Security Propogation in MDB
Hi all,
I have a doubt :
Now the requirement is like below :
A user logins with his credentials and he belongs to a Role ABC.
Does a UI Action -> This in turn posts a message to a Queue -> MDB reiceves the message and posts the message to a Topic( Security is set on this topic to use Role ABC )
How can the MDB get the user context with Role ABC ?
If we use Run-as with a principal for MDB , then it should be a hardcoded user name. And we loose track of user who initiated the UI Action(Because Different users with the same Role ABC can login to UI and start the UI Action )
Is there any other way ?
Regards,
Harsha
I don't think there's a public WebLogic API for applications to assume any security credential if all they have is a username without a password. You can try posting to a security newsgroup to find out for sure.
If you need to pass the security credential of a sender, the following might work:
(1) Call "weblogic.security.Security.getCurrentSubject()” on the producer prior to calling send. This returns a validated credential if there is one on the current thread.
(2) Somehow store this validated credential in the message. For example, serialize it into a byte array, convert the byte array into a base 64 encoded string, and store the string as a message property. Make absolutely sure the network, queue, message paging, and message storage are all well protected - for example use SSL connections, as anyone with access to these resources will have access to the full validated credential.
(3) On the receiving server: convert the credential back into an Object, and then try the following:
{code}
import weblogic.security.Security;
import weblogic.security.subject.AbstractSubject;
import weblogic.security.subject.SubjectManager;
class MyClass {
void doSomethingAsSubject(javax.security.auth.Subject subject) {
if (subject == null)
subject = weblogic.security.Security.getCurrentSubject();
try {
weblogic.security.Security.runAs(subject,
new java.security.PrivilegedExceptionAction() {
public java.lang.Object run() throws Exception {
// do something;
return null; // or return some Object
} catch (java.security.PrivilegedActionException e) {
// handle exception;
{code}
Regards,
Tom
Edited by: TomB on May 27, 2011 2:13 PM
Similar Messages
-
CR XI: Connect to a MS ACCESS 2K MDB (w/ MDW Systemdatabase)
Post Author: svenworm
CA Forum: Data Connectivity and SQL
Hi there,
I am trying to implement some CR Reports into my MS ACCESS 2000 Database which has MDW Systemdatabase. Inside CR XI Developer the Reports are shown and are OK. Integrated into MS ACCESS via the cr report viewer activex control I receive an error when connecting to the database:
Within the "techref.pdf" I found Info about how to connect to a secured MS ACCESS MDB, but there is nothing said about the Systemdatabase. The Parameter is called "system database path", I guess.
Code:
' Create a new instance of the report.
Dim Report As New CrystalReport
Private Sub Form_Load()
' Declare a ConnectionProperty object.
Dim CPProperty As CRAXDRT.ConnectionProperty
' Declare a DatabaseTable object.
Dim DBTable As CRAXDRT.DatabaseTable
' Get the first table in the report.
Set DBTable = Report.Database.Tables(1)
' Set the new database location and the new table name.
DBTable.SetTableLocation "C:\databases\xtreme.mdb",
NewCustomer, ""
' Get the "Database Password" property from the
' ConnectionProperties collection.
Set CPProperty = DBTable.ConnectionProperties("Database
Password")
' Set the database password.
CPProperty.Value = "password"
Any hints ??
Greets SvenPost Author: JCunningham
CA Forum: Data Connectivity and SQL
Hi.
My apologies, but I cant help you with your issue.
I was hoping that you might be able to help me with mine. Sounds like you've dealt with my issue already. I'm simply wanting to embed a Crystal Report into a simple MS Access database. I'm using Crystal XI Professional. I just need to know step by step how to get the Active X control within my Access Database to point to, and display my Crystal Report.
If you can help, I'd really appreciate it!
John Cunningham
[email protected] -
EJBException::No valid security context for the caller identity
Hi,
I was working with EJB and i had a basic doubt in security propogation from the web tier to EJB tier.
I deployed an EJB on JBOSS app server and in that bean i was trying to get the caller principal object from the EJBContext and i was printing the name of the principal.
System.out.println(ctx.getCallerPrincipal().getName());
then i created ordinary EJB client which is a java class and when i invoked the business method i was getting the below error
Exception in thread "main" javax.ejb.EJBException: java.lang.IllegalStateException: No valid security context for the caller identity
at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:63)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:191)
This error sounds meaningful but how will i set the security context from the java class. If it can be done then is this the same way that the security principal propogates from web tier to EJB tier.
Thanks,
Suresh BHi,
I was working with EJB and i had a basic doubt in security propogation from the web tier to EJB tier.
I deployed an EJB on JBOSS app server and in that bean i was trying to get the caller principal object from the EJBContext and i was printing the name of the principal.
System.out.println(ctx.getCallerPrincipal().getName());
then i created ordinary EJB client which is a java class and when i invoked the business method i was getting the below error
Exception in thread "main" javax.ejb.EJBException: java.lang.IllegalStateException: No valid security context for the caller identity
at org.jboss.ejb3.tx.Ejb3TxPolicy.handleExceptionInOurTx(Ejb3TxPolicy.java:63)
at org.jboss.aspects.tx.TxPolicy.invokeInOurTx(TxPolicy.java:83)
at org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:191)
This error sounds meaningful but how will i set the security context from the java class. If it can be done then is this the same way that the security principal propogates from web tier to EJB tier.
Thanks,
Suresh B -
Message Driven Bean Not Working
I'm trying to make run in WebLogic 7 an MDB,
it seems well configured,
in the XML descriptor ,JNDI names of the destination and the ConnectionFactory
correspond respectively to a destination wich I have created after having created a JMS server in WBL7 and to a ConnectionFactory
in the client ,
I have
-first obtain an InitialContext
-then a look-up on the QueueConnectionFactory
-then createQueueConnectionFactory
-after createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
-after a look-up on the Queue
-and then .createSender(queue)
- and finally createTextMessage();
to have a simple Textmessagen
in the administration console of Weblogic
in "monitor all MDB du .jar"
for this MDB there 0 bean in Pool,0bean in use
and the JmsConnectionAlive indicate False,
it seems curious
and then in the doc they says something about permission
an "run as principal" wich need to be put to "receive"
but I didn't exactly understand where
because the doc isn't completle up-to-date
and refer to 6,it seems
because int the WBL7 the ACL are suppressed
somebody could help me,
thanks in advanceArman & bzoler,
Make that three of us. I, am using Weblogic 7 (patch 2) and JBuilder Weblogic edition 7.01. I have configured my JMS topic and can successfully send and receive messages with BEA's sample topic sender and receiver (found in
C:\bea\weblogic700\samples\server\src\examples\jms\topic, but modified for my factory and topic).
However, when I try to deploy my MDB and send messages to the topic via their client, no messages are received by the MDB. I know it is deploying OK, because I added a println to the ejbCreate method and it is getting displayed when the server is started.
Any ideas from anyone out there of where we may be going wrong? Is it possible that you are forced to use Security when using MDB?
