlet: v2.2
AppServer: Weblogic 5.1 SP6
Symptoms:
I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
figured out what libraries I need on the Weblogic's classpath, I managed
to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
servlet and wrap the HttpServletRequest in MyRequest to provide the XML
content. I changed the line <map:generators default="request"> in
sitemap.xmap to specify the location of the source. Configuration files
seem to be read correctly and the file
<myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
is generated (but there is no class file generated)!
I looked at the cocoon.log file and looks like a class loader security
problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
problem? Any help is much appreciated!
cocoon.log file generated:
DEBUG 62 [cocoon ] (ExecuteThread-11): Using configuration file:
/cocoon.xconf
INFO 62 [cocoon ] (ExecuteThread-11): Reloading from:
file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
DEBUG 93 [cocoon ] (ExecuteThread-11): New Cocoon object.
DEBUG 93 [cocoon ] (ExecuteThread-11): Using parser:
org.apache.cocoon.components.parser.JaxpParser
DEBUG 109 [cocoon ] (ExecuteThread-11): Creating Repository with
this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 109 [cocoon ] (ExecuteThread-11): Classpath =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
DEBUG 109 [cocoon ] (ExecuteThread-11): Work directory =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 125 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 390 [cocoon ] (ExecuteThread-11): Root configuration:
cocoon
DEBUG 390 [cocoon ] (ExecuteThread-11): Configuration version:
2.0
DEBUG 390 [cocoon ] (ExecuteThread-11): Setting up components...
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.parser.Parser =
org.apache.cocoon.components.parser.JaxpParser)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.generator.ProgramGenerator =
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.url.URLFactory =
org.apache.cocoon.components.url.URLFactoryImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.saxconnector.SAXConnector =
org.apache.cocoon.components.saxconnector.NullSAXConnector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.datasource.DataSourceComponentSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.pool.PoolController =
org.apache.cocoon.components.ComponentPoolController)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
= org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.store.Store =
org.apache.cocoon.components.store.MemoryStore)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.classloader.ClassLoaderManager =
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
DEBUG 422 [cocoon ] (ExecuteThread-11): Setting up the sitemap.
DEBUG 422 [cocoon ] (ExecuteThread-11): Sitemap location =
sitemap.xmap
DEBUG 703 [cocoon ] (ExecuteThread-11): ComponentFactory creating
new instance of org.apache.cocoon.components.url.URLFactoryImpl.
DEBUG 703 [cocoon ] (ExecuteThread-11): Getting the URLFactories
DEBUG 703 [cocoon ] (ExecuteThread-11): for protocol:
resource org.apache.cocoon.components.url.ResourceURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): for protocol: context
org.apache.cocoon.components.url.ContextURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): Beginning sitemap
regeneration
DEBUG 718 [cocoon ] (ExecuteThread-11): Making URL from
file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
DEBUG 718 [cocoon ] (Thread-1): Could not find ComponentHandler,
attempting to create one for role:
org.apache.cocoon.components.language.generator.ServerPagesSelector
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.GeneratorSelector.
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element:
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: markup-languages
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
xsp
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
for sitemap
DEBUG 734 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 734 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: programming-languages
DEBUG 750 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.programming.java.JavaLanguage.
DEBUG 750 [cocoon ] (Thread-1): Looking up
org.apache.cocoon.components.classloader.ClassLoaderManager
DEBUG 750 [cocoon ] (Thread-1): Setting the parameters
DEBUG 750 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.programming.java.JavaLanguage for
java
DEBUG 765 [cocoon ] (Thread-1): The instance was not accessible,
creating it now.
DEBUG 765 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 1718 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 1718 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 4109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4109 [cocoon ] (Thread-1): Can't load ServerPage
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4359 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 4359 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 6109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
ERROR 6109 [cocoon ] (Thread-1): Error compiling sitemap
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (ExecuteThread-11): Changing Cocoon
context(sitemap.xmap) to prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): from
context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): at URI
DEBUG 6109 [cocoon ] (ExecuteThread-11): New context is
file:/D:/Programs/cocoon-1.8.2/samples/
ERROR 6140 [cocoon ] (ExecuteThread-11): Problem with servlet
org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
not available.
at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
at
org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
INFO 6187 [cocoon ] (ExecuteThread-11): '' Processed by Apache
Cocoon 2.0a4 in 5.75 seconds.
