SSL certificate - securing web form submission - privacy, usability and Adobe's UX design ethos

Similar Messages

• Importing external web service with SSL certificate security

  Hello,
  I'm trying to import an external web service (that resides in another server, independent of ours). However, right after I enter the WSDL in the import window I get the following error in the NWDS:
  sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target      [Error: com.sap.ide.es.core.ui.internal.wizards.fragments  Thread[ModalContext,6,main]]
  javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1649)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
            at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1165)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1149)
            at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
            at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
            at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1172)
            at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.getURLAsStream(UrlValidationRunnable.java:137)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.validate(UrlValidationRunnable.java:75)
            at com.sap.ide.es.core.ui.internal.wizards.fragments.UrlValidationRunnable.run(UrlValidationRunnable.java:55)
            at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:121)
  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
            at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217)
            at sun.security.validator.Validator.validate(Validator.java:218)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
            at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
            ... 15 more
  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
            at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174)
            at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
            at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
            ... 21 more
  Has anyone ever consumed an external web service with SSL certificate security? How do you import this in your Web Dynpro project?
  Cheers!

  Hi Alain,
  I just checked on a newer NW environment (NW 7.2) and was presented an empty list as well... It seems the mapping procedure I described is deprecated since NW 7.11, and the modeled CAF application service is already exposed as a web service.
  You may want to have a look at http://help.sap.com/saphelp_nwce711/helpdata/en/43/f173947bbb025be10000000a1553f7/content.htm or http://scn.sap.com/message/7852996 for more info

• Web Form in Task List and Security

  Hi,
  I have a couple of specific questions regarding Task List; below is a simplified example of my questions
  1. Say, I have a 2 web forms (X,Y) that are part of a Task List 1. Group A has been given access to both web forms X and Y. Group A also has access to Task List 1. Group B has been given access to only web form X. Group B also has access to Task List 1. Now, everything is good for users belonging to Group A. However, users belonging Group B has a specific issue. They still see the "Web form Y" in the Task List Selection on the left. However they cant open the web form Y on the right side which is good.
  My question is, is there a way to prevent users from even seeing this "Web Form Y" in the selection list? The problem is they shouldnt even see that particular web form as a choice and moreover this web form that they havent been given access to becomes part of the Task List completion status, forcing them to click on "Complete" for an empty web form.
  Is there some setting that could prevent unassigned web forms based on security from showing up in the Task List for various groups (similar to security restricted members not showing up in web forms)? Or is creating several different Task List the only work around?
  2. I have started a WorkFlow via FILE->WORKFLOW->MANAGE PROCESS and defined required Scenario and Version members. This seems to work just fine for my created Task Lists with Web Forms. Is there another intermitent process to connect the WORKFLOW with the created Task Lists? Or does Hyperion Planning automatically assume the Task List belong to available WorkFlow?
  Another question I have is in the Task List creation menu, when creating an individual Task, there are several options for "Task Type", one of which is WorkFlow. What is the difference between this WorkFlow option and the WorkFlow under the File menu? Is is that the WorkFlow created as Task becomes part of a Task List? Is that the only difference, ie make WorkFlow creation part of Task List versus not part of a Task List?
  Appreciate all your inputs
  Thanks

  Hi,
  1. Probably you may try "Manage Security filters", but im not sure. If it doesnt work then no way other than creating two tasklists.
  2. FYI, workflow will not promote either tasklist nor the webform. it only promotes the "DATA". u shud be careful creating forms for different level users ex: A basic user entry form cant be created for Next level user say manager. he l want to see only his entity level data not the level 0 in our terms.
  3. File->Workflow : will be used to start the workflow by the administerator.
  Tasklist Type-> workflow : Will be used by the "users" to promote their subsequent data entered or loaded at their level
  Regards

• Failed Calling A X.509 Certificate Secured Web Service From OSB

  Hi,
  I have wsdl resource, business service and proxy service setup in OSB 11.1.1.6 on Linux. The business service will consume a X.509 certificate secured web service running on a remote server.
  Below is my approach:
  The consumer of the proxy service of OSB signs its saop request header.
  My OSB proxy service authenticates the signature and forward the request to business service.
  The business service signs the outbound soap request header. (To do this I configured the keystore in Security Provider Configuration of my SOA_domain in Enterprise Manager. Also I applied Web Service Policy of Service Client type to the business service.)
  This is not working yet. Not sure if my approach is correct or not?
  Thank you,
  Eric

