Security problem with j2ee 5.0 environement

Similar Messages

• Urgent! Serious problem with J2EE Classloader!

  Hi all,
  I'm having a serious problem with j2ee Classloading.
  I have "inherited" a J2EE application where all business classes (invoked by the EJB) are placed in the Application's Server classpath (Weblogic 8.1.4).
  Very bad because every time a class is changed the a.s. must be restarted.
  So I re-enginereed the package putting the business classes in a jar that is referenced by the EJB's MANIFEST file.
  This way all the classes would be loaded by the EJB classloader and no need to start/stop weblogic.
  Unfortunately it's not such !! I discovered that all business classes are loaded via REFLECTION
  Object objCommand = objClass.newInstance();
  Object[] param = new Object[1];
  param[0] = aDataContainer;
  objDataContainerReturn = (DataContainer) objMethod.invoke(objCommand,param);
  and the application server cannot find them using the standard J2EE Classloader mechanism.
  java.lang.reflect.InvocationTargetException
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:324)
  at irma.business.Dispatcher.callService(Dispatcher.java:70)
  Caused by: java.lang.NoClassDefFoundError: irma/utility/log/LogPrintStream
  at irma.business.service.LoginService.login(LoginService.java:79)
  On the other hand they're found if I put the classes on the application server classpath.
  Has anybody got advice for this ? Should I refactor the application giving up reflection ?
  Thanks a lot in advance.

  Reflection uses the classloader as well so it should work fine.
  A common cause of a NoClassDefFoundError is something in a parent classloader that refers to something only available in a child loader.
  For instance, do you have any of your application classes which are in the $CLASSPATH but reference something that is only (now) in the business.jar in your ear?
  -- Rob
  -- Rob
  WLS Blog http://dev2dev.bea.com/blog/rwoollen/

• Security problem with Google Recaptcha plugin

  Hi all,
  Found a security problem with Google Recaptcha plugin. If I delete the tag containing the recaptch(on some page) with Firebug, I can authorize myself without validating with Recaptcha. If someone knows how to fix this problem, I'll be be very thankful.
  Thanks in advance,
  Regards Ivan

  Hi Ivan,
  you can secure it by adding an "Item specified is NOT NULL" validation to your page.
  Will update the documentation and try to add a permanent fix in a new version of the plug-in.
  Thanks for letting us know!
  Patrick
  My Blog: http://www.inside-oracle-apex.com
  APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
  Twitter: http://www.twitter.com/patrickwolf

• Possible security problem with my iPhone4, it seems like it has been hacked into and my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice.

  I seem to be having security problems with my iPhone4, it seems like someone has hacked into my hotmail, facebook and university accounts (which all have different passwords) and proceed to change my passwords on me. This has happened twice and I have not left my phone unattended at any time that I can recall nor have I accessed these accounts from another source (i.e. computer/laptop) since changing my passwords after the first hacking occurred. Please help.

  Anyone else at your university complaining about the same thing?  It is more likely someone is stealing passwords by sniffing traffic over the university wifi or with a man-in-the-middle attack or by other means external to your phone.  Try a Google search on "steal password" (without quotes) or "steal SSL password" and you'll learn more than you wanted to know about how passwords get stolen.
  Some related info:
  http://en.wikipedia.org/wiki/Session_hijacking
  http://en.wikipedia.org/wiki/Man-in-the-middle_attack

• WebSAPconsole - problem with J2EE

  I am trying to install WebSAPconsole (GUI 6.40), but I have some problems with J2EE (SAPJ2EE620C_39-10001433.sar). OS is Win XP Pro Polish.
  After instalation of J2EE I've tried to start dispatcher and server, and next check HTTP service - but there is no listening on 80 port, and there is no listening on p4 port (3011 - because of this no possibility to start visual administrator).
  Dispatcher and server are listening on ports 2055 and 2077, and I have 2 java.exe processes in Task Manager...
  No any other software occupying 80 and 3011 ports.
  Any suggestions?

  Hello vjara,
  I' new to SAP.Could you please tell me where I can find jstartup/trimming_properties = standard in the instance profile.I try to install WS 6.4 sneak preview and I'm getting error,Unable to start SAP J2EE Engine at step 22.I would appreciate for your help and guidance
  Thanks
  Subha