================================================================
Regards,
GeorgiHello folks,
System:
Cocoon: v2.0
JDK: Java(TM) 2 Runtime Environment, Standard Edition (build 1.3.0-C),
Java HotSpot(TM) Client VM (build 1.3.0-C, mixed mode)
OS: NT4 SP5
Servlet: v2.2
AppServer: Weblogic 5.1 SP6
Symptoms:
I've updated our application from Cocoon 1.7.4 to Cocoon2. After I
figured out what libraries I need on the Weblogic's classpath, I managed
to envoke the MyServlet (MyServlet extends CocoonServlet). The technique
I am using is the one I used with the Cocoon v1.7.4: extend Cocoon
servlet and wrap the HttpServletRequest in MyRequest to provide the XML
content. I changed the line <map:generators default="request"> in
sitemap.xmap to specify the location of the source. Configuration files
seem to be read correctly and the file
<myWebAppContext>/WEB-INF/_tmp_war/org/apache/cocoon/www/sitemap_xmap.java
is generated (but there is no class file generated)!
I looked at the cocoon.log file and looks like a class loader security
problem: the \WEB-INF\_tmp_war gets locked! Is there any workaround this
problem? Any help is much appreciated!
cocoon.log file generated:
DEBUG 62 [cocoon ] (ExecuteThread-11): Using configuration file:
/cocoon.xconf
INFO 62 [cocoon ] (ExecuteThread-11): Reloading from:
file:D:/Programs/cocoon-1.8.2/samples/cocoon.xconf
DEBUG 93 [cocoon ] (ExecuteThread-11): New Cocoon object.
DEBUG 93 [cocoon ] (ExecuteThread-11): Using parser:
org.apache.cocoon.components.parser.JaxpParser
DEBUG 109 [cocoon ] (ExecuteThread-11): Creating Repository with
this directory: D:\programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 109 [cocoon ] (ExecuteThread-11): Classpath =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\classes;D:\Programs\cocoon-1.8.2\samples\WEB-INF\lib\javac.jar;D:\avue\lib\servlet.jar;D:\avue\lib\jaxp.jar;D:\avue\lib\xerces.jar;D:\avue\lib\xalan.jar;D:\avue\lib\cocoon.jar;D:\avue\lib\avalonapi.jar;D:\avue\lib\logkit.jar;D:\avue\lib\maybeupload.jar;D:\avue\lib\jakarta-regexp-1.2.jar;D:\avue\lib\jstyle.jar;D:\avue\lib\javac.jar;D:\weblogic\lib\weblogic510sp6boot.jar;D:\weblogic\classes\boot;
DEBUG 109 [cocoon ] (ExecuteThread-11): Work directory =
D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war
DEBUG 125 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 140 [cocoon ] (Thread-0): ComponentFactory creating new
instance of org.apache.cocoon.components.parser.JaxpParser.
DEBUG 390 [cocoon ] (ExecuteThread-11): Root configuration:
cocoon
DEBUG 390 [cocoon ] (ExecuteThread-11): Configuration version:
2.0
DEBUG 390 [cocoon ] (ExecuteThread-11): Setting up components...
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.parser.Parser =
org.apache.cocoon.components.parser.JaxpParser)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.generator.ProgramGenerator =
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.url.URLFactory =
org.apache.cocoon.components.url.URLFactoryImpl)
DEBUG 406 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.saxconnector.SAXConnector =
org.apache.cocoon.components.saxconnector.NullSAXConnector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.datasource.DataSourceComponentSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.avalon.util.pool.PoolController =
org.apache.cocoon.components.ComponentPoolController)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.programming.ProgrammingLanguageSelector
= org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.language.markup.MarkupLanguageSelector =
org.apache.cocoon.components.CocoonComponentSelector)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.store.Store =
org.apache.cocoon.components.store.MemoryStore)
DEBUG 422 [cocoon ] (ExecuteThread-11): Adding component
(org.apache.cocoon.components.classloader.ClassLoaderManager =
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl)
DEBUG 422 [cocoon ] (ExecuteThread-11): Setting up the sitemap.
DEBUG 422 [cocoon ] (ExecuteThread-11): Sitemap location =
sitemap.xmap
DEBUG 703 [cocoon ] (ExecuteThread-11): ComponentFactory creating
new instance of org.apache.cocoon.components.url.URLFactoryImpl.