-David -
WLS 8.1 MDBs, Websphere MQ QMs and Security Exits....
Hi:
I am testing an MDB that is listening on a Websphere MQ 5.3 Queue. For security,
I have secured the Server Connection Channel of the Queue Manager (to which the
Queue belongs to) with a Security Exit.
Using the Foreign JMS Servers section in the Admin console, I defined a 'Foreign
JMS Connection Factory' that has the userid & password that is supposed to be
passed to Websphere MQ.
When the MDB comes up, it throws a SecurityException. In the background, the Security
Exit log indicates that the MDB tried to make multiple connections to the Server
Channel. The Deployment descriptor has the 'MAX BEANS IN FREE POOL' set to 1.
My issues are:
1. When the MDB comes up the Server Connection Channel shows multiple connections.
I know there is only one MDB, so I am curious why there would be multiple connections
to the same Channel.
2. The Security Exit log shows that the userid and passord was passed on to MQ
certain times and other times it was not. The net result is the Security Exit
rejected the MDB Connections (when the userid and pwd was blanks) and the Bean
did not come up properly.
I am concerned with Issue 2. Because, all I am able to control is giving the userid
and pwd in the Foreign JMS Server section. WLS 8.1 is supposed to pass on the
credentials properly to MQ when needed. Is WLS 8.1 NOT doing what is expected
or am I missing something?
What is the procedure to deploy a WLS 81 MDB that is listening on a queue whose
QM is secured by an MQ Security Exit.
Please help!
When you deploy any EJB or servlet that uses the "resource-reference", the
container (after a short delay) tries to make a connection to get the
XAResource for that JMS provider. It then registers that with JTA. That way,
JTA can perform transaction recovery on the JMS provider sooner rather than
later. (If we waited to register the MQSeries resource with JTA until you
used it, then if MQ had prepared transactions, they wouldn't be resolved
until you actually tried to send a message.)
As for the "multiple connections", I believe that the MQSeries JMS library
uses a single MQ "connection handle" for every JMS session. (That's because
MQ connection handles aren't thread-safe.) In our pool of the JMS Session
objects, we open more than one session initially, so that might be why
you're seeing multiple connections.
You can monitor the pooling of the JMS sessions using the console. Click on
your server in the "servers" tab in the left-hand tree view, then on
"Monitoring", then on "JMS", and then on "Monitor Pooled JMS Connections".
greg
"Sridhar Krishnaswamy" <[email protected]> wrote in message
news:[email protected]...
>
> I tried the steps you have mentioned. But the userid still does not come
across
> to MQSeries. So, I will follow up with Support. The MDB is passing on the
credentials
> fine when using the same QCF to put the messages to.
>
> On the issue of multiple connections, you are right. The connections are
because
> of the resource-ref entries. Though I am not sure why the MDB is actually
trying
> to establish multiple connections for every resource-ref entry (because
the pooling
> mechanism kicks in?). Also, in my design, some of the resource-ref are
actually
> 'stand-bys' to be used only if the MDB fails to put the message using the
primary
> resource-ref entry. I would have thought that the physical connections
will actually
> be made when the call for looking up the QCF is made by the bean or
createQueueConnection
> called. Just for my knowledge, I would like to know why the Container is
establishing
> the connections upfront.
>
> As always, I really appreciate your help, Greg.
>
> Thanks,
> Sridhar
>
> "Greg Brail" <[email protected]> wrote:
> >At the moment, the username and password used to receive messages come
> >from
> >a differenct place, and not from the "Foreign JMS Connection Factory"
> >screen. (Yes, I realize that this is confusing.) To do what you want,
> >you
> >need to define a "credential mapping":
> >
> >-- Create a WebLogic Server user using the "security" section of the
> >console, and assign the password that you will need to connect to MQ.
> >
> >-- Right-click on your MDB in the left-hand tree view, and select "Define
> >Roles and Policies for Individual Beans"
> >
> >-- You should see a list of MDBs on the screen. Click on "define
credential
> >mapping". (I forget the exact wording, but it's something like that.)
> >
> >-- On this screen, you enter the MQSeries username that you'll need to
> >set,
> >and the WebLogic user that you created in the first step. It then uses
> >the
> >password from this WebLogic username.
> >
> >If you have trouble with this, please call support. I know that some
> >people
> >have had trouble with this particular feature.
> >
> >I'm not sure about the multiple connections. Is it possible that you
> >have a
> >"resource-reference" declared for MQ somewhere?
> >
> > greg
> >
> >"Sridhar Krishnaswamy" <[email protected]> wrote in message
> >news:[email protected]...
> >>
> >> Hi:
> >> I am testing an MDB that is listening on a Websphere MQ 5.3 Queue.
> >For
> >security,
> >> I have secured the Server Connection Channel of the Queue Manager (to
> >which the
> >> Queue belongs to) with a Security Exit.
> >>
> >> Using the Foreign JMS Servers section in the Admin console, I defined
> >a
> >'Foreign
> >> JMS Connection Factory' that has the userid & password that is supposed
> >to
> >be
> >> passed to Websphere MQ.
> >>
> >> When the MDB comes up, it throws a SecurityException. In the
background,
> >the Security
> >> Exit log indicates that the MDB tried to make multiple connections
> >to the
> >Server
> >> Channel. The Deployment descriptor has the 'MAX BEANS IN FREE POOL'
> >set to
> >1.
> >> My issues are:
> >>
> >> 1. When the MDB comes up the Server Connection Channel shows multiple
> >connections.
> >> I know there is only one MDB, so I am curious why there would be
multiple
> >connections
> >> to the same Channel.
> >> 2. The Security Exit log shows that the userid and passord was passed
> >on
> >to MQ
> >> certain times and other times it was not. The net result is the
Security
> >Exit
> >> rejected the MDB Connections (when the userid and pwd was blanks) and
> >the
> >Bean
> >> did not come up properly.
> >>
> >> I am concerned with Issue 2. Because, all I am able to control is
giving
> >the userid
> >> and pwd in the Foreign JMS Server section. WLS 8.1 is supposed to pass
> >on
> >the
> >> credentials properly to MQ when needed. Is WLS 8.1 NOT doing what is
> >expected
> >> or am I missing something?
> >>
> >> What is the procedure to deploy a WLS 81 MDB that is listening on a
> >queue
> >whose
> >> QM is secured by an MQ Security Exit.
> >>
> >> Please help!
> >
> >
>
-
MDB Credential Mapper for connecting to secured foreign JMS - Need WLST
Hello All
Weblogic 10.3.0
I am in a situation where i have the MDB trying to read messages from secure foreign jms . The ejb-jar and weblogic-jar.xml has the right values like
ejb-jar.xml
==========
<assembly-descriptor>
<security-role>
<role-name>admin</role-name>
</security-role>
</assembly-descriptor>
weblogic-ejb-jar.xml
==============
<run-as-principal-name>CFAMJMS</run-as-principal-name>
<security-role-assignment>
<role-name>admin</role-name>
<principal-name>CFAMJMS</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>
If i am correct , to connect to the Secured Foreign JMS Connection - There are couple of steps involved
1) To create a new security wlsuser under myrealm - called CFAMJMS
2) Each MDB deployed as part of the ear file - I need to perform the credential Mapping - Means
EJB Component Credential Mappings - create a WLS user of the name CFAMJMS and supply the Remote JMS User Name and Password .
