Security-violation error in 3750
We Have a strange behavior with the computer of a user who connects with his laptop to the network through port replicator or docking station,Where we have a acs.When he goes to another place of the company in another City, Where we have other acs, he connects without port replicator directly to network,It works well. But when the laptop returns does not have
network and the following message of error in switch appears:
May 16 07:51:23: %DOT1X-5-SECURITY_VIOLATION: Security violation on interface FastEthernet1/0/27, New MAC address 00c0.f200.53f0 is seen on the interface in Single Host mode
May 16 07:51:23: %PM-4-ERR_DISABLE: security-violation error detected on Fa1/0/27, putting Fa1/0/27 in err-disable state
May 16 07:51:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/27, changed state to down
May 16 07:51:25: %LINK-3-UPDOWN: Interface FastEthernet1/0/27, changed state to down
I execute the commando "shutdown" and "not shutdown" in the interface of switch, and soon the commando: "dot1x port-control auto" and soon "not dot1x port-control auto". laptop make authentication and begins to work well.
What think you about What this occurring?
Hi,
Is there any port security being set on the switch?
are you able to paste your config file here?
thanks,
rgds,
ken L
Similar Messages
-
Security Violation Error while running schedule task from OIM.
Hi All,
I am getting this error while running a custom java schedule task from OIM:
*Thor.API.Exceptions.tcAPIException [EJB:010160] Security Violation: User '<anonymous>' has insufficient permission to access EJB:*
type=<ejb>,application=Xellerate,module=xlDataObjectBeans.jar,ejb=tcReconciliationoperations,method=createDeleteReconciliationEvent
at Thor.API.Operations.tcReconciliationOperationsClient.createDeleteReconciliationEvent(UnKnown Source).
I got this error as soon as my code start creating Delete Reconciliation Event.
Note: I have already protected the JNDI Namespace.
Please provide some pointers.
Regards,
SunnyHi Rajiv,
Check this:
package com.centrica.iam.scheduletask;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import oracle.iam.connectors.common.ConnectorLogger;
import com.thortech.xl.dataaccess.tcDataSet;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.PreparedStatementUtil;
import com.thortech.xl.orb.dataaccess.tcDataAccessException;
import com.thortech.xl.scheduler.tasks.SchedulerBaseTask;
import Thor.API.tcResultSet;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcInvalidValueException;
import Thor.API.Operations.tcLookupOperationsIntf;
import Thor.API.Operations.tcReconciliationOperationsIntf;
import Thor.API.Operations.tcSchedulerOperationsIntf;
public class CustomFlatFile extends SchedulerBaseTask {
private static tcSchedulerOperationsIntf schedulerIntf;
private static tcLookupOperationsIntf lookupIntf;
private static tcReconciliationOperationsIntf reconIntf;
String sObjectName;
String LookupName;
String LookupName2;
String FileDirectory;
String FileName;
String File;
String delimeter;
String isDeleteTrue;
HashMap<String, String> attrMap = new HashMap();
HashMap<String, String> delMap = new HashMap();
HashMap<String, String> finalMap = new HashMap();
ArrayList list = new ArrayList();
public boolean isReconStopped;
public CustomFlatFile()
isReconStopped = false;
public void init()
LookupName = getAttribute("Attribute Lookup Name");
FileDirectory = getAttribute("Directory Path");
FileName = getAttribute("File Name");
delimeter = getAttribute("Delimeter");
sObjectName = getAttribute("Resource Object Name");
isDeleteTrue = getAttribute("Is Delete Allowed");
public void execute(){
try {
System.out.println("Start Exceute");
//Initiate lookupIntf
lookupIntf = (tcLookupOperationsIntf)getUtility("Thor.API.Operations.tcLookupOperationsIntf");
reconIntf=(tcReconciliationOperationsIntf)getUtility("Thor.API.Operations.tcReconciliationOperationsIntf");
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
attrMap = readLookup(LookupName);
System.out.println(attrMap.toString());
