Security Transports

Hi,
I have created almost 50+ transports for my upcoming golive. Is there any way that i can check all my transports are successfully moved to production instead of checking one by one.
Thanks
Lisa

Lisa,
There is no direct way of check the Transport requests in one go however, I have some tips and may by usefull for you.
1st Method:
Logon to Production server and execute Tcode STMS_IMPORT
Filter the Transport Requests on request column and paste the transort requests from upload from clipboard and execute.
Or you can filter by Owner name if all 50 TRs created by one user.
These option will show the list of selected TRs. Here you can see the Status column and see the Green right sign which indicates the succussfully movement of TRs on Production
2nd Method:
logon to DEV/QUA and execute Tcode STMS and goto the import queue of Production system. rest of the steps are same as method 1st.
Hope this will help you
Cheers
Lokendra

Similar Messages

What is Security & Transport Management system?

Hi,,,,
Can anyone help me out on
What is Security & Transport Management system?
Thanks,
Swamy
Edited by: Alvaro Tejada Galindo on Apr 4, 2008 6:02 PM

Hi Swamy,
Transport Management System is the process of reflecting the changes done in the Development server into Production Server.
When we start the development work, we assign the work to a Transport Request Number.
Once the development is completed the object is moved to Quality Server for Business Functionality Testing.
If the object meets the all the test conditions then finally it is moved to Production Server for the end user.
Security can be explained more effectively by any Basis person.
cheers!!!

BW Security - transport hierarchy in role. What if....

Hi All
This Query is related to BW Security .
The Process we flow is that we create a Hierarchy and we transport it to the production system
We then create a role and we link the Hierarchy to the object within the role.
What suppose if there is no Hierarchy structure for the particular customer maintained in dev and it is maintained in Production .
Is it possible to transport the hierarchy from Dev without its hierarchy structure maintained in Dev?
Is it possible that since data is existing in Production , so as an when this data sits in the UM of the production server , this automatically picks data from the UM?
Please Advice
Edited by: Julius Bussche on Feb 16, 2010 9:44 AM
Subject title improved slightly

These 3 threads of yours are starting to look like a series of interview questions.
Please follow up and provide feedback / results of your search, otherwise I will lock them.
Cheers,
Julius

Security transport/upload

Hello Experts,
we are facing a problem in Security, w did all security in our development environment, and now we want to transport it, we export an .OMA file in development with the security profiles and imported in Quality, but access right of each role did not got transported, now we are trying to make a .CSV file but we did not find the mapping between the RESOURCE and the corresponding name of the access right
Example:
Category Manager (access right name) = masterdata.CategoryManager (resource name)
In the enterprise we can find a document but the list that we have is not the list of all the Resources.
I will appreciate your comments

Hello,
We have standard query FCI-ACL-OML which will fetch all the ACLs
Suggest you to duplicate this query and add condition as
SELECT <%RESULTS%> FROM <%SCHEMA%>.FCI_UPP_SECURITY_ACL
WHERE DISPLAY_NAME LIKE 'Category Manager' AND
CONTEXTID=<%CONTEXT(upp.acl)%> <%ORDERBY%>
Then in .OMA export you have to select object list and use this query to fetch ACLs only for Category Manager.
Hope this Helps!
Raj.

Sample implementation of Transport-level security for Oracle Service Bus (O

I have a custom authentication library external to OSB.
How can I secure transport channel (JMS/EJB/etc) using external java api. Is there some sample implementation of this out there.
Thank you - version I am using is 11g

Can you describe in detail that which API you want to use and how would you like it to work? You may consider visiting below links -
http://docs.oracle.com/cd/E17904_01/doc.1111/e15866/message_level_cust_auth.htm#i1069719
Regards,
Anuj

Calling web service from SQL 2008 error: System.Security.HostProtectionException: Attempted to perform an operation that was forbidden by the CLR host.

Hi,
Im trying to use web service in c# sql database project. when running stored procedure, in which the web service should be called, im getting this error:
System.TypeInitializationException: The type initializer for 'System.ServiceModel.ClientBase`1' threw an exception. ---> System.Security.HostProtectionException: Attempted to perform an operation that was forbidden by the CLR host.
at System.ServiceModel.DiagnosticUtility.GetUtility()
at System.ServiceModel.DiagnosticUtility.get_Utility()
at System.ServiceModel.ClientBase`1..cctor()
The protected resources (only available with full trust) were:
All
The demanded resources were:
Synchronization, ExternalThreading
--- End of inner exception stack trace ---
at System.ServiceModel.ClientBase`1.InitializeChannelFactoryRef()
at System.ServiceModel.ClientBase`1..ctor()
at UMGClient..ctor()
at UMG_StoredProcedures.spUMG_ProcessEmail(SqlInt64 cid_request)
Here is the code:
using System;
using System.Data;
using System.Data.SqlClient;
using System.Data.SqlTypes;
using Microsoft.SqlServer.Server;
using CredexDB.Workflow;
using System.Collections.Generic;
using CredexDB.umgwcftest;
public partial class UMG_StoredProcedures
/// <summary>
/// </summary>
/// <param name="bankDate"></param>
/// <param name="stateCategory"></param>
[Microsoft.SqlServer.Server.SqlProcedure]
public static void spUMG_ProcessEmail( SqlInt64 cid_request )
SqlConnection conn = new SqlConnection("Context Connection=true;");
conn.Open();
try
SqlContext.Pipe.Send("A");
UMGClient umgcl = new UMGClient();
SqlContext.Pipe.Send("B");
UMGwcf.SoapExchangeMailMessage email = new UMGwcf.SoapExchangeMailMessage();
string[] names = new string[1];
names[0] = "[email protected]";
email.To = names;
email.Subject = "Test UmgWcf";
email.MessageBody = "Testovacia správa - ľľššččťťťýéáí";
email.From = "[email protected]";
email.Priority = 20;
email.Sender = 1;
email.DoNotArchive = false;
email.EncryptAndSign = false;
//long ret = umgcl.SendMailMessage(email);
catch (Exception e)
SqlContext.Pipe.Send("C");
SqlContext.Pipe.Send(e.ToString());
finally
SqlContext.Pipe.Send("D");
conn.Close();
private static void execSql(string sql, SqlConnection conn)
new SqlCommand(sql, conn).ExecuteNonQuery();
The error occurs at this row:
UMGClient umgcl = new UMGClient();
Here is the UMG class:
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "3.0.0.0")]
[System.ServiceModel.ServiceContractAttribute(Namespace="vub.sk/UMGwcf", ConfigurationName="IUMG")]
public interface IUMG
[System.ServiceModel.OperationContractAttribute(Action="vub.sk/UMGwcf/IUMG/SendMailMessage", ReplyAction="vub.sk/UMGwcf/IUMG/SendMailMessageResponse")]
long SendMailMessage(UMGwcf.SoapExchangeMailMessage message);
[System.ServiceModel.OperationContractAttribute(Action="vub.sk/UMGwcf/IUMG/ResendEmailMessage", ReplyAction="vub.sk/UMGwcf/IUMG/ResendEmailMessageResponse")]
long ResendEmailMessage(long emailid);
[System.ServiceModel.OperationContractAttribute(Action="vub.sk/UMGwcf/IUMG/GetEmailById", ReplyAction="vub.sk/UMGwcf/IUMG/GetEmailByIdResponse")]
UMGwcf.SoapDeliveredMailMessage GetEmailById(long emailid);
[System.ServiceModel.OperationContractAttribute(Action="vub.sk/UMGwcf/IUMG/SendSMSMessage", ReplyAction="vub.sk/UMGwcf/IUMG/SendSMSMessageResponse")]
long SendSMSMessage(UMGwcf.SoapSMSMessage smsmessage);
[System.ServiceModel.OperationContractAttribute(Action="vub.sk/UMGwcf/IUMG/GetSMSById", ReplyAction="vub.sk/UMGwcf/IUMG/GetSMSByIdResponse")]
UMGwcf.SoapDeliveredSMSMessage GetSMSById(long smsid);
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "3.0.0.0")]
public interface IUMGChannel : IUMG, System.ServiceModel.IClientChannel
[System.Diagnostics.DebuggerStepThroughAttribute()]
[System.CodeDom.Compiler.GeneratedCodeAttribute("System.ServiceModel", "3.0.0.0")]
public partial class UMGClient : System.ServiceModel.ClientBase<IUMG>, IUMG
public UMGClient()
public UMGClient(string endpointConfigurationName) :
base(endpointConfigurationName)
public UMGClient(string endpointConfigurationName, string remoteAddress) :
base(endpointConfigurationName, remoteAddress)
public UMGClient(string endpointConfigurationName, System.ServiceModel.EndpointAddress remoteAddress) :
base(endpointConfigurationName, remoteAddress)
public UMGClient(System.ServiceModel.Channels.Binding binding, System.ServiceModel.EndpointAddress remoteAddress) :
base(binding, remoteAddress)
public long SendMailMessage(UMGwcf.SoapExchangeMailMessage message)
return base.Channel.SendMailMessage(message);
public long ResendEmailMessage(long emailid)
return base.Channel.ResendEmailMessage(emailid);
public UMGwcf.SoapDeliveredMailMessage GetEmailById(long emailid)
return base.Channel.GetEmailById(emailid);
public long SendSMSMessage(UMGwcf.SoapSMSMessage smsmessage)
return base.Channel.SendSMSMessage(smsmessage);
public UMGwcf.SoapDeliveredSMSMessage GetSMSById(long smsid)
return base.Channel.GetSMSById(smsid);
the CLR where created as follows:
ALTER DATABASE XXXX SET TRUSTWORTHY ON;
CREATE ASSEMBLY [System.ServiceModel]
FROM 'C:\ttrojcak\System.Runtime.Serialization.dll'
WITH PERMISSION_SET = UNSAFE
CREATE ASSEMBLY [System.ServiceModel]
FROM 'C:\ttrojcak\System.ServiceModel.dll'
WITH PERMISSION_SET = UNSAFE
the message window shows warnings:
Warning: The Microsoft .NET Framework assembly 'system.servicemodel, version=3.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.web, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=x86.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.drawing, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.directoryservices, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.directoryservices.protocols, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.enterpriseservices, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=x86.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.runtime.remoting, version=2.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.runtime.serialization.formatters.soap, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.design, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.windows.forms, version=2.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'accessibility, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.drawing.design, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.web.regularexpressions, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.serviceprocess, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.configuration.install, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.identitymodel, version=3.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.messaging, version=2.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'system.identitymodel.selectors, version=3.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
Warning: The Microsoft .NET Framework assembly 'microsoft.transactions.bridge, version=3.0.0.0, culture=neutral, publickeytoken=b03f5f7f11d50a3a, processorarchitecture=msil.' you are registering is not fully tested in the SQL Server hosted environment and is not supported. In the future, if you upgrade or service this assembly or the .NET Framework, your CLR integration routine may stop working. Please refer SQL Server Books Online for more details.
creating store procedure:
EXEC sp_executesql N'
CREATE PROCEDURE [spUMG_ProcessEmail]
@cid_request bigint
AS
EXTERNAL NAME [CredexDB].[UMG_StoredProcedures].[spUMG_ProcessEmail]'
IF (@@ERROR = 0)
BEGIN
DECLARE @procSchema sysname
DECLARE @procName sysname
SELECT @procSchema = SCHEMA_NAME(schema_id), @procName = name
FROM sys.objects
WHERE object_id = OBJECT_ID(N'[spUMG_ProcessEmail]')
EXEC sp_addextendedproperty 'AutoDeployed', N'yes',
'SCHEMA', @procSchema,
'PROCEDURE', @procName
EXEC sp_addextendedproperty 'SqlAssemblyFile', N'UMG\UMG.cs',
'SCHEMA', @procSchema,
'PROCEDURE', @procName
EXEC sp_addextendedproperty 'SqlAssemblyFileLine', 95,
'SCHEMA', @procSchema,
'PROCEDURE', @procName
END
Any tips?
Thank you