• NT security problems with file I/O

  I have 2 problems with file I/O. When I read from a file I use the getAbsolutePath() method that is part of the File class to find what directory the files are currenlty. The problem is that the returned path says that the file is on the desktop no matter what directory the file really is in. The second problem is that I am unable to save files anywhere but the desktop. I must run the class files from the desktop too to get it to work.
  I am using NT 4.0 for development. I'm guessing that these problems might be NT security related. Could someone help me?
  Code below:
  import java.awt.*;
  import java.applet.*;
  import java.net.*;
  import java.io.File;
  import java.awt.event.*;
  //import java.security.*;
  //import sun.security.*;
  //import java.awt.Window;
  //import com.ms.security.*;
  public class Edit extends Applet implements ActionListener, ItemListener
  String Gselect;
  reader readit;
  int mhz, khz;
  TextField textField1;
  String freq = "000.000";
  String data;
  Choice freqC;
  Button ActivateB, SaveB, /*CancelB, HelpB,*/ DeleteB;
  Checkbox SetC;
  int NotUsedReply[] = new int[200];
  int HwListReply[] = new int[200];
  public void init()
  readit = new reader();
  String myFile="satellite.st1";
  // myFile = myFile.concat(Gselect);
  File satellite = new File(myFile);
  textField1 = new TextField();
  textField1.setText( "(void) " );
  add( textField1 );
  SetC = new Checkbox("TRAP-RX");
  add(SetC);
  SetC.addItemListener(this);
  freqC = new Choice();
  freqC.setSize(20,50);
  freqC.add("000.000");
  add(freqC);
  freqC.addItemListener(this);
  ActivateB = new Button("Activate");
  add(ActivateB);
  ActivateB.addActionListener(this);
  SaveB = new Button("Save");
  add(SaveB);
  SaveB.addActionListener(this);
  DeleteB = new Button("Delete");
  add(DeleteB);
  DeleteB.addActionListener(this);
       /*CancelB = new Button("Cancel");
  add(CancelB);
  CancelB.addActionListener(this);
       HelpB = new Button("Help");
  add(HelpB);
  HelpB.addActionListener(this);*/
  //textField1.setText( data );
  for(int a = 1; a < 9; a++)
  data = readit.getData(satellite.getAbsolutePath(), a);//("E:\\forte4j\\system\\Projects\\Zebra\\satellite.st1", a);
  freqC.addItem(data);
  textField1.setText(satellite.getAbsolutePath() );
  public void paint(Graphics g)
  //g.drawString("Radio Setup Files",20, 20);
  //g.drawString(getParameter("wse"),20, 20);
  public void actionPerformed(ActionEvent event)
  if(event.getSource() == ActivateB)
  activator();
  if(event.getSource() == SaveB)
  /*if(event.getSource() == CancelB)
  stop();
  if(event.getSource() == HelpB)
  if(event.getSource() == DeleteB)
  public void itemStateChanged(ItemEvent e)
  if(e.getItemSelectable() == SetC)
  textField1.setText("Check box 1 clicked!");
  if(e.getItemSelectable() == freqC)
  freq = ((Choice)e.getItemSelectable()).getSelectedItem();
  public void activator()
  makeMHZ();
  makeKHZ();
  if(mhz > 254)
  int StartLink[]={0x0c,0x01,0x07,0x00,0x00,0x00,0x00,0x00,0x00};          //New Link Proc Start
  int TrapConfig[]={0x25,0x80,0x00,0x00,0x00,0xb7,0x00,0x0c,0x0b,          //TRAP Configuration
  0x00,0x00,0x00,0xff,0xa0,0xff,0x0d,0xff,0xe8,
  0xff,0x0d,0xff,0x00,0xff,0x15,0xff,0xb0,0xff,
  0xff,0xff,0x94,0x0a,0x01,0x06,0x1a,0x00,0x0d,
  0x2d,0x21};
  TrapConfig[11]=(mhz-255);
  TrapConfig[12]=(khz/5);
  int SetUserOutput[]={0x41,0x42,0x49,0x54,0x52,0x41,0x50,0x20,0x34, //Sets User Output Format
  0x35,0x34,0x35,0x30,0x30,0x2e,0x30,0x4e,0x30,
  0x38,0x32,0x34,0x35,0x30,0x30,0x2e,0x30,0x57,