DEBUG 703 [cocoon ] (ExecuteThread-11): Getting the URLFactories
DEBUG 703 [cocoon ] (ExecuteThread-11): for protocol:
resource org.apache.cocoon.components.url.ResourceURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): for protocol: context
org.apache.cocoon.components.url.ContextURLFactory
DEBUG 718 [cocoon ] (ExecuteThread-11): Beginning sitemap
regeneration
DEBUG 718 [cocoon ] (ExecuteThread-11): Making URL from
file:/D:/Programs/cocoon-1.8.2/samples/sitemap.xmap
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.
DEBUG 718 [cocoon ] (Thread-1): Could not find ComponentHandler,
attempting to create one for role:
org.apache.cocoon.components.language.generator.ServerPagesSelector
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.generator.GeneratorSelector.
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element:
DEBUG 718 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 718 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: markup-languages
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.xsp.XSPMarkupLanguage for
xsp
DEBUG 734 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage
for sitemap
DEBUG 734 [cocoon ] (Thread-1): ComponentFactory creating new
instance of org.apache.cocoon.components.CocoonComponentSelector.
DEBUG 734 [cocoon ] (Thread-1): CocoonComponentSelector setting
up with root element: programming-languages
DEBUG 750 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.programming.java.JavaLanguage.
DEBUG 750 [cocoon ] (Thread-1): Looking up
org.apache.cocoon.components.classloader.ClassLoaderManager
DEBUG 750 [cocoon ] (Thread-1): Setting the parameters
DEBUG 750 [cocoon ] (Thread-1): Adding
org.apache.cocoon.components.language.programming.java.JavaLanguage for
java
DEBUG 765 [cocoon ] (Thread-1): The instance was not accessible,
creating it now.
DEBUG 765 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 1718 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 1718 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 4109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:163)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4109 [cocoon ] (Thread-1): Can't load ServerPage
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:172)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 4109 [cocoon ] (Thread-1): ComponentFactory creating new
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
DEBUG 4359 [cocoon ] (Thread-1): Making URL from
jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
DEBUG 4359 [cocoon ] (Thread-1): Logicsheet
Used:jar:file:/D:/avue/lib/cocoon.jar!/org/apache/cocoon/components/language/markup/sitemap/java/sitemap.xsl
WARN 6109 [cocoon ] (Thread-1): Could not load class for program
'org\apache\cocoon\www\sitemap_xmap'
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:272)
at
java.security.AccessController.checkPermission(AccessController.java:399)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:545)
at java.net.URLClassLoader$5.run(URLClassLoader.java:463)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.getPermissions(URLClassLoader.java:461)
at
java.security.SecureClassLoader.getProtectionDomain(SecureClassLoader.java:162)
at
java.security.SecureClassLoader.defineClass(SecureClassLoader.java:111)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:248)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
at java.lang.ClassLoader.loadClass(ClassLoader.java:297)
at java.lang.ClassLoader.loadClass(ClassLoader.java:253)
at
org.apache.cocoon.components.classloader.ClassLoaderManagerImpl.loadClass(ClassLoaderManagerImpl.java:58)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:121)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): Language Exception
org.apache.cocoon.components.language.LanguageException: Could not load
class for program 'org\apache\cocoon\www\sitemap_xmap' due to a
java.security.AccessControlException: access denied
(java.io.FilePermission
\D:\Programs\cocoon-1.8.2\samples\WEB-INF\_tmp_war\- read)
at
org.apache.cocoon.components.language.programming.java.JavaLanguage.loadProgram(JavaLanguage.java:124)
at
org.apache.cocoon.components.language.programming.CompiledProgrammingLanguage.load(CompiledProgrammingLanguage.java:119)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.generateResource(ProgramGeneratorImpl.java:245)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:210)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (Thread-1): ComponentFactory decommissioning
instance of
org.apache.cocoon.components.language.markup.sitemap.SitemapMarkupLanguage.