and this moves me to another problem. the stored procedure spUMG_ProcessEmail is unable to find and read app.config
stored procedure is unable to read app.config. it is necesary to rewrite the xml config into c# code:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="BasicHttpBinding_IUMG" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="http://umgwcftest/UMGwcf.svc" binding="basicHttpBinding"
bindingConfiguration="BasicHttpBinding_IUMG" contract="IUMG"
name="BasicHttpBinding_IUMG" />
</client>
</system.serviceModel>
</configuration>
and the rewrited code:
BasicHttpBinding myBinding = new BasicHttpBinding();
myBinding.Name = "BasicHttpBinding_IUMG";
myBinding.CloseTimeout = new TimeSpan(00, 01, 00);
myBinding.OpenTimeout = new TimeSpan(00, 01, 00);
myBinding.ReceiveTimeout = new TimeSpan(00, 10, 00);
myBinding.CloseTimeout = new TimeSpan(00, 01, 00);
myBinding.AllowCookies = false;
myBinding.BypassProxyOnLocal = false;
myBinding.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
myBinding.MaxBufferSize = 65536;
myBinding.MaxBufferPoolSize = 524288;
myBinding.MaxReceivedMessageSize = 65536;
myBinding.MessageEncoding = WSMessageEncoding.Text;
myBinding.TextEncoding = System.Text.Encoding.UTF8;
myBinding.TransferMode = TransferMode.Buffered;
myBinding.UseDefaultWebProxy = true;
myBinding.ReaderQuotas.MaxDepth = 32;
myBinding.ReaderQuotas.MaxStringContentLength = 8192;
myBinding.ReaderQuotas.MaxArrayLength = 16384;
myBinding.ReaderQuotas.MaxBytesPerRead = 4096;
myBinding.ReaderQuotas.MaxNameTableCharCount = 16384;
myBinding.Security.Mode = BasicHttpSecurityMode.None;
myBinding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
myBinding.Security.Transport.ProxyCredentialType = HttpProxyCredentialType.None;
myBinding.Security.Transport.Realm = "";
myBinding.Security.Message.ClientCredentialType = BasicHttpMessageCredentialType.UserName;
myBinding.Security.Message.AlgorithmSuite = System.ServiceModel.Security.SecurityAlgorithmSuite.Default;
EndpointAddress endPointAddress = new EndpointAddress(new Uri("http://umgwcftest/UMGwcf.svc"));
SqlContext.Pipe.Send("2");
UMGClient umgcl = new UMGClient(myBinding, endPointAddress);
after that, I got another error and it's solution is here:
error and solution
So I got it finaly working

Security Issues: SSL on SOAP Adapter and Digital Signature in BPM

Hi there,
we're developing a R/3-XI-3rd Party Application scenario, where the XI/3rd Party communication is based on a webservice (SOAP adapter with SSL). Also, the messages in the XI/3rd Party communication must be digitally signed. I've got some questions on both subjects.
1. About the SSL. I've started to investigate what will be necessary to enable the HTTPS option under SOAP Adapter (it's not enabled now). If I'm not correct, all I need to do is:
- check whether the SAP Java Crypto Lib is installed in the Web AS;
- generate the certificate request in the Visual Administrator and, after acquiring the certificate, store it with the KeyStorage option.
Is that right?
I'm considering that I won't need to use SSL in the ABAP Web AS, only the J2EE Java Engine (since the SOAP Adapter is based on J2EE).
2. About the digital signature. As a first solution, we had decided on accessing a webservice based on another machine running a signature application. We'd send the unsigned XML and receive a signed XML. But since that needed to be done into the BPM, I thought that using a piece of Java code in a mapping would suit it better.
But to be able to use the hashing/encrypting/encoding algorithms, which library needs to be installed? Is it the same SAP Java Crypto Lib that was installed for the SSL enabling?
Thanks in advance!

Hello Henrique,
1. You're right. For detailed instructions please have a look at the online help: http://help.sap.com/nw04 - Security - Network and Transport Layer Security - Transport Layer Security on the SAP J2EE Engine
2. The SOAP adapter supports security profiles. Please have a look at the online docu http://help.sap.com/nw04 -Process Integration - SAP Exchange Infrastructure - Runtime - Connectivty - Adapters - SOPA Adapter - Configuring the Sender SOAP adapter and from the link under Security Parameters to the Sender Agreement. You'll find some additional information in the following document: http://service.sap.com/~sapdownload/011000358700002767992005E/HowToMLSXI30_02_final.pdf
Rgds.,
Andreas

TNS Listener Poison attack : Oracle Security Alert for CVE-2012-1675

Hi,
I'm looking to implement the following oracle document about COST but not sure what we need to do for Standby Environment ,
Can you guys please advise.
Oracle Using Class of Secure Transport (COST) to Restrict Instance Registration [ID 1453883.1]
Oracle Security Alert for CVE-2012-1675
Thanks

user097815 wrote:
with regrads to the below thread which mostly talks about Oracle Security Alert for CVE-2012-1675 "TNS Listener Poison Attack"....i just wanted to find out if this effect DB that are externally or internally....meaning 95% of our DB are in network(internally) behind our firewall....and rest of the 5% are outside our firewall facing the world wide web....so does this apply to both of just one ?The attack is on the Listener itself - so if you want to prevent this attack, you need to secure that Listener, irrespective of its location.
IMO, mandatory if you expose your Listener to an unsecured or public network (e.g. internet).
As for Listeners running on your internal network - if this attack is used, securing your Listeners mean very little IMO. Because your internal network already needs to be compromised in order for the attack to occur. Which means you have far more serious problems then someone attacking your Listeners.