  0x30,0x31,0x30,0x30,0x2e,0x30,0x30,0x4b,0x4d,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00};
  sendget CmdFunc;
  CmdFunc=new sendget();
  try
  //PolicyEngine.assertPermission(PermissionID.SYSTEM);
  Socket h = new Socket("192.9.200.155",9000);
  Socket s = new Socket("192.9.200.155",9001);
  Socket t = new Socket("192.9.200.155",9002);
  int j;
  CmdFunc.SendCmd(h,0,0x01,null);
  CmdFunc.GetCmd(h,HwListReply);
  CmdFunc.SendCmd(s,9,0x1e,StartLink); //New Link Proc Start
  CmdFunc.GetCmd(s,NotUsedReply);
  CmdFunc.SendCmd(s,37,0x00,TrapConfig); //TRAP Configuration
  CmdFunc.GetCmd(s,NotUsedReply);
  CmdFunc.SendCmd(s,155,0x03,SetUserOutput);//Sets User Output Format
  CmdFunc.GetCmd(s,NotUsedReply);
  catch(Exception e){}
  else
  textField1.setText( "000.000 is the null choice. Try another." );
  public void receiveText1( String select )
  Gselect=select;
  public void makeMHZ()
  String y = freqC.getSelectedItem();
  y = y.substring(0,3);
  mhz = Integer.parseInt(y);
  //textField1.setText( y );
  public void makeKHZ()
  String y = freqC.getSelectedItem();
  y = y.substring(4,7);
  khz = Integer.parseInt(y);
  //textField1.setText( y );
  import java.awt.*;
  import java.applet.*;
  import java.io.RandomAccessFile;
  import java.io.FileNotFoundException;
  import java.io.IOException;
  import java.io.LineNumberReader;
  import java.awt.event.*;
  import com.ms.security.*;
  import netscape.security.*;
  import netscape.util.*;
  public class saver extends Applet implements ActionListener
  String nameS = "Data.txt";
  String dataS = "Default Data";
  Button saveB;
  public void init()
  saveB = new Button("SaveFile");
  add(saveB);
  saveB.addActionListener(this);
  public void actionPerformed(ActionEvent event)
  if(event.getSource() == saveB)
  RandomAccessFile RAF;
  byte array0[] = dataS.getBytes();
  try
  if (Class.forName("com.ms.security.PolicyEngine") != null)
  PolicyEngine.assertPermission(PermissionID.SYSTEM);
  if(Class.forName("netscape.security.PrivilegeManager") != null)
  netscape.security.PrivilegeManager.enablePrivilege("UniversalFileWrite");
  catch (Throwable cnfe)
  try
  RAF = new RandomAccessFile(nameS, "rw");
  // RAF.writeUTF(dataS);
  RAF.write(dataS.getBytes());
  RAF.close();
  catch(Exception e)
  public void receiveND(String name, String data)
  if(name != null)
  nameS = name;
  dataS=data;
  import java.io.RandomAccessFile;
  import java.io.FileNotFoundException;
  import java.io.IOException;
  import java.io.LineNumberReader;
  //import java.security.*;
  import com.ms.security.*;
  import netscape.security.*;
  import netscape.util.*;
  public class reader
  //Signature sig;
  public String getData(String filename, int pass)
  //String nameS = "Data.txt";
  String dataS = "Default Data Sucks";
  String comma = ",";
  int get = pass, count=0, top=0, bottom=0;
  char[] work;
  try
  if (Class.forName("com.ms.security.PolicyEngine") != null)
  PolicyEngine.assertPermission(PermissionID.SYSTEM);
  if(Class.forName("netscape.security.PrivilegeManager") != null)
  netscape.security.PrivilegeManager.enablePrivilege("UniversalFileRead");
  catch (Throwable cnfe)
  try
  //sig.sign();
  //nameS = filename;
  RandomAccessFile RAF = new RandomAccessFile(filename, "r");
  // dataS = RAF.readUTF();
  dataS = RAF.readLine();
  RAF.close();
  catch(Exception e)
  return e.toString();
  work = dataS.toCharArray();
  for(int i = 0; i < dataS.length(); i++)
  if( work[i] == ',' )
  count++;
  if(get == count)
  bottom = i + 1;
  if( (work[i] == ',') && (count > get) && (top == 0) )
  top = i;
  dataS = dataS.substring(bottom,top);
  return dataS;
  }