readFile();
if (isDeleteTrue.equalsIgnoreCase("true"))
performDelete();
System.out.println("Finish Execute");
public void performDelete()
System.out.println("Start Perform delete");
int k = list.size();
System.out.println("list size " + list.size());
try
Thread.sleep(15000);
/* Hashtable ahashtable[] = new Hashtable[k];
Hashtable hashtable = new Hashtable();
for (int i=0;i<k;i++)
hashtable.put("User Id", list.get(i));
ahashtable[i] = hashtable;
System.out.println(list.get(i));
Set set = reconIntf.provideDeletionDetectionData(sObjectName, ahashtable);
System.out.println("Set--" + set.toString());
tcResultSet tcresultset = reconIntf.getMissingAccounts(sObjectName, set);
System.out.println("tcresultset - " + tcresultset.getRowCount());
if (!(tcresultset.isEmpty()))
long l[] = reconIntf.deleteDetectedAccounts(tcresultset);
for (int i1=0;i1<l.length;i1++)
System.out.println("delete recon key " + l[i1]);
//Get the existing list of Managed users
tcDataSet tcdataset = new tcDataSet();
tcDataSet tcdataset1 = new tcDataSet();
String query = "select orf.orf_fieldname,prf.prf_columnname, sdk.sdk_name from orf, sdk, pkg, tos, prf, obj " +
"where pkg.obj_key = obj.obj_key and pkg.pkg_key = tos.pkg_key and tos.sdk_key is not null " +
"and tos.sdk_key=sdk.sdk_key and tos.tos_key=prf.tos_key and prf.prf_iskey='1' and prf.orf_key=orf.orf_key " +
"and orf.orf_parent_orf_key is null and obj.obj_name='" + sObjectName + "'";
tcdataset.setQuery(getDataBase(), query);
tcdataset.executeQuery();
String FFName = tcdataset.getString("prf_columnname");
String FName = tcdataset.getString("sdk_name");
String ROFName = tcdataset.getString("orf_fieldname");
System.out.println("form- " + FName + " Field- " + FFName);
query = "select " + FFName + " from " + FName + " udtable, oiu a, ost b " +
"where udtable.orc_key=a.orc_key and a.ost_key=b.ost_key and b.ost_status!='Revoked'";
System.out.println(query);
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
int i = tcdataset1.getRowCount();
ArrayList list1 = new ArrayList();
String s1 = null;
System.out.println("N. of rows--" + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
//Getting the existing list of unmanaged users
query = "select distinct (b.rcd_value) from rce a, rcd b, orf c, obj d where a.rce_key=b.rce_key and " +
"b.orf_key=c.orf_key and c.orf_fieldname='" + ROFName + "' and a.rce_status!='Event Linked' " +
"and a.obj_key = d.obj_key and d.obj_name='" + sObjectName + "'";
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
i = tcdataset1.getRowCount();
System.out.println("No. Of Unmanaged Users " + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
int k1 = list1.size();
System.out.println("list1 size--" + k1);
for (int j1=0;j1<k1;j1++)
delMap.clear();
delMap.put(ROFName, (String)list1.get(j1));
System.out.println(delMap.toString());
long l = reconIntf.createDeleteReconciliationEvent(sObjectName, delMap);
System.out.println("delete recon key--- " + l);
catch (Exception exception)
exception.printStackTrace();
public void readFile(){
String s = "readFile()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
File = getFile();
BufferedReader reader = new BufferedReader(new FileReader(new
File(File)));
String line = "";
int k = attrMap.size();
String value[] = new String[k];
String Header[]= new String[k];
if (delimeter.equalsIgnoreCase("|"))
delimeter = "\\" + delimeter;
line = reader.readLine();
Header = line.split(delimeter);
while((line = reader.readLine()) != null)
value = line.split(delimeter);
k = value.length;
for (int i = 0;i<k;i++){
finalMap.put(attrMap.get(Header), value[i]);
System.out.println(finalMap.toString());
System.out.println("Start Ignoring Event");
if (!(reconIntf.ignoreEvent(sObjectName, finalMap)))
System.out.println("Not Ignored");
long l1 = reconIntf.createReconciliationEvent(sObjectName, finalMap, true);
System.out.println("Recon Key--" + l1);
else
System.out.println("ignore event ---" + finalMap.toString());
list.add(finalMap.get("User Id"));
System.out.println(list.size() + "add--" +finalMap.get("User Id") );