Oracle Security Alert for CVE-2012-1675

Hi,
I want to know more about recent release "Oracle Security Alert" : http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html
Document available in https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1453883.1
Fix is about Class of Secure Transport (COST). I need to know about elaborate steps to find out whether this change is need to apply to my databases or not.
About my DBs : 10.2.4 , AIX, Nondefault Listener, Shared env , non RAC, local_listener is null & running in pfile.
Thx,
Gowin.

Hello;
Apply it. Very clean. Simple. No outage on Non-RAC. Biggest Impact is listener stop and start. Took about 3 minutes per server.
Tested today and had zero issues. ( Assumed you understood a CONNECT was part of the test ). Zero issues.
Had a thread on this here a few days ago :
Oracle TNS Poison vulnerability
See Oracle Support Note 1453883.1 for additional information.
Best Regards
mseberg
With all due respect this isn't very hard. Make a decision.
Edited by: mseberg on May 2, 2012 7:13 AM

Security issues in Mavericks 9.04

I just had a secure scan done on my Mavericks server. The main issues seem to be:
OpenSSL Running Version Prior to 0.9.8za Upgrade to OpenSSL version 0.9.8za or newer.
Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities (Upgrade to Apache version 2.3.2 or newer.)
Given that upgrading these would mean compiling and installing Apache and OpenSSL(which I'm not really keen to do) I'm wondering what experienced admins think of these threats.

pkmusic wrote:
Dumb question - so a self-signed SSL cert doesn't use Open SSL?
Certificates are used with ssh and SSL/TLS and such, yes. Most of OS X uses Secure Transport for its certificate- and SSL/TLS-related processing, but Apache does not. Apache is linked against OpenSSL.
Self-signed certificates lead to a different security issue.
An HTTPS site with a self-signed certificate will be considered untrusted by accessing web clients and the web browser will usually issue diagnostics before allowing access to the site or a diagnostic before marking the certificate as trusted, or that you've set up your own certificate chain and installed your own root certificate. That you're asking this question implies the former; that you're not really running HTTPS with a trusted certificate chain. Which generally means you can just shut off SSL/TLS.
As for the original question, here's how the scanner is likely detecting the down-revision versions — if you look at the server details being returned to the client, you'll see some information on Apache and OpenSSL versions embedded in the response:
$ telnet foo.example.com 80
Trying 10.1.3.1...
Connected to foo.example.com
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Jul 2014 14:40:11 GMT
Server: Apache/2.2.26 (Unix) PHP/5.4.24 mod_ssl/2.2.26 OpenSSL/0.9.8y DAV/2
Location: http://foo.example.com/
Cache-Control: max-age=1209600
Expires: Sun, 03 Aug 2014 14:40:11 GMT
Connection: close
Content-Type: text/html; charset=iso-8859-1
Connection closed by foreign host.
$
That won't get fixed without replacing Apache et al or one of the other options, as described in my earlier reply.
For completeness, some folks will manually configure the server to not return these details. That'll derail the the vulnerability scanner, certainly. It might not have the intended result, too, as the remote attackers can simply decide to throw every attack they have at your server — the attackers are not short on CPU cycles and network bandwidth, after all; unintended consequences.
As for using a self-signed cert and given you probably aren't providing file-level access to other folks, I'd not (personally) be particularly concerned about that vulnerability scan — one of the limitations with using vulnerability scanners is that you then have to go off and figure out if you're actually vulnerable to whatever the scanner is reporting. It's an issue certainly, but then you'll have to decide if your backups are complete and current and with copies kept off-site, and if your other security practices and password policies and such are also all up to date and secure, and at what else you might risk if the server is breached — if configuring a DMZ for your server might be appropriate, for instance, to isolate the server from the rest of your network should the server be breached.

Transport Guarantee Type

Hi all
I have this problem with a system trying to enabling a service: I started SOAMANAGER and activated the service with its endpoint and I can see correctly enabled in sicf as in web service navigator;but if I try totest it (via web service navigator) it prompt me for username and password. If I give it it ask me again and nothing happens (no message error is shown). Analyzing through Details of Service Definition->Edit->Provider Security->Transport Gurantee Type, I can see the option are:
1) HTTPS
2) Signature & Encryption (asymmetric binding)
3) Secure Conversation (Version: February 2005, symmetric binding) bootstrapped with SSL
Till now, I always have found a 4th option that is 'No Transport Gurantee' that here is not available.
What I would like to know is how can I enable this option or if it is not possible, how should I correct one of this to get the service working.
thanks to anyone can helpme
gabriele

Hi,
What type of service is this?
Check if 4th option of "No transport Guarantee" available for another services? if it is available then we need to check this particular service
Regards,
Gourav

How to download a file version from office 365 using csom

I need to download an older file version from office 365 and get the data into a byte array. I have no trouble downloading the latest version with File.OpenBinaryStream() and I have no trouble loading the previous file versions with File.Versions. But now
I need to actually download an older version of the file and it seems the only way is to use File.OpenBinaryDirect. So I am creating a client context using my oAuth access token and providing the correct path, but I am getting a (401) Unauthorized
error. Looking with Fiddler I can see that the call to OpenBinaryDirect is somehow trying to post to my file URL and the server is responding with 401.
context = TokenHelper.GetClientContextWithAccessToken(SPHostUrl, AccessToken);
FileInformation info = File.OpenBinaryDirect(context, "/" + _fileVersion.Url); //throws 401
//leading slash required otherwise ArgumentOutOfRangeException
I have to be able to access the older file versions with my c# code -- I don't have a viable app without that ability -- any help urgently needed and greatly appreciated!