  import java.awt.*;
  import java.applet.*;
  import java.net.*;
  import java.io.File;
  import java.awt.event.*;
  //import java.security.*;
  //import sun.security.*;
  //import java.awt.Window;
  //import com.ms.security.*;
  public class Edit extends Applet implements ActionListener, ItemListener
  String Gselect;
  reader readit;
  int mhz, khz;
  TextField textField1;
  String freq = "000.000";
  String data;
  Choice freqC;
  Button ActivateB, SaveB, /*CancelB, HelpB,*/ DeleteB;
  Checkbox SetC;
  int NotUsedReply[] = new int[200];
  int HwListReply[] = new int[200];
  public void init()
  readit = new reader();
  String myFile="satellite.st1";
  // myFile = myFile.concat(Gselect);
  File satellite = new File(myFile);
  textField1 = new TextField();
  textField1.setText( "(void) " );
  add( textField1 );
  SetC = new Checkbox("TRAP-RX");
  add(SetC);
  SetC.addItemListener(this);
  freqC = new Choice();
  freqC.setSize(20,50);
  freqC.add("000.000");
  add(freqC);
  freqC.addItemListener(this);
  ActivateB = new Button("Activate");
  add(ActivateB);
  ActivateB.addActionListener(this);
  SaveB = new Button("Save");
  add(SaveB);
  SaveB.addActionListener(this);
  DeleteB = new Button("Delete");
  add(DeleteB);
  DeleteB.addActionListener(this);
  /*CancelB = new Button("Cancel");
  add(CancelB);
  CancelB.addActionListener(this);
  HelpB = new Button("Help");
  add(HelpB);
  HelpB.addActionListener(this);*/
  //textField1.setText( data );
  for(int a = 1; a < 9; a++)
  data = readit.getData(satellite.getAbsolutePath(), a);//("E:\\forte4j\\system\\Projects\\Zebra\\satellite.st1", a);
  freqC.addItem(data);
  textField1.setText(satellite.getAbsolutePath() );
  public void paint(Graphics g)
  //g.drawString("Radio Setup Files",20, 20);
  //g.drawString(getParameter("wse"),20, 20);
  public void actionPerformed(ActionEvent event)
  if(event.getSource() == ActivateB)
  activator();
  if(event.getSource() == SaveB)
  /*if(event.getSource() == CancelB)
  stop();
  if(event.getSource() == HelpB)
  if(event.getSource() == DeleteB)
  public void itemStateChanged(ItemEvent e)
  if(e.getItemSelectable() == SetC)
  textField1.setText("Check box 1 clicked!");
  if(e.getItemSelectable() == freqC)
  freq = ((Choice)e.getItemSelectable()).getSelectedItem();
  public void activator()
  makeMHZ();
  makeKHZ();
  if(mhz > 254)
  int StartLink[]={0x0c,0x01,0x07,0x00,0x00,0x00,0x00,0x00,0x00}; //New Link Proc Start
  int TrapConfig[]={0x25,0x80,0x00,0x00,0x00,0xb7,0x00,0x0c,0x0b, //TRAP Configuration
  0x00,0x00,0x00,0xff,0xa0,0xff,0x0d,0xff,0xe8,
  0xff,0x0d,0xff,0x00,0xff,0x15,0xff,0xb0,0xff,
  0xff,0xff,0x94,0x0a,0x01,0x06,0x1a,0x00,0x0d,
  0x2d,0x21};
  TrapConfig[11]=(mhz-255);
  TrapConfig[12]=(khz/5);
  int SetUserOutput[]={0x41,0x42,0x49,0x54,0x52,0x41,0x50,0x20,0x34, //Sets User Output Format
  0x35,0x34,0x35,0x30,0x30,0x2e,0x30,0x4e,0x30,
  0x38,0x32,0x34,0x35,0x30,0x30,0x2e,0x30,0x57,
  0x30,0x31,0x30,0x30,0x2e,0x30,0x30,0x4b,0x4d,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
  0x00,0x00};
  sendget CmdFunc;
  CmdFunc=new sendget();
  try
  //PolicyEngine.assertPermission(PermissionID.SYSTEM);
  Socket h = new Socket("192.9.200.155",9000);
  Socket s = new Socket("192.9.200.155",9001);
  Socket t = new Socket("192.9.200.155",9002);
  int j;
  CmdFunc.SendCmd(h,0,0x01,null);
  CmdFunc.GetCmd(h,HwListReply);
  CmdFunc.SendCmd(s,9,0x1e,StartLink); //New Link Proc Start
  CmdFunc.GetCmd(s,NotUsedReply);
  CmdFunc.SendCmd(s,37,0x00,TrapConfig); //TRAP Configuration
  CmdFunc.GetCmd(s,NotUsedReply);
  CmdFunc.SendCmd(s,155,0x03,SetUserOutput);//Sets User Output Format
  CmdFunc.GetCmd(s,NotUsedReply);
  catch(Exception e){}
  else
  textField1.setText( "000.000 is the null choice. Try another." );
  public void receiveText1( String select )
  Gselect=select;
  public void makeMHZ()
  String y = freqC.getSelectedItem();
  y = y.substring(0,3);
  mhz = Integer.parseInt(y);
  //textField1.setText( y );
  public void makeKHZ()
  String y = freqC.getSelectedItem();
  y = y.substring(4,7);
  khz = Integer.parseInt(y);
  //textField1.setText( y );
  import java.awt.*;
  import java.applet.*;
  import java.io.RandomAccessFile;
  import java.io.FileNotFoundException;
  import java.io.IOException;
  import java.io.LineNumberReader;
  import java.awt.event.*;
  import com.ms.security.*;
  import netscape.security.*;
  import netscape.util.*;
  public class saver extends Applet implements ActionListener
  String nameS = "Data.txt";
  String dataS = "Default Data";
  Button saveB;
  public void init()
  saveB = new Button("SaveFile");
  add(saveB);
  saveB.addActionListener(this);
  public void actionPerformed(ActionEvent event)
  if(event.getSource() == saveB)
  RandomAccessFile RAF;
  byte array0[] = dataS.getBytes();
  try
  if (Class.forName("com.ms.security.PolicyEngine") != null)
  PolicyEngine.assertPermission(PermissionID.SYSTEM);
  if(Class.forName("netscape.security.PrivilegeManager") != null)
  netscape.security.PrivilegeManager.enablePrivilege("UniversalFileWrite");
  catch (Throwable cnfe)
  try
  RAF = new RandomAccessFile(nameS, "rw");
  // RAF.writeUTF(dataS);
  RAF.write(dataS.getBytes());
  RAF.close();
  catch(Exception e)
  public void receiveND(String name, String data)
  if(name != null)
  nameS = name;
  dataS=data;
  import java.io.RandomAccessFile;
  import java.io.FileNotFoundException;
  import java.io.IOException;
  import java.io.LineNumberReader;
  //import java.security.*;
  import com.ms.security.*;
  import netscape.security.*;
  import netscape.util.*;
  public class reader
  //Signature sig;
  public String getData(String filename, int pass)
  //String nameS = "Data.txt";
  String dataS = "Default Data Sucks";
  String comma = ",";
  int get = pass, count=0, top=0, bottom=0;
  char[] work;
  try
  if (Class.forName("com.ms.security.PolicyEngine") != null)
  PolicyEngine.assertPermission(PermissionID.SYSTEM);
  if(Class.forName("netscape.security.PrivilegeManager") != null)
  netscape.security.PrivilegeManager.enablePrivilege("UniversalFileRead");
  catch (Throwable cnfe)
  try
  //sig.sign();
  //nameS = filename;
  RandomAccessFile RAF = new RandomAccessFile(filename, "r");
  // dataS = RAF.readUTF();
  dataS = RAF.readLine();
  RAF.close();
  catch(Exception e)
  return e.toString();
  work = dataS.toCharArray();
  for(int i = 0; i < dataS.length(); i++)
  if( work == ',' )
  count++;
  if(get == count)
  bottom = i + 1;
  if( (work == ',') && (count > get) && (top == 0) )
  top = i;
  dataS = dataS.substring(bottom,top);
  return dataS;