  I validated the keystore, all the certificates used and the value for keystore.sig.csf.key / value for keystore.recipient.alias. They are all as expected. Restarted the server. Still failed for OSB to invoke the remote secured web service, but worked if only use soapUI to invoke the same remote secured web service directly.
  The error message is:
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption)
  In the soap request / reponse message shown in the OSB Test Console, there seems to be two signature sections in the header and encryption section although I tried not to encrypt the soap request. I am using Web Service Client Policy "calpers/wss11_x509_token_with_message_integrity_client_policy_osb" which was created based on "oracle/wss11_x509_token_with_message_protection_client_policy". The difference between the two policies is my policy not to sign nor to encrypt entire body.
  In the "Message Signing Setting" section, I unchecked the "Include Entire Body" and left the three default namespaces under the Header Elements.
  In the "Message Encrypt Setting" section, I unchecked the "Include Entire Body" and also left the one default namespace under the Header Elements.
  I don't know how to attach document here, so i add long saop message here.
       Business Service Testing - BookSec_Biz_Svc_52
       Request Document
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsu:Timestamp wsu:Id="Timestamp-eEud1RcUOPcnV0fDqd6gZQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsu:Created>2013-03-14T18:10:00Z</wsu:Created>
  <wsu:Expires>2013-03-14T18:15:00Z</wsu:Expires>
  </wsu:Timestamp>
  <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-VnzMtSwHMI8THKi2hhG2SQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  MIICazCCAdSgAwIBAgIEUTY65zANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwHhcNMTMwMzA1MTgzNTE5WhcNMTMwNjAzMTgzNTE5WjB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJhF0cMUwB/EjAyIOy9Cq8KCDqTXvlnlvMGq6LEhiGOtrATYy+JnHURcPUeusi65Ua3bE7JACWhHJ0fYEl7NtxPPSN3Q1RovkWGQ6I5O2XuEyMHg3MISh2CHhnkGSR+W6riDSUoB0ZC0KTgu14OTwqo54JSY/ugQszY7QC9DAuabAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAWeQ6LjMo12bY65GmnrmLdbRNm95RkL6gJCKa9pyUaMfvaIqKpmMQW8RM+eB90CR5DrM8oO2+8uKcqTt/pGNRYi2UJh2X0CdmyQQTmf3mCfgoZ597VTl+k3mKHKeeST7ZwAyBRL2jI0VisopFHpUhIwABoDgwOMpLcCF974AZ2rA=
  </wsse:BinarySecurityToken>
  *<dsig:Signature* Id="XSIG-oISn2AADumTdR86sONuz8g22" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
  <dsig:Reference URI="#Timestamp-eEud1RcUOPcnV0fDqd6gZQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>3LQ1IpQR3rKHvP6Ov/m9ZRoecZM=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>X2BUn9TLL26Ay9A3HGEn/mnGCCE=</dsig:SignatureValue>
  <dsig:KeyInfo>
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#EK-h7saqC1VyBKZw2n1IHz8GQ22" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<dsig:Signature* xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <dsig:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>dau9qjB2lxIvlaoDIHuWVHqjulI=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#STR-QC3ZDBRwsXv8unEWVns9rQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