Thank you SO much (Can't wait for the next release)!
For anyone else who lands here, here's the code I ended up using:
// VersionAccessUser and VersionAccessPassword are stored in web.config
// web.Url is loaded via the clientContext
// myVersion is the FileVersion I got from the file's Versions.GetById() method
// probably a lot of ways to get hostUrl, it just needs to be https://yourdomain.sharepoint.com/
// - I'm running my app from a subweb
// I had trouble following the links to get the full MsOnlineClaimsHelper code
// (the one on msdn.com was missing RequestBodyWriter, WSTrustFeb2005ContractClient,
// and IWSTrustFeb2005Contract
// so I've included the code I used here.
string myVersionFullUrl = string.Format("{0}/{1}", web.Url, myVersion.Url);
string userName = WebConfigurationManager.AppSettings.Get("VersionAccessUser");
string strPassword = WebConfigurationManager.AppSettings.Get("VersionAccessPassword");
string hostUrl = Regex.Replace(web.Url, "([^/]+//[^/]+/).*", "$1");
MsOnlineClaimsHelper claimsHelper = new MsOnlineClaimsHelper(hostUrl, userName, strPassword);
var client = new WebClient();
client.Headers["Accept"] = "/";
client.Headers.Add(HttpRequestHeader.UserAgent, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705;)");
client.Headers.Add(HttpRequestHeader.Cookie, claimsHelper.CookieContainer.GetCookieHeader(new Uri(hostUrl)));
var document = client.DownloadString(myVersionFullUrl);
// These classes are needed to download old versions of files (see: http://social.msdn.microsoft.com/Forums/en-US/7746d857-d351-49cc-b2f0-496663239e02/how-to-download-a-file-version-from-office-365-using-csom?forum=sharepointdevelopment)
// I cobbled this file from http://social.technet.microsoft.com/Forums/msonline/en-US/4e304493-7ddd-4721-8f46-cb7875078f8b/problem-logging-in-to-office-365-sharepoint-online-from-webole-hosted-in-the-cloud?forum=onlineservicessharepoint
// and http://fredericloud.com/2011/01/11/connecting-to-sharepoint-with-claims-authentication/
using Microsoft.IdentityModel.Protocols.WSTrust;
using Microsoft.SharePoint.Client;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Security;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.Text;
using System.Web;
using System.Xml;
using System.Xml.Linq;
namespace DPSiDoxAppWeb.Helpers
/// <summary>
/// Create a new contract to use for issue claims for the SharePoint requests
/// </summary>
[ServiceContract]
public interface IWSTrustFeb2005Contract
[OperationContract(ProtectionLevel = ProtectionLevel.EncryptAndSign,
Action = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue",
ReplyAction = "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue",
AsyncPattern = true)]
IAsyncResult BeginIssue(Message request, AsyncCallback callback, object state);
Message EndIssue(IAsyncResult asyncResult);
/// <summary>
/// Implement the client contract for the new type
/// </summary>
public class WSTrustFeb2005ContractClient : ClientBase<IWSTrustFeb2005Contract>, IWSTrustFeb2005Contract
public WSTrustFeb2005ContractClient(Binding binding, EndpointAddress remoteAddress)
: base(binding, remoteAddress)
public IAsyncResult BeginIssue(Message request, AsyncCallback callback, object state)
return Channel.BeginIssue(request, callback, state);
public Message EndIssue(IAsyncResult asyncResult)
return Channel.EndIssue(asyncResult);
/// <summary>
/// Create a class that will serialize the token into the request
/// </summary>
class RequestBodyWriter : BodyWriter
readonly WSTrustRequestSerializer _serializer;
readonly RequestSecurityToken _rst;
/// <summary>
/// Constructs the Body Writer.
/// </summary>
/// <param name="serializer">Serializer to use for serializing the rst.</param>
/// <param name="rst">The RequestSecurityToken object to be serialized to the outgoing Message.</param>
public RequestBodyWriter(WSTrustRequestSerializer serializer, RequestSecurityToken rst)
: base(false)
if (serializer == null)
throw new ArgumentNullException("serializer");
_serializer = serializer;
_rst = rst;
/// <summary>
/// Override of the base class method. Serializes the rst to the outgoing stream.
/// </summary>
/// <param name="writer">Writer to which the rst should be written.</param>
protected override void OnWriteBodyContents(XmlDictionaryWriter writer)
_serializer.WriteXml(_rst, writer, new WSTrustSerializationContext());
public class MsOnlineClaimsHelper
#region Properties
readonly string _username;
readonly string _password;
readonly bool _useRtfa;
readonly Uri _host;
CookieContainer _cachedCookieContainer = null;
DateTime _expires = DateTime.MinValue;
#endregion
#region Constructors
public MsOnlineClaimsHelper(string host, string username, string password)
: this(new Uri(host), username, password)
public MsOnlineClaimsHelper(Uri host, string username, string password)
_host = host;
_username = username;
_password = password;
_useRtfa = true;
public MsOnlineClaimsHelper(Uri host, string username, string password, bool useRtfa)
_host = host;
_username = username;
_password = password;
_useRtfa = useRtfa;
#endregion
#region Constants
public const string office365STS = "https://login.microsoftonline.com/extSTS.srf";
public const string office365Login = "https://login.microsoftonline.com/login.srf";
public const string office365Metadata = "https://nexus.microsoftonline-p.com/federationmetadata/2007-06/federationmetadata.xml";
public const string wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public const string wsu = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
private const string userAgent = "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)";
#endregion
class MsoCookies
public string FedAuth { get; set; }
public string rtFa { get; set; }
public DateTime Expires { get; set; }
public Uri Host { get; set; }
// Method used to add cookies to CSOM
public void clientContext_ExecutingWebRequest(object sender, WebRequestEventArgs e)
e.WebRequestExecutor.WebRequest.CookieContainer = getCookieContainer();
//e.WebRequestExecutor.WebRequest.UserAgent = userAgent;
// Creates or loads cached cookie container
CookieContainer getCookieContainer()
if (_cachedCookieContainer == null || DateTime.Now > _expires)
// Get the SAML tokens from SPO STS (via MSO STS) using fed auth passive approach
MsoCookies cookies = getSamlToken();
if (cookies != null && !string.IsNullOrEmpty(cookies.FedAuth))
// Create cookie collection with the SAML token
_expires = cookies.Expires;
CookieContainer cc = new CookieContainer();
// Set the FedAuth cookie
Cookie samlAuth = new Cookie("FedAuth", cookies.FedAuth)
Expires = cookies.Expires,
Path = "/",
Secure = cookies.Host.Scheme == "https",
HttpOnly = true,
Domain = cookies.Host.Host
cc.Add(samlAuth);
if (_useRtfa)
// Set the rtFA (sign-out) cookie, added march 2011
Cookie rtFa = new Cookie("rtFA", cookies.rtFa)
Expires = cookies.Expires,
Path = "/",
Secure = cookies.Host.Scheme == "https",
HttpOnly = true,
Domain = cookies.Host.Host
cc.Add(rtFa);
_cachedCookieContainer = cc;
return cc;
return null;
return _cachedCookieContainer;
public CookieContainer CookieContainer
get
if (_cachedCookieContainer == null || DateTime.Now > _expires)
return getCookieContainer();
return _cachedCookieContainer;
private MsoCookies getSamlToken()
MsoCookies ret = new MsoCookies();
try
var sharepointSite = new
Wctx = office365Login,
Wreply = _host.GetLeftPart(UriPartial.Authority) + "/_forms/default.aspx?wa=wsignin1.0"
//get token from STS
string stsResponse = getResponse(office365STS, sharepointSite.Wreply);
// parse the token response
XDocument doc = XDocument.Parse(stsResponse);
// get the security token
var crypt = from result in doc.Descendants()
where result.Name == XName.Get("BinarySecurityToken", wsse)
select result;
// get the token expiration
var expires = from result in doc.Descendants()
where result.Name == XName.Get("Expires", wsu)
select result;
ret.Expires = Convert.ToDateTime(expires.First().Value);
HttpWebRequest request = createRequest(sharepointSite.Wreply);
byte[] data = Encoding.UTF8.GetBytes(crypt.FirstOrDefault().Value);
using (Stream stream = request.GetRequestStream())
stream.Write(data, 0, data.Length);
stream.Close();
using (HttpWebResponse webResponse = request.GetResponse() as HttpWebResponse)
// Handle redirect, added may 2011 for P-subscriptions
if (webResponse.StatusCode == HttpStatusCode.MovedPermanently)
HttpWebRequest request2 = createRequest(webResponse.Headers["Location"]);
using (Stream stream2 = request2.GetRequestStream())
stream2.Write(data, 0, data.Length);
stream2.Close();
using (HttpWebResponse webResponse2 = request2.GetResponse() as HttpWebResponse)
ret.FedAuth = webResponse2.Cookies["FedAuth"].Value;
ret.rtFa = webResponse2.Cookies["rtFa"].Value;
ret.Host = request2.RequestUri;
else
ret.FedAuth = webResponse.Cookies["FedAuth"].Value;
ret.rtFa = webResponse.Cookies["rtFa"].Value;
ret.Host = request.RequestUri;
catch (Exception ex)
return null;
return ret;
static HttpWebRequest createRequest(string url)
HttpWebRequest request = HttpWebRequest.Create(url) as HttpWebRequest;
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.CookieContainer = new CookieContainer();
request.AllowAutoRedirect = false; // Do NOT automatically redirect
request.UserAgent = userAgent;
return request;
private string getResponse(string stsUrl, string realm)
RequestSecurityToken rst = new RequestSecurityToken
RequestType = WSTrustFeb2005Constants.RequestTypes.Issue,
AppliesTo = new EndpointAddress(realm),
KeyType = WSTrustFeb2005Constants.KeyTypes.Bearer,
TokenType = Microsoft.IdentityModel.Tokens.SecurityTokenTypes.Saml11TokenProfile11
WSTrustFeb2005RequestSerializer trustSerializer = new WSTrustFeb2005RequestSerializer();
WSHttpBinding binding = new WSHttpBinding();
binding.Security.Mode = SecurityMode.TransportWithMessageCredential;
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Message.EstablishSecurityContext = false;
binding.Security.Message.NegotiateServiceCredential = false;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
EndpointAddress address = new EndpointAddress(stsUrl);
using (WSTrustFeb2005ContractClient trustClient = new WSTrustFeb2005ContractClient(binding, address))
trustClient.ClientCredentials.UserName.UserName = _username;
trustClient.ClientCredentials.UserName.Password = _password;
Message response = trustClient.EndIssue(
trustClient.BeginIssue(
Message.CreateMessage(
MessageVersion.Default,
WSTrustFeb2005Constants.Actions.Issue,
new RequestBodyWriter(trustSerializer, rst)
null,
null));
trustClient.Close();
using (XmlDictionaryReader reader = response.GetReaderAtBodyContents())
return reader.ReadOuterXml();

Do I have a Bug or a Virus?