finalMap.clear();
catch (Exception exception)
exception.printStackTrace();
public boolean stop(){
String s = "stop()";
//logger.setMethodStartLog(classname, s);
//logger.info(classname, s, "Stopping Reconciliation........");
isReconStopped = true;
//logger.setMethodFinishLog(classname, s);
return true;
FileFilter fileFilter = new FileFilter()
public boolean accept(File file)
String sFilePath = file.getName();
if( sFilePath.startsWith(FileName) )
return true;
else
return false;
public String getFile() throws FileNotFoundException, Exception{
String s = "getFile()";
//logger.setMethodStartLog(classname, s);
String s1;
File dir = new File(FileDirectory);
File[] files = dir.listFiles(fileFilter);
if (files.length ==0)
throw new FileNotFoundException();
if (files.length>1)
throw new Exception("Multiple Matches found for this file name");
s1 = files[0].toString();
//logger.setMethodFinishLog(classname, s);
return s1;
public HashMap readLookup(String s1){
String s = "readLookup()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
tcResultSet tc1= lookupIntf.getLookupValues(s1);
int i = tc1.getRowCount();
for (int j = 0;j<i;j++){
tc1.goToRow(j);
map.put(tc1.getStringValue("Lookup Definition.Lookup Code Information.Code Key"), tc1.getStringValue("Lookup Definition.Lookup Code Information.Decode"));
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
return map; -
Security violation error (error code 2148532330) in Acrobat Pro XI with Windows 8
I have two certificates, physically residing on the same (Belgian) government issued smart card. One is labeled "Authentication" (Intended usage: sign transaction), and the other is labeled "Signature" (Intended usage: sign document). I have been trying to add a signature to a pdf document in Acrobat Pro XI (trial) on WIndows 8 Home (64 bit). It works perfectly with the "Authentication" certificate, but all attempts with the "Signature" certificate yield the following error:
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330
The only relevant difference between both certificates that I have been able to spot, is in the "key usage" field of the certificate ("sign transaction" versus "sign document"). Any thoughts on what might be wrong?
Thanks.I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
OSM 'oms-internal' user Security Violation errors
Hi Guys,
Have anyone ever came accross similar Exceptions in managed server logs?
om.mslv.oms.OMSException: [EJB:010160]Security Violation: User: 'oms-internal' has insufficient permission to access EJB: type=<ejb>, application=oms, module=security.jar, ejb=OMSThreadTransactionListener, method=create, methodInterface=Home, signature={}.
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcherEJB.processTimeout(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcher_86q3j1_EOImpl.processTimeout(EventDispatcher_86q3j1_EOImpl.java:142)
at com.mslv.oms.poller.a.handleNotification(Unknown Source)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor$ListenerWrapper.handleNotification(DefaultMBeanServerInterceptor.java:1732)
at javax.management.NotificationBroadcasterSupport.handleNotification(NotificationBroadcasterSupport.java:257)
at javax.management.NotificationBroadcasterSupport$SendNotifJob.run(NotificationBroadcasterSupport.java:322)
at javax.management.NotificationBroadcasterSupport$1.execute(NotificationBroadcasterSupport.java:307)
at javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.java:229)
at javax.management.timer.Timer.sendNotification(Timer.java:1237)
at javax.management.timer.Timer.notifyAlarmClock(Timer.java:1206)
at javax.management.timer.TimerAlarmClock.run(Timer.java:1289)
at java.util.TimerThread.mainLoop(Timer.java:512)
at java.util.TimerThread.run(Timer.java:462)
Any help appreciated!Could it be that the user should be assigned to groupd other then default
Edited by: 934200 on 07.06.2012 11:03 -
Sandbox security violation error on compiling FDS
Hi,
I am trying to compile am mxml using Remote Object locally
using Flex SDK outside FlexBuilder.
