Setting security manager for weblogic6.0

Similar Messages

• Security Manager for decryption is not set

  Hey,
  I am using the Livecycle virtual appliance in a test version to evaluate its features. When I decrypt an encrypted document with the java API I get an error message that says that the security manager is not set.
  Is the security Manager part of the appliance?
  How can I solve that problem?
  My Code:
          //Set connection properties required to invoke LiveCycle ES                               
          Properties connectionProps = new Properties();
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_DEFAULT_EJB_ENDPOINT, getConfig("lc.ejb-endpoint.url", "jnp://192.168.56.50:1099"));
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_TRANSPORT_PROTOCOL,Service ClientFactoryProperties.DSC_EJB_PROTOCOL);         
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_SERVER_TYPE, "JBoss");
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_USERNAME, getConfig("lc.ejb-endpoint.username", "jjacobs"));
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_PASSWORD, getConfig("lc.ejb-endpoint.password", "password"));
          //Create a ServiceClientFactory object
          ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
          //Create an EncryptionServiceClient object
          EncryptionServiceClient encryptClient = new EncryptionServiceClient(myFactory);
          //Unlock the password-encrypted PDF document
          Document unlockedDoc = encryptClient.unlockPDFUsingPassword(pdf, pdfPassword);
          return unlockedDoc;
  Exceptions details:
  Caused by: com.adobe.internal.pdftoolkit.core.exceptions.PDFSecurityAuthorizationException: Security Manager for decryption is not set
      at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamEncryption(Encrypti onImpl.java:196)
      at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamDecryptionHandler(E ncryptionImpl.java:263)
      at com.adobe.internal.pdftoolkit.core.cos.CosEncryption.getStreamDecryptionStateHandler(CosE ncryption.java:675)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStreamForCopying(CosStream.java:377)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.copyStream(CosStream.java:310)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStream(CosStream.java:422)
      at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.getDataStream(CosObjectStream.java :130)
      at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.<init>(CosObjectStream.java:80)
      at com.adobe.internal.pdftoolkit.core.cos.CosToken.readObject(CosToken.java:576)
      at com.adobe.internal.pdftoolkit.core.cos.CosToken.readIndirectObject(CosToken.java:108)
      at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:607)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
      at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:599)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.resolveReference(CosDocument.java:1067 )
      at com.adobe.internal.pdftoolkit.core.cos.CosDictionary.get(CosDictionary.java:278)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFCosDictionary.getDictionaryCosObjectValue(P DFCosDictionary.java:423)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFCatalog.getInteractiveForm(PDFCatalog.java: 156)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFDocument.getInteractiveForm(PDFDocument.jav a:521)
      at com.adobe.formServer.utils.CommonGibsonUtils.isForm(CommonGibsonUtils.java:153)
      at com.adobe.livecycle.formdataintegration.server.FormData.exportDataInternal(FormData.java: 338)
      at com.adobe.livecycle.formdataintegration.server.FormData.exportData2(FormData.java:217)
      ... 81 more

  I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
  You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
  Note that you will need the document's password to remove the security.

• FormDataIntegration Security Manager for decryption not set

  When trying to export or import from a specific PDF form, I am getting the error below.  I suspect it's the pdf b/c I can import and export from different pdf forms.  Any ideas or help in order to modify or resolve this problem?
  com.adobe.livecycle.formdataintegration.client.ImportFormDataException: Security Manager for decryption is not set
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.livecycle.formdataintegration.server.FormData.importData(FormData.java:98)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at java.lang.reflect.Method.invoke(Method.java:615)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     a

  I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
  You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
  Note that you will need the document's password to remove the security.

• Specifying system properties/security manager for OC4J

  I have a couple of related questions regarding OC4J/orion.jar:
  1. Generically, how can we specify system properties to orion.jar? Being an executable JAR, simply using -D does not work.
  2. Specifically, I need to launch the OC4J app server with a Java security manager (with associated security policies, etc.) Java's way of doing this is via -Djava.security.manager=... but this does not work with executable JARs it seems. I tried specifying these parameters via -D and I got a security exception:
  Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyP
  rmission java.protocol.handler.pkgs write)
  at java.security.AccessControlContext.checkPermission(Unknown Source)
  at java.security.AccessController.checkPermission(Unknown Source)
  at java.lang.SecurityManager.checkPermission(Unknown Source)
  at java.lang.System.setProperty(Unknown Source)
  at com.evermind.server.ApplicationServer.initProtocolHandlers(ApplicationServer.java:652)
  at com.evermind.server.ApplicationServer.launchCommandline(ApplicationServer.java:319)
  at com.evermind.server.ApplicationServer.main(ApplicationServer.java:314)
  So, how do I install the Java security manager with orion.jar? Is there any other way to specify system properties to this, or is there any other way to install the Java security manager for OC4J?
  Any help much appreciated.
  ..Hrishi