  <wsse:TransformationParameters>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </wsse:TransformationParameters>
  </dsig:Transform>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>nPO9mKSC9cMg2fEkGZI+ujy5O1Q=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#XSIG-oISn2AADumTdR86sONuz8g22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>qXkW/ZFFNc8Bu0VL9eF6c4np7IA=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>
  MuHCTh5cW8TiVKtkWFl+Of2EFAiHwuPTR7J9b4/n2KZtPy2OCrgi1lBpuzhFKLhoBxYNOK8TMOa/3b223Vv+CQUfUP7z0YVj5Ck7QETYngaQlS07KulnstJjsAgHBV8Zk3A0EafuWF2c3t5wBzEkgEC99v0EdY3mRiCzt7vh2qs=
  </dsig:SignatureValue>
  <dsig:KeyInfo Id="KeyInfo-0LT1QavoIVXOHesZfrxTwg22">
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<xenc:EncryptedKey* Id="EK-h7saqC1VyBKZw2n1IHz8GQ22" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/>
  </xenc:EncryptionMethod>
  <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <wsse:SecurityTokenReference wsu:Id="STR-QC3ZDBRwsXv8unEWVns9rQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">q9Z9yPxvNw4CvSLQNI4rxVlSF+w=</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  <xenc:CipherData>
  <xenc:CipherValue xmime:contentType="application/octet-stream" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
  Tgdhxy6wMJBBrw23iq1GLCm0TYKBXSVQvBcN+7TXdXL6FPSjhcbfXqtoz7wzirbSwUZuu+DrYuWs
  0BjRXqw3auUSCMlkm4IoT1ag3wFQQ/PEbB8HNlYhW3gp/At3toTw+k5p9wOUd4BMFAiXyeHQ8+dQ
  8JUiohXhiHErTDn6fFQ=
  </xenc:CipherValue>
  </xenc:CipherData>
  </xenc:EncryptedKey>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Document
  The invocation resulted in an error: Internal Server Error.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Body>
  <soapenv:Fault>
  <faultcode>soapenv:Client</faultcode>
  <faultstring xmlns:lang="en">
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption) </faultstring>
  </soapenv:Fault>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Metadata
  <con:metadata xmlns:con="http://www.bea.com/wli/sb/test/config">
  <tran:headers xsi:type="http:HttpResponseHeaders" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:tran="http://www.bea.com/wli/sb/transports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <tran:user-header name="Accept" value="text/xml"/>
  <tran:user-header name="Expires" value="Thu, 14 Mar 2013 18:10:01 GMT"/>
  <tran:user-header name="SOAPAction" value="&quot;&quot;"/>
  <http:Cache-Control>max-age=0</http:Cache-Control>
  <http:Connection>close</http:Connection>
  <http:Content-Type>text/xml; charset=UTF-8</http:Content-Type>
  <http:Date>Thu, 14 Mar 2013 18:10:01 GMT</http:Date>
  <http:Server>Apache</http:Server>
  <http:Transfer-Encoding>chunked</http:Transfer-Encoding>
  </tran:headers>
  <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">2</tran:response-code>
  <tran:response-message xmlns:tran="http://www.bea.com/wli/sb/transports">Internal Server Error</tran:response-message>
  <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">UTF-8</tran:encoding>
  <http:http-response-code xmlns:http="http://www.bea.com/wli/sb/transports/http">500</http:http-response-code>
  </con:metadata>