• Need to solve serious security problem with Oracle Reports URL

  As mentioned repeatedly on this forum, Oracle Reports allows serious security breaches that allow users to see reports that they did not generate -- it's easy to guess a legal URL by changing the getjobid parameter.
  I've reviewed the JavaDocs to part of the rwrun.jar file and reviewed some of the example report plugins. This shows promise in helping to solve this security problem but critical pieces are missing.
  1) The javadocs are accurate for only 10g (9.0.4) but not correct for 10g (10.1.2+), which we are currently using. I need access to the updated version of this javadoc.
  2) Even with the updated version of the JavaDoc, I haven't found a class from which to inherit that would give me the opportunity to generate random jobid values, which then would effectively prevent users from guessing other jobid values, and thereby gaining access to other's reports (which in our cases, may contain sensitive information.
  3) We have found that we can send the parameter=value of EXPIRATION=1 which helps protect such information, but this requires that every program which invokes a report be modified to add this parameter. It would be far better for the report server to be configured to use a java class we write that inherits from some rwrun.jar class that would by default, add the EXPIRATION=1 parameter.

  Hi,
  Thanks for our replies. I will ask to an administrator about this security problem, now I know it depends of a security parameter.
  But I would know if it could be possible to hide the technical name of the query in the url. It could improve the security level of our reports in a first time in this way.
  Thanks a lot,
  JW.

• Compiler problems with J2EE

  Hi,
  I�am only new to the J2EE platform but have experience with J2SE. I have installed J2EE 1.4 and Tomcat server 5.0.28 to study for the Web Component Developer Exam.
  When I go to compile my java files, the compiler doesn�t not recognise the J2EE parts of the file. I have imported the correct classes (even the import statements, it doesn�t recognise!) and when I compile, the errors are associated with J2EE classes (i.e. doesn�t recognise HttpServlet....)
  I compile in command prompt by typing: javac myFile.java.
  I am aware that the file servlet-api.jar is required for these J2EE extras when compiling and I think this is my problem. I have put the location of this file on my classpath (set classpath=.;C:\fileDir\servlet-api.jar) by it still fails to compile. I have also put this location of the file directly into my PATH by this doesnt help!
  Can anybody help me out with this configuration problem?
  Thanks very much for any help!

  You need to have j2ee.jar (which can be found in <j2ee_install_dir>/lib directory in your classpath in order to successfully compile.

• Problem with J2EE

  Hi, I am new to Java Enterprise Edition. I am trying to install J2EE 1.3.1 on Win 2000 with service pack 4, and I am getting the following error
  16 bit Windows Subsystem
  c:\WINNT\SYSTEM32\AUTOEXEC.NT. The system file is not suitable for running MSDOS and Microsoft Windows applications. Choose 'Close' to terminate the application.
  Plz help me to solve this problem.

  Open that autoexec.nt and check if it matches with this:
  @echo off
  REM AUTOEXEC.BAT is not used to initialize the MS-DOS environment.
  REM AUTOEXEC.NT is used to initialize the MS-DOS environment unless a
  REM different startup file is specified in an application's PIF.
  REM Install CD ROM extensions
  lh %SystemRoot%\system32\mscdexnt.exe
  REM Install network redirector (load before dosx.exe)
  lh %SystemRoot%\system32\redir
  REM Install DPMI support
  lh %SystemRoot%\system32\dosx

• Crystal Report problem with J2EE - OutOfMemory

  Dear All,
  I am having a problem about generating PDF from J2EE (Tomcat, Java 1.4)  WebApplication by Crystal report.
  When generating a PDF it sometimes got an out of memory error.
  However the Web Application is still working fine, just when regenerate the same crystal report the out of memory error occur again. when i generate the other report it works fine.
  Please help .
  Many Thanks

  Hi,
  It's a good idea to set the minimum and maximum heap size to the same value. In any case, don't let the minimum heap size exceed the maximum.
  Stop Tomcat server, set environment variable CATALINA_OPTS, and then restart Tomcat.
  Look at the file tomcat-install/bin/catalina.sh or catalina.bat for how this variable is used.
  For example,
  set CATALINA_OPTS="-Xms512m -Xmx512m"  (Windows)
  export CATALINA_OPTS="-Xms512m -Xmx512m" (ksh/bash)
  setenv CATALINA_OPTS "-Xms512m -Xmx512m"  (tcsh/csh)
  In catalina.bat or catallina.sh, you may have noticed CATALINA_OPTS, JAVA_OPTS,
  or both can be used to specify Tomcat JVM options.
  What is the difference between CATALINA_OPTS and JAVA_OPTS?
  The name CATALINA_OPTS is specific for Tomcat servlet container,
  whereas JAVA_OPTS may be used by other java applications (e.g., JBoss).
  Since environment variables are shared by all applications, we don't want Tomcat to inadvertently pick up the JVM options intended for other apps. I prefer to use CATALINA_OPTS.
  You have specified size by a capiital "M" ?(3072M) use "m".
  Please let me know the results.
  Regards,
  Neeraj

• 10.6.8 Causes New Problem with Mixed Graphics Hardware Environment - Suggestions?