  Thanks, that seemed to work. However it seems that spawned another little problem. I was using the -Xbootclasspath/a option while firing up orion.jar because I needed to append something to OC4J's default classpath (that is specified in orion.jar's Manifest). Now, when I start OC4J with the -D options for the security policy, it seems to ignore the -Xbootclasspath argument. I have not yet been able to confirm this fact, but based on the ClassNotFoundError I'm running into, that does seem to be the problem.
  So I guess my question is, could specifying the -D options to the executable JAR cause it to ignore any other options you may be passing to it (such as -Xbootclasspath)? Is there any sequence in which these args need to be passed?
  Thanks.
  ..Hrishi
  Hi,
  You can try this :
  - Check if you have a file java2.policy in <OC4J_HOME>\config\policy and check if the permission java.util.PropertyPermission "read,write" is granted to <OC4J_HOME>.
  if there is no file, you can create one based on <JAVA_HOME>\lib\security\java.policy and grant the approriate privileges.
  - Launch OC4J :
  java -Djava.security.manager -Djava.security.policy=<OC4J_HOME>/config/java2.policy -jar orion.jar
  OR java -Djava.security.manager -Djava.security.policy=<PATH_TO_FILE_POLICY>/<YOUR_FILE>.policy -jar orion.jar
  Maher

• SCCM 2012 R2 - Setting security Role for SCEP reporting shows nothing.

  Have an issue.
  I've created a new security role for a user so he can view reports about Endpoint Protection(Just copied Endpoint Manager role and set all permissions to Read) .
  But when user runs reports, he gets nothing:

  Try setting the "Audit Security" permission to Yes on "Collection" within your custom security role.

• Setting security manager

  Hi,
  I have a typical requirement which asks me to have a security manager which applies to only a part of the code and not to the whole code. I will try to explain it.
  Lets say I have a class A which does something (may be it accesses files, open socket connections over network etc etc). This class A is a sort of trusted class and is allowed to do everything. Now suppose this class is built in such a manner that it can load another class B at runtime which could be any class written by any third party. So what exactly class B will do cannot be predicted because it is a third party class. Now what I want is to set a security manager only for class B that will prevent it to do any nasty things like accessing file system, shutting down vm etc. . Please note that class A can do all these things but class B should not be allowed to do these. If class B tries to do any of those things then security exception should be thrown.
  Hope I made my point clear.
  Please note that I am not talking of Applets but complete application so pls dont forward any replies which applies to applets.
  Can anyone help pls........
  regards.

  Hey guys,
  crack_it:
  If you would rather dismiss the (A)pplication (P)rogramming (I)nterface then go ahead. No disrespect to the folks at O'Reilly, but reading the API is as good as hearing it from the horses mouth. If you could humour me, just test what the API says.
  I can't remember if we discussed it somewhere at some point, but I am under the impression you are locking-down you application designed in a plugin-architecture.
  If this is true, you simply need to specify two entries in your policy: one for your code in app_home/lib; one for third-party code in app_home/plugins. How you load these classes are irrelevant.
  As for detecting which classes trigger security checks, as mmhuda says, you can access the execution stack through the Thread class. You can retrieve information on the calling class and its method which made the call. These 'calls' are stacked i.e. most recent first. You may need to skip 3 or 4 frames (StackTraceElements) which represent the calls to access the stack information. It is troublesome. I recently implemented a similar method wihtin my Policy implementation to prevent it from being wrapped and exploited by other bogus policy implementations. I have a lookup of class.method --> class.method strings that represent permitted calls. All you would need to do is implement a lookup mapping class or class.method --> Permission or Permissions (PermissionCollection) containing what the class can do, and check against them.
  Now I have stated it, I am even more convinced; you are simply reimplementing the security infrastructure,or rather, shifting the function of the Policy and AccessController to your XxxxSecurityManager. Perhaps a waste of effort.
  mmhuda:
  Do not confuse terms; a class can be loaded and not in the execution stack - I wouldn't be surprised if a loaded class spends 99.99% of its life sitting idle off the stack. The stack represents a 'chain' of method calls for a particular Thread. It does not represent all the loaded classes in the JVM, otherwise the stack would be 100's of frames deep.
  Warm regards,
  D

• How to set security type for lenovo working with hotspot?

  How to set wireless security type for lenovo laptop working with hotspot?
  Since I can connect with the other laptops except this brand.

