Setting security manager

Similar Messages

• Setting security manager for weblogic6.0

  I need to be able to get the weblogic6.0 server to use third party security manager. I tried setting "-Dweblogic.security.manager = <security_manager_class>". Unfortunately this doesn't work.. on my test servlet I find no security manager has been set.This argument worked successfully in weblogic5.1.If you have any hints/ideas, please let me know.Thanks!!

  I need to be able to get the weblogic6.0 server to use third party security manager. I tried setting "-Dweblogic.security.manager = <security_manager_class>". Unfortunately this doesn't work.. on my test servlet I find no security manager has been set.This argument worked successfully in weblogic5.1.If you have any hints/ideas, please let me know.Thanks!!

• Security Manager for decryption is not set

  Hey,
  I am using the Livecycle virtual appliance in a test version to evaluate its features. When I decrypt an encrypted document with the java API I get an error message that says that the security manager is not set.
  Is the security Manager part of the appliance?
  How can I solve that problem?
  My Code:
          //Set connection properties required to invoke LiveCycle ES                               
          Properties connectionProps = new Properties();
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_DEFAULT_EJB_ENDPOINT, getConfig("lc.ejb-endpoint.url", "jnp://192.168.56.50:1099"));
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_TRANSPORT_PROTOCOL,Service ClientFactoryProperties.DSC_EJB_PROTOCOL);         
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_SERVER_TYPE, "JBoss");
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_USERNAME, getConfig("lc.ejb-endpoint.username", "jjacobs"));
          connectionProps.setProperty(ServiceClientFactoryProperties.DSC_CREDENTIAL_PASSWORD, getConfig("lc.ejb-endpoint.password", "password"));
          //Create a ServiceClientFactory object
          ServiceClientFactory myFactory = ServiceClientFactory.createInstance(connectionProps);
          //Create an EncryptionServiceClient object
          EncryptionServiceClient encryptClient = new EncryptionServiceClient(myFactory);
          //Unlock the password-encrypted PDF document
          Document unlockedDoc = encryptClient.unlockPDFUsingPassword(pdf, pdfPassword);
          return unlockedDoc;
  Exceptions details:
  Caused by: com.adobe.internal.pdftoolkit.core.exceptions.PDFSecurityAuthorizationException: Security Manager for decryption is not set
      at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamEncryption(Encrypti onImpl.java:196)
      at com.adobe.internal.pdftoolkit.core.encryption.EncryptionImpl.getStreamDecryptionHandler(E ncryptionImpl.java:263)
      at com.adobe.internal.pdftoolkit.core.cos.CosEncryption.getStreamDecryptionStateHandler(CosE ncryption.java:675)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStreamForCopying(CosStream.java:377)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.copyStream(CosStream.java:310)
      at com.adobe.internal.pdftoolkit.core.cos.CosStream.getStream(CosStream.java:422)
      at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.getDataStream(CosObjectStream.java :130)
      at com.adobe.internal.pdftoolkit.core.cos.CosObjectStream.<init>(CosObjectStream.java:80)
      at com.adobe.internal.pdftoolkit.core.cos.CosToken.readObject(CosToken.java:576)
      at com.adobe.internal.pdftoolkit.core.cos.CosToken.readIndirectObject(CosToken.java:108)
      at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:607)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
      at com.adobe.internal.pdftoolkit.core.cos.XRefTable.getIndirectObject(XRefTable.java:599)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.getIndirectObject(CosDocument.java:287 5)
      at com.adobe.internal.pdftoolkit.core.cos.CosDocument.resolveReference(CosDocument.java:1067 )
      at com.adobe.internal.pdftoolkit.core.cos.CosDictionary.get(CosDictionary.java:278)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFCosDictionary.getDictionaryCosObjectValue(P DFCosDictionary.java:423)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFCatalog.getInteractiveForm(PDFCatalog.java: 156)
      at com.adobe.internal.pdftoolkit.pdf.document.PDFDocument.getInteractiveForm(PDFDocument.jav a:521)
      at com.adobe.formServer.utils.CommonGibsonUtils.isForm(CommonGibsonUtils.java:153)
      at com.adobe.livecycle.formdataintegration.server.FormData.exportDataInternal(FormData.java: 338)
      at com.adobe.livecycle.formdataintegration.server.FormData.exportData2(FormData.java:217)
      ... 81 more

  I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
  You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
  Note that you will need the document's password to remove the security.