  Hi. After installing the latest Mac OS update (10.6.8), I can no longer boot my 5,1 Mac Pro into its Mac OS partition.  An undefined display (and graphics card) now seems to be used as default, rather than the supported display/hardware, so I cannot interact with the user interface.  I simply have an inoperable blue screen on the correct display. I have 2 graphics cards in my Mac Pro: a supported GT120 (solely for the purpose of booting/using Mac OS), and an unsupported HD6970 (used extensively for Windows 7 3D gaming, in Slot 1).  Until this latest OS release, I could successfully boot and use my computer in both Mac OS and Windows environments.  I encountered other problems because of this mixed graphics environment, like an inability to put the system to sleep without having the Mac Pro PCI fan unnecessarily ramp up to full speed after waking - but it would always work correctly when first booted.  (I have contacted Apple Support about this sleep issue, but they do not support my configuration.) Does any boot command exist to force the use of the supported graphics card?  Or, do kext files exist to enable the Mac OS to at least recognize (not use) the 6970 card? With the 6970 removed, I have no problems booting the Mac OS, but I do NOT want to remove my hardware card every time I want to shift to the Mac OS.  Do anyone have any suggestions?

  Thanks for the suggestions.
  First, I cannot swap graphic cards in PCI slots, because the 6970 only operates correctly in slot 1 (the high-speed graphics slot).  I may have to revert to the prior OS release, but what about next month, with Lion?
  I am familiar with Netkas.org (I will probably try it or Groths.org next, thanks).  One of my previous graphics cards was a flashed 4970.  I do not have access to the prelease Lion kext files that he suggests using.  Full flash support does not appear to yet exist for the 6970, much less the HD 6990 or GTX 590 that it appears I may need next.
  Ideally, the Mac Pro firmware should ignore any attempted bus communication with an unrecognized PCI card.  Currently, it appears that the unsupported 6970 can cause boot or run-time problems (I also have occasional freezes during Mac OS hardware interaction like writing a file to disk).  Note that I have never had any problems arising from my unsupported Windows 5.1 PCI sound card, however.

• Problems with OCI without an environment (ORACLE_HOME not set)

  System: Solaris 9, Sun-Fire-V440
  Our application has Oracle 9i as one of the possible persistence backends. Oracle is not always available at all clients sites so we use dlopen/dlsym to access the required OCI functions in clntsh on demand. Moreover, the app is started by inetd, so there is no environment and ORACLE_HOME is not set. The result is that OCIEnvCreate fails and returns -1. Presumably libclntsh.so.9.0 looks for ORACLE_HOME and falls over when it doesn't find it.
  Q: Is there a work around for this purely in terms of 9i version software?
  One work around we've found is to install Instant Client. IC is intended to run in cases where there is no ORACLE_HOME set. This now acts as a gateway between our app and 9i. However, in order to make our app work with IC we've had to 'crle' the install path of IC. This is not so desirable because it adds to the admin burden.
  Q. If the answer to the first question is 'no', is there another way of connecting to Oracle without modifying lib search paths?
  I am including skeleton.cpp and the corresponding skeleton.ksh which demonstrates the problem.
  Any advice is very much appreciated.
  Adam
  ############## skeleton.cpp ########################
  #include <stdlib.h>
  #include <stdio.h>
  #include <dlfcn.h>
  #include <link.h>
  #include <oci.h>
  #include <oratypes.h>
  int main(int argc, char *argv[])
  OCIEnv *envhp;
  sword (*MY_OCIEnvCreate)(...);
  char* dlerr;
  sword ociret;
  if(argc < 1)
  exit(1);
  char dllname = (char )argv[1];
  void *mydll = dlopen(dllname,RTLD_NOW|RTLD_GLOBAL);
  if (mydll==NULL)
  fprintf(stderr,"Error while loading Oracle module. dlopen() failed.\n"
       "OS says: %s.\n",
       (dlerr=dlerror())?dlerr:"");
  exit(1);
  MY_OCIEnvCreate = (sword(*)(...)) dlsym(mydll,"OCIEnvCreate");
  if (MY_OCIEnvCreate == NULL)
  fprintf(stderr,"Error while loading Oracle module function %s.\n"
       "OS says: %s.\n",
       "OCIEnvCreate",
       (dlerr=dlerror())?dlerr:"");
  exit(1);
  ociret = MY_OCIEnvCreate(&envhp, OCI_DEFAULT, (dvoid *)0,
                 0, 0, 0, (size_t)0, (dvoid **)0);
  if (OCI_SUCCESS != ociret)
  fprintf(stderr, "OCI Error %ld occurred.\n", ociret);
  exit(1);
  return 0;
  ########### skeleton.ksh #####################
  #!/bin/ksh -vx
  ORA_DIR=/usr/opt/oracle/product/9.2.0.1.0
  INSTCLI_DIR=/d0/adam/instantclient/instantclient10_1
  # Make with 9i libs
  CC -ldl -I$ORA_DIR/rdbms/demo -I$ORA_DIR/rdbms/public -o skeleton skeleton.cpp
  if [[ $? -ne 0 ]]; then
  print "ERROR: compile 1 failed"
  exit 1
  fi
  # expect to succeed with ORACLE_HOME set and fail with ORACLE_HOME unset
  export ORACLE_HOME=$ORA_DIR
  skeleton $ORA_DIR/lib32/libclntsh.so
  if [[ $? -ne 0 ]]; then
  print "ERROR: unexpectedly failed in 9i on ORACLE_HOME set"
  exit 1
  fi
  unset ORACLE_HOME
  skeleton $ORA_DIR/lib32/libclntsh.so
  if [[ $? -eq 0 ]]; then
  print "ERROR: unexpectedly succeeded in 9i on ORACLE_HOME set"
  exit 1
  fi
  # Make with Instance Client libs
  CC -ldl -I$ORA_DIR/rdbms/demo -I$ORA_DIR/rdbms/public -o skeleton skeleton.cpp
  if [[ $? -ne 0 ]]; then
  print "ERROR: compile 2 failed"
  exit 1
  fi
  # expect to succeed with ORACLE_HOME unset
  skeleton $INSTCLI_DIR/libclntsh.so
  if [[ $? -ne 0 ]]; then
  print "ERROR: unexpectedly failed with Instance Client 10.1 and ORACLE_HOME set"
  exit 1
  fi
  exit 0
  ############################################