I have used the command:
mxmlc -services="path\to\my\services-config.xml"
-context-root=\ContextRoot FileName.mxml
I am getting the following error when I try to run the swf
generated:
[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error Error #2048: Security
sandbox violation:
http://localhost:9080/iReports/flexFiles/mxml/AdminServices.swf
cannot load data from
http://localhost:9080iReports/messagebroker/amf."
at mx.rpc::AbstractInvoker/
http://www.adobe.com/2006/flex/mx/internal::faultHandler()
at mx.rpc::Responder/fault()
at mx.rpc::AsyncRequest/fault()
at mx.messaging::ChannelSet/::faultPendingSends()
at mx.messaging::ChannelSet/channelFaultHandler()
at
flash.events::EventDispatcher/flash.events:EventDispatcher::dispatchEventFunction()
at flash.events::EventDispatcher/dispatchEvent()
at
mx.messaging.channels::NetConnectionChannel/::defaultErrorHandler()
at
mx.messaging.channels::NetConnectionChannel/::securityErrorHandler()
Can anybody help me?
Thanks in advance,
ChereeHi Sven,
Thank u so much for replying.
I ll definitely keep in mind what u told.
But my current issue is solved. The problem was:
[RPC Fault faultString="Send failed"
faultCode="Client.Error.MessageSend"
faultDetail="Channel.Security.Error error Error #2048: Security
sandbox violation:
http://localhost:9080/iReports/flexFiles/mxml/AdminServices.swf
cannot load data from
http://localhost:9080iReports/messagebroker/amf."
If u observe in the error message, the server was trying to
load '9080iReports', not '9080/iReports'. This is because I was
giving -context-root=\ContextRoot instead of
-context-root=/ContextRoot.
So, a silly mistake of using a back slash instead of forward
slash.
Thanks again,
Cheree -
802.1X Port Based Authentication - IP Phone- MDA - Port Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI am currently trying to get 802.1x port authentication working on a Cat3550 against Win2003 IAS but the IAS log shows a invalid message-authenticator error. The 3550 just shows failed. When I authenticate against Cisco ACS (by simply changing the radius-server) it works perfectly.
However, I am successfully using IAS to authenticate WPA users on AP1210s so RADIUS appears to be OK working OK.
Are there special attributes that need to be configured on the switch or IAS? -
802.1X Port Based Authentication Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI believe , you need to configure re-authentication on this switch port:
! Enable re-authentication
authentication periodic
! Enable re-authentication via RADIUS Session-Timeout
authentication timer reauthenticate server -
Last night when i tried to sign a document i received the mesage below and after that it says this document can't be signed what can i do to fix this problem.
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Weblogic 10.3.0 - Security Violation when Group Membership Lookup enabled
Dear Admins,
We're running a Weblogic 10.3.0 cluster with our own software deployed.
We're using SQL authentication (JDBC to Oracle DB) to authenticate users.
Recently we've been tuning our WL cluster to improve performance, and have enabled Group Membership Lookup Hierarchy Caching.
Sometimes users log into our application and get inssuficient rights (or some other error). This appears to happen at random. Most of the times they can log in without problems.
We determined it's not something to do with the cluster, although it can happen on one node and the other node will work as normal.
In the Managed server we see this error (with test user):
Managed7Server.out00011:java.rmi.AccessException: [EJB:010160]Security Violation: User: 'test' has insufficient permission to access EJB: type=<ejb>, application=leanapps, module=process_general.jar, ejb=LaLifeProcessController,
method=create, methodInterface=Home, signature={}.
When we disable Group Membership Lookup Hierarchy Caching, this error never occurs.