• Web Page Composer - Web Form for exposing iViews and External Web Pages

  Hello SDN Community,
  This forum thread is intentionally created to collect your feedback and ideas regarding the Web form for exposing iViews and external Web pages.
  With this new Web form you are able to specify height and width of the iFrame, in which the corresponding iView/external Web page will be displayed on the particular WPC Web page.
  For more information regarding this new Web form and its features and to download it visit this address:  https://wiki.sdn.sap.com/wiki/display/KMC/CustomizingtheWebPageComposer
  Your oppinon and constructive suggestions will help to evolve the Web form further and facilitate the community to create more sophisticated and enhanced versions of this basic reference implementation. Feel free to contribute also your version and discuss in public.
  Here are some basic questions that can guide you:
  1. Does this new Web form help in your particular scenario? How?
  2. How would you rate from 0 to 5 your satisfaction with this particular Web form?
  3. What can be improved in the Web form?
  4. Do you miss something from documentation point of view?
  Explore the new WPC wiki pages - find valuable the information regarding WPC at one place, download new Web forms, and feel free to contribute.
  [Web Page Composer Wiki|https://wiki.sdn.sap.com/wiki/display/KMC/WebPageComposer]
  Best Regards,
  WPC team @ SAP

  Hello!
  I have installed your component. When I try to create a new component in WPC with this form, portal throws an exception
  Full Message Text
  05:54_30/07/09_0005_21710350
  [EXCEPTION]
  java.lang.NullPointerException
  at com.sap.nw.wpc.editor.EditorBean.updateDocumentFromContext(EditorBean.java:336)
  at com.sap.nw.wpc.editor.EditorBean.getPreview(EditorBean.java:600)
  at pagelet.editor._sapportalsjsp_editor.subDoContent(_sapportalsjsp_editor.java:1802)
  at pagelet.editor._sapportalsjsp_editor.doContent(_sapportalsjsp_editor.java:58)
  at pagelet.editor._sapportalsjsp_editor.service(_sapportalsjsp_editor.java:38)
  at com.sapportals.portal.prt.core.broker.PortalComponentItemFacade.service(PortalComponentItemFacade.java:360)
  at com.sapportals.portal.prt.core.broker.PortalComponentItem.service(PortalComponentItem.java:934)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:435)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:527)
  at com.sapportals.portal.prt.component.AbstractComponentResponse.include(AbstractComponentResponse.java:89)
  at com.sapportals.portal.prt.component.PortalComponentResponse.include(PortalComponentResponse.java:232)
  at com.sapportals.portal.htmlb.page.JSPDynPage.doOutput(JSPDynPage.java:76)
  at com.sapportals.htmlb.page.PageProcessor.handleRequest(PageProcessor.java:129)
  at com.sapportals.portal.htmlb.page.PageProcessorComponent.doContent(PageProcessorComponent.java:134)
  at com.sap.nw.wpc.editor.EditorTool.doContent(EditorTool.java:55)
  at com.sapportals.portal.prt.component.AbstractPortalComponent.serviceDeprecated(AbstractPortalComponent.java:209)
  at com.sapportals.portal.prt.component.AbstractPortalComponent.service(AbstractPortalComponent.java:114)
  at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:328)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:136)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:189)
  at com.sapportals.portal.prt.component.PortalComponentResponse.include(PortalComponentResponse.java:215)
  at com.sapportals.portal.prt.pom.PortalNode.service(PortalNode.java:645)
  at com.sapportals.portal.prt.core.PortalRequestManager.callPortalComponent(PortalRequestManager.java:328)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:136)
  at com.sapportals.portal.prt.core.PortalRequestManager.dispatchRequest(PortalRequestManager.java:189)
  at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:753)
  at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
  at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:524)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:407)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
  at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
  at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
  at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
  at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
  at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Do you have any ideas? I am running EP7 SPS 15
  Thanks in advance

• I am creating a web form from a template and I need to change a field. It is just a text field at the moment but I need to change it to a field that the customer can fill in. How do I do this?

  I am creating a web form from a template and I need to change a field. It is just a text field at the moment but I need to change it to a field that the customer can fill in. How do I do this?

  See this thread:
  http://answers.acrobatusers.com/Is-add-instructional-text-text-field-disappear-clicked-q19 5078.aspx

• Web Form :Number of rows and columns

  Hi All,
  I have a web form with many rows and columns . Is it possible for a user to view only a limited rows in the form ?  Not using Adhoc/Analyze option . since there are formula rows which wont appear in Analyze grid.
  The user want to see only 5 to 10 random rows in the form  ? How to do this ?
  Please help.

  I remember an option in 11.1 which allows users to dynamically add rows and I cannot find that in 11.1.2.2
  I think the user will have to always update the user variable to what he want to see.
  Regards
  Celvin
  http://www.orahyplabs.com
  http://docs.oracle.com/cd/E17236_01/epm.1112/planning_admin_11122300/frameset.htm?launch.html

• Using existing SSL Certificate for Web Dispatcher

  Hi,
  We've registered a SSL certificate with wildcard option via GlobalSign. The history of this process is as below:
  1. We created a Certificate Request with IIS and send it to GS (GlobalSign).
  2. They send us the certificate file Globalsign Primary Secure Server CA and Globalsign Server Sign CA files.
  3. Import all ceritifcates into IIS and then exported the certificate into a Cert.pfx file.
  4. By using this file, we are able to import the SSL certificate into J2EE WAS 640  of Portal system.
  5. Now we want to use same certificate to establish a web dispatcher installation as intermediate server for internet access.
  Web Dispatcher documentations says to create a pse and req file with sapgenpse program and then send it to CA (here globalsign) to get a certificate.
  But when we asked GS, they told us to use the certificate they send us before. They cannot create a certificate file for the ourput of web dispatcher. It will be billed us if we persist.
  So, we have to find a way to use the existing certificate to enable SSL of Web Dispatcher.
  Any idea?

  Hi Huseyin,
  I also have the same scenario. We also want to use the same certificate from verisign for our webdispatcher.
  Do you know how to do. Can you help me.
  Thanks and Regards,
  Sailesh K

• Possible to show file upload progress for web form submission?

