Security with JSF2
Hi can anyone let me know how to use JDBC Realm for authentication and authorization using Glassfish Server.
Also let me know how to maintain the session after authentication in JSF.
You really expect people to answer more than "read the manual" ?
You don't have a problem, you can solve this yourself. Go do it and come back when you have an actual problem that you cannot solve yourself.
Similar Messages
-
Web Service Security with SAML - Invalid XML signature
Hello together,
we want to build a scenario where we want to use Web Service Security with SAML.
The scenario will be
WS Client (Java Application) -> WS Adapter -> Integration Engine -> WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
SAP PI release is 7.11 (SP Level 4)
We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
But we get following error at calling the CRM system when we want to communicate with SAML:
<E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
Has somebody an idea of the possible reason for the error.
Thanks in advance
StefanError Messages in the Trace/Log Viewer:
CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48 with internal error id 1001 and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1 ).
Invalid XML signature -
Is there a way to print a pdf, which is secured with password?
I want to know a way to print pdf which is secured with password to print without throwing a error ?
Instead it has to ask for a password and print..we need to have an associated application installed in the system for that particular fileYup.
does javax.print api works for pdf files and word documents?Nope.
There is something called (I think) iText which can handle PDF documents. No idea whether it includes a printing facility or not.
db -
Is there a way to view Flash videos on my iMac without downloading Adobe Flash Player? I'm concerned about performance and security with Adobe Flash Player.
If the video is only available in a format that requires Flash player : then no.
However, a great many can also be viewed in an HTML5 version, in which case http://hoyois.github.io/safariextensions/clicktoplugin/ or similar can be set up so that Flash never runs unless you specifically choose it to. -
Axis bank net secure with webpin not working on ipad2
Hi,
Axis bank net secure with webpin not working on ipad2
Lt me know how to proceedTry using their App:
https://itunes.apple.com/in/app/axis-bank-mobile-application/id517266358?mt=8 -
Data level Security with Oracle Apps as Source
Hi all
I am implementing Data level Security with Apps as Source(OLTP) on Single Sign On.(Oracle has provided the Vanila rpd & we are working on that)
I need to Filter data based on Business Group, Users are created in Apps and they are registered with some Responsibilities.
(for eg, OBI User CHINA is a Responsibility; Now he will get only Business Group ID for China)
I have created Groups in rpd with same name as the responsibility in Apps.
I have created Initialization Blocks from which I m getting only 1 business group ID for every :USER.(I tried the code in TOAD & I m getting the correct BG ID)
I have created Group in WEB with the same name as the Group name in rpd.
If I say show all Users and Groups in WEB, I m getting the APPS Users.
I hv Reloaded the server metadata files and restarted the BI Server/WEB Server also...
But in the Report, I m getting all the Business Group Ids,
Plz advice if I m doing something wrong.
ThanQ
AnandYou need to be creating your "business groups" as a group in the RPD, init blocks to retrieve the user business group at login. Filters in the Logical table sources to restrict data to relevant business groups only.
Presentation 'Web Cat' groups with the same name as the RPD groups so a user inherits membership automatically.
I'd suggest sourcing a vanilla OBIA rpd to see how it is implemented out of the box. -
WPA Security with the F5D7230-4
Hey,
I've successfully bridged my Airport Express from my Belkin F5D7230-4 with WEP Security enabled and it worked very well. Well, I should actually rephrase that; it worked well for all the Macs. The only PC on the wireless network couldn't establish a consistent connection, so I had to change the security to WPA and now everybody's computers work very well (WPA is actually desired). The only problem with WPA is that I can't get WDS to work with it, in other words, the Airport Express won't connect to the Belkin. After configuring the settings the same way as before (except changing the security) the Airport Express will first stay solid yellow, turn green for 2 or 3 seconds, and then flash yellow again. I have tried changing the wireless channel, and telling the Airport Express to just join (not WDS) while the Airport Express next to the Belkin, but still nothing worked.
Wireless bridging is infact enabled on the Belkin, and I've also tried allowing only certain access points to connect, but that didn't work either.