Today , i perform the setp 2 ) using the Weblogic Admin Console . Need to automate the same using wlst script . Please helpHi,
Similar question was answered in this thread...
JMS integration with Tibco EMS via SSL
Could you please check if your TIBCO EMS is ssl enabled .Login on TIBCO EMS using putty and then type show config and check for the following parameter ssl_server_identity ,ssl_server_key . Go to the path mentioned in these two properties and see if the certificate with .pem is present there.
As you are getting following error in the log
Caused by: javax.jms.JMSSecurityException: Can not initialize SSL client: no trusted certificates are set
In TIBCO we need trusted store .pem certificate to make it ssl enabled.
Cheers,
Vlad
It is considered good etiquette to reward answerers with points (as "helpful" - 5 pts - or "correct" - 10pts)
https://forums.oracle.com/forums/ann.jspa?annID=893 -
Hi
I am having trouble getting the MDB to work with a secure Queue in weblogic. I set up the security using the WLS admin console and it has just a userid/password protection to all the Queue operations. I am not sure how to tell the container of the MDB to connect using that userid/password combination. What I have done is use the run-as identity in the deployment descriptors and thats not helping it to connect to the Queue.
I am a bit lost on how to set up the MDB for the secure Queue - any pointers is really appreciated.
thanks
AnamitraHi
I have already done that and I still get that error:
<Sep 7, 2004 9:28:44 AM EDT> <Warning> <EJB> <BEA-010096> <The Message-Driven EJ
B: JMSContQueueProcessor-1 is unable to connect to the JMS destination: jms/mro/
int/queues/cqin. Connection failed after 2 attempts. The MDB will attempt to rec
onnect every 10 seconds. This log message will repeat every 600 seconds until th
e condition clears.>
<Sep 7, 2004 9:28:45 AM EDT> <Warning> <EJB> <BEA-010061> <The Message-Driven EJ
B: JMSContQueueProcessor-1 is unable to connect to the JMS destination: jms/mro/
int/queues/cqin. The Error was:
weblogic.jms.common.JMSSecurityException: Access denied to resource: type=<jms>,
application=, destinationType=queue, resource=cq, action=receive
weblogic.jms.common.JMSSecurityException: Access denied to resource: type=<jms>,
application=, destinationType=queue, resource=cq, action=receive
at weblogic.jms.JMSService.checkPermission(JMSService.java:1140)
at weblogic.jms.JMSService.checkRecvPermission(JMSService.java:1157)
at weblogic.jms.frontend.FESession.consumerCreate(FESession.java:1049)
at weblogic.jms.frontend.FESession.invoke(FESession.java:2552)
at weblogic.jms.dispatcher.Request.wrappedFiniteStateMachine(Request.jav
a:621)
at weblogic.jms.dispatcher.DispatcherImpl.dispatchSync(DispatcherImpl.ja
va:153)
at weblogic.jms.client.JMSSession.consumerCreate(JMSSession.java:1860)
at weblogic.jms.client.JMSSession.createConsumer(JMSSession.java:1691)
at weblogic.jms.client.JMSSession.createReceiver(JMSSession.java:1530)
at weblogic.ejb20.internal.JMSConnectionPoller.setUpQueueSessions(JMSCon
nectionPoller.java:1720)
at weblogic.ejb20.internal.JMSConnectionPoller.createJMSConnection(JMSCo
nnectionPoller.java:2012)
at weblogic.ejb20.internal.JMSConnectionPoller.connectToJMS(JMSConnectio
nPoller.java:1180)
at weblogic.ejb20.internal.JMSConnectionPoller.trigger(JMSConnectionPoll
er.java:978)
at weblogic.time.common.internal.ScheduledTrigger.run(ScheduledTrigger.j
ava:243)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
118)
at weblogic.time.common.internal.ScheduledTrigger.executeLocally(Schedul
edTrigger.java:229)
at weblogic.time.common.internal.ScheduledTrigger.execute(ScheduledTrigg
er.java:223)
at weblogic.time.server.ScheduledTrigger.execute(ScheduledTrigger.java:5
0)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)
I have attached my dd file below:
<!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN"
"http://java.sun.com/dtd/ejb-jar_2_0.dtd">
<ejb-jar id="ejb-jar_ID">
<display-name>MEA JMS EJB Module</display-name>
<enterprise-beans>
<message-driven id="MessageDriven_JMSContQueueProcessor_1">
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<ejb-class>psdi.iface.jms.JMSContQueueProcessor</ejb-class>
<transaction-type>Container</transaction-type>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
</message-driven-destination>
<env-entry>
<env-entry-name>MESSAGEPROCESSOR</env-entry-name>
<env-entry-type>java.lang.String </env-entry-type>
<env-entry-value>psdi.iface.jms.QueueToMaximoProcessor</env-entry-value>
</env-entry>
<security-identity>
<run-as>
<role-name>integrationuser</role-name>
</run-as>
</security-identity>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<security-role>
<role-name>integrationuser</role-name>
</security-role>
<container-transaction>
<method>
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
<?xml version="1.0"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC "-//BEA Systems, Inc.//DTD WebLogic 6.0.0 EJB//EN" "http://www.bea.com/servers/wls600/dtd/weblogic-ejb-jar.dtd">
<!-- Sample MessageDriven bean Weblogic deployment descriptor -->
<weblogic-ejb-jar>
<weblogic-enterprise-bean>
<ejb-name>JMSContQueueProcessor-1</ejb-name>
<message-driven-descriptor>
<pool>
<max-beans-in-free-pool>1</max-beans-in-free-pool>
<initial-beans-in-free-pool>0</initial-beans-in-free-pool>
</pool>
<destination-jndi-name>jms/mro/int/queues/cqin</destination-jndi-name>
<connection-factory-jndi-name>jms/mro/int/qcf/intqcf</connection-factory-jndi-name>
</message-driven-descriptor>
<transaction-descriptor>
<trans-timeout-seconds>600</trans-timeout-seconds>
</transaction-descriptor>
<jndi-name>JMSContQueueProcessor-1</jndi-name>
</weblogic-enterprise-bean>
<security-role-assignment>
<role-name>integrationuser</role-name>
<principal-name>new_user1</principal-name>
</security-role-assignment>
</weblogic-ejb-jar>
Did I miss anything?
thanks
Anamitra -
JAAS security prncipal not propogating in EJB web service end point
I have a web application which communicate a independent EJB module via web service end points. when request reaches the web service principal is found as null. I use BASIC authentication in web page. I works well on web pages.
Pl. help me how jaas security principals, group and roles an be propogated to a web serviceTook a look at your .ear file .