  //add related mutip-part to combine parts
  MimeMultipart multipart = new MimeMultipart("related");
  //attach a pdf
  messageBodyPart = new MimeBodyPart();
  fds = new FileDataSource("h:/something.pdf");
  messageBodyPart.setDataHandler(new DataHandler(fds));
  messageBodyPart.setFileName(fds.getName());
  multipart.addBodyPart(messageBodyPart);
  //add multipart to the message
  message.setContent(multipart);
  //send message
  Transport.send(message);

• Setting security constraint for web App

  Hai all!
  I am new to bea and i am trying to set up security constraints for my webaplication..
  I want user to be authenticated before he access any of the pages in browser..
  All i did was adding following entries to web.xml
  <security-constraint>
            <web-resource-collection>
                 <web-resource-name>
                      webresources
                 </web-resource-name>
                 <url-pattern>
                 </url-pattern>
            </web-resource-collection>           
            <login-config>          
                 <auth-method>
                 BASIC
                 </auth-method>          
            </login-config>
       </security-constraint>
  But no such thing is happening,,
  I know i am doing wrong but donno where exactly i am wrong..
  Pls guide me in sequnece of steps regarding what to do to accomplish what i want..
  Thanks and Regards
  Manohar

  I guess you need to set the role that is allowed to log into your application.
  try this in web.xml:
       <security-constraint>
            <display-name>Whatever</display-name>
            <web-resource-collection>
                 <web-resource-name>resource</web-resource-name>
                 <description>Desc</description>
                 <url-pattern>/*</url-pattern>
                 <http-method>GET</http-method>
                 <http-method>POST</http-method>
            </web-resource-collection>
            <auth-constraint>
                 <description>desc</description>
                 <role-name>MyRole</role-name>
            </auth-constraint>
                 <user-data-constraint>
                 <transport-guarantee>NONE</transport-guarantee>
            </user-data-constraint>
       </security-constraint>
       <login-config>
            <auth-method>BASIC</auth-method>
       </login-config>
       <security-role>
            <description>desc</description>
            <role-name>MyRole</role-name>
       </security-role>
  and map the role with a group/user in weblogic.xml:
       <security-role-assignment>
            <role-name>MyRole</role-name>
            <principal-name>MyGroupOfUsers</principal-name>
       </security-role-assignment>
  Hope this helps.
  Xavi
  "Manohar" <[email protected]> wrote:
  >
  Hai all!
  I am new to bea and i am trying to set up security constraints for my
  webaplication..
  I want user to be authenticated before he access any of the pages in
  browser..
  All i did was adding following entries to web.xml
  <security-constraint>
            <web-resource-collection>
                 <web-resource-name>
                      webresources
                 </web-resource-name>
                 <url-pattern>
                 </url-pattern>
            </web-resource-collection>           
            <login-config>          
                 <auth-method>
                 BASIC
                 </auth-method>          
            </login-config>
       </security-constraint>
  But no such thing is happening,,
  I know i am doing wrong but donno where exactly i am wrong..
  Pls guide me in sequnece of steps regarding what to do to accomplish
  what i want..
  Thanks and Regards
  Manohar

• Has anyone tried Advanced Security Manager for System 9.0

  Hi All,
  I am having issues with Advanced Security Manager in system 9.0
  I am getting an error "essapin.dll" cannot be found.
  has anyone faced similar issue, if yes, how did you get around with that.
  thanks and regards.

  I got the problem solved.
  essapin.dll was with version 6.5 and from essapin.dll was replaced by essapinu.dll. Advanced Security Manager was searching for essapin.dll.
  I installed client version of 6.5, which got me essapin.dll.
  I am able to export all my filters with ASM now :-)

• How to setup security manager for applet at runtime?

  hello everyone,
  I am wonder if there is a way to setup security manager at runtime. This is what I am trying to do:
  1. Create a Applet GUI and allow users to specify in an input dialog box of the URL they like make connection to.
  I know there is two way of do this
  1. Is modify java.policy file and specify the URL SocketPermission to connect to.
  2. setup signed certificate applet.
  But, I would to try to see if there is a way to have applet make connection at runtime when users specify the URL.
  Anyone have any ideas.
  Thanks.

  Thanks, Peter
  Going over some articles you and references that you pointed out was very useful on how the java security model work and a little bit history too.
  So, I am assuming that I can make my own securitymanager class that defines the permission of the applet that I am working, using Permission, SecurityManager, ....etc class right? I just want to be clear on what I am going to be doing.
  If you have any other thoughts, Thanks,

• Set batch management  for reasons of cost management item cannot be deleted

  Discovery was made that a material should have had batch management MARC-XCHPF selected.  Within that time sales orders were created as well as sales order stock.  411E movements were done to get rid of the sales order stock, and it can not be seen in MMBE.  MD04 is also clear.  New attempt to add batch management in the plant displayed errors - SD Documents exist (orders or deliveries) that have not yet been
  processed or that have been processed only in part.            
     Document   Item                                             
     206365     000020
  Attempt to remove item 20 from sales order and receive error
  Message no. V1128
  For reasons of cost management, item 000020 cannot be deleted.
  Diagnosis
  You tried to delete a sales document item for which cost management is carried out. Cost management can exist at item level for
     - make-to-order production
     - make-to-order stock
     - service contract item
  Procedure
  Enter a reason for rejection at item level.
  I found a similar problem on the forum but not really a solution other than throwing in the towel and making new materials.