ERROR 6109 [cocoon ] (Thread-1): Error compiling sitemap
org.apache.avalon.ComponentManagerException: Could not add component for
class: org.apache.cocoon.www.sitemap_xmap
at
org.apache.cocoon.components.language.generator.GeneratorSelector.addGenerator(GeneratorSelector.java:61)
at
org.apache.cocoon.components.language.generator.GeneratorSelector.select(GeneratorSelector.java:50)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.select(ProgramGeneratorImpl.java:263)
at
org.apache.cocoon.components.language.generator.ProgramGeneratorImpl.load(ProgramGeneratorImpl.java:219)
at org.apache.cocoon.sitemap.Handler.run(Handler.java:173)
at java.lang.Thread.run(Thread.java:484)
DEBUG 6109 [cocoon ] (ExecuteThread-11): Changing Cocoon
context(sitemap.xmap) to prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): from
context(file:/D:/Programs/cocoon-1.8.2/samples/) and prefix()
DEBUG 6109 [cocoon ] (ExecuteThread-11): at URI
DEBUG 6109 [cocoon ] (ExecuteThread-11): New context is
file:/D:/Programs/cocoon-1.8.2/samples/
ERROR 6140 [cocoon ] (ExecuteThread-11): Problem with servlet
org.apache.cocoon.ProcessingException: The sitemap handler's sitemap is
not available.
at org.apache.cocoon.sitemap.Manager.invoke(Manager.java:106)
at org.apache.cocoon.Cocoon.process(Cocoon.java:218)
at
org.apache.cocoon.servlet.CocoonServlet.service(CocoonServlet.java:417)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at
weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:123)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:761)
at
weblogic.servlet.internal.ServletContextImpl.invokeServlet(ServletContextImpl.java:708)
at
weblogic.servlet.internal.ServletContextManager.invokeServlet(ServletContextManager.java:252)
at
weblogic.socket.MuxableSocketHTTP.invokeServlet(MuxableSocketHTTP.java:346)
at
weblogic.socket.MuxableSocketHTTP.execute(MuxableSocketHTTP.java:246)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:135)
INFO 6187 [cocoon ] (ExecuteThread-11): '' Processed by Apache
Cocoon 2.0a4 in 5.75 seconds.
================================================================
Regards,
Georgi -
Debugging JNLP security problems
As we all know, the latest Java update changed the JNLP security around a bit, and I, like many others, am having trouble with it.
I'm not really here to ask for help with my specific problem, however. It's not the first time I've had trouble with JNLP security, and almost every time, I've only gotten around it with the help of mere guess-work and a fair bit of luck, and I'm still far from sure I've actually solved the problems correctly. The main problem I experience is that the security messages I get from the JNLP client are oriented towards end-users and thus not very helpful at all for tracking down the root cause of the issues. For instance, after this latest update, the JNLP client is just telling me that "The Java security settings have prevented this application from running. You may change this behavior in the Java Control Panel."
Is there any good way to find out what security problems it is that I'm actually having? "Read the documentation" is of course the easy answer, but the security model seems rather complex and incorporates many parts. Is there some kind of "lint" tool for JNLP out there that can list the problems I'm having? Or is there some way to run the JNLP client in some kind of debug mode?Understood guys. But let me make a few points.
1. Clearly I'm not the only one who had this problem. In fact, I wasn't the first person in this THREAD to have the problem.
2. I'm fairly computer savvy, and have worked with Photoshop for several years.
3. Yes, it does say c: in point 3, but I find it odd that in point 4 it does say Program Files/.... A very strange way to write it. Also, the c: drive is the default installation drive, so it's not idiocy for someone to assume that the file would be located on the same drive as you selected for installation.
4. This is not about technically right or wrong. I never said that the instructions were wrong. I merely was trying to make a suggestion that would help people avoid the same trap I fell into. Was it my mistake? Yes. Would my clarifying suggestion perhaps help others avoid making the mistake I did. I would hope so. Also, as someone else suggested in this thread, Adobe SHOULD have written an installation program for the ACR 3.1 upgrade that did the placing automatically. After all, EVERYONE knew that ACR3.1 would be released shortly after the release for CS2...in fact Mr. Knoll himself was quoted in other forums about when D2X compatibility would actually happen.
5. The purpose of these forums is to be helpful to other users--not to be patronizing or rude. I'm a big Photoshop fan, and a loyal customer. I'm also in the service industry, and I would bet that customer service experts would raise an eyebrow or two about the tone contained in certain messages in this thread, including from an Adobe employee.
Just my two cents. Flame away if you must. But you might want to take a look at what I actually suggested in my last message before lighting up the torch. -
Security Token Service Application Pool high CPU
The SecurityTokenServiceApplicationPool seems to be using really high CPU at times and it seems to slow down the servercausing spike to almost 100% CPU, recycling takes care of it temporarily, it will also go down on its own but to a lesser extent.
I cant seem to see any cause of this in the logs.
The Security Token Service Application Pool isnt on a recycle schedule by default.