I know Mac's are essentially virus free, but my Mac is beginning to act like a PC. Here are some of the problems or symptoms I've experienced:
1. One of the most prominent symptoms was a thin, black border that appeared on many applications. It always surrounded one of the folder icons on my desktop. If I was asked to type in a password, the space where you type in the password would be surrounded with the black border. If I opened Disk Utility, the panel on the left that lists my drives was surrounded by a black border.
Curiously, that issue has apparently disappeared.
2. On a couple occasions when I clicked the Apple icon to restart my computer, instead of seeing the choices Restart, Shut Down and Log Out MyName, it said Restart, Restart, Shut Down, Shut Down, Log Out MyName, Log Out MyName.
3. The last time I tried to restart my computer, I got a message that it couldn't restart until I closed DataSettings, or something like that. I clicked Restart again, and it worked the second time.
4. When I repair my disk permissions, I always get three "ACL" errors. I haven't researched this issue thoroughly, but I understand it's controversial and may not really be a problem. I've been told that the Leopard update 10.5.2 should fix it. However, I first noticed the problem AFTER I installed that update.
5. I opened Photoshop, created an image and saved it to the desktop, only to discover SEVERAL copies of the image, one with the name I assigned, the others named Picture1, Picture2, or something like that.
6. My external keyboard stopped working. At first, it stopped intermittently, making me think I was simply suffering from sticky key syndrome. But it got progressively worse until it simply ceased functioning, though the keyboard built into my laptop continued to work. When I restarted my computer, my external keyboard worked fine.
The first four problems I listed are essentially annoyances which have caused no problems that I'm aware of. The other two are serious problems.
My longest running problem relates to closing programs. Many programs won't close, unless I right-click on their icon in the dock and choose Quit or Force Quit. I would classify this as another annoyance; it can be a pain in the butt when I want to restart my computer but first have to right-click on several icons to make sure everything is closed.
In fact, I may have already found the culprit. I heard about a cool browser plugin in from http://www.piclens.com/ and installed it on both Safari and Firefox. It was a complete disaster. It doesn't work in either one, after which Firefox crashes and Safari freezes EVERYTHING; I can't continue until I press Command-Option-Esc and quit Safari.
I think the thin black borders appeared about the time I installed this extension. I think the second problem I listed - the thin black border - appeared about the time I installed this plugin. Many of the other problems I listed also popped up just recently, though the ACL permissions errors have been with me a little longer.
But is it possible for a browser plugin to cause such a diversity of problems? I contacted PicLens.com for technical support. I want to try and fix it before I uninstall it. In fact, I'm a little nervous about uninstalling programs, lest I do it wrong and make things worse.
Anyway, can anyone shed any light on my situation?
Thanks.