So here's the problem .You are trying to use sun's proptrietary DD entries to secure an ejb-ws : <login-config> from is an entry from sun's proprietary DD.(sun-ejb-jar.xml)
oracle also provides a mechanism to transport secure an ejb-ws , though the publicly available version of app server (the one you have , did not had that feature ).The next drop will have the same .
Having said that , what you have should be enough to secure an ejb-ws if you are using only BASIC auth .
I can see that your EJB has some C:\... entries , unless those entries have the right security permissions , your ejb would not be able to load them , with the security credentials sent from the client .
When I deployed and ran your .ear file ,
I got errors such as
<faultstring>Internal Server Error (caught exception while handling request: oracle.oc4j.rmi.OracleRemoteException: Error in ejbCreate(): nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI; nested exception is: javax.ejb.EJBException: nested exception is: javax.naming.NameNotFoundException: java:comp/env/configFileContent not found in RoSrapScriptExecServiceImplWSI)</faultstring>
</env:Fault>
implying that there are some references to entries not available inside the .ear .
you can test if the ejb-ws is deployed and running by using the test page through your browser :
http://<your host>:8888/rochade/srap/scriptExecWSI
Anirban -
Global security group permissions not propogating
I have a single flat domain that has migrated from NT to 2003 to 2008. A number of the global groups go back to the mid ninties.
I recently purchased a EMC VNXe 3300 for addition storage, joined it to the domain, migrated a bunch of folders with permissions using robocopy no problem.
Now I have one shared folder and the global security permission applied to the top level folder but did not decend the tree. I tried applying it from the advanced security tab and choose apply to this folder and all child objects and folder or some such
verbiage. I could not get that permission on anything below the top level unless I went to the object explictly and applied it.
I created a new global security group and applied it to the folder and it descended the tree with no problems.
I have hundreds of folders and hundreds of groups I need to move to this new storage, I have no idea what is wrong here?Hi,
Please help collect the current permission setting of the parent folder and a subfolder (which the original global security group cannot be applied with "inheriting").
Meanwhile have a try with icacls instead of GUI to see if it will work. For example:
icacls x:\folder /grant <group>:(OI)(CI)F
If you have any feedback on our support, please send to [email protected] -
Hi,
I get some problems with the following configuration.
An JMS-Queue is located on a weblogic-server A. On another WL-Server B
I deploy a MDB which connects to the queue on server A.
As long as both servers have the same password for the system-user
everthing works fine. Changing it on one side results in this
exception on server A.
java.lang.SecurityException: Authentication for user system denied in
realm wl_realm
I tried to use the run-as an run-as-identity-principal arguments in DD
but to no effort. I always get this exception for the system-user.
Can anyone help ?
Markus
Config: WLS 6.1 SP1 on NTAs of now you need to have the same system password for both the servers,
but I would suggest that you try this with 6.1 sp2 (Tentative release
mid december ).
yeshwant
Markus Papenbrock wrote:
Hi,
I get some problems with the following configuration.
An JMS-Queue is located on a weblogic-server A. On another WL-Server B
I deploy a MDB which connects to the queue on server A.
As long as both servers have the same password for the system-user
everthing works fine. Changing it on one side results in this
exception on server A.
java.lang.SecurityException: Authentication for user system denied in
realm wl_realm
I tried to use the run-as an run-as-identity-principal arguments in DD
but to no effort. I always get this exception for the system-user.
Can anyone help ?
Markus
Config: WLS 6.1 SP1 on NT -
I have a web service that I am trying to use an MDB with.
I have a web service where I request using soapUI, and the the response from the soapUI that I get is correct. However, in addition to this "regular" program flow, I am sending data to a queue where 2 things should happen:
1. my message should get put in that queue....(not a problem I think, it's says it can connect and send to this one)
2. a MDB should get triggered, but isn't, and the MDB should start it's own program flow after this.
this is the basics as to what is happening in my program, and I get this error below on the end of the output. so would anyone have any theories as to what might be wrong?
ApplicationDispatcher[] Servlet.service() for servlet HandlePrecompiledJsp threw exception
com.sun.enterprise.tools.guiframework.exception.FrameworkException: Unabled to handle pre-compiled JSP '/jsp/LogDetail.jsp'. Expected pre-compiled classname: 'org.apache.jsp.jsp.LogDetail_jsp'.
at com.sun.enterprise.tools.admingui.servlet.HandlePrecompiledJsp.doPost(HandlePrecompiledJsp.java:59)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:767)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
at sun.reflect.GeneratedMethodAccessor56.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:257)
at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:55)
at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:161)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:723)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:482)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:417)
at org.apache.catalina.core.ApplicationDispatcher.access$000(ApplicationDispatcher.java:80)
at org.apache.catalina.core.ApplicationDispatcher$PrivilegedForward.run(ApplicationDispatcher.java:95)
at java.security.AccessController.doPrivileged(Native Method)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:313)
at com.iplanet.jato.view.ViewBeanBase.forward(ViewBeanBase.java:340)
at com.iplanet.jato.view.ViewBeanBase.forwardTo(ViewBeanBase.java:261)
at com.sun.enterprise.tools.guiframework.view.DescriptorViewHelper.execute(DescriptorViewHelper.java:316)
at com.sun.enterprise.tools.guiframework.view.DescriptorViewBeanBase.execute(DescriptorViewBeanBase.java:192)
at com.iplanet.jato.view.RequestHandlingViewBase.handleRequest(RequestHandlingViewBase.java:308)
at com.iplanet.jato.view.ViewBeanBase.dispatchInvocation(ViewBeanBase.java:802)
at com.iplanet.jato.view.ViewBeanBase.invokeRequestHandlerInternal(ViewBeanBase.java:740)
Caused by: javax.servlet.ServletException: com.sun.enterprise.tools.guiframework.exception.FrameworkException: java.lang.reflect.InvocationTargetException while attempting to process a 'beginDisplay' event for 'LogDetail'.
at org.apache.jasper.runtime.PageContextImpl.doHandlePageException(PageContextImpl.java:830)
at org.apache.jasper.runtime.PageContextImpl.handlePageException(PageContextImpl.java:763)
at org.apache.jsp.jsp.LogDetail_jsp._jspService(LogDetail_jsp.java:126)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:105)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
at com.sun.enterprise.tools.admingui.servlet.HandlePrecompiledJsp.doPost(HandlePrecompiledJsp.java:57)
... 67 more
LavanyaYou cannot gift to another country at all.
-
So, I'm trying to strip Reader for domain security
...and I thought I had it completely nailed. I was able to view documents, print, change preferences, everything except the things I don't want people in my domain doing anyway, like executing JavaScript out of a PostScript document. *ahem*
Then I changed... something. And now I get a brief error every time I try to open Edit -> Preferences:
"Failed to load an application resource (internal error)."
I've put back most of the plugins, restored .\Javascripts, reversed most of the Registry changes and cleared every folder called "Adobe" from my test user account, and I'm still getting this error when trying to open prefs. Everything else works fine, like creating a report. Although Reader reports that I'm running Vista when my test system is Win7 amd64 SP1 beta, but maybe I'm splitting hairs.