Is it possible that I'm not able to use WPA security with WDS on this Belkin router?
It's a F5D7230-4 Belkin Router with 4.05.03 firmware, and the latest firmware is on the Airport Express.
Thanks for any help in advance.Do you mean to get into the network? I do have a password WPA password set, and that's why the Airport Express can't access it.
I need WPA set because a: the PC on the network needs it in order to connect, and b: it's much more secure.
I pretty much need to have the security because the Belkin has it on, and to my understanding, the Airport Express also needs to have it enabled to work.
Is there any update or anything available that could help my problem, or am I pretty much out of luck? -
Java Web Services Security with 10.1.2.1
I have developed a Java Web Service with J Developer 10.1.2.1 which was deployed onto Oracle 10.1.2.1 application server. Now I have to implement Security for this Web Service (similar to ws-security etc.,), how I can achieve Security with 10.1.2.1?
J Developer 10.1.3.1 seems to have the feature to implement Web Service Security, but a Java Web Service developed using J Developer 10 .1.3.1 with security enabled cannot be deployed onto Oracle 10.1.2.1 application server.
Please help as how I can implement Java Web Service Security with 10.1.2.1?
Email: [email protected]
Thanks for the help in advance.You can use Oracle Web Services Manager to virtualize the end point and still implement WS-Security.
Thanks
Ram -
WPA2 security with EAP-TLS user cert auth
I am investigating the use of EAP-TLS for authenticating clients through a MS NPS radius server for WLC WLAN using WPA-WPA2 for security with 802.1x for auth-key managment. We're trying to decide whether to use PEAP and AD account authentication or require client certificates issued by AD certifcate services. PEAP is working fine if we choose that auth method in our NPS radius network policy, but if we switch this to "smart card or other certificate" for client cert auth it does not work. The wireless profile on the Windows client is set up for WPA2/AES with "Microsoft: smart card or other certificate" for network auth. The 802.1x settings specify "User Authentication" and a user cert for the logged in user from ADCS is installed on the machine. The failure to connect reports "The certificate required to connect to this network can't be found on your computer". When I switch to Computer Authentication the error changes to "Network authentication failed due to a problem with the user account," though a valid machine cert also exists on the computer.
When I attempt to use cert auth I see no auth requests logged on the RADIUS server. I ran MS netmon on both the client and NPS server and I also see no requests coming in from the WLC to NPS. When using PEAP I do see EAP requests and responses between NPS and the WLC and radius requests logged. On the client end I do see an EAP request to the WAP when attempting cert auth, but no messages between the WLC and NPS.
It's also interesting that when I change the WLAN to use 802.1x and WEP encryption for layer 2 auth the cert auth worked first time, though I haven't been able to get that working since. Windows now complains I am missing a cert for that. In any case, what I really want is WPA2/AES with 802.1x cert auth and would like to get this working.
Is anyone using EAP-TLS with MS NPS radius and a WLC successfully? Any ideas on how to troubleshoot this or why I'm not seeing any traffic between WLC and NPS radius when attempting cert auth?Well Well
WLC or any AAA client acts in pass through mode after initialy generating EAP-identity request so it has nothing to with EAP type. AAA client will behave the same no matter if you use PEAP , EAP-TLS or LEAP .....
The error message that you have reported is clearly sayign that your client doesn't have certificate to submit agains the back-end authentication server and accordingly the process fails . If you are not saying anything sent from WLC to NPS , it makes sense , because when the WLC initialy generate eap-identity request your client fails to answer and accordingly nothing is being sent to NPS server.
In order to verify that we need ' debug client < mac address of the client > ' from the WLC while trying to connect to make sure that is the case.
Also make sure that your client has certificate that is binded to a user account defined on your AD in away or another to have it working.
Please make sure to rate correct answers -
Hi everyone, I have a question about security with my iBook G4 Airport Extreme, and my home network.
I have a 4 UTP and wi-fi router, CNet branded, and I like to know what are the main differences betwen the security setups:
WEP
WPA
WPA2
WPA2 Mixed
and the use 802.1x authentication.
Could anyone gime a short-first-class explanation?