  Hi
  What I understand from your thread is:
  You have chekced batchmanagement in
  material master & after working some time you want to remove that tick mark.
  First of all one should understand that for what ever reason batch management is ON, you can not reverse it .
  Either activation or deactivation of batchmanagement is irreversible.
  Oflat SAP had come with a note telling that how to proceed with reversal batch management.
  I have gone through that note .Finally SAP wants to take consultancy with some fees to make reversal.
  It is all pain ful job.
  If you can do it abandom thta material & create new material.
  This is the solution I can give.
  Hope it is celar to you.
  Regards
  YMREDDY

• Get or set security credentials for XML web service client authentication

  Dear,
  I wrote a custom asp.net web service that acts as a wrapper for the taxonomyclientservice.asmx in sharepoint 2010.
  ON my local machine, the following code works:
    using (Taxonomy.Taxonomywebservice TaxonomyClient = new COSMOS_Taxonomy.Taxonomywebservice())
  TaxonomyClient.Credentials = new NetworkCredential("username", "pass", "domain");
  TaxonomyClient.PreAuthenticate = true;
  etc..
  The authentication works when i provide the user credentials.
  the problem is when i deploy the webservice to my production env. I dont know the owner of the metadata term store and its out of the question to get the username and password.
  when i try to run this code on my local machine:
  TaxonomyClient.Credentials = System.Net.CredentialCache.DefaultCredentials;
  i get this error:
  System.Net.WebException: The request failed with HTTP status 401: Unauthorized.
  at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
  at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
  at COSMOS_TermSet.COSMOS_Taxonomy.Taxonomywebservice.GetTermSets(String sharedServiceIds, String termSetIds, Int32 lcid, String clientTimeStamps, String clientVersions, String& serverTermSetTimeStampXml)
  at COSMOS_TermSet.CustomWebService.GetCountryTermSet()
  How can i fix this.
  Many thanks in advance

  Hi Roni,
  Based on your description, the error occurred when using the DefaultCredential in the code.
  I recommend to check if the “<identity impersonate="true"></identity>” is included in web.config file.
  If not, add it to web.config file to see if the issue still occurs.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Security Manager Setting for Tomcat.

  Hi,
  Can anyone show me how to setup Security Manager for Tomcat step by step ?
  What do we need to set in server.xml and tomcat policy?
  After setting, how do run Tomcat?
  I did refer to the Tomcat Security Guide, but I didn't success to setup Security Manager.
  Can anyone explain in layman term to me?
  Your help will be appreciated.
  Thank you.

  I've solved my problem.
  For those who have are interested,
  you can refer to :
  http://jakarta.apache.org/tomcat/tomcat-3.2-doc/uguide/tomcat-security.html

• Security code for Nokia X2-01 (any factory-set cod...

  Hello, 
   My Nokia phone X2-01 seems to have a preset security code, although I have never set any codes nor pin codes since I purchased it. I just wanted to delete some message counters logs, but it asks me for security code when I select  "clear counters menu". Is there any factory set - security code for Nokia phones?
  Thank you once again for your advice. Regards..

  Zainayub wrote:
  I have tried both 12345 and 00000 but it still doesn't work
  Did you buy it second hand ? If so, the earlier user may have set a security code ..
  If thats not the case then you may try the Software Recovery Tool. If that also doesn't help, an Authorised Care Point is the only place where the Code can be reset ..

• Security Permissions for simple file transfer

  Hey All
  I'm transferring a file using RMI as part of an enhancement. I want to restrict where the file can be transferred to and thus will use a security manager (On the destination object). However the object its being transferred to shares the same JVM with another quite complex application that currently doesn't need a security manager.
  Will I need to set a whole host of permissions for this application even though I only want to restrict file writing?
  I suspect this is the case just want confirmation.

  Hi,
  In the code which receives the file being transferred, you might try calling System.setSecurityManager(new SecurityManager()). Use the configured Java policy to limit where the file can be written. After calling setSecurityManager(), save the file. Before returning to the rest of the application, call System.setSecurityManager(null). Ensure that your code has setSecurityManager permission or this call will fail. If this idea doesn't work, you could simply use a security manager for the whole application, and just grant AllPermission to everything except the file receiving code. Everyone says AllPermission is dangerous, but it's no more dangerous than running with no security manager at all :)