• FormDataIntegration Security Manager for decryption not set

  When trying to export or import from a specific PDF form, I am getting the error below.  I suspect it's the pdf b/c I can import and export from different pdf forms.  Any ideas or help in order to modify or resolve this problem?
  com.adobe.livecycle.formdataintegration.client.ImportFormDataException: Security Manager for decryption is not set
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.livecycle.formdataintegration.server.FormData.importData(FormData.java:98)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:64)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at java.lang.reflect.Method.invoke(Method.java:615)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
  [5/5/10 16:12:04:953 EDT] 0000001e SystemErr     R     a

  I think you answered your own question - the PDF is password protected therefore LC can't open it to extract the data.
  You'll have to remove the security first.  You can do that in a process by using the Common.EncryptionService.Remove PDF Password Encryption operation.
  Note that you will need the document's password to remove the security.

• I cannot set new security manager.

  How to set new security manager if there is one that is installed. It always raises an exception.

  this is not really a JMS question.
  anyway - you can't change a SecurityManager after it has been instatiated. what you can do is run the JVM with the -Dsecuritymanager= propert.y

• Security Manager Setting for Tomcat.

  Hi,
  Can anyone show me how to setup Security Manager for Tomcat step by step ?
  What do we need to set in server.xml and tomcat policy?
  After setting, how do run Tomcat?
  I did refer to the Tomcat Security Guide, but I didn't success to setup Security Manager.
  Can anyone explain in layman term to me?
  Your help will be appreciated.
  Thank you.

  I've solved my problem.
  For those who have are interested,
  you can refer to :
  http://jakarta.apache.org/tomcat/tomcat-3.2-doc/uguide/tomcat-security.html

• Differences in setting a security manager

  Hello,
  what is the difference between installing a security manager using a system property like this:
  -Djava.security.manager=java.rmi.RMISecurityManagerand by executing the following at the beginning of the main method:
  if (System.getSecurityManager() == null) {
       System.setSecurityManager(new RMISecurityManager());
  }To my understanding of the various reference documentations for java security, they should be equivalent in the obtained result. In my case, however, the system property one doesn't work, that is classes are not downloaded dynamically; everything works fine with the java code solution.
  Many thanks,
  valerio

  Works for me.
  -Djava.security.manager=java.rmi.RMISecurityManagerThis argument needs to appear first on the command line, before any other -D and -jar arguments.
  NB the RMISecurityManager is obsolete, you can use java.lang.SecurityManager. See the Javadoc. You can just specify:
  -Djava.security.manager=defaultor just:
  -Djava.security.manager

• Setting Security through the Security Manager

  Hi guys!
  I have a question about Security..
  If I open Security Manager --> Groups --> Group_name --> Permissions --> Filters i choose a presentation server and the presentation table (and its fields) so that the user can see only the data that i want..
  The problem is that choosing this presentation table when creating a generic answer i effectively do not allow the user to see that data.. but when the user chooses some other presentation tables and not the one that i "told" him to, he can see all the data anyway..
  Is there a way to apply this filter to the whole repository, even if the user does not directly choose that particular presentation table for an answer?

  911078 wrote:
  Hi guys!
  I have a question about Security..
  If I open Security Manager --> Groups --> Group_name --> Permissions --> Filters i choose a presentation server and the presentation table (and its fields) so that the user can see only the data that i want..
  The problem is that choosing this presentation table when creating a generic answer i effectively do not allow the user to see that data.. but when the user chooses some other presentation tables and not the one that i "told" him to, he can see all the data anyway..
  Is there a way to apply this filter to the whole repository, even if the user does not directly choose that particular presentation table for an answer?Are you looking at the Advanced Security Option?
  Getting a hint of the product version and operating system would really be appreciated.

