Security Violation
I use JDBC for connect to Database ( 7.3.4) and put my applet on OAS 3.0, and when i request this applet from browser
i got the message
"Applet lines secuiry Violation. security couldn't connect to <Hostname> with origin
from <OAS Name>
thx
null
Would you care to elaborate a little? Perhaps a complete relating of events and a few details?
Hope this helps
Similar Messages
-
Weblogic 10.3.0 - Security Violation when Group Membership Lookup enabled
Dear Admins,
We're running a Weblogic 10.3.0 cluster with our own software deployed.
We're using SQL authentication (JDBC to Oracle DB) to authenticate users.
Recently we've been tuning our WL cluster to improve performance, and have enabled Group Membership Lookup Hierarchy Caching.
Sometimes users log into our application and get inssuficient rights (or some other error). This appears to happen at random. Most of the times they can log in without problems.
We determined it's not something to do with the cluster, although it can happen on one node and the other node will work as normal.
In the Managed server we see this error (with test user):
Managed7Server.out00011:java.rmi.AccessException: [EJB:010160]Security Violation: User: 'test' has insufficient permission to access EJB: type=<ejb>, application=leanapps, module=process_general.jar, ejb=LaLifeProcessController,
method=create, methodInterface=Home, signature={}.
When we disable Group Membership Lookup Hierarchy Caching, this error never occurs.
Our settings (Security Realms -> myrealm -> Providers -> SQL Authenticator -> Performance):
Max Group Hierarchies In Cache: 5000 (we have approx. 2000 groups)
Group Hierarchy Cache TTL: 3600
provider specific settings :
Group Membership Searching: unlimited
Max Group Membership Search Level: 0
Also in Myrealm -> Performance we have set :
Enable WebLogic Principal Validator Cache
Max WebLogic Principals In Cache: 5000
If we put the TTL really low (default 60 seconds), the error hardly ever occurs. But we want to have cache that lasts longer then one minute.
This might be a bug, as we have other clusters running on WL 10.3.5, 12c where we use the same cache settings. This issue does not occur there.
I'm more then willing to provide more info or config files
Edited by: user5974192 on 21-nov-2012 5:17This is fixed now. Someone had defined a Servlet for the web service in web.xml that was preventing the EJB container to kick in.
Edited by: user572625 on Aug 25, 2011 11:54 PM -
Last night when i tried to sign a document i received the mesage below and after that it says this document can't be signed what can i do to fix this problem.
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Security Violation Error while running schedule task from OIM.
Hi All,
I am getting this error while running a custom java schedule task from OIM:
*Thor.API.Exceptions.tcAPIException [EJB:010160] Security Violation: User '<anonymous>' has insufficient permission to access EJB:*
type=<ejb>,application=Xellerate,module=xlDataObjectBeans.jar,ejb=tcReconciliationoperations,method=createDeleteReconciliationEvent
at Thor.API.Operations.tcReconciliationOperationsClient.createDeleteReconciliationEvent(UnKnown Source).
I got this error as soon as my code start creating Delete Reconciliation Event.
Note: I have already protected the JNDI Namespace.
Please provide some pointers.
Regards,
SunnyHi Rajiv,
Check this:
package com.centrica.iam.scheduletask;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileFilter;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import oracle.iam.connectors.common.ConnectorLogger;
import com.thortech.xl.dataaccess.tcDataSet;
import com.thortech.xl.dataaccess.tcDataSetException;
import com.thortech.xl.dataobj.PreparedStatementUtil;
import com.thortech.xl.orb.dataaccess.tcDataAccessException;
import com.thortech.xl.scheduler.tasks.SchedulerBaseTask;
import Thor.API.tcResultSet;
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Exceptions.tcInvalidValueException;
import Thor.API.Operations.tcLookupOperationsIntf;
import Thor.API.Operations.tcReconciliationOperationsIntf;
import Thor.API.Operations.tcSchedulerOperationsIntf;
public class CustomFlatFile extends SchedulerBaseTask {
private static tcSchedulerOperationsIntf schedulerIntf;
private static tcLookupOperationsIntf lookupIntf;