Does anyone recommend putting it on a recycle schedule?
What are some common causes of it
thanks
themushHi,
As I understand, the SecurityTokenServiceApplicationPool caused high CPU usage in your envrionment.
Would recycling the application pool be help?
To check if there is performance issue, please provide more information about your application server which host this service application.
http://technet.microsoft.com/en-us/library/cc262485(v=office.15).aspx#hwforwebserver
Here are some references for application pool high usage in SharePoint:
http://weblogs.asp.net/erobillard/thoughts-on-sharepoint-application-pools-recycling-and-quot-jit-lag-quot
http://blogs.technet.com/b/stefan_gossner/archive/2007/11/26/dealing-with-memory-pressure-problems-in-moss-wss.aspx
Regards,
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected] .
Rebecca Tu
TechNet Community Support -
[Fwd: Security problem accessing MBeanServer from a servlet]
Reposting to Security and Servlet newsgroups.
-------- Original Message --------
Subject: Security problem accessing MBeanServer from a servlet
Date: 10 Feb 2004 13:02:09 -0800
From: Alain <[email protected]>
Reply-To: Alain <[email protected]>
Organization: BEA NEWS SITE
Newsgroups: weblogic.developer.interest.management
Hi,
I am trying to understand how WLS 7.0 secures a call to an MBean. Got
the following
scenario:
- I am in a servlet context
- I have created and registered an MBean with the WLS MBeanServer. Fine
so far
- Within the same call I can retrieve the MBean attributes. Fine so far
- I keep the MBeanServer reference in an object global to the servlet
context
The problem:
- When I do another request and try to use the cached MBeanServer
instance to
access the MBean, I get the following error:
weblogic.management.NoAccessRuntimeException: Access not allowed for
subject:
principals=[], on ResourceType ...
Any idea?
AlainPaulF <paulf@reply_in_newsgroup.com> wrote:
On 10 Feb 2004 13:02:09 -0800, Alain <[email protected]> wrote:
Hi,
I am trying to understand how WLS 7.0 secures a call to an MBean. Got
the following
scenario:
- I am in a servlet context
- I have created and registered an MBean with the WLS MBeanServer.Fine
so far
- Within the same call I can retrieve the MBean attributes. Fine sofar
- I keep the MBeanServer reference in an object global to the servlet
context
The problem:
- When I do another request and try to use the cached MBeanServer
instance to
access the MBean, I get the following error:
weblogic.management.NoAccessRuntimeException: Access not allowed for
subject:
principals=[], on ResourceType ...
Any idea?
AlainWhat ResourceType are you trying to access. From the Exception you're
trying to access it as an Anonymous user (principals=[]) and evidently
you're attempting to access something that is protected. I can't tell
what
from the snippet you've included.
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
Thanks Paul for your reply.
You are right. I can access my custom MBeans if I am authenticated for example
as an Administrator. My problem is that I want any application to access this
MBean authenticated or not. I am trying to find how I could grant permission to
this MBean to everyone. Still searching.
Thanks. -
Security problem? Bounded taskflow and sessionid in loopback url
Hi,
We just had a security evaluation of our public site. We use ADF in several places on the site (through iframes).
The applications are made up of bounded taskflows. The request Url reads like:
http://127.0.0.1:7101/test/faces/adf.task-flow?adf.tfId=task-flow-definition&adf.tfDoc=/WEB-INF/task-flow-definition.xml
and it returns :
http://127.0.0.1:7101/test/faces/adf.task-flow;jsessionid=R9YWRvkLJyD6lYC79DyTmTl6fxj177x1ZflDcJy4mrlcYmDVSmn0!-1545839156?adf.tfId=task-flow-definition&adf.tfDoc=/WEB-INF/task-flow-definition.xml&_afrLoop=97476727347664&_afrWindowMode=0&_afrWindowId=null
According to the security evaluation the ;jsessionid=xxx in the header is a security problem, you could in principle copy the url and send it to a different computer and continue the session from there!
The jsessionid is put there by the loop back script.
Is there any way of making the loop back script not put the jsessionid in the url?
Is it a security problem?
regards
JohnnyHi, thank you for the opinion. I am not talking about hijacking my own session id. But "malware" or a spy in som way could "sniff" the url and send it off to another computer!
Look at this url, it explains it even better :
http://fralef.org/tomcat-disable-jsessionid-in-url.html
Again it is not my opinion but that of a security firm.