  After some investigation I have found a surprisingly simple solution to this problem. When inetd exec's a process, it provides a bare bones environment that comes from the /etc/default/login file. This environment can be extended using putenv(3C). Thus after dlopen/dlsym of clntsh, the program calls putenv with "ORACLE_HOME=/usr/opt/oracle/product/9.2.0.1.0" as argument. OCIEnvCreate and other OCI calls work fine after this.
  Adam

• Security problem with tomcat and Ms Access

  Hi there,
  I have read some other posts about this problem but I still do know what the solution is... I am using Tomcat 5.5 and Java 1.5 with Windows Vista Beta
  I have a class to connect de a Ms access, using ODBC. If I test it with a console main it works fine but when I try to connect using a servlet it does not work and I got this error trace:
  java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.jdbc.odbc)
       java.security.AccessControlContext.checkPermission(Unknown Source)
       java.security.AccessController.checkPermission(Unknown Source)
       java.lang.SecurityManager.checkPermission(Unknown Source)
       java.lang.SecurityManager.checkPackageAccess(Unknown Source)
       sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
       java.lang.ClassLoader.loadClass(Unknown Source)
       org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1267)
       org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1198)
       java.lang.ClassLoader.loadClassInternal(Unknown Source)
       java.lang.Class.forName0(Native Method)
       java.lang.Class.forName(Unknown Source)
       model.Conect.GeneraConexion(Conect.java:17)
       model.Mediador.creaConexion(Mediador.java:12)
       model.TestServlet.processRequest(TestServlet.java:23)
       model.TestServlet.doGet(TestServlet.java:35)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
       sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       java.lang.reflect.Method.invoke(Unknown Source)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Unknown Source)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
  Any ideas? Thanks a lot in advanced.
  LJ

  Hi there,
  I have read some other posts about this problem but I still do know what the solution is... I am using Tomcat 5.5 and Java 1.5 with Windows Vista Beta
  I have a class to connect de a Ms access, using ODBC. If I test it with a console main it works fine but when I try to connect using a servlet it does not work and I got this error trace:
  java.security.AccessControlException: access denied (java.lang.RuntimePermission accessClassInPackage.sun.jdbc.odbc)
       java.security.AccessControlContext.checkPermission(Unknown Source)
       java.security.AccessController.checkPermission(Unknown Source)
       java.lang.SecurityManager.checkPermission(Unknown Source)
       java.lang.SecurityManager.checkPackageAccess(Unknown Source)
       sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
       java.lang.ClassLoader.loadClass(Unknown Source)
       org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1267)
       org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1198)
       java.lang.ClassLoader.loadClassInternal(Unknown Source)
       java.lang.Class.forName0(Native Method)
       java.lang.Class.forName(Unknown Source)
       model.Conect.GeneraConexion(Conect.java:17)
       model.Mediador.creaConexion(Mediador.java:12)
       model.TestServlet.processRequest(TestServlet.java:23)
       model.TestServlet.doGet(TestServlet.java:35)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
       sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
       java.lang.reflect.Method.invoke(Unknown Source)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:243)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Unknown Source)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:275)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:161)
  Any ideas? Thanks a lot in advanced.
  LJ