Oh, also, tWhiteList doesn't seem to work like you'd expect it to. In fact, it doesn't appear to work at all. Does Reader even pay attention to this value any more? Leaving it in because I'm still experimenting with it. Also, the Reader MSI still installs it. Presumably, it has a purpose of some kind.
For no obvious reason, the list of plugins generated from Generate System Report just reports AcroForm several times. About Plugins correctly shows
PPKLite.api
eBook.api
DigSig.api
AcroForm.api
PDDom.api
reflow.api
SaveAsRTF.api
Search.api
I'm pasting the Registry entries directly from the Inno Setup script I'm working on (no one scream, please):
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AdobeViewer; ValueType: dword; ValueName: Launched; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AdobeViewer; ValueType: dword; ValueName: EULA; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AdobeViewer; ValueType: dword; ValueName: TrustedMode; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AVGeneral; ValueType: dword; ValueName: bLastExitNormal; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AVGeneral; ValueType: dword; ValueName: bAppInitialized; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\AVTracker; ValueType: dword; ValueName: bLoadOnStart; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\FormsPrefs; ValueType: dword; ValueName: bUserAskedToEnableAutoComplete; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Originals; ValueType: dword; ValueName: bDisplayedSplash; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Originals; ValueType: dword; ValueName: bBrowserIntegration; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\SDI; ValueType: dword; ValueName: bMaximizeNextDocument; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\SDI; ValueType: dword; ValueName: bNullDocMaximized; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Security\cDigSig; ValueType: dword; ValueName: bValidateOnOpen; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Security\cDigSig\cAdobeDownload; ValueType: dword; ValueName: bLoadSettingsFromURL; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Security\cDigSig\cAdobeDownload; ValueType: dword; ValueName: bAskBeforeInstalling; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Security\cHandlers; ValueType: dword; ValueName: bVerifyUseAlways; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Security\cPubSec; ValueType: dword; ValueName: iShowDocumentWarnings; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Selection; ValueType: string; ValueName: aDefaultSelect; ValueData: Select
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\TrustManager; ValueType: dword; ValueName: bEnhancedSecurityInBrowser; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\TrustManager; ValueType: dword; ValueName: bEnhancedSecurityStandalone; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\UsageMeasurement; ValueType: dword; ValueName: bInstalledCleanupCheckDone; ValueData: $00000001
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bNeedSynchronizer; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableRTCPart; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableAcrobatHS; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableWorkflowPart; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableHSLibrary; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableRTCAuth; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Acrobat Reader\9.0\Workflows; ValueType: dword; ValueName: bEnableShareFile; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Adobe Acrobat\9.0\DiskCabs; ValueType: dword; ValueName: bCollab_OfflineDocs; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\Adobe Acrobat\9.0\DiskCabs; ValueType: dword; ValueName: bCollab_Workflows; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\CommonFiles\Usage\Reader 9; ValueType: dword; ValueName: OptIn; ValueData: $00000000
Root: HKCU; SubKey: Software\Adobe\CommonFiles\Usage\Reader 9; ValueType: dword; ValueName: throttle; ValueData: $00000003
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bUpdater; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bFedExInternetPrintingEnabled; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bCommercialPDF; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bEnhancedSecurityInBrowser; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: iFileAttachmentPerms; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bCreateBuzzwordDoc; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bShowEbookMenu; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bPurchaseAcro; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bUsageMeasurement; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bDisableTrustedSites; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bEnhancedSecurityStandalone; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bCreatePDFOnline; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bBrowserIntegration; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bDisableTrustedFolders; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown; ValueType: dword; ValueName: bAutoFill; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultExecMenuItems; ValueType: string; ValueName: tWhiteList; ValueData: Close|Quit|FirstPage|PrevPage|NextPage|LastPage|ActualSize|FitPage|FitWidth|FitHeight|Sin glePage|OneColumn|TwoPages|TwoColumns|ZoomViewIn|ZoomViewOut|ShowHideBookmarks|ShowHideThu mbnails|Print|GoToPage|ZoomTo|GeneralPrefs|SaveAs|FullScreen|OpenOrganizer|Scan|PageSetup| Find|FindSearch|GoBack|GoForward|FitVisible|ShowHideToolbarEditing|ShowHideToolbarCommenti ng|ShowHideToolbarEdit|ShowHideToolbarFile|ShowHideToolbarFind|ShowHideToolbarForms|ShowHi deToolbarMeasuring|ShowHideToolbarData|ShowHideToolbarPageDisplay|ShowHideToolbarNavigatio n|ShowHideToolbarPrintProduction|ShowHideToolbarRedaction|ShowHideToolbarBasicTools|ShowHi deToolbarTasks|ShowHideToolbarTypewriter|PropertyToolbar|ShowHideArticles|ShowHideFileAtta chment|ShowHideAnnotManager|ShowHideFields|ShowHideOptCont|ShowHideModelTree|ShowHideSigna tures|InsertPages|ExtractPages|ReplacePages|DeletePages|CropPages|RotatePages|AddFileAttac hment|FindCurrentBookmark|BookmarkShowLocation|GoBackDoc|GoForward|DocHelpUserGuide|HelpRe ader|HandMenuItem|ZoomDragMenuItem|CollectionHome|CollectionDetails|CollectionPreview|Coll ectionShowRoot
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchAttachmentPerms; ValueType: string; ValueName: tBuiltInPermList; ValueData: version:1|.7z:3|.ade:3|.adp:3|.app:3|.arc:3|.arj:3|.asp:3|.bas:3|.bat:3|.bz:3|.bz2:3|.cab :3|.chm:3|.class:3|.cmd:3|.com:3|.command:3|.cpl:3|.crt:3|.csh:3|.desktop:3|.dll:3|.exe:3| .fxp:3|.gz:3|.hex:3|.hlp:3|.hqx:3|.hta:3|.inf:3|.ini:3|.ins:3|.isp:3|.its:3|.job:3|.js:3|. jse:3|.ksh:3|.lnk:3|.lzh:3|.mad:3|.maf:3|.mag:3|.mam:3|.maq:3|.mar:3|.mas:3|.mat:3|.mau:3| .mav:3|.maw:3|.mda:3|.mdb:3|.mde:3|.mdt:3|.mdw:3|.mdz:3|.msc:3|.msi:3|.msp:3|.mst:3|.ocx:3 |.ops:3|.pcd:3|.pi:3|.pif:3|.prf:3|.prg:3|.pst:3|.rar:3|.reg:3|.scf:3|.scr:3|.sct:3|.sea:3 |.shb:3|.shs:3|.sit:3|.tar:3|.taz:3|.tbz:3|.tgz:3|.tmp:3|.url:3|.vb:3|.vbe:3|.vbs:3|.vsmac ros:3|.vss:3|.vst:3|.vsw:3|.webloc:3|.ws:3|.wsc:3|.wsf:3|.wsh:3|.z:3|.zip:3|.zlo:3|.zoo:3| .pdf:2|.fdf:2|.jar:3|.pkg:3|.tool:3|.term:3
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchAttachmentPerms; ValueType: dword; ValueName: iUnlistedAttachmentTypePerm; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchURLPerms; ValueType: string; ValueName: tSchemePerms; ValueData: version:1|shell:3|hcp:3|ms-help:3|ms-its:3|ms-itss:3|its:3|mk:3|mhtml:3|help:3|disk:3|afp :3|disks:3|telnet:3|ssh:3|acrobat:2|mailto:2|file:1|rlogin:3
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchURLPerms; ValueType: string; ValueName: tSponsoredContentSchemeWhiteList; ValueData: notgopher
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchURLPerms; ValueType: string; ValueName: tFlashContentSchemeWhiteList; ValueData: notgopher
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cHostedServices\cProtectPDF; ValueType: dword; ValueName: bShowMeets; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cSecurity\cDigSig; ValueType: dword; ValueName: bValidateOnOpen; ValueData: $00000001
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cSecurity\cEDC; ValueType: dword; ValueName: bAllowAPSConfig; ValueData: $00000000
Root: HKLM; SubKey: Software\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cSecurity\cHandlers; ValueType: dword; ValueName: bVerify; ValueData: $00000001Hello natorious325,
I'm sorry that you ran into trouble with this. The Creative Cloud desktop application is the program that you use to install your Creative Cloud programs (such as InDesign) and manage your files and font selections. It looks like this:
If there are problems with font sync, there will be an error listed in the Assets > Fonts tab of the Creative Cloud desktop application.