  I just made a simple form as a test. There are 3 files being submitted here via a "web form".
  Files being uploaded in this case are of these sizes:
  110MB
  9MB
  24MB
  I'm testing functionality that will let a print shop's clients upload their files. For larger files they'll use FTP but this "order form" does a lot of business for them so we're trying to replicate in BC.
  My problem is that I am wondering if there is a way to show the "upload progress" as a total %. Such as a visual status bar, etc.
  As of now the only way it's showing is in the default browser status bar (chrome in this case):
  http://cl.ly/image/1d3U0S1h2521
  I read somewhere that the limit is 150MB for an upload. Wondering if that means 150MB TOTAL as in 3 files combined in my case. Or If I chose to allow 3 files to be attached would it allow for 450MB?
  Also, if you do a user submitted web app instead and allow people to attach files that way, does the same file limit apply?
  My second issue is that the upload speed seems to be SLOW. I know it's not my connection because on my non BC site as well as another with the same form, the files upload fairly fast. But on BC it just crawls and on a few tests I get this:
  http://cl.ly/image/2T2q160M1R1n
  Any help or suggestions with the file upload progress as well as file upload speed would be appreciated.
  Thanks!

  So if i have 3 files to be uploaded, the max allowed is 750MB correct? (just wondering if when uploading its 250mb total or per file).
  Guess i'll do something fake to make it appear its working with a loading graphic or something.
  My web browser (chrome in this case) shows the % uploaded. I wonder if all web browsers do the same. I havent tested yet.
  If only there were a way to have javascript or something grab that same #% from the web browser itself and just format it to appear where I want on the form along with the % uploading.
  Anyone know if that's possible?
  Here's where Chrome for mac shows it:
  http://cl.ly/image/1c3i3x25262j
  If I could grab that (uploading 19%) from the browser and format it into css/html i'd be gold.
  Then find if similar browsers do the same and write some js for each browser specifically to grab it.
  In a perfect world at least....

• Renew SSL Certificate for for two Exchange 2010 Server and the new rules.

  I find DigitCert's website always helpful with cert questions.They've got a pretty helpful page here: https://www.digicert.com/internal-names.htmIt looks like they've got a tool for Exchange, but I've not used it myself, so can't say if it works or how well: https://www.digicert.com/internal-domain-name-tool.htmI bet Microsoft have something on their website too that helps with this sort of question.I'd say you register a completely new domain and use that for public facing and internal servers. Or you could just create a sub domain of an existing one, i.e. subdomain.mydomain.com and use that, i.e. public_exchange.subdomain.mydomain.com and internal_exchange.subdomain.mydomain.com.

  Hi there , 
  My exchange 2010 Server Certificate is about to expire and i am going to renew it but according to the new rules for SSL Certificate Issuing we can not include our Local Servers Names and Local FQDN such as myserver.contoso.local, my issue is that i have 2 exchange servers one is internet-facing Server (where the certificate is initiated and installed) and one is non-internet-facing Exchange server.
  if i am going to renew my certificate with public only name, I have to create a split Domain that reflects my external links to the internal Users, what shall i do for the non-internet-facing server? do i need to create another record in my split DNS Server and add it to my Certificate Request ? 
  This topic first appeared in the Spiceworks Community

• How to: Secure pdf form that is emailed and later uploaded

  We have a pdf form that will be posted on our website.  Local college/university faculty will link to the form on their websites or just give students the link to our page.  Students will fill the form and it will be emailed to a faculty member from their specific school.  The faculty member then needs to review the form and select candidates to present for an internship.  At that point, they need to upload the form back to our server.
  This form will contain sensitive information and therefore needs to be secure during the filling, emailing, and uploading processes.  The faculty member receiving it needs to be able to access it as does the person on our end that will do the final reviewing after it is uploaded back to us.
  I have no idea how to even start.  I've created interactive forms but have never embedded one in an website.  The closest I've come is a recently created web application that filled a pdf form in the code-behind and then emailed it, but that didn't require any security.
  Any help will be appreciated.

  Yeah I kinda figured that... Really too bad. Seems lke it should be possible somehow. Anyway, do you all have any suggestions about the best way to combine a static form that is really just text fields and such (that comments and markup tools can be used in) with another page that is sections of narrative that would need to be able to flow?
  Or better yet, a way to draw lines on to a form without using the comment and markup function?
  I like your idea about connecting two forms - but I need to keep the final product as simple as possible. Once the user fills it out, they would be to be able to submit it and it show up as one file, even if that is just a flat file. I don't expect you all to tell me how to do this, but it would be nice to know its possible before I commit to the project and research. Thanks in advance.

• Cannot save form with Windows Vista and Adobe Reader 8

  I have many forms created with Adobe Livecycle Designer 8. Users who have upgraded to Windows Vista can no longer save these forms. Any ideas?
  thanks.

  I don't have Vista, but in XP I have found deleting the printer driver
  and re-installing sometimes works.
  Mike

• Web form {tag_webformresults} appearance is there a better way?