MACS don't get viruses?
Your other information was right on, but lets not get crazy .
here's a short list of vulnerabilities from cert.org
VU#498105 10/14/2007 Apple Mac OS X CoreText uninitialized pointer vulnerability
VU#147587 10/22/2001 Mac OS X utility gm4 contains format string vulnerability
VU#765096 11/09/2006 Mac OS X kernel "fpathconf()" syscall fails to properly handle unknown file types
VU#708340 08/01/2006 Apple Mac OS X AFP server may disclose file and folder information in search results
VU#706838 05/03/2005 Apple Mac OS X vulnerable to buffer overflow via vpnd daemon
VU#582934 05/03/2005 Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable
VU#464662 01/25/2005 Apple Mac OS X vulnerable to information disclosure in "Message-ID" header
VU#678150 01/18/2005 Apple Mac OS X "at" utilities fail to drop privileges properly
VU#174790 05/28/2004 Apple Mac OS X vulnerable to privilege escalation when using Directory Services
VU#578798 05/17/2004 Apple Mac OS X help system may interpret inappropriate local script files
VU#210606 05/17/2004 Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location
VU#774345 02/12/2008 Apple Mac OS X fails to properly handle a crafted URL
VU#559444 03/13/2007 Apple Mac OS X ImageIO integer overflow vulnerability
VU#116100 05/24/2007 Apple Mac OS X iChat UPnP buffer overflow
VU#346656 11/26/2006 Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries
VU#557064 03/13/2007 Apple Mac OS X DirectoryService may allow arbitrary users to change the root password
VU#838404 09/29/2006 Apple kernel exception handling vulnerability
VU#575372 08/01/2006 Apple Mac OS X AFP server vulnerable to an integer overflow when file sharing is enabled
VU#180692 08/01/2006 Apple Mac OS X AFP server vulnerable to DoS via maliciously-crafted AFP request
VU#529945 09/21/2005 Apple Mac OS X QuickDraw Manager fails to properly handle corrupt PICT files
VU#172948 08/15/2005 Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files
VU#420316 08/15/2005 Apple Mac OS X Safari vulnerable to arbitrary command execution via URLs in PDF files
VU#913820 08/15/2005 Apple Mac OS X Directory Services contains a buffer overflow
VU#461412 08/15/2005 Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow
VU#354486 05/03/2005 Apple Mac OS X Server NetInfo Setup Tool fails to validate command line parameters
VU#140470 05/03/2005 Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service
VU#258390 05/03/2005 Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users
VU#980078 01/25/2005 Apple Mac OS X vulnerable to buffer overflow in ColorSync ICC color profile handling
VU#439395 06/10/2001 Apache web server performs case sensitive filtering on Mac OS X HFS+ case insensitive filesystem
VU#902374 01/28/2004 Apple Mac OS X TruBlueEnvironment vulnerable to buffer overflow
VU#773190 06/07/2004 Mac OS X Safari "Show in Finder" option may allow arbitrary file execution
VU#869548 05/19/2003 Apple Mac OS X IPSec mechanism fails to handle certain incoming security policies that match by port
VU#578886 02/24/2004 Apple Mac OS X contains a vulnerability in DiskArbitration when initializing writable removable media
VU#873868 03/13/2007 Apple Mac OS X ImageIO memory corruption vulnerability
VU#800296 11/28/2006 Apple Mac OS X Apple Type Services server contains multiple buffer overflows
VU#168020 08/01/2006 Apple Mac OS X AFP server stores reconnect keys in a world-readable file
VU#435188 08/15/2005 Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files
VU#145486 05/03/2005 Apple Cocoa applications vulnerable to denial of service via malformed TIFF image
VU#194238 02/24/2004 Apple Mac OS X Safari fails to properly display URLs in the status bar
VU#177243 09/10/2001 Mac OS X Finder creates world-readable ".FBCIndex" file thereby disclosing sensitive information
VU#841742 02/24/2004 Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability
VU#878526 12/15/2003 Apple Mac OS X "cd9660.util" buffer overflow
VU#987118 02/10/2004 Microsoft Virtual PC for Mac insecurely handles temporary file
VU#399355 11/15/2001 Cisco IOS and CatOS fail to properly validate ARP packets thereby overwriting device's MAC address in ARP table
VU#221876 05/24/2007 Apple Mac OS X mDNSResponder buffer overflow vulnerability
VU#396820 03/13/2007 Apple QuickDraw Manager heap buffer overflow vulnerability
VU#124280 03/13/2007 Apple Mac OS X fails to properly handle crafted AppleSingleEncoding disk images
VU#515792 01/11/2007 Apple Mac OS X DMG UFS byteswapsbin() function Integer Overflow
VU#323424 11/28/2006 Apple Mac OS X Apple Type Services server fails to securely create error log files
VU#734032 11/28/2006 Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available
VU#988356 06/27/2006 Apple Mac OS X vulnerable to stack-based buffer overflow via specially crafted TIFF file
VU#652196 06/27/2006 Apple Mac OS X Open Directory server vulnerable to DoS via an invalid LDAP request
VU#983429 05/10/2005 Apple Mac OSX executes arbitrary widget with same "bundle identifier" as system widget
VU#331694 05/03/2005 Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs
VU#356070 05/03/2005 Apple Terminal fails to properly sanitize input for "x-man-page" URI
VU#704110 09/08/2004 Apple Mac OS X CoreFoundation CFPlugIn facilities automatically load plug-in executables
VU#545446 09/08/2004 Apple Mac OS X CoreFoundation contains a buffer overflow vulnerability
VU#870960 11/28/2006 Apple Mac OS X PPP driver fails to properly validate PADI packets
VU#202604 10/03/2006 Skype for Mac contains a format string error in the handling of URI arguments
VU#651844 08/01/2006 Apple Mac OS X ImageIO contains undetected memory failure in GIF image handling
VU#605908 08/01/2006 Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted GIF image
VU#172244 08/01/2006 Apple Mac OS X ImageIO vulnerable to integer overflow via specially crafted Radiance image
VU#566132 08/01/2006 Apple Mac OS X WebKit may allow code execution when visiting a malicious website
VU#629845 01/10/2006 Apple QuickTime image handling buffer overflow
VU#351217 12/22/2005 Apple Safari WebKit component vulnerable to buffer overflow
VU#650681 09/21/2005 Apple Mac OS X ImageIO fails to properly handle corrupt GIF files
VU#775661 05/08/2005 Apple Safari automatically installs Dashboard widgets
VU#287067 10/04/2001 Microsoft PowerPoint and Excel fail to properly detect macros thereby automatically executing malicious code via crafted document (MS01-050)
VU#367424 11/20/2006 Apple Mac OS X fails to properly handle corrupted DMG image structures
VU#240880 01/09/2007 Apple Mac OS X Finder DMG volume name buffer overflow
VU#315856 01/23/2007 Apple Mac OS X UserNotificationCenter privilege escalation vulnerability
VU#681056 11/28/2006 Apple Mac OS X CFNetwork may allow arbitrary FTP commands to be executed via a crafted FTP URI
VU#546772 09/29/2006 Apple Mac OS X JPEG2000 image handling buffer overflow
VU#776628 08/01/2006 Apple Mac OS X bootpd vulnerable to stack-based buffer overflow
VU#527236 08/01/2006 Apple Mac OS X Image RAW vulnerable to buffer overflow via specially crafted Canon RAW image
VU#687201 01/10/2006 Apple QuickTime and iTunes QTIF image buffer overflow
VU#980084 03/13/2006 Apple Mail buffer overflow vulnerability
VU#945747 10/18/2001 Mac OS X executes 'recent items' with privileges of foreground application
VU#905292 12/18/2007 Apple Safari code execution vulnerability
VU#515968 08/15/2007 Yahoo! Messenger webcam stream heap overflow
VU#214040 11/21/2006 Apple Mac OS X fails to properly handle corrupted UDTO HFS+ image structures
VU#371648 11/28/2006 Apple Mac OS X ftpd may allow arbitrary users to determine account name validity
VU#897628 09/29/2006 Apple Mac OS X may allow network accounts to bypass service access controls
VU#514740 08/01/2006 Apple Mac OS X Bom vulnerable to memory corruption via specially crafted ZIP file
VU#128414 08/10/2004 Apple Safari fails to properly handle form data in HTTP redirects
VU#433819 11/25/2007 Apple Mail remote command execution vulnerability
VU#345233 07/31/2006 McAfee Virex fails to properly authenticate the source of updates
VU#811384 11/28/2006 Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
VU#907836 06/29/2006 Apple iTunes fails to properly parse AAC files
VU#310387 02/27/2002 Cisco IOS discloses fragments of previous packets when Express Forwarding is enabled
VU#467828 05/27/2003 Mac OS X LDAP plugins transmit user credentials in clear text
VU#848960 11/28/2006 Apple Mac OS X WebKit deallocated object access vulnerability
VU#999708 02/19/2006 Apple Safari automatically executes arbitrary shell commands or code
VU#176732 03/02/2006 Apple Safari vulnerable to buffer overflow
VU#709220 08/15/2005 Apple Safari fails to perform security checks on links in rich text content
VU#377368 01/11/2005 Apple iTunes fails to properly handle overly long URLs in playlists
VU#110803 05/23/2001 CrushFTP Server does not adequately filter user input thereby permitting directory traversal
VU#648406 05/03/2004 Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests
VU#190089 06/13/2006 Microsoft PowerPoint malformed record vulnerability
VU#758582 06/07/2005 Yamaha MusicCAST MCX-1000 wireless network interface operates in Access Point mode by default
VU#971364 05/02/2003 HP-UX "kermit" vulnerable to buffer overflow
VU#583020 05/07/2003 XMMS Remote input validation error
VU#106678 05/12/2004 IEEE 802.11 wireless network protocol DSSS CCA algorithm vulnerable to denial of service
VU#836024 01/30/2007 Apple iChat fails to properly handle crafted TXT key hashes
VU#289705 05/11/2006 Apple Quicktime JPEG integer overflow
VU#570689 05/11/2006 Apple QuickTime FlashPix integer overflow
VU#519473 05/11/2006 Apple Safari fails to properly handle archive files containing symbolic links
VU#582681 07/11/2007 Apple QuickTime fails to properly handle malformed movie files
VU#449440 03/13/2007 Apple ColorSync buffer overflow vulnerability
VU#683700 09/12/2006 Apple QuickTime movie buffer overflow vulnerability
VU#587937 05/11/2006 Apple QuickTime MPEG-4 movie buffer overflow
VU#150753 01/10/2006 Apple QuickTime TIFF image "StripByteCounts" integer overflow
VU#921193 01/10/2006 Apple QuickTime fails to properly handle corrupt media files
VU#913449 01/10/2006 Apple QuickTime fails to properly handle corrupt GIF images
VU#389868 Apple WebKit frame rendering memory corruption vulnerability
VU#191336 11/01/2006 Apple Airport driver fails to properly handle probe response frames
VU#115729 01/10/2006 Apple QuickTime fails to properly handle corrupt TGA images
VU#146284 11/07/2005 Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
VU#479268 05/28/2003 Apache HTTPD contains denial of service vulnerability in basic authentication module
VU#659761 11/23/2007 Apple QuickTime RTSP Content-Type header stack buffer overflow
VU#289988 06/25/2007 Apple Safari cross-domain HTTP redirection race condition
VU#258744 11/28/2006 Apple Mac OS X Finder fails to properly handle malformed .DS_Store files
VU#489836 09/12/2006 Apple QuickTime fails to properly handle FLC movies
VU#308204 09/12/2006 Apple QuickTime fails to properly handle SGI images
VU#861817 03/06/2007 Apple QuickTime UDTA atom integer overflow
VU#552136 01/10/2007 Apple Mac OS X UFS filesystem integer overflow vulnerability
VU#149953 01/15/2003 ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received
VU#274496 10/12/2004 Microsoft Excel parameter validation error
VU#945060 03/14/2006 Adobe Flash products contain multiple vulnerabilities
VU#312424 04/19/2007 Apple AFP Client privilege escalation vulnerability
VU#410993 03/06/2007 Apple QuickTime QTIF integer overflow
VU#583552 11/30/2006 Apple Airport Extreme fails to properly process 802.11 frames
VU#847468 09/29/2006 Apple Workgroup Manager fails to properly enable ShadowHash passwords
VU#112179 01/10/2008 Apple QuickTime RTSP Response message Reason-Phrase buffer overflow vulnerability
VU#770904 06/26/2007 RealNetworks players SMIL "wallclock" buffer overflow
VU#880561 03/06/2007 Apple QuickTime movie heap buffer overflow vulnerability
VU#822481 03/06/2007 Apple Quicktime fails to properly process specially crafted MIDI files
VU#821772 10/10/2006 Microsoft Excel fails to properly handle Lotus 1-2-3 files
VU#313225 03/06/2007 Apple QuickTime QTIF heap buffer overflow
VU#448745 03/06/2007 Apple QuickTime PICT heap buffer overflow
VU#706668 10/10/2006 Microsoft Excel fails to properly process malformed DATETIME records
VU#252500 10/10/2006 Microsoft Excel fails to properly process malformed COLINFO records
VU#234900 10/10/2006 Microsoft Office fails to properly parse malformed strings
VU#534276 10/10/2006 Microsoft Office fails to properly parse malformed chart records
VU#200316 09/12/2006 Apple QuickTime vulnerable to denial of service via specially crafted FlashPix file
VU#19124 01/20/98 SSH authentication agent follows symlinks via a UNIX domain socket
VU#205948 10/10/2006 Microsoft PowerPoint malformed record memory corruption
VU#187028 10/10/2006 Microsoft PowerPoint fails to properly handle malformed object pointers
VU#143292 07/03/2006 Microsoft Excel fails to properly process malformed STYLE records
VU#231204 09/27/2006 Microsoft PowerPoint fails to properly handle malformed records
VU#938196 10/10/2006 Microsoft PowerPoint fails to properly handle malformed data records
VU#936945 07/13/2006 Microsoft PowerPoint does not properly handle malformed shapes
VU#554252 09/12/2006 Apple QuickTime Player H.264 Codec contains an integer overflow
VU#540348 09/12/2006 Apple QuickTime fails to properly handle FlashPix files
VU#802324 06/16/2006 Microsoft Excel vulnerability
VU#613740 02/02/2007 Microsoft Excel memory access vulnerability
VU#243681 06/29/2006 OpenOffice.org may fail to properly contain certain Java applets
VU#642433 03/06/2007 Apple QuickTime QTIF stack buffer overflow
VU#835936 11/28/2006 Apple Type Services server font processing buffer overflow
VU#568689 03/06/2007 Apple QuickTime 3GP integer overflow
VU#353945 05/30/2006 Secure Elements Class 5 AVR client generates predictable CEIDs
VU#599220 06/27/2006 ClamAV vulnerable to buffer overflow via malicious database mirror
VU#442497 01/02/2007 Apple QuickTime RTSP buffer overflow