Cookies are not disabled on my computer ( and our security firms), the case is real and how bounded taskflows work.
Here is the code from the loop back:
var sess = ";jsessionid=TdJhRvVGHnYZtTfzsMBpmDcSnLVHW0SzgBWl0gQm2tPQ45lwsq1W!-1545839156";
if (sess.length > 0)
href += sess;
After the redirect the cookies "takes" over and the jsession id is not shown again.
But it is still shown initially.
And we do use https on our site, my code was just an illustration.
Johnny
Edited by: user11345344 on Feb 28, 2013 8:44 PM -
hi,
I am working on websphere 1.1 - and my ear contains the was.policy with the following permissions:
grant codeBase "file:${application}" {
permission java.security.AllPermission;
My application creates a directory under the "appServer" home and then try to copy some files to this location.
I get an exception while the execution of this code:
(ClassTracer) AccessController.doPrivileged(new PrivilegedAction()the exception details are:
[11/3/05 12:03:53:971 GMT+02:00] 70a86972 SecurityManag W SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to Problem Determination Guide for further information.
Permission:
accessDeclaredMembers : access denied (java.lang.RuntimePermission accessDeclaredMembers)
Code:
com.identify.aps.instr.classtracer.ClassTracerCreatorImpl$1 in {file:/C:/Program Files/WebSphere/AppServer/tmp_identify__6_5/kmoscovici/kmoscovici/server1/servercp.jar}
Stack Trace:
java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java(Compiled Code))
at java.security.AccessController.checkPermission(AccessController.java(Compiled Code))
at java.lang.SecurityManager.checkPermission(SecurityManager.java(Compiled Code))
at com.ibm.ws.security.core.SecurityManager.checkPermission(SecurityManager.java(Compiled Code))
at java.lang.SecurityManager.checkMemberAccess(SecurityManager.java(Compiled Code))
at java.lang.Class.checkMemberAccess(Class.java(Compiled Code))
at java.lang.Class.getDeclaredFields(Class.java:1195)
at com.identify.aps.instr.classtracer.ClassTracerCreatorImpl$1.run(ClassTracerCreatorImpl.java:78)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
If I change the folder location there is no problem.
I will be happy for any help.
Thanks,
LiatI dont understand what is the problem with this message?
Regards,
dremer1 -
Security problem when trying to connect a CMP Session Bean deployed on J2EE
I am working through Wrox�s book Professional java Mobile Programming and trying to set up the Mobile Positioning project. The book has instructions for Ericson MPS-SDK 3.0 but the only version available now is the 5.0 and these instructions are no longer valid. I have built the application with the Studio 4 IDE and deployed it on an instance of the J2EE reference Implementation and this seems to work fine. However I have built a CMP session bean which should connect to the Ericsson Emulator running on their supplied Eserver and this connection is failing with a security problem. Following is a snippet of the code I have used to instantiate the connection.
ConnectionFactory con = null;
con = new ConnectionFactory(true);
The code compiles with out errors but when I try to test it I get the following error
java.security.AccessControlException: access denied (java.util.PropertyPermission sun.net.inetaddr.ttl write)
Any Hints or suggestions would be appreciated.
ThanksOops!! I meant Session Bean NOT CMP Session Bean
Maybe you are looking for
-
Home share on same computer different sign in
How do I home share on the same mac. We have two users on Mac snow leopard with latest Itunes 10. I can see the home share account that I want to pull music from under shared on my account , but it wont let me drag it over to my music. It doesnt have
-
How can I empty my iTunes store credit balance in order to change stores? PLEASE HELP...
I use to live in Canada but I mouve back to Mexico and i want to change my iTunes store... I just have 13 cents left and i dont want them i just want to change stores. What do i do.? Thanks.
-
Dear the supporrt, AS I tried to create pdf from Adobe Acrobat Xi or Office 2010, they both gave me an error of "An Unexpected error occurred. PDFMaker was unable to produce the Adobe PDF" My computer is running in Win7 Professional with 64-bit offic
-
Hi, I done MRP RUN, created demand before that, but when im checking in MD04 it showing Ind Req, why it is showing like that and not planned orde, i want to convert it to process order, what im doing wrong, pls guide me Thanks & Regards, Karad D D
-
Last night, I upgraded to the news Thunderbird version 31. When I try to send a signed message, I get the error written in the subject line and my message arrives without the electronic signature. Can you assist me with this problem that I did not ha