private static tcReconciliationOperationsIntf reconIntf;
String sObjectName;
String LookupName;
String LookupName2;
String FileDirectory;
String FileName;
String File;
String delimeter;
String isDeleteTrue;
HashMap<String, String> attrMap = new HashMap();
HashMap<String, String> delMap = new HashMap();
HashMap<String, String> finalMap = new HashMap();
ArrayList list = new ArrayList();
public boolean isReconStopped;
public CustomFlatFile()
isReconStopped = false;
public void init()
LookupName = getAttribute("Attribute Lookup Name");
FileDirectory = getAttribute("Directory Path");
FileName = getAttribute("File Name");
delimeter = getAttribute("Delimeter");
sObjectName = getAttribute("Resource Object Name");
isDeleteTrue = getAttribute("Is Delete Allowed");
public void execute(){
try {
System.out.println("Start Exceute");
//Initiate lookupIntf
lookupIntf = (tcLookupOperationsIntf)getUtility("Thor.API.Operations.tcLookupOperationsIntf");
reconIntf=(tcReconciliationOperationsIntf)getUtility("Thor.API.Operations.tcReconciliationOperationsIntf");
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
attrMap = readLookup(LookupName);
System.out.println(attrMap.toString());
readFile();
if (isDeleteTrue.equalsIgnoreCase("true"))
performDelete();
System.out.println("Finish Execute");
public void performDelete()
System.out.println("Start Perform delete");
int k = list.size();
System.out.println("list size " + list.size());
try
Thread.sleep(15000);
/* Hashtable ahashtable[] = new Hashtable[k];
Hashtable hashtable = new Hashtable();
for (int i=0;i<k;i++)
hashtable.put("User Id", list.get(i));
ahashtable[i] = hashtable;
System.out.println(list.get(i));
Set set = reconIntf.provideDeletionDetectionData(sObjectName, ahashtable);
System.out.println("Set--" + set.toString());
tcResultSet tcresultset = reconIntf.getMissingAccounts(sObjectName, set);
System.out.println("tcresultset - " + tcresultset.getRowCount());
if (!(tcresultset.isEmpty()))
long l[] = reconIntf.deleteDetectedAccounts(tcresultset);
for (int i1=0;i1<l.length;i1++)
System.out.println("delete recon key " + l[i1]);
//Get the existing list of Managed users
tcDataSet tcdataset = new tcDataSet();
tcDataSet tcdataset1 = new tcDataSet();
String query = "select orf.orf_fieldname,prf.prf_columnname, sdk.sdk_name from orf, sdk, pkg, tos, prf, obj " +
"where pkg.obj_key = obj.obj_key and pkg.pkg_key = tos.pkg_key and tos.sdk_key is not null " +
"and tos.sdk_key=sdk.sdk_key and tos.tos_key=prf.tos_key and prf.prf_iskey='1' and prf.orf_key=orf.orf_key " +
"and orf.orf_parent_orf_key is null and obj.obj_name='" + sObjectName + "'";
tcdataset.setQuery(getDataBase(), query);
tcdataset.executeQuery();
String FFName = tcdataset.getString("prf_columnname");
String FName = tcdataset.getString("sdk_name");
String ROFName = tcdataset.getString("orf_fieldname");
System.out.println("form- " + FName + " Field- " + FFName);
query = "select " + FFName + " from " + FName + " udtable, oiu a, ost b " +
"where udtable.orc_key=a.orc_key and a.ost_key=b.ost_key and b.ost_status!='Revoked'";
System.out.println(query);
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
int i = tcdataset1.getRowCount();
ArrayList list1 = new ArrayList();
String s1 = null;
System.out.println("N. of rows--" + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
//Getting the existing list of unmanaged users
query = "select distinct (b.rcd_value) from rce a, rcd b, orf c, obj d where a.rce_key=b.rce_key and " +
"b.orf_key=c.orf_key and c.orf_fieldname='" + ROFName + "' and a.rce_status!='Event Linked' " +
"and a.obj_key = d.obj_key and d.obj_name='" + sObjectName + "'";
tcdataset1.setQuery(getDataBase(), query);
tcdataset1.executeQuery();
i = tcdataset1.getRowCount();
System.out.println("No. Of Unmanaged Users " + i);
for (int j=0;j<i;j++)
tcdataset1.goToRow(j);
s1 = tcdataset1.getString(0);
System.out.println("s1---" + s1);
if (!(list.contains(s1)))
list1.add(s1);
System.out.println("under if--" + s1);
int k1 = list1.size();
System.out.println("list1 size--" + k1);
for (int j1=0;j1<k1;j1++)
delMap.clear();
delMap.put(ROFName, (String)list1.get(j1));
System.out.println(delMap.toString());
long l = reconIntf.createDeleteReconciliationEvent(sObjectName, delMap);
System.out.println("delete recon key--- " + l);
catch (Exception exception)