Our settings (Security Realms -> myrealm -> Providers -> SQL Authenticator -> Performance):
Max Group Hierarchies In Cache: 5000 (we have approx. 2000 groups)
Group Hierarchy Cache TTL: 3600
provider specific settings :
Group Membership Searching: unlimited
Max Group Membership Search Level: 0
Also in Myrealm -> Performance we have set :
Enable WebLogic Principal Validator Cache
Max WebLogic Principals In Cache: 5000
If we put the TTL really low (default 60 seconds), the error hardly ever occurs. But we want to have cache that lasts longer then one minute.
This might be a bug, as we have other clusters running on WL 10.3.5, 12c where we use the same cache settings. This issue does not occur there.
I'm more then willing to provide more info or config files
Edited by: user5974192 on 21-nov-2012 5:17This is fixed now. Someone had defined a Servlet for the web service in web.xml that was preventing the EJB container to kick in.
Edited by: user572625 on Aug 25, 2011 11:54 PM -
Security violation exception with Weblogic cluster installation on OIm 9.1
Hi,
I have OIM9.1 installed on weblogic 8.1 SP4 in clustered environment, which more often than not seems to work fine. But some time I get following exception on server console/log file which causes certain provisioning task to be rejected...
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: javax.ejb.AccessLocalException: [EJB:010160]Security Violation: User: 'xelsysad
m' has insufficient permission to access EJB: type=<ejb>, application=Xellerate, module=xl
DataObjectBeans.jar, ejb=tcFormInstanceOperations, method=create, methodInterface=LocalHom
e, signature={}.
at weblogic.ejb20.internal.MethodDescriptor.checkMethodPermissionsLocal(MethodDesc
riptor.java:486)
at weblogic.ejb20.internal.StatelessEJBLocalHome.create(StatelessEJBLocalHome.java
:80)
at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_LocalHomeImpl.create(
tcFormInstanceOperations_2j82mm_LocalHomeImpl.java:93)
... 126 more
ERROR,19 Dec 2008 14:20:03,752,[XELLERATE.APIS],Class/Method: tcBaseUtilityClient/getLocal
Interface encounter some problems: {1}
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.in
Problem is, I get this exception only 4 out of 6 times (when it is least expected). I have googled, and tried all possible means but have't been able to resolve it. One more thing I am sure of is, it only comes with Weblogic installation not with Jboss. So there should be some configuration issue with weblogic installation.
Any suggestions would be useful...No Response???
Where are the good guys?? -
Strange security sandbox error
Hi,
I have a strange error when debugging my projects on localhost.
Here what i get (sorry it's french, I tried to translate it below) :
Erreur :Impossible de charger un fichier de régulation à partir de xmlsocket://127.0.0.1:5800
Erreur :La demande de la ressource à xmlsocket://127.0.0.1:5800 par le demandeur à http://localhost:8888/XXX/bin-debug/XXX.swf a échoué car le serveur est inatteignable.
*** Violation de la sécurité Sandbox***
Interruption de la connexion à 127.0.0.1:5800 - opération interdite depuis http://localhost:8888/XXX/bin-debug/XXX.swf
Translation:
Error: Unable to load a policy file from xmlsocket://127.0.0.1:5800
Error: The request of the resource at xmlsocket://127.0.0.1:5800 by http://localhost:8888/XXX/bin-debug/XXX.swf has failed because the server is unreachable.
*** Sandbox security violation***
Closing connection at 127.0.0.1:5800 - forbidden operation from http://localhost:8888/XXX/bin-debug/XXX.swf
This error loops indefinitely as long as I debug my project, and therefore, my Console is unusable !
Any idea about resolving this ?
Thank youup ?
-
Security Violation on jQuery Ajax Request
Dear all,
I'm new to adobe air.
I'm developing with Aptana Web, did include the jquery library and tried an ajax call. Seems to work but I receive an error on the return string, {"d":"NOK"} - parsererror - Error: Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor) .
When I use the XMLHttpRequest() function as in the basic demo example I have no error.