• Failed to set security on SQL Server registry key. Error: 2

  Hi,
  I have a Primary site (mixed mode) running SCCM 2007 SP1 for many months now with no issues.
  This site is made up of two Win 2008 sp2 servers sharing the SCCM roles:-
  SCCM01 - Site server, DP, RP, PXE and SQL2005 hosting the SCCM database
  SCCM02 – SUP, MP, FSP, SLP
  The SQL2005 on SCCM01 is running under a domain service account called
  domain\service_sccm which is also a sysadmin in SQL as is the SCCM02 server.
  In an effort to resolve the isse I have made this account a Domain Admin.
  I have also used this account to log onto SEC01 to run the Secondary Site installation and to be the SQL Service account.
  I'm now trying to add a Secondary Site on a Domain Controller called SEC01 (also Win2008 sp2) and on the same LAN as the SCCM01/02.
  This is where I get problems.
  I run the installation locally on the Sec Site server (DC) as a Domain Admin and the installation completes OK (all green ticks),
  the ComponentSetup.log and Pre-Reqs are all good as well however when I check the ConfigMgrSetup.log I see the below -
  Failed to set security on SQL Server registry key. Error: 2.
  <11-09-2010 22:46:59> SMS Setup full version is 4.00.6221.1000
  <11-09-2010 22:46:59> Successfully set security on Setup registry key.
  <11-09-2010 22:46:59> Failed to set security on SQL Server registry key. Error: 2
  <11-09-2010 22:46:59> Successfully set security on Identification registry key.
  <11-09-2010 22:46:59> Creating SMS Inbox Source registry key ...
  <11-09-2010 22:46:59> Installing SMS Site Component Manager ...
  <11-09-2010 22:46:59> Installing Site Component Manager under acct <NT AUTHORITY\SYSTEM> path <C:\Program Files (x86)\Microsoft
  Configuration Manager\bin\i386\sitecomp.exe>
  <11-09-2010 22:47:01> Started Site Component Manager service
  <11-09-2010 22:47:01> SMS Site Component Manager installation completed.
  <11-09-2010 22:47:01> Done with service installation
  Adding the PMP role to SEC01 also fails to install and no MPSetup or MPControl logs are created.
  WebDav and win2008 roles, features all added and server fully patched.
  Despooler.log on SCCM01 seems good and passing keys.
  Tried installing to default path and to shortened path such as C:\SCCM
  The new secondary site is listed in the console and an address can be added for the Secondary Site
  BITS Server Extensions and Remote Differential Compression Features are enabled.
  The Group memberships all appear ok:-
  SCCM01
  Local Admins    
  contains the sec site server SEC01, SCCM01, installation accounts
  SMS_SiteToSiteConnection_001              
  SEC01 (the sec site server)
  SMS_SiteSystemToSiteServerConnection_001                 
  SCCM02
  SEC01
  No Local Admins as a DC
  SMS_SiteToSiteConnection_002              
  SCCM01
  SMS_SiteSystemToSiteServerConnection_002     
  empty
  SQL 2005
  This has the account logged in during installation as a sysadmin
  SCCM02 is also sysadmin
  The fundamental issue appears to be that the SEC01$ server account is not being added to SQL Logins (and therefore SCCM database Roles)
  therefore the installation cannot complete.
  I have tried to manually add the SEC01 account to SQL Logins before installation of Sec Site but this did not work.
  Not sure if the fact that SEC01 is a DC may be a factor.
  Appreciate any help if anyone has seen this before or can suggest a resolution.
  Thanks