B2B adapter is not polling any data from EDI X12 810 ECS file

Hi All,
I am new to Oracle B2B. I am using
Jdev 11.1.1.6
Oracle Editor : 7.0.5.4016
Document Protocol : EDI_X12
Document type : 810 (Invoice )
Version: 4010
Weblogic server :11.1.1.6.0
Requirement is : i had an EDI file and i need to translate the EDI map using the B2B adapter, transport to SOA Suite and insert into a custom DB.
Issue is : B2B adapter is not polling any data from EDI X12 810 ECS file
for this i created sample EDI X12 810 ecs file, i converted the same to .xsd and .dat file. I created partner, and while configuring channel i used '*Generic File 1.0*' protocol and i given folder path( i also checked, by just giving folder Name) in the folder name property of 'Transport Protocol Parameters' , i also placed sample xml file into this folder. And I created sample process in Jdev to poll data from this folder.
build and deployment is fine for this process, but no instances is created for this process. and the Process is not Polling any data from the folder which i mentioned in the Transport Protocol Parameters.
is this the way am doing is wrong for my current requirement or am i did any wrong step (as stated above ) ? Please help me. How can i receive data from this EDI file to my bpel process so that i can continue with the rest of the Process. Thank you in advance
Edited by: 979032 on Feb 12, 2013 11:02 PM
Edited by: 979032 on Feb 13, 2013 12:14 AM

Hi Anuj ,
I placed .dat file now. The file Picked by B2B adapter. But i was getting the Error. The error i found in Business Message as
"Error Code     B2B-50547
Error Description     Machine Info: (soabpm-vm) Description: Agreement not found for trading partners: FromTP null, ToTP MyCompany with document type 810-3070-INBOUND.
Error Level     ERROR_LEVEL_COLLABORATION
Error Severity     ERROR
Error Text     Agreement not found for trading partners: FromTP null, ToTP MyCompany with document type 810-3070-INBOUND. "
But i created agreement for the partner and my document type name is "NewDocumentType" and in the wire message a am getting as shown below
Id     7F00000113CFC36785C0000017D7E2B0
Message Id     7F00000113CFC36785C0000017D7E2B0
Business Message     7F00000113CFC367A450000017D7E2B7
Packed Message     Packed Message
Payload     Payload
Protocol Message Id     EDIX12810.dat@7F00000113CFC36799B0000017D7E2B4
Refer To Protocol Message Id
Protocol Collaboration Id
Protocol Transport Binding     filename=EDIX12810.dat filesize=2289 ChannelName=MyCompany_ListeningChannel file_ext=dat fullpath=/home/oracle/Desktop/B2BFiles/EDIX12810.dat timestamp=2013-02-21T01:58:21.000-08:00 MSG_RECEIVED_TIME=Thu Feb 21 02:04:53 PST 2013
Message Digest     Message Digest
Digest Algorithm
Transport Protocol     File
Transport Protocol Version     1.0
Url     file://localhost//home/oracle/Desktop/B2BFiles/
security
Transport Headers     filename=EDIX12810.dat filesize=2289 ChannelName=MyCompany_ListeningChannel file_ext=dat fullpath=/home/oracle/Desktop/B2BFiles/EDIX12810.dat timestamp=2013-02-21T01:58:21.000-08:00 MSG_RECEIVED_TIME=Thu Feb 21 02:04:53 PST 2013
certificates     certificates
State     ERROR
Reattempt Count
Error Code
Error Description
Error Text
exchangeRetryInterval
exchangeRemainingRetry
Message Size     2289
I also has one more doubt, now i created ecs,xsd and .dat by selecting sample EDI file in Document editor. suppose i want create the same ecs ,.xsd and .dat for my gentran file which is of EDI x12 810 standard but i have it in PDF format , then how can i access that to in Document editor ( in the import option, i found Gentran DDF and Gentran Unix IG and i was getting the following error while importing my PDF file
ErrorCode : 0xC00CE508
File Position : 10
Line Number : 2
LineByte Position :2
Reason: An invalid character was found in text content error) so that i can create .dat file and i can place the same in my folder in order to pick the file.
Please help us . Thank you .
Regards,
Kotresh
Edited by: 979032 on Feb 21, 2013 2:17 AM

B2B - Error While sending the document to GXS from Oracle B2B server.

When I am trying to send the document to GXS, getting the following error. This message is show in the window that pops up when you click on Reports->WireMessage->Details of the Message.
I am trying to find what is causing the issue.
State ERROR
Error Code B2B-50079
Error Description Transport error: [IPT_HttpSendHttpResponseError] HTTP response error :sun.security.validator.ValidatorException: No trusted certificate found.
Error Text Transport error: [IPT_HttpSendHttpResponseError] HTTP response error :sun.security.validator.ValidatorException: No trusted certificate found.
Here is the complete details from the Window.
Id 812E875712EA19A8EEC000005EF51ED3
Message Id 4e45f5dff566a29f:-ce624b0:12ea1982d56:-7ff3
Business Message 812E875712EA19A8E88000005EF51ED0
Packed Message Packed Message
Payload Payload
Protocol Message Id 4e45f5dff566a29f:-ce624b0:12ea1982d56:-7ff3
Refer To Protocol Message Id
Protocol Collaboration Id
Protocol Transport Binding TO=Trader_Joes content-type=application/HTTPstream,actionrequest Content-Transfer-Encoding=binary FROM=AcmeSystems MESSAGE-ID=4e45f5dff566a29f:-ce624b0:12ea1982d56:-7ff3 DATE=Thu, 10 Mar 2011 21:09:43 GMT Connection=close Content-Type=text/plain; charset=us-ascii
Message Digest Message Digest
Digest Algorithm
Transport Protocol HTTP
Transport Protocol Version 1.1
Url https://web.tradinggrid.gxs.com/invoke/gxs.https/receive
security
Transport Headers TO=Trader_Joes content-type=application/HTTPstream,actionrequest Content-Transfer-Encoding=binary FROM=AcmeSystems MESSAGE-ID=4e45f5dff566a29f:-ce624b0:12ea1982d56:-7ff3 DATE=Thu, 10 Mar 2011 21:09:43 GMT Connection=close Content-Type=text/plain; charset=us-ascii
certificates certificates
State ERROR
Error Code B2B-50079
Error Description Transport error: [IPT_HttpSendHttpResponseError] HTTP response error :sun.security.validator.ValidatorException: No trusted certificate found.
Error Text Transport error: [IPT_HttpSendHttpResponseError] HTTP response error :sun.security.validator.ValidatorException: No trusted certificate found.
exchangeRetryInterval
exchangeRemainingRetry
Message Size 0
Here is the Setup We did sofar.
1) Created the Document Definition.
     PositionalFlatFile-VDA-1998-4913v4-4913v4_Definition
2) Created Trading Partner Profile
     Trader_Joes
3) Added Document Definition to the TP as receiver.
4) Configured a channel with Protocol "Generic HTTP-1.0". Is it showing only one entry, HTTP.
     Transport Protocol: Selected "HTTP" from the dropdown list.
     url: https://web.tradinggrid.gxs.com/invoke/gxs.https/receive
     username: xxxx
     password: xxxx
     Additional transport headers: content-type=application/HTTPstream,actionrequest=upload,receiverid=xxxxxxx,datatype=EDI,aprf=TEST,snrf=12345678
NOTE: I don't see tabs for "Exchange Protocol Parameters" and "Security". It only shows "Transport Protocol Parameters" and "Channel Attributes" tabs.
=====
5) Created Agreement with the document defition that was created.
6) Deployed the Agreement and it is showing "Active" state.
7) Created a Keystore on the server using the following command.
keytool -genkeypair -alias serverCert -keyalg RSA -keysize 1024 -validity 365 -dname "CN=soa.Acmesystems.com,OU=Support,O=Acmesystems,L=suntown,ST=MD,C=US" -keypass xxxxxxxxxx -keystore AcmeIdentity.jks -storepass xxxxxxxxxx
keytool -list -keystore AcmeIdentity.jks -storepass xxxxxxxxxx
8) Imported the certificate that we got from the GXS to the Key store using the following command.
keytool -importcert -v -noprompt -trustcacerts -alias ws-tradinggrid -file ws-tradinggrid.cer -keystore AcmeIdentity.jks -storepass xxxxxxxxxx
keytool -list -keystore AcmeIdentity.jks -storepass xxxxxxxxxx
9) After that When I run my composite bpel program to send B2B message, I am getting the above error.
Where is the issue?
Any help is appreciated.
Thank you
Krishna