Thanks a lot,
PabloI like to know what are the main differences betwen the security setups:
WEP
WPA
WPA2
WPA2 Mixed
and the use 802.1x authentication.
Could anyone gime a short-first-class explanation?
Wikipedia is a great source to answer your question:
- WEP
- WPA
- WPA2
- 802.1x -
Implementing LCDS Security with MDD
I am trying to understand security with MDD.
In my scenario, a user submits a document. I want to ensure that when the document is updated, the person who updated the document is the one who is updating the document.
My concern: If the submittedByUserID is returned to the client, a malicious authenticated user can falsify the headers to change the submittedByUserID.
My initial thoughts: I need to have a userServiceImpl that has a loginUser() method. The loginUser() method sets the user's ID in the session and I need to populate the submittedByUserID with this session information using the update-security-constraint.
Am I correct in the approach above? Is there a better way? Am I totally off-base?
If I am correct, how would I go about implementing this approach?
Data Structure:
<model>
<entity name="User" persistent="true">
<id name="userID" type="integer" generated="true"/>
<property name="username" type="string"/>
<property name="password" type="string"/>
<property name="documents" type="Document[]"/>
</entity>
<entity name="Document" persistent="true">
<id name="documentID" type="integer" generated="true"/>
<property name="body" type="blob"/>
<property name="submittedByUserID" type="integer"/>
</entity>
</model>Hi ,
If you want ensure & maintain security for your LAN sub nets , kindly move the gateway towards your fortigate 60c from distribution switches , by this way u dont want to write ACL on your distribution switches and manage it . (Subinterface on fortigate 60c )
If your subnet is getting expanded downline , you can plan for mix
1) defining gateway on firewall { subinterface on firewall } for subnet which need control on access
2) defining gateway on distribution switches for subnet which dont need any access control .
HTH
sandy -
Configure security with principals.xml
Hello!
I'm trying to configure security in Oracle IAS 9.0.4. I have two applications into an OC4J instance. I've configured an admin user with RMI connection permission in the intance's principals.xml file. I've configured another admin user with RMI connection permission in each of the applications' principals.xml.
One of the applications is trying to connect via JMS to other's queue, but it can't. If I execute a Junit external test, I get an invalid username/password error, but from the first application I get an NameNotFoundException because it says it can't locate my ConnectionFactory class.
I've configured the ConnectionFactory class and queue properly in instance's jms.xml file.
I have two questions. First question is why I get different error messages depending from where I try to connect to? Second question is what's the better way to configure security with principals.xml if I want to share user's configuration across applications inside an OC4J instance?
I have to mention that with an OC4J standalone deployment I had no problem and all worked fine, so I suspect I've missconfigured something at IAS, but I didn't found any document explaining inheritance clearly neither principals.xml at instance - applications context.
Thank you in advance.
Eva.We don't use principals.xml any more and have adopted the use of the JAAS, via our implementation which goes under the moniker of JAZN.
I'd have a peruse through the OC4J Security guide as a good starting point:
http://download.oracle.com/docs/cd/B32110_01/web.1013/b28957/toc.htm
The general J2EE doc library is here:
http://download.oracle.com/docs/cd/B32110_01/web.htm
-steve- -
OID-Integrated Label Security with HTMLDB?
Hi,
I've followed the how-to document to integrate Oracle Label Security with Oracle Internet Directory.(http://www.oracle.com/technology/deploy/security/database-security/howtos/ols_oid-how-to.html).
I've successfully created a label security policy for the HR.LOCATIONS table. I would like that same policy to be effective on any query regions in an HTMLDB application.
I created a test application in HTMLDB, and changed the authentication scheme to be LDAP. It uses Oracle Internet Directory to authenticate the users, and this works successfully.
However, when I login with an OID user that has been assigned to use the policy, I get no rows returned.
What is a good way to integrate my label security policy with my htmldb applicaton so that it works within HTMLDB and outside of HTMLDB?
I saw the technote to use VPD, but when I tried this, it caused my label security policy to stop working. I somehow made it conflict...(http://www.oracle.com/technology/pub/notes/technote_htmldb_vpd.html)
I guess I'm just not sure what the VPD function should look like after I've already created a Label Security Policy.