  After a lot of digging around and head scratching I eventually found the resolution.
  The original thread title Error turned out to be a bit of a red herring in that my failure to deploy Sec Sites came down to two separate issues seemingly unrelated to the error message of the thread title.
  The first part of the resolution was to manually create the SQL Server accounts for the Sec Site Servers and assign them to the smsdbrole_MP DB role to
  let the SQL side of the SCCM install complete a s these were not being created automatically.
  This then left the fact that that the installation of the Sec Site completed successfully according to the install logs in C:\ however the DP and MP would
  never install.
  The big clue was eventually contained in the mpfdm.log errors relating to
  **ERROR: Cannot find path for destination inbox SMS_AMT_PROXY_COMPONENT on server REGISTRY SMS_MP_FILE_DISPATCH_MANAGER 
  and
  **ERROR: Cannot find path for destination inbox Asset Intelligence KB Manager on server REGISTRY SMS_MP_FILE_DISPATCH_MANAGER 
  Thankfully the errors led me to these two blogs:
  http://myitforum.com/cs2/blogs/scassells/archive/2009/07/20/error-cannot-find-path-for-destination-inbox-sms-amt-proxy-component-on-server-registry.aspx
  and
  http://social.technet.microsoft.com/Forums/en-US/configmgrsetup/thread/5fcc53d4-8629-4b34-9eaa-6cb020eedc13/
  As it turned out the SCCM installation registry and folder creation does not complete and I had to manually enter the reg settings as detailed in the
  links above to complete the installation. Once I did as described everything worked a treat – all my MPs and DPs are 100% now.
  Solutions
  Add the following reg keys to each of your effected secondary sites.
  Inbox Fix
  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\MPFDM\Inboxes]
  "Asset Intelligence KB Manager"="E:\\Program Files\\Microsoft Configuration Manager\\inboxes\\AIKbMgr.box"
  "SMS_AMT_PROXY_COMPONENT"="E:\\Program Files\\Microsoft Configuration Manager\\inboxes\\amtproxy.box" 
   Asset Intelligence fix:
   Note: you will need to identify the next largest key value. 
  In my example it was key 49
   Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Inbox Source\Inbox Definitions\49]
  "Inbox Name"="Asset Intelligence KB Manager"
  "Relative Path"="inboxes\\AIKbMgr.box"
  "NAL Path"=""
  "User Rights"=dword:00000000
  "Service Rights"=dword:00000004
  "Monitoring Enabled"=dword:00000001
  "Location Type"=dword:00000001
  "Guest Rights"=dword:00000001
  AMT registry Fix.
    Note: you will need to identify the next largest key value. 
  In my example it was key 50
  Windows Registry Editor Version 5.00
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SMS\Inbox Source\Inbox Definitions\50]
  "Inbox Name"="SMS_AMT_PROXY_COMPONENT"
  "Relative Path"="inboxes\\amtproxy.box"
  "NAL Path"=""
  "User Rights"=dword:00000000
  "Service Rights"=dword:00000004
  "Monitoring Enabled"=dword:00000001
  "Location Type"=dword:00000001
  "Guest Rights"=dword:00000001
  Big thanks to Shaun Cassells and John Marcum for these blogs

• How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  How to set security group as primary site collection admin and secondary site collection admin using powershell in sharepoint online site - office 365?

  Hi,
  According to your description, my understanding is that you want to set security group as admin of primary and secondary site collection using PowerShell command in office 365.
  I suggest you can use the command below to set the group to site owner, then it will have the site collection admin permission.
  Set-SPOSite -Identity https://contoso.sharepoint.com/sites/site1 -Owner [email protected] -NoWait
  Here are some detailed articles for your reference:
  https://technet.microsoft.com/en-us/library/fp161394(v=office.15)
  http://blogs.realdolmen.com/experts/2013/08/16/managing-sharepoint-online-with-powershell/
  Thanks
  Best Regards
  Jerry Guo
  TechNet Community Support