exception.printStackTrace();
public void readFile(){
String s = "readFile()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
File = getFile();
BufferedReader reader = new BufferedReader(new FileReader(new
File(File)));
String line = "";
int k = attrMap.size();
String value[] = new String[k];
String Header[]= new String[k];
if (delimeter.equalsIgnoreCase("|"))
delimeter = "\\" + delimeter;
line = reader.readLine();
Header = line.split(delimeter);
while((line = reader.readLine()) != null)
value = line.split(delimeter);
k = value.length;
for (int i = 0;i<k;i++){
finalMap.put(attrMap.get(Header), value[i]);
System.out.println(finalMap.toString());
System.out.println("Start Ignoring Event");
if (!(reconIntf.ignoreEvent(sObjectName, finalMap)))
System.out.println("Not Ignored");
long l1 = reconIntf.createReconciliationEvent(sObjectName, finalMap, true);
System.out.println("Recon Key--" + l1);
else
System.out.println("ignore event ---" + finalMap.toString());
list.add(finalMap.get("User Id"));
System.out.println(list.size() + "add--" +finalMap.get("User Id") );
finalMap.clear();
catch (Exception exception)
exception.printStackTrace();
public boolean stop(){
String s = "stop()";
//logger.setMethodStartLog(classname, s);
//logger.info(classname, s, "Stopping Reconciliation........");
isReconStopped = true;
//logger.setMethodFinishLog(classname, s);
return true;
FileFilter fileFilter = new FileFilter()
public boolean accept(File file)
String sFilePath = file.getName();
if( sFilePath.startsWith(FileName) )
return true;
else
return false;
public String getFile() throws FileNotFoundException, Exception{
String s = "getFile()";
//logger.setMethodStartLog(classname, s);
String s1;
File dir = new File(FileDirectory);
File[] files = dir.listFiles(fileFilter);
if (files.length ==0)
throw new FileNotFoundException();
if (files.length>1)
throw new Exception("Multiple Matches found for this file name");
s1 = files[0].toString();
//logger.setMethodFinishLog(classname, s);
return s1;
public HashMap readLookup(String s1){
String s = "readLookup()";
//logger.setMethodStartLog(classname, s);
HashMap map = new HashMap();
try {
tcResultSet tc1= lookupIntf.getLookupValues(s1);
int i = tc1.getRowCount();
for (int j = 0;j<i;j++){
tc1.goToRow(j);
map.put(tc1.getStringValue("Lookup Definition.Lookup Code Information.Code Key"), tc1.getStringValue("Lookup Definition.Lookup Code Information.Decode"));
catch (tcAPIException tcapiexception){
tcapiexception.printStackTrace();
//logger.error(classname, s, tcapiexception.toString());
//logger.setStackTrace(tcapiexception, classname, s, tcapiexception.getMessage());
catch (Exception excep){
excep.printStackTrace();
//logger.error(classname, s, excep.toString());
//logger.setStackTrace(excep, classname, s, excep.getMessage());
return map; -
Security violation exception with Weblogic cluster installation on OIm 9.1
Hi,
I have OIM9.1 installed on weblogic 8.1 SP4 in clustered environment, which more often than not seems to work fine. But some time I get following exception on server console/log file which causes certain provisioning task to be rejected...
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: javax.ejb.AccessLocalException: [EJB:010160]Security Violation: User: 'xelsysad
m' has insufficient permission to access EJB: type=<ejb>, application=Xellerate, module=xl
DataObjectBeans.jar, ejb=tcFormInstanceOperations, method=create, methodInterface=LocalHom
e, signature={}.
at weblogic.ejb20.internal.MethodDescriptor.checkMethodPermissionsLocal(MethodDesc
riptor.java:486)
at weblogic.ejb20.internal.StatelessEJBLocalHome.create(StatelessEJBLocalHome.java
:80)
at com.thortech.xl.ejb.beans.tcFormInstanceOperations_2j82mm_LocalHomeImpl.create(
tcFormInstanceOperations_2j82mm_LocalHomeImpl.java:93)
... 126 more
ERROR,19 Dec 2008 14:20:03,752,[XELLERATE.APIS],Class/Method: tcBaseUtilityClient/getLocal
Interface encounter some problems: {1}
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.in
Problem is, I get this exception only 4 out of 6 times (when it is least expected). I have googled, and tried all possible means but have't been able to resolve it. One more thing I am sure of is, it only comes with Weblogic installation not with Jboss. So there should be some configuration issue with weblogic installation.