Please check these troubleshooting steps for desktop sync, which cover most of the common problems:
TYPEKIT | Troubleshooting Guide: syncing desktop f...
If those steps don't get font sync working for you, you can email Typekit Support directly at [email protected] for further help. Best,
-- liz -
MDB container managed transaction demarcation not working in wls 6.1 beta
I have an MDB which sends the messages it receives onto another JMS
destination within the onMessage method. These messages are not sent to
the JMS destination unless I explicitly use a transacted session for the
destination and subsequently commit the session. If I set the transacted
parameter to Session as false the messages are sent. If I set the
transacted parameter to true the messages will only be output if the
session is committed. This is the standard behaviour for a JMS session
but this is not the correct behaviour for an MDB running with
container-managed transaction demarcation.
For a start the transacted parameter to session should be ignored when
run in the context of a container transaction and the commit method
should thrown an exception as it is not allowed within the context of a
container transaction.
This is the MDB code and the deployment descriptor: -
public class MessageBean implements MessageDrivenBean, MessageListener
private String topicName = null;
private TopicConnectionFactory topicConnectionFactory = null;
private TopicConnection topicConnection = null;
private TopicSession topicSession = null;
private Topic topic = null;
private TopicPublisher topicPublisher = null;
private TextMessage textMessage=null;
private transient MessageDrivenContext messageDrivenContext = null;
private Context jndiContext;
public final static String
JMS_FACTORY="weblogic.examples.jms.TopicConnectionFactory";
public final static String
TOPIC="weblogic.examples.jms.exampleTopic";
public MessageBean()
public void setMessageDrivenContext(MessageDrivenContext
messageDrivenContext)
this.messageDrivenContext = messageDrivenContext;
public void ejbCreate()
public void onMessage(Message inMessage)
try
jndiContext = new InitialContext();
topicConnectionFactory =
(TopicConnectionFactory)jndiContext.lookup(JMS_FACTORY);
topic = (Topic) jndiContext.lookup(TOPIC);
topicConnection =
topicConnectionFactory.createTopicConnection();
topicConnection.start();
// The transacted parameter should be ignored in the context of a
container tx
topicSession = topicConnection.createTopicSession(true,
Session.AUTO_ACKNOWLEDGE);
topicPublisher = topicSession.createPublisher(topic);
textMessage = (TextMessage)inMessage;
topicPublisher.publish(inMessage);
// this is illegal in a container transaction
topicSession.commit();
topicConnection.close();
catch (JMSException je)
throw new EJBException(je);
catch (NamingException ne)
throw new EJBException(ne);
public void ejbRemove()
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise
JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
<ejb-jar>
<enterprise-beans>
<message-driven>
<display-name>MessageBean</display-name>
<ejb-name>MessageBean</ejb-name>
<ejb-class>MessageBean</ejb-class>
<transaction-type>Container</transaction-type>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
</message-driven-destination>
<security-identity>
<description></description>
<run-as>
<description></description>
<role-name></role-name>
</run-as>
</security-identity>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<container-transaction>
<method>
<ejb-name>MessageBean</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>Required</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
Please see the response in the EJB newsgroup.
Also, could you kindly only post to a single newsgroup?
Thanks.
"Jimmy Johns" <[email protected]> wrote in message
news:[email protected]...
> I have an MDB which sends the messages it receives onto another JMS
> destination within the onMessage method. These messages are not sent to
> the JMS destination unless I explicitly use a transacted session for the
>
> destination and subsequently commit the session. If I set the transacted
>
> parameter to Session as false the messages are sent. If I set the
> transacted parameter to true the messages will only be output if the
> session is committed. This is the standard behaviour for a JMS session
> but this is not the correct behaviour for an MDB running with
> container-managed transaction demarcation.
>
> For a start the transacted parameter to session should be ignored when
> run in the context of a container transaction and the commit method
> should thrown an exception as it is not allowed within the context of a
> container transaction.
>
> This is the MDB code and the deployment descriptor: -
>
> public class MessageBean implements MessageDrivenBean, MessageListener
> {
> private String topicName = null;
> private TopicConnectionFactory topicConnectionFactory = null;
> private TopicConnection topicConnection = null;
> private TopicSession topicSession = null;
> private Topic topic = null;
> private TopicPublisher topicPublisher = null;
> private TextMessage textMessage=null;
> private transient MessageDrivenContext messageDrivenContext = null;
>
> private Context jndiContext;
>
> public final static String
> JMS_FACTORY="weblogic.examples.jms.TopicConnectionFactory";
> public final static String
> TOPIC="weblogic.examples.jms.exampleTopic";
>
> public MessageBean()
> {
> }
>
> public void setMessageDrivenContext(MessageDrivenContext
> messageDrivenContext)
> {
> this.messageDrivenContext = messageDrivenContext;
> }
>
> public void ejbCreate()
> {
> }
>
> public void onMessage(Message inMessage)
> {
> try
> {
> jndiContext = new InitialContext();
> topicConnectionFactory =
> (TopicConnectionFactory)jndiContext.lookup(JMS_FACTORY);
> topic = (Topic) jndiContext.lookup(TOPIC);
> topicConnection =
> topicConnectionFactory.createTopicConnection();
> topicConnection.start();
> // The transacted parameter should be ignored in the context of a
> container tx
> topicSession = topicConnection.createTopicSession(true,
> Session.AUTO_ACKNOWLEDGE);
> topicPublisher = topicSession.createPublisher(topic);
> textMessage = (TextMessage)inMessage;
> topicPublisher.publish(inMessage);
> // this is illegal in a container transaction
> topicSession.commit();
> topicConnection.close();
> }
> catch (JMSException je)
> {
> throw new EJBException(je);
> }
> catch (NamingException ne)
> {
> throw new EJBException(ne);
> }
> }
>
> public void ejbRemove()
> {
> }
> }
>
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE ejb-jar PUBLIC '-//Sun Microsystems, Inc.//DTD Enterprise
> JavaBeans 2.0//EN' 'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
>
> <ejb-jar>
> <enterprise-beans>
> <message-driven>
> <display-name>MessageBean</display-name>
> <ejb-name>MessageBean</ejb-name>
> <ejb-class>MessageBean</ejb-class>
> <transaction-type>Container</transaction-type>
> <message-driven-destination>
> <destination-type>javax.jms.Queue</destination-type>
> </message-driven-destination>
> <security-identity>
> <description></description>
> <run-as>
> <description></description>
> <role-name></role-name>
> </run-as>
> </security-identity>
> </message-driven>
> </enterprise-beans>
> <assembly-descriptor>
> <container-transaction>
> <method>
> <ejb-name>MessageBean</ejb-name>
> <method-name>*</method-name>
> </method>
> <trans-attribute>Required</trans-attribute>
> </container-transaction>
> </assembly-descriptor>
> </ejb-jar>
>
>
>
>
>
>
>
>
-
Help with asp ... security levels
I made a change to the security level for the end user. i add
a security feature by adding 12345 to their security level.