• Security Manager/Access problem

  (WWC-00000)
  An unexpected error has occurred in portlet instances: wwpob_api_portlet_inst.create_inst (WWC-44846)
  The following error occurred during the call to Web provider: java.lang.NullPointerException
  at oracle.portal.provider.v2.security.URLSecurityManager.hasAccess(Unknown Source)
  at oracle.portal.provider.v2.DefaultPortletDefinition.hasAccess(Unknown Source)
  at oracle.portal.provider.v2.ProviderInstance.getPortletDefinition(Unknown Source)
  at oracle.portal.provider.v2.ProviderInstance.getPortletInstance(Unknown Source)
  at oracle.portal.provider.v2.ProviderInstance.getPortletInstance(Unknown Source)
  at oracle.webdb.provider.v2.adapter.soapV1.ProviderAdapter.registerPortlet(Unknown Source)
  at java.lang.reflect.Method.invoke(Native Method)
  at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.doMethodCall(Unknown Source)
  at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.processInternal(Unknown Source)
  at oracle.webdb.provider.v2.utils.soap.SOAPProcessor.process(Unknown Source)
  at oracle.webdb.provider.v2.adapter.SOAPServlet.doSOAPCall(Unknown Source)
  at oracle.webdb.provider.v2.adapter.SOAPServlet.service(Unknown Source)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:336)
  at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:59)
  at oracle.security.jazn.oc4j.JAZNFilter.doFilter(JAZNFilter.java:283)
  at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:523)
  at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:269)
  at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:735)
  at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:151)
  at com.evermind.util.ThreadPoolThread.run(ThreadPoolThread.java:64)
  (WWC-43147)
  Removing the provider.xml security manager setting will do away with this problem.
  Versions being used: Portal 9.0.2 and PDK september.

  I have checked with PDK September samples related to Security Manager/Access and they are working fine. Please lets know for which PDK sample gives this error.

• Using the Security Manager to restrict access to a single package

  After reading up on the Security Manager, the package.access property and the use of the [accessClassInPackage RuntimePermission|http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#RuntimePermission] , it seemed to me that it would possible to set up the following: I have a security-sensitive code base packaged in a jar, and I want to make sure that only one client code base that I specify is permitted to access it. The idea here is to prevent malicious code from executing anything in the sensitive code base; the sensitive code is only accessible to one client that I name in a security policy file. Perhaps rather foolishly, I advised a client to consider this before testing out a sample myself, because much to my surprise, it appears to me that it isn't possible to get the Security Manager to do this at all. Am I missing something? I'm a bit startled by this conclusion -- it seems like such an obvious use for the Security Manager, I'm hard-pressed to be believe that it can't be done, and more inclined to suspect that I'm going about it wrong.
  Here's what I thought I could do: set up the package.access property so that it denies access to any package; then in the policy file, grant the RuntimePermission/accessClassInPackage to the client code base that is permitted to access the sensitive code.
  Of course, you wouldn't want the package.access property to exclude all packages in the global java.security file, because then no code could be accessed at all. It would be necessary to use the trick of resetting the package.access property within the code, as [illustrated in the secure coding guidelines|http://java.sun.com/security/seccodeguide.html#1-1a] .
  But the problem lies in the idea of "use the package.access property to deny access to +any+ package". There doesn't seem to be any way to use wildcards or the like with the property -- it has to specifically name packages (or package prefixes) to which access is forbidden. It wouldn't do to try to name the packages to which I'm trying to prevent access, since we're trying to prevent access from malicious code -- the attacker could just choose package names that aren't on the list. I'd really need to say that access is denied to all packages, except for those in the permitted code base, but the security mechanisms for package access don't seem to allow that.
  Moreover, the trick of changing the value of package.access can't be done within the client code -- otherwise, the attacker client would just set the property to his own purposes. But it can't really be done within the sensitive package either, because the whole idea is to prevent access to that package, and by the time it's busy setting the property, it's already too late, because the package has to have been accessed by a client to get there at all.
  It seems to me that this a symptom of something I've never really understood about the design of the Security Manager -- you can grant permissions to specific code bases, but you can't revoke permissions from specific code bases, let alone all code bases. What I want to do here is grant access permission to one specific code base and revoke it from all others. There doesn't seem to be any way to express that with the mechanisms of the Security Manager.
  The more I look at it, the more it seems that there's just no way to use the Security Manager this way -- set up package access so that a specific code base can only be accessed by one specific client code base. There are surely other ways to get the effect that I'm looking for, but as far as I can tell, none of them involve restricting package access (for example: define a custom permission, grant it only to the permitted client. and check against that permission within the sensitive code base; meaning that the sensitive code has to be accessible to anyone in the first place). This conclusion really surprises me (not to mention my bit of embarrassment with the client); wouldn't this be precisely the sort of thing the Security Manager ought to be good for?