• Problem with 'applepushserviced' in proxy environment

  I have a MacBook Pro from 2011 with OSX 10.7 Lion. When I am in a proxy environment, 'applepushserviced' is connecting many times, up to >20,000 times per hour. An example of the output:
  13:05:59.674948 IP 131.224.172.86.51338 > st11p01st-courier087-bz.push.apple.com.5223: Flags [S], seq 3304312261, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269596956 ecr 0,sackOK,eol], length 0
  13:05:59.876244 IP 131.224.172.86.51339 > st11p01st-hpaj262303-bz.push.apple.com.5223: Flags [S], seq 2432730867, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597157 ecr 0,sackOK,eol], length 0
  13:05:59.976530 IP 131.224.172.86.51333 > st11p01st-courier046-bz.push.apple.com.5223: Flags [S], seq 3740887653, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597256 ecr 0,sackOK,eol], length 0
  13:06:00.177317 IP 131.224.172.86.51340 > st11p01st-hpaj252321-bz.push.apple.com.5223: Flags [S], seq 1599633053, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597456 ecr 0,sackOK,eol], length 0
  13:06:00.177506 IP 131.224.172.86.51335 > st11p01st-courier104-bz.push.apple.com.5223: Flags [S], seq 651550873, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597456 ecr 0,sackOK,eol], length 0
  13:06:00.378045 IP 131.224.172.86.51341 > st11p01st-hpaj262337-bz.push.apple.com.5223: Flags [S], seq 630955767, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597656 ecr 0,sackOK,eol], length 0
  13:06:00.378216 IP 131.224.172.86.51336 > st11p01st-courier155-bz.push.apple.com.5223: Flags [S], seq 423444818, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597656 ecr 0,sackOK,eol], length 0
  13:06:00.578722 IP 131.224.172.86.51337 > st11p01st-hpaj262301-bz.push.apple.com.5223: Flags [S], seq 3914163987, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269597855 ecr 0,sackOK,eol], length 0
  13:06:00.779291 IP 131.224.172.86.51338 > st11p01st-courier087-bz.push.apple.com.5223: Flags [S], seq 3304312261, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269598055 ecr 0,sackOK,eol], length 0
  13:06:00.980591 IP 131.224.172.86.51339 > st11p01st-hpaj262303-bz.push.apple.com.5223: Flags [S], seq 2432730867, win 65535, options [mss 1460,nop,wscale 3,nop,nop,TS val 269598255 ecr 0,sackOK,eol], length 0
  13:06:
  However, I really don't know how to stop this and how it is caused. If I am just on the regular non-proxy WIFI there are no problems.
  Also, I can just use my browsers etc. in the proxy-environment.
  I have already logged-off from iCloud.
  Does anyone know a solution?
  Thanks.

  Extra remark: after some research I found out that it has nothing to do with the proxy. I will close this topic and open a new one to find out how to stop this immense number of push messages.

• Security problem with virtual host

  Hello,
  I am using flex builder3 and php5 to run an application built
  in codeIgniter 1.6.3 and flex. Problem is that I am using a virtual
  host to run codeigniter in browser. My doc root is
  htdocs\projects\FlexPHP . Here my flex files resides. In browser I
  can access it by giving following url :
  http://localhost/projects/FlexPHP/bin-debug/FlexPHP.html
  and I am accessing my php application in
  http://flexphp/ (path :
  htdocs\projects\FlexPHP\src\server-script)
  I am calling http service from flex ...
  <mx:HTTPService id="phpService"
  url="
  http://flexphp/profile/ProfileMngr"
  resultFormat="e4x" result="showResult()" useProxy="false"
  showBusyCursor="true" />
  <mx:Button label="Call PHP"
  click="phpService.send()"/>
  and getting following error
  [RPC Fault faultString="Security error accessing url"
  faultCode="Channel.Security.Error" faultDetail="Destination:
  DefaultHTTP"]
  at mx.rpc::AbstractInvoker/
  http://www.adobe.com/2006/flex/mx/internal::faultHandler()[E:\dev\3.0.x\frameworks\project s\rpc\src\mx\rpc\AbstractInvoker.as:216
  at
  mx.rpc::Responder/fault()[E:\dev\3.0.x\frameworks\projects\rpc\src\mx\rpc\Responder.as:49 ]
  at
  mx.rpc::AsyncRequest/fault()[E:\dev\3.0.x\frameworks\projects\rpc\src\mx\rpc\AsyncRequest .as:103]
  at
  DirectHTTPMessageResponder/securityErrorHandler()[E:\dev\3.0.x\frameworks\projects\rpc\sr c\mx\messaging\channels\DirectHTTPChannel.as:368]
  at flash.events::EventDispatcher/dispatchEventFunction()
  at flash.events::EventDispatcher/dispatchEvent()
  at flash.net::URLLoader/redirectEvent()
  I have placed cross-domain policy file in server-script
  folder as the urls are different but it didnt solve my problem.
  I have tried it with another virtual host which is not a
  codeigniter application , a simple php page returing a xml..working
  properly.
  Any help is appreciated. Thanks in advance.

  no problem from flex side.. need to escape crossdomain.xml
  file in htacess for codeigniter i.e RewriteCond $1
  !^(index\.php|images|application|uploads|robots\.txt|crossdomain\.xml)
  in htaccess file.