Any suggestions would be useful...No Response???
Where are the good guys?? -
Security Violation during PATH Variable Substitution
Hi -
I' m trying to write a file with the receiver file adapter by the variable substitution feature from SP12 on.
Whereas the %filename% variable works fine, I get for the %path% variable an exception in the adapter engine, whenever I'm trying either
- to use an absolute path like "/tmp" or
- composed pathnames like "tmp/test" (that are based on $XIHOME/j2ee/cluster/server0)
Non-composed pathnames like $XIHOME/j2ee/cluster/server0/tmp by setting %path% to "tmp" work also.
Any clue?
I'm on AIX on SP12.
Here is the exception:
java.text.ParseException: Security violation encountered during variable substitution: Content of variable path is not safe
Thanks.
StefanHi Stefan,
did you check the flag 'Disable Security Checks' in the communication channel?
Regards
Stefan -
802.1X Port Based Authentication - IP Phone- MDA - Port Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI am currently trying to get 802.1x port authentication working on a Cat3550 against Win2003 IAS but the IAS log shows a invalid message-authenticator error. The 3550 just shows failed. When I authenticate against Cisco ACS (by simply changing the radius-server) it works perfectly.
However, I am successfully using IAS to authenticate WPA users on AP1210s so RADIUS appears to be OK working OK.
Are there special attributes that need to be configured on the switch or IAS? -
802.1X Port Based Authentication Security Violation
I have configured 802.1X authentication on selected ports of a Cisco Catalyst 2960S with Micorsoft NPS Radius authentication on a test LAN. I have tested the authentication with a windows XP laptop, a windows 7 laptop with 802.1X, eap-tls authentication and a Mitel 5330 IP Phone using EAP-MD5 aithentication. All the above devices work with with the MS NPS server. However in MDA mode when the 802.1x compliant windows 7 laptop is connected to the already authenticated Mitel IP Phone, the port experiences a security violation and the goes into error sdisable mode.
Feb 4 19:16:16.571: %AUTHMGR-5-START: Starting 'dot1x' for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %DOT1X-5-SUCCESS: Authentication successful for client (24b6.fdfa.749b) on Interface Gi1/0/1 AuditSessionID AC10A0FE0000002F000D3CED
Feb 4 19:16:16.645: %PM-4-ERR_DISABLE: security-violation error detected on Gi1/0/1, putting Gi1/0/1 in err-disable state
Feb 4 19:16:17.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/1, changed state to down
Feb 4 19:16:18.658: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
If the port config is changed to "authentication host-mode multi-auth", and the laptop is connected to the phone the port does not experience the security violation but the 802.1x authentication for the laptop fails.
The ports GI1/0./1 & Gi1/02 are configured thus:
interface GigabitEthernet1/0/1
switchport mode access
switchport voice vlan 20
authentication event fail action authorize vlan 4
authentication event no-response action authorize vlan 4
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
mls qos trust cos
dot1x pae authenticator
spanning-tree portfast
sh ver
Switch Ports Model SW Version SW Image
* 1 52 WS-C2960S-48FPS-L 15.2(1)E1 C2960S-UNIVERSALK9-M
Full config attached. Assistance will be grately appreciated.
DonfricoI believe , you need to configure re-authentication on this switch port:
! Enable re-authentication
authentication periodic
! Enable re-authentication via RADIUS Session-Timeout
authentication timer reauthenticate server -
Security violation error (error code 2148532330) in Acrobat Pro XI with Windows 8
I have two certificates, physically residing on the same (Belgian) government issued smart card. One is labeled "Authentication" (Intended usage: sign transaction), and the other is labeled "Signature" (Intended usage: sign document). I have been trying to add a signature to a pdf document in Acrobat Pro XI (trial) on WIndows 8 Home (64 bit). It works perfectly with the "Authentication" certificate, but all attempts with the "Signature" certificate yield the following error:
Error encountered while signing:
The Windows Cryptographic Service Provider reported an error:
Access was denied because of a security violation.
Error Code: 2148532330
The only relevant difference between both certificates that I have been able to spot, is in the "key usage" field of the certificate ("sign transaction" versus "sign document"). Any thoughts on what might be wrong?
Thanks.I assume you are implying "biztax" application here, right?
I have contacted their program lead, with no result at all.
Past days I have been searching for a solution - reinstalls / new systems - no solution.
This issue appeared a week or two ago only.
I found http://forums.adobe.com/message/5338853 useful - but no positive results either.
http://test.eid.belgium.be/faq/faq_nl.htm obviously didnt help either.