  You're looking at this back to front. The security policy file is there for the client to decide how much access he is going to give this application, not for to application to restrict who can use it. If you want to control what used to be called 'state orientation' you can do that directly by looking down the stack trace inside your code.

• Can you set security on Collab folders or just projects?

  I know this is the Content Services forum, but I couldn't find a forum for Collab. Anyone know if you can set security to the folder level in Collab 4.0.2 or can you only set it to the project level?

  thanks for the clarification...there is no concept of setting security on actual project folders. Security is managed on an individual project basis.

• HP Client Security Manager

  Hi the HP Client Security is a major problem for me. I have set up all the normal credentials etc but wherever I go to log on a website the Password Manager icon does not present on the screen for me to enter the details of my username and passwords. I ahve tried this on many sites and the icon does not appear therefore I cannot use the Client Security. I even uninstalled adn installed the lates version and still the icon does not appear on the screen when logging on to various websites. Any help much appreciated thank you!!

  Here is the link to download HP Client Security Manager VERSION: 8.1.0.1451
  ftp://ftp.hp.com/pub/softpaq/sp61001-61500/sp61498.exe
  I am an HP employee.
  Regards,
  Vidya
  Make it easier for other people to find solutions, by marking my answer “Accept as Solution” if it solves your problem.
  ***Click on "Thumbs up" button to the bottom right side of my post to say thanks!***

• Default Administrator password in BI Administration Tool - Security Manager

  Hello all,
  I'm new to OBIEE and have recently been playing around in the BI Administration Tool to create my own repository (.rpd) metadata files from demo DBs. I selected "Manage" -> "Security" to open Security Manager and then set a logging level of 2 on the Administrator user.
  UNFORTUNATELY, there is a default password that apparently gets specified that I didn't notice, so when I closed my repository file and tried to re-open it, it is now challenging me for a password that I didn't set, don't know, and have not been able to find in documentation or posted threads anywhere.
  Has anyone else ever come across this problem before or know the default password? Any help would be greatly appreciated. Thanks guys.

  Guys,
  First, let me thank you all for you quick responses and willingness to give me a hand. It's greatly appreciated. And thanks Ally for noticing the name! Glad you liked it. :)
  Unfortunately, my problem still exists. None of the following passwords worked for me: <blank>, "Administrator", "administrator", or "ADMINISTRATOR".
  Also, I should clarify for the thread that I'm not using Paint.rpd or SH.rpd; I'm creating my own repository from scratch. For those who read this post and have literally 90 seconds to spare, I would ask you to try and recreate this same thing with me and see if it's just me (and if I'm crazy):
  1) Open OBI Administration Tool
  2) DO NOT open an existing repository, create a new one. Name it whatever; mine is the default "Metadata1.rpd"
  3) Don't bother adding any metadata to it, go immediately to "Manage" --> "Security" --> "Users" and open up the Administrator user by double-clicking it.
  4) Notice there is a "Password" and "Confirm Password" value already defined by default! DON'T change it (this is the password in question that I accidentally accepted). Just click the "OK" button without making any changes to that form.
  5) Save, close, and then try to re-open this repository you just created. It should be challenging you for a password now, right? And I bet it will not accept <blank> or any variation of "Administrator".
  Believe me, I know better now in the future to not let this happen. But I can't for the life of me figure out this password that was automatically populated and WHY there would be one there in the first place! I was walking through a lab that told me to open this security setting for Administrator to set a logging level, but it did not mention anything about a setting a password. So, I created a repository that I have now magically locked myself out of. :)
  Can anyone else please try to recreate this and let me know if it's just me or not? I am using BI Administration Tool version: 10.1.3.3.2.071217.1900.
  Thanks again guys.