<%@LANGUAGE="VBSCRIPT"%>
<%Option Explicit%>
<%
'check to see if the page is submitted
Dim validLogin
Dim strErrorMessage
Dim intLevel
Dim sLevel
If (Request.Form("uname")<>"") Then
'user has submitted the form
'get the entered values and hit the database
Dim strUserName
Dim strPassword
'going to use an implicit connection, no connection object
needed
Dim objRS
strUserName = UCase(Request.Form("uname"))
strPassword = UCase(Request.Form("pwd"))
response.write("strUserName")
'prepare the RS
Set objRS = Server.CreateObject("ADODB.Recordset")
'set the sql statement
objRS.Source = "SELECT * FROM tblEmployee WHERE
strEmpUserName = '" & strUserName & "' AND strEmpPassword =
'" & strPassword & "'"
' heres the implicit connection
objRS.ActiveConnection =
"Provider=Microsoft.Jet.OLEDB.4.0;Data
Source=c:\Inetpub\db\IMPCustomers.mdb"
objRS.CursorType = 0
objRS.CursorLocation = 3
objRS.Open
'check for EOF
If(objRS.EOF) Then
'no records matched, invalid login
Response.Redirect("invalidLogin.asp")
'strErrorMessage = "Invalid Login. Try Again."
validLogin = false
Else
'added intLevel to add more security on 3/29/07
intLevel = Cint(objRS("intEmpSecurityLevel"))
intLevel = intLevel + 12345
sLevel = intLevel
'valid login, set session variables
Session("username") = UCase(strUserName)
Session("userpass") = UCase(strPassword)
Session("sLevel") = sLevel
'Session("sLevel") = objRS("intEmpSecurityLevel") - changed
to add more security on 3/29/07
Session("fn") = objRS("strEmpFN")
'release the RS
Set objRS.ActiveConnection = Nothing
Set objRS = nothing
'redirect off this page
Response.Redirect("custSearch.asp")
End If
End If
%>
I'm now having trouble removing the 12345 from their security
level in the custSearch.asp.
<%@LANGUAGE="VBSCRIPT"%>
<%Option Explicit%>
<%
Dim strUserName
Dim strPassword
Dim intSLevel
Dim isum
Dim intS
Dim intNewSLevel
Dim sLevel
Dim strFN
Dim strErrorMessage
Dim strError
'get pass parameters
strUserName = Session("username")
strPassword = Session("userpass")
intSLevel = Session("sLevel")
'add on 3/29/07 for security
'get the security level
isum = sLevel
'take isum which contains sLevel and subtract 12345 from it
isum = isum - 12345
'now intS equals security level in the db
intS = isum
'put into a session
Session("intS") = intS
strFN = Session("fn")
strErrorMessage = ("strError")
'If strErrorMessage = "" Then
'strError = "There is no customer with that last name."
'End If
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="
http://www.w3.org/1999/xhtml">
<head>
<title>Employee Intranet - Customer Database, Search
for a particular customer.</title>
<meta http-equiv="content-type" content="text/html;
charset=utf-8" />
<link rel="stylesheet" type="text/css"
href="../css/pop_style.css" />
<link rel="stylesheet" type="text/css"
href="../css/forms.css" />
<style type="text/css">
/* HMTL selectors start here */
h2 {
margin-bottom:15px;
p {
margin-bottom:20px;
hr {
border:thin;
border-color:#CCCCCC;
border-style:dotted;
width:100%;
text-align:center;
table {
width:300;
align:center;
cellpadding:2px;
cellspacing:2px;
margin-left:30%;
td {
font-size:14px;
font-style:normal;
font-weight:normal;
border:0;
padding:0;
/* HMTL selectors start here */
/* ID selectors start */
#mainText {
height:400px;
font-family:Arial, Helvetica, sans-serif;
font-size:14px;
text-align:left;
margin-left:1%;
margin-right:1%;
padding: 10px 5px;
word-spacing:1px;
letter-spacing:1px;
/* id ends here */
</style>
<script language="JavaScript" type="text/JavaScript">
<!-- function MM_reloadPage(init) { //reloads the window
if Nav4 resized if (init==true) with (navigator) {if
((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight;
onresize=MM_reloadPage; }} else if (innerWidth!=document.MM_pgW ||
innerHeight!=document.MM_pgH) location.reload(); }
MM_reloadPage(true); //-->
</script>
</head>
<body>
<!-- CASCADING POPUP MENUS v5.2 by Angus Turnbill
http://www.twinhelix.com -->
<script language="javascript" type="text/javascript"
src="../js/pop_core.js"></script>
<script language="javascript" type="text/javascript"
src="../js/pop_data.js"></script>
<!-- border begins here -->
<div id="border">
<!-- second nav start here -->
<div id="secNavBar"><a
href="../index.htm">Home</a> | <a
href="../htm/quality.htm">Quality</a>
| <a href="../htm/contactUs.htm">Contact
Us</a> | <a
href="../htm/siteMap.htm"> Site
Map</a></div>
<!-- logo starts here -->
<div id="logo">
<img src="../art/NewLogo.jpg" alt="Logo of IMPulse NC,
INC." usemap="#Map" />
<map name="Map" id="Map">
<area shape="rect" coords="5,3,280,74"
href="../index.htm" alt="Return to home page" />
</map>
</div>
<!-- primary navigation div tags starts here -->
<div id="priNav">
<a id="home" name="home"
style="visibility:hidden;">Home</a>
<!-- primary navigation div tags ends here -->
</div>
<!-- main text starts here -->
<div id="mainText">
<h2>Customer Database </h2>
<p
style="font-size:14px;font-style:normal;font-weight:normal;">Welcome
<%=strFN%></p>
<p
style="font-size:14px;font-style:normal;font-weight:normal;">Please
search for a customer by using the fields below. You can use one
field or multiple fields for your search.</p>
<!-- signIn form starts here -->
<div id="signIn">
<div id="CSearch">
<table>
<form action="results.asp" method="post" name="search"
id="search">
<tr>
<td width="98" height="29">Last Name:</td>
<td width="150" tabindex="1"><input type="text"
name="clname" size="25" maxlength="25" /></td>
</tr>
<tr>
<td height="30">First Name:</td>
<td tabindex="2"><input type="text" size="25"
maxlength="25" name="cfname" /></td>
</tr>
<tr>
<td height="30">Company:</td>
<td tabindex="3"><input type="text" size="25"
maxlength="25" name="ccomp" /></td>
</tr>
<tr>
<td height="48" colspan="2" tabindex="4">
<input type="submit" name="login" value="Submit" />
<input type="reset" name="Reset" value="Reset" />
<a href="logOut.asp">
<input type="button" name="logOut" value="Log Out" />
</a> </td>
</tr>
</form>
</table>
<!-- customer search form ends here -->
</div>
<blockquote> </blockquote>
<!-- signIn form ends here -->
</div>
<!-- main text ends here -->
</div>
<div id="btm_Bar">
100 IMPulse Way • Mount Olive, North Carolina 28365