If anyone finds a solution to this issue, please do let me know - any help is appreciated.
Biztax tells to use the "signature", not the "authentication" - but it is only Auth. that is showing up as option to sign (that works)
ps, did you fiddle with the Adobe Reader XI security settings and import that PKI etc as well? I hoped that would be the breaktrough. Sadly i'm still crying in my chair.
Oh, and dont forget: they claim nobody else got this issue. Maybe one or two people. (We got about 8 customers experiencing exactly the same symptoms at the same time )
> I noticed that when I try to open the pdf document that is 'signed' by the government it is not showing the filename in the title bar, but only " - Adobe Reader". every piece of info helps I guess.
Obviously last version of Reader 11.0.03 -
Security Violation on jQuery Ajax Request
Dear all,
I'm new to adobe air.
I'm developing with Aptana Web, did include the jquery library and tried an ajax call. Seems to work but I receive an error on the return string, {"d":"NOK"} - parsererror - Error: Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor) .
When I use the XMLHttpRequest() function as in the basic demo example I have no error.
Any ideas,i have same problem
$.ajax( {
data : data,
url : "http://127.0.0.1/json.php",
type : "POST",
dataType: "json",
processData: true,
success : function(data) {
alert(data)
error: function(XMLHttpRequest, textStatus, errorThrown){
alert("statusText: "+XMLHttpRequest.statusText+"\n"+
"responseText: "+XMLHttpRequest.responseText+"\n"+
"textStatus: "+textStatus+"\n"+errorThrown)
This problem arises when I use parameters [dataType: "json",processData: true] -
Security violation from using underscores template
When using the template-function of the well-known underscore.js library I get an error:
Adobe AIR runtime security violation for JavaScript code in the application security sandbox (Function constructor).
In the browser this works fine. I don't see any security problems from using templates !?I made some more tests: This code
var compiled = _.template("hello: <%= name %>");
air.trace(compiled({name : 'moe'}));
works when executed in $(document).ready (jQuery), but
it fails in the air.InvokeEvent.INVOKE-eventlistener, which
is always triggered after document-ready.
Seems that everything is fine until the AIR-part of the app
is up. -
Security violation after logout
When I have a user logout I remove their EJBs and call
ServletAuthentication.done(). If the user tries to log in with a
different account they get a security violation. If they wait about
20-40 seconds and try again everything is okay.
Does anyone know why this happens?
Thanks,
MikeIt usually is unless you are running under Flex Builder
itself. FB allows itself access to almost anything. Running in a
browser is subject to the sandbox.
Actually, as I think about it, the cross domain file might
not help. A Flex app, running in a browser, cannot access the local
file system *at all*. (Again, unless running under FB)
You will probably have to put that file on the network
somewhere, even if it is on a webserver on your own machine.
I assume it can change? If it is static, compile it into the
swf.
Tracy -
OSM 'oms-internal' user Security Violation errors
Hi Guys,
Have anyone ever came accross similar Exceptions in managed server logs?
om.mslv.oms.OMSException: [EJB:010160]Security Violation: User: 'oms-internal' has insufficient permission to access EJB: type=<ejb>, application=oms, module=security.jar, ejb=OMSThreadTransactionListener, method=create, methodInterface=Home, signature={}.
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.j2ee.l.a(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcherEJB.processTimeout(Unknown Source)
at com.mslv.oms.eventengine.EventDispatcher_86q3j1_EOImpl.processTimeout(EventDispatcher_86q3j1_EOImpl.java:142)
at com.mslv.oms.poller.a.handleNotification(Unknown Source)
at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor$ListenerWrapper.handleNotification(DefaultMBeanServerInterceptor.java:1732)
at javax.management.NotificationBroadcasterSupport.handleNotification(NotificationBroadcasterSupport.java:257)
at javax.management.NotificationBroadcasterSupport$SendNotifJob.run(NotificationBroadcasterSupport.java:322)
at javax.management.NotificationBroadcasterSupport$1.execute(NotificationBroadcasterSupport.java:307)
at javax.management.NotificationBroadcasterSupport.sendNotification(NotificationBroadcasterSupport.java:229)
at javax.management.timer.Timer.sendNotification(Timer.java:1237)
at javax.management.timer.Timer.notifyAlarmClock(Timer.java:1206)
at javax.management.timer.TimerAlarmClock.run(Timer.java:1289)
at java.util.TimerThread.mainLoop(Timer.java:512)
at java.util.TimerThread.run(Timer.java:462)
Any help appreciated!Could it be that the user should be assigned to groupd other then default
Edited by: 934200 on 07.06.2012 11:03 -
Switch por-security - - - Security Violation Count
I have some question with a device cisco 3400 metroaccess.