Any ideas,i have same problem
$.ajax( {
data : data,
url : "http://127.0.0.1/json.php",
type : "POST",
dataType: "json",
processData: true,
success : function(data) {
alert(data)
error: function(XMLHttpRequest, textStatus, errorThrown){
alert("statusText: "+XMLHttpRequest.statusText+"\n"+
"responseText: "+XMLHttpRequest.responseText+"\n"+
"textStatus: "+textStatus+"\n"+errorThrown)
This problem arises when I use parameters [dataType: "json",processData: true] -
Security violation from using underscores template
When using the template-function of the well-known underscore.js library I get an error:
Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor).
In the browser this works fine. I don't see any security problems from using templates !?I made some more tests: This code
var compiled = _.template("hello: <%= name %>");
air.trace(compiled({name : 'moe'}));
works when executed in $(document).ready (jQuery), but
it fails in the air.InvokeEvent.INVOKE-eventlistener, which
is always triggered after document-ready.
Seems that everything is fine until the AIR-part of the app
is up. -
Java.lang.SecurityException: Security violation, expect: 514, actual: 0
[import] Connect to http://bi-internal.oracleoutsourcing.com/xmlpserver using *****
[import] Import "****.xdo" from "****" to "****.xdo"
Command Error: import->importObject
java.lang.SecurityException: Security violation: ****.xdo, user: ****, expect: 514, actual: 0
Done.
How do I debug this further? If I re-run several times it eventually starts working.
Edited by: mcarter on May 24, 2013 9:30 AMExactly the file output file is binary. Do a vi on it, you'll see what I mean. To push this through our patching system it needs to be in it's xml format like in the BICatalogUtil.sh. To my understanding that archive is a compressed archive of the xml files (stored like the backend). I need to figure out how to uncompress so it can feed through our patching system.
Would be better if we could just get the BICatalogUtil.sh error resolved as that method does work (most of the time). -
E03 Program RSUSR003 Reports Security violation in SM21
Hello All,
I am getting below error in SM21:
"E03 Program RSUSR003 Reports Security violation"
============================================================
Documentation for system log message E03 :
The specified program encountered a problem. A short message in English
is output describing the problem.
If there are no other related entries in the system log, the program
solved or at least found a workaround to the problem.
If these messages occur frequently, or the program is unable to
complete processing, notify SAP of the message and include the module
name and location, or the line number of the system log message. This
helps the support team locate the cause of the error.
In this context a program is an independent component at the
operating system level.
==============================================================
Can you please let me know how to proceed.
Best Regards,
Pratyusha.Pratyusha
RSUSR003 displays logon system settings and checks passwords of SAP*, DDIC, SAPCPIC, EARLYWATCH (critical accounts).
This message appears in the system log when the report is run as Dialog or in Background and there is some violation that needs to be reviewed.
If run in background, there should be a spool to review.
If run in dialog, the output should be the same as the spool (with any possible differences from the time of the runs).
Hope this helps.
PJ
Maybe you are looking for
-
I have a program A in which i call Program B in background and i can fetch Job B's joblog and is displayed in foregournd, but when i run program A in background in SM37 i can see Job A's log and not of Job B. How can i replace Job A's joblog by JOb A
-
AP -add field in Payments screen
Hi all In the AP abc Manager responsibility --Payments screen is it possible to add an extra field in the same screen along with Type,Bank Account ..fields kindly guide thanking in advance
-
How can we copy the file in to the importdp/exportdp location
How can we copy the file in to the importdp/exportdp location after doing the import and export activity.?
-
I am begging any Tech Genius out there to help me out. I have a 3-year old (10GB) Ipod which after the 7.0 upgrade started giving me the message "ITunes cannot read the contents of the Ipod 'Podcasts.' Go to the summary tab in Ipod preferences and cl
-
How can I find if my iMac is 64 bit?
Hello I have a 2.16 GHz Intel Core 2 Duo. Is it 64 bit?