I basically want it to look at the APP_USER and then apply the policy appropriately.
Thanks,
NoraScott,
It still worked in SQLPLUS when I typed 'set role none' first.
The way I granted PROFILE_ACCESS was through a label security command:
SQL> exec sa_user_admin.set_user_privs('senspolicy','parse_schema','FULL,PROFILE_ACCESS');
It seems like this is the only way..
It just seems strange that it works in SQLPLUS. I'm trying to figure out what other permissions I need for HTMLDB.
Thanks again,
Nora
SQL*Plus: Release 10.2.0.1.0 - Production on Wed May 16 16:38:20 2007
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter user-name: parse_schema/<password>@testls
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, Oracle Label Security, OLAP and Data Mining options
SQL> set role none;
Role set.
SQL> select count(*) from hr.locations;
COUNT(*)
23
SQL> exec sa_session.set_access_profile('senspolicy','PUB');
PL/SQL procedure successfully completed.
SQL> select count(*) from hr.locations;
COUNT(*)
17
SQL> -
Message Level Security with SOAP Adapter
Hi,
I need to use Message Level Security with my SOAP Adapter. Please let me know if anyone has done the same in the past?
What are the steps I would need to do? How can I use WSS based security in the SOAP Adapter?Hi,
Message-level security is recommended and sometimes a prerequisite for inter-enterprise communication.
It improves communication-level security by adding security features that are particularly important for inter-enterprise
Message-level encryption is required if message content needs to be confidential not only on the communication lines but also in intermediate message stores.
Refer
How to use Client Authentication with SOAP Adapter
XML Encryption Using Web Services Security in SAP NetWeaver XI
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f0650f56-7587-2910-7c99-e1b6ffbe4d50
http://help.sap.com/saphelp_nw04/helpdata/en/a8/882a40ce93185de10000000a1550b0/frameset.htm
Thanks
swarup -
Unable to process SOAP Header child element 'wsse:Security' with 'mustUnder
Hello everyone.
In have created project in Jdeveloper. In this one i have one external reference for Siebel Service.
At composite, for external reference service(Siebel Service) i have added a security policy i.e. *"oracle_wss_username_token_client_policy"*.
[Right click on SiebelService->configure WS policies->under security tab i have selected above policy]
So apart from this i have added property for the policy
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">SADMIN</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">SADMIN</property>
But its returning following error,
Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
This really pushed back me in development.
Really i am in need of help. Help me out of this issue.
Thanks in advance,
ShridharUnable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)The problem is at Siebel side. It is not able to understand the security mechanism being used at SOA side. There are two options -
1. Use the custom policy and assertion at SOA side (please refer to metalink note - 1419373.1)
2. Write your own custom message handler class and use it at Siebel side to negotiate security gap
Regards,
Anuj
Maybe you are looking for
-
these cable are so delicate that after one week of use they break down. i can't spend all my money on buying them. moreover, last week it broke down on saturday eve so i was stuck untill tuseday without a phone. i have to say that this compan is so r
-
More countries, non-english speaking institutions?
Hi, I wonder if anyone here has any information on the possibility of iTune U to accept in the future non-english speaking universities from countries other than the current short list. I work in a Portuguese University with a multi-secular history a
-
Copied movie to new computer and plays distorted
Using iMovie 6 HD I made a movie on a new MacBook then copied it to my computer--PowerBook G4. The movie now plays with the video slow and choppy. The audio is choppy too but not in sync with the video. I thought it was a memory issue and dumped many
-
I have two tables T1 name id a 1 b 2 c 3 T2 id type 1 17 1 19 2 18 Now i want to join the two tables using left outer join and the condition on the table T2 is type=19. If for a particular id if type is present then the target table should get that t
-
Dear Expert, I have doubt regarding BOM explosion for MRP Area. This doubt is triggered when performing MD01, as result I do not find the dependent requirement in MD04 for my FG. I have maintained the BOM through CS61 and MRP area for all component,