We loaded the certificate chain into key store and that part is working now.
We are getting now the following error. Any Idea?
[2011-03-14T09:12:47.787-07:00] [soa_server1] [NOTIFICATION] [] [oracle.soa.mediator.serviceEngine] [tid: weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@5fddbbc0] [userId: <anonymous>] [ecid: 0000Iup92C3CcpiF_7I7S61DUNHj000lw2,0] [APP: soa-infra] [composite_name: TestBusinessEventShipconfirmed] [component_name: TestBusinessEventMediator] [component_instance_id: E71EFFB04E5511E0BF70B592E6C64FAC] [dcid: 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ffd-0000000000000012] [composite_instance_id: 50004] MediatorServiceEngine received a request for operation = Read
[2011-03-14T09:12:47.996-07:00] [soa_server1] [NOTIFICATION] [] [oracle.soa.mediator.serviceEngine] [tid: weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@5fddbbc0] [userId: <anonymous>] [ecid: 0000Iup92C3CcpiF_7I7S61DUNHj000lw2,0] [APP: soa-infra] [composite_name: TestBusinessEventShipconfirmed] [component_name: TestBusinessEventMediator] [component_instance_id: E71EFFB04E5511E0BF70B592E6C64FAC] [dcid: 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ffd-0000000000000012] [composite_instance_id: 50004] MediatorServiceEngine returning after processing the request for operation = Read
[2011-03-14T09:12:49.384-07:00] [soa_server1] [WARNING] [] [oracle.soa.b2b.engine] [tid: weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@c0ad9a3] [userId: <anonymous>] [ecid: 0000Iup92ObCcpiF_7I7S61DUNHj000lw3,0] [APP: soa-infra] [dcid: 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ffd-0000000000000021] [[
Message Transmission Transport Exception
Transport Error Code is OTA-HTTP-SEND-403
StackTrace oracle.tip.b2b.transport.TransportException: [IPT_HttpSendError] HTTP encounters send error :403
com.wm.app.tn.err.EXMLException: <EXMLException>
<ErrorCode>0003.4089</ErrorCode>
<Info>Could not get internal ID for partner (id=null, typeCode=null, typeDesc=ICS Mailbox ID).</Info>
<OriginalException>
<JavaClass>com.wm.app.b2b.server.ServiceException</JavaClass>
<Message>"extID" is required.</Message>
<StackTrace>com.wm.app.b2b.server.ServiceException: "extID" is required.
     at wm.tn.profileimpl.getInternalID(profileimpl.java:2577)
     at sun.reflect.GeneratedMethodAccessor52.invoke(Unknown Source)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:585)
     at com.wm.app.b2b.server.JavaService.baseInvoke(JavaService.java:403)
     at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:631)
     at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:40)
     at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
     at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:241)
     at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
     at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:228)
     at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
     at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:628)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:536)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:381)
     at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:237)
     at com.wm.app.b2b.server.BaseService.invoke(BaseService.java:189)
     at com.wm.lang.flow.FlowInvoke.invoke(FlowInvoke.java:324)
     at com.wm.lang.flow.FlowState.invokeNode(FlowState.java:581)
     at com.wm.lang.flow.FlowState.step(FlowState.java:441)
     at com.wm.lang.flow.FlowState.invoke(FlowState.java:406)
     at com.wm.app.b2b.server.FlowSvcImpl.baseInvoke(FlowSvcImpl.java:1040)
     at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:631)
     at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:40)
     at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
     at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:241)
     at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
     at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:228)
     at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
     at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:628)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:536)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:381)
     at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:237)
     at com.wm.app.b2b.server.BaseService.invoke(BaseService.java:189)
     at com.wm.lang.flow.FlowInvoke.invoke(FlowInvoke.java:324)
     at com.wm.lang.flow.FlowState.invokeNode(FlowState.java:581)
     at com.wm.lang.flow.FlowState.step(FlowState.java:441)
     at com.wm.lang.flow.FlowState.invoke(FlowState.java:406)
     at com.wm.app.b2b.server.FlowSvcImpl.baseInvoke(FlowSvcImpl.java:1040)
     at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:631)
     at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:40)
     at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
     at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:241)
     at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
     at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:228)
     at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
     at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:628)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:536)
     at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:381)
     at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:237)
     at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:119)
     at com.wm.app.b2b.server.HTTPInvokeHandler._process(HTTPInvokeHandler.java:141)
     at com.wm.app.b2b.server.InvokeHandler.process(InvokeHandler.java:110)
     at com.wm.app.b2b.server.HTTPDispatch.handleRequest(HTTPDispatch.java:185)
     at com.wm.app.b2b.server.Dispatch.run(Dispatch.java:333)
     at com.wm.util.pool.PooledThread.run(PooledThread.java:118)
     at java.lang.Thread.run(Thread.java:595)
</StackTrace>
</OriginalException>
<Action></Action>
<Level></Level>
</EXMLException>.
     at oracle.tip.b2b.transport.TransportException.create(TransportException.java:94)
     at oracle.tip.b2b.transport.basic.HTTPSender.createTransportResponse(HTTPSender.java:683)
     at oracle.tip.b2b.transport.basic.HTTPSender.send(HTTPSender.java:498)
     at oracle.tip.b2b.transport.b2b.B2BTransport.send(B2BTransport.java:317)
     at oracle.tip.b2b.transport.TransportInterface.send(TransportInterface.java:1492)
     at oracle.tip.b2b.msgproc.Request.outgoingRequestPostColab(Request.java:1551)
     at oracle.tip.b2b.msgproc.Request.outgoingRequest(Request.java:837)
     at oracle.tip.b2b.engine.Engine.processOutgoingMessageImpl(Engine.java:1411)
     at oracle.tip.b2b.engine.Engine.processOutgoingMessage(Engine.java:781)
     at oracle.tip.b2b.engine.Engine.handleMessageEvent(Engine.java:3319)
     at oracle.tip.b2b.engine.Engine.processEvents(Engine.java:2948)
     at oracle.tip.b2b.engine.ThreadWorkExecutor.processEvent(ThreadWorkExecutor.java:575)
     at oracle.tip.b2b.engine.ThreadWorkExecutor.run(ThreadWorkExecutor.java:214)
     at oracle.integration.platform.blocks.executor.WorkManagerExecutor$1.run(WorkManagerExecutor.java:105)
     at weblogic.work.j2ee.J2EEWorkManager$WorkWithListener.run(J2EEWorkManager.java:183)
     at weblogic.work.DaemonWorkThread.run(DaemonWorkThread.java:30)
[2011-03-14T09:12:49.390-07:00] [soa_server1] [NOTIFICATION] [] [oracle.soa.b2b.engine] [tid: weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@c0ad9a3] [userId: <anonymous>] [ecid: 0000Iup92ObCcpiF_7I7S61DUNHj000lw3,0] [APP: soa-infra] [dcid: 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ffd-0000000000000021] Request: outgoingRequestPostColab: Request Message Transmission failed
[2011-03-14T09:12:49.431-07:00] [soa_server1] [NOTIFICATION] [] [oracle.soa.b2b.engine] [tid: weblogic.work.j2ee.J2EEWorkManager$WorkWithListener@c0ad9a3] [userId: <anonymous>] [ecid: 0000Iup92ObCcpiF_7I7S61DUNHj000lw3,0] [APP: soa-infra] [dcid: 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ffd-0000000000000021] Engine: processOutgoingMessageImpl: Message id = 4e45f5dff566a29f:7f62e8ac:12ea26f8103:-7ff0 ToParty = Trader_Joes Doctype = 4913v4 version = VDA-1998

Security Transports

Similar Messages

Maybe you are looking for