In a interface i have this config.
3400_METROACESS#sh run int g0/1
Building configuration...
Current configuration : 449 bytes
interface GigabitEthernet0/1
description
switchport access vlan 192
switchport port-security
switchport port-security violation restrict
bandwidth 800000
load-interval 30
media-type rj45
speed 1000
duplex full
mac access-group Block-Invalid-ERS-Frames in
service-policy input 800M
service-policy output LIMIT_QQ1
end
3400_METROACESS#sh port-security int g0/1
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Restrict
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 5
Total MAC Addresses : 2
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address:Vlan : XXXX.XXXX.XXXX:192
Security Violation Count : 3515----------------------------------------->what is the default parameter or the petitions permited, for the security violation take the action mode.
I have many logs from the int g0/1
Apr 23 16:08:37: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address XXXX.XXXX.XXXX on port GigabitEthernet0/1.
Thanks you for your help.
Best Regards!!The default (initial) count is 0, the number increases everything there is a violation.
you can reinitialize (clear) that counter by using the command : clear port-security all int g 0/1 -
Security-violation error in 3750
We Have a strange behavior with the computer of a user who connects with his laptop to the network through port replicator or docking station,Where we have a acs.When he goes to another place of the company in another City, Where we have other acs, he connects without port replicator directly to network,It works well. But when the laptop returns does not have
network and the following message of error in switch appears:
May 16 07:51:23: %DOT1X-5-SECURITY_VIOLATION: Security violation on interface FastEthernet1/0/27, New MAC address 00c0.f200.53f0 is seen on the interface in Single Host mode
May 16 07:51:23: %PM-4-ERR_DISABLE: security-violation error detected on Fa1/0/27, putting Fa1/0/27 in err-disable state
May 16 07:51:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/27, changed state to down
May 16 07:51:25: %LINK-3-UPDOWN: Interface FastEthernet1/0/27, changed state to down
I execute the commando "shutdown" and "not shutdown" in the interface of switch, and soon the commando: "dot1x port-control auto" and soon "not dot1x port-control auto". laptop make authentication and begins to work well.
What think you about What this occurring?Hi,
Is there any port security being set on the switch?
are you able to paste your config file here?
thanks,
rgds,
ken L -
[import] Connect to http://bi-internal.oracleoutsourcing.com/xmlpserver using *****
[import] Import "****.xdo" from "****" to "****.xdo"
Command Error: import->importObject
java.lang.SecurityException: Security violation: ****.xdo, user: ****, expect: 514, actual: 0
Done.
How do I debug this further? If I re-run several times it eventually starts working.
Edited by: mcarter on May 24, 2013 9:30 AMExactly the file output file is binary. Do a vi on it, you'll see what I mean. To push this through our patching system it needs to be in it's xml format like in the BICatalogUtil.sh. To my understanding that archive is a compressed archive of the xml files (stored like the backend). I need to figure out how to uncompress so it can feed through our patching system.
Would be better if we could just get the BICatalogUtil.sh error resolved as that method does work (most of the time).
Maybe you are looking for
-
DVD burn folder not going away
I have recently burned a dvd but something went wrong while burning and an error message popped up. I took the dvd out of my laptop and chucked it out, but there's still "untitled DVD" folder for burning staying on the sidebar on my finder. The folde
-
NetInstall - am I missing something obvious here?
Hi, Just trying to get NetInstall service working on my 10.5 server. I have succesfully created an image using the SIU, and I saved this image to a seperate partition on the servers disc, away from the OS partition, as SIU allowed me to do this. In t
-
Migrating a user to another tablespace!
Dear All I need to migrate a user and all the tables associated with the user to a new tablespace and schema in other database. This is from Development to Production server. In Production Server i created a new schema and a tablespace associated wit
-
When I try to use video on my iPad it only gives me a black screen. What is the matter?
When I tried to watch White collar downloaded from iTunes the screen turned all black and I can't get out, not evn by making a hard reset. What do I do?
-
Fireworks CS3 - Slow down problems
Hi all I recently installed Windows Vista Ultimate and also Fireworks CS3 - Fireworks loads up fine but the problem arises when i try to draw using a mouse on a new canvas. The screen flashes and there is a massive delay while drawing (like the CPU i