• Main (919) 658-2200 • Fax (919) 658-2268<br />
©2006 IMPulse NC, Inc. All Rights Reserved. </div>
</div>
<script language="javascript" type="text/javascript"
src="../js/pop_events.js"></script>
<!-- Places text blinker in the uname text box thru
javascript -->
<script language="javascript" type="text/javascript">
document.search.clname.focus();
</script>
<!-- javascript ends here -->
<%
Response.Write(Session("username")) & "<br />"
Response.Write(Session("userpass")) & "<br />"
Response.Write(Session("sLevel")) & "<br />"
Response.Write(Session("intS")) & "<br />"
%>
</body>
</html>
What am I doing wrong?"pqer" <[email protected]> wrote in message
news:eugsik$kt5$[email protected]..
> What am I doing wrong?
1. You're allowing unfiltered user input into your SQL query.
I could do
some horrible damage to your system.
2. You have SELECT * in your query.
3. You're doing something that doesn't make any sense. Why
add a constant
to the security level just to subtract it again when you
actually want to
use it? You're just making more work for yourself. There is
no benefit
there. -
Hi,
I have Windows Server 2012 with SQL 2012 Standard SP1. I am using linked server, and Access Database Engine 2010 Redistributable to access my database file made in Microsoft Access (.mdb) from network file server.
EXEC master.dbo.sp_addlinkedserver @server = N'MyLinkedServer', @srvproduct=N'MyLinkedServer', @provider=N'Microsoft.ACE.OLEDB.12.0', @datasrc=N'\\myfileserver.mydomain.com\files\mydatabase.mdb'
My SQL service is running with domain service account MYDOMAIN\SQL1$ , i have added Full control for file share and NTFS permission on my file server folder (C:\Files).
When I open (as domain admin with UAC elevated permissions) on my DB server SQL Management studio, I can browse tables and everything works.
The problem is, if I open SQL management studio (as domain admin with UAC elevated permissions) on my File server or any other computer, when trying to browse my linked server i got error:
TITLE: Microsoft SQL Server Management Studio
Failed to retrieve data for this request. (Microsoft.SqlServer.Management.Sdk.Sfc)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&LinkId=20476
ADDITIONAL INFORMATION:
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
Cannot initialize the data source object of OLE DB provider "Microsoft.ACE.OLEDB.12.0" for linked server "Synesis_3PRO2013". (Microsoft SQL Server, Error: 7303)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&ProdVer=11.00.3000&EvtSrc=MSSQLServer&EvtID=7303&LinkId=20476
When I try to place simlpe Select SQL query I got error:
OLE DB provider "Microsoft.ACE.OLEDB.12.0" for linked server "MyLinkedServer" returned message "The Microsoft Access database engine cannot open or write to the file '\\myfileserver.mydomain.com\files\mydatabase.mdb'. It is already opened exclusively by another
user, or you need permission to view and write its data.".
I do not have any other program using my access database, and user has full control. I am trying to use in security mode - "For a login not defined in the list above, connections will be made without using a security context", i have also tried all four options.
I am confused becouse it works from SQL server but from any SQL client domain member computer/server it does not work.
I have same problem in another environment where I have Windows Server 2008 R2 and SQL 2008 R2 SP2.
Please help.
-- Hrvoje KusuljaNTFS must be fine since it works from same server using same accounts.
As I understand, adding my access file to Access trusted location could be a problem. I have tried now to add my access database file location to trusted locations for user which is my SQL service user (Windows Service - AD managed service account MYDOMAIN\SQL1$)
and my test user which I use to connect to sql server as a client from sql management studio. (Account is Domain Admins and have full permissions on SQL server also)
I have added this .reg:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security]
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security\Trusted Documents]
"LastPurgeTime"=dword:01592874
"DisablePromptOpenNetworkTrustedDocuments"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security\Trusted Locations]
"AllowNetworkLocations"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Access\Security\Trusted Locations\Location0]
"Description"="My file server"
"AllowSubFolders"=dword:00000001
"Path"="\\\\myfileserver.mydomain.com\\files\\"
I have done this for SQL service account user and my personal test account as I said. I have tried to logoff and restart sql service and all servers also.
The same problem still persists.
Anyway, thank you for giving me a hint.
Maybe you are looking for
-
ABAP+JAVA - Java-addon does not seem connected
Hi, I messed around with this new system a month ago and now that I finally got back to it the JAVA part don't seem to be working or the SCS instance is not connected to the Central Instance. The SCS instance seems to be running fine. Some questions:
-
Getting PDF files doesn't work on Windows 7?
Hi, I had a working installation of Adobe Output Central v5.5 on a Windows 2000 machine. I then tried to move it to Windows 7 because we want to change the hardare. I set up all programs to run as Windows 2000 under windows 7 (this is something yo
-
Javax.mail.MessagingException: Missing start boundary
I use the following code creates a Mime file MimeMultipart mmp = new MimeMultipart(); MimeBodyPart mbp = null; // add rootpart mbp = new MimeBodyPart(); mbp.setContentID("[email protected]");
-
Post Problems with H67MA-E35 (B3)
Hi maybe somebody can help me with this. I have a H67MA-E35 (B3) and start to face problems with post, no beeps no monitor signal nothing... the only way is let the PC disconected for a couple of hours or even a day and the mobo start normally but wh
-
I say this was addressed earlier, but it is not updated in the documentation? Will we have to use feeds to upload content to our track list now? I am a new iTunes U user and after reading the documentation it still says there is an upload file manage