  OK so the default action of BC to display webform results in an email and redirect page is a shocker to say the least. I say this in respect to when you start to include Extended CRM Database fields as part of the webform and start creating an extensive web form.
  When using the WYSIWYG form builder to assemble the form all the standard form fields can be stacked and ordered as you require. When adding the CRM Form fields they automatically are jammed to the bottom of the builder and cannot be positioned amongst the general fields. Yes this can all be overcome by customising the code when inserted into a page no problem. When though the {tag_webformresults} tag is included as the email auto responder and redirect page the order and appearance of the content is exactly as it appears in the form builder which is just terrible. All the data is out of order in comparison to the customised design and as separators and headings for not exists much of the fields all look identical. Simply it does not work for complex forms.
  Many clients simply do not want to use the CRM because of how strenuous, slow and poorly thought through the process is to extract data from a single form submission. The solution all to often asked for by my clients is to simply get an email with the data.
  Clearly the {tag_webformresults} does not work and I need to know is there another solution that can be used to customise the look of the auto responder to create a visual structure where the data actually appears in a usable manner? I was hoping I could do it in Web Apps but the user must be logged in for it's auto responder to work. Not a solution.
  Below is a sample of how poorly an extensive web form submission will look. Imagine this 3 times the size:
  Is there a solution(s) to fix this issue? I have found none.

  Note: this only relates to the form confirmation page, not email.
  This seems like a relatively old discussion but thought I would respond in any case as I spent all day yesterday trying to find a work around for customising how the webformresults module renders and found few options. The answer is pretty simple with some Liquid magic.
  Problem:
  I needed a way to render the webformresults module in different ways for different forms. In particular my client had a survey that they wanted the user to be able to print once submitted.
  Unfortunately the webformresults module will not render on a custom web form confirmation page (ie &PageID=/Templates/formResults.html ), it will only render on the default system layout page .
  Solutions:
  In the web form action add a variable (ie &template=formResults)
  Create a custom template as per the name of your variable that will be used to render the form results (ie /Templates/formResults.tpl )
  Edit the form confirmation template in /SystemMessages
  Using the newer names parameters for the webformresults module call your variable using liquid to define the custom template to be used to render form results (ie  {module_webformresults render="item" collection="formResults" template="/Templates/{{globals.get.template}}.tpl"}
  On this page you can also add <pre>{{ this | json }}</pre> which will render all json data available to you, this is handy for finding the tags required for rendering form results using liquid within your custom template
  You can test the form at this stage (note that the template is still blank so you will only see the rendered json data on the form result page as per <pre>{{ this | json }}</pre>
  Once you submit the form, you will see the available json data rendered on the form confirmation page. Notice the 'globals' at the top will show the variable you named for your template ("template": "formResults")
  Sample:
  "moduleName": "",
    "globals": {
    "get": {
    "WebFormID": "87704",
    "OID": "13922877",
    "OTYPE": "1",
    "EID": "0",
    "CID": "0",
    "template": "formResults"
  At the end of the the json data rendered on the page you will see your form results data:
  Example:
  "results": {
    "firstName": "Test",
    "lastName": "Test",
    "email": "[email protected]",
    "caseId": 1391888,
    "Where did you find out about us?": ""
    "params": {
    "render": "item",
    "collection": "formResults",
    "template": "/Templates/checklistResults.tpl"
  The final step is to simply use liquid within your custom template (ie /Templates/formResults.tpl ) to display the form data in any way you like
  Example:
  <ul>
  <li>First Name: {{results.firstName}}</li>
  <li>Last Name: {{results.lastName}}</li>
  <li>Email: {{results.email}}</li>
  </ul>
  Note: its important to note that you have changed the default system page form confirmations so you would need to follow this method by ensuring you define a template for all web forms that land on this page.
  Hope this helps. Feel free to contact me if you have any trouble or need any further explanation.

• SSL certificate for database

  Hi all,
  I want to know whether I need separate SSL certificate for each database on that server or can I take for the server and use it?
  And also how to get SSL certificate for database form Godaddy?
  Any help would be great.
  Thanks
  Rajitha
  --------------------------------------------------------------------------------

  Pl refer to Oracle® Database Advanced Security Administrator's Guide
  10g Release 2 (10.2) from Oracle documentation.
  You will find useful information on that related to this.
  Dilipkumar Patel.

• SSL-Certificates on WLC 5508

  I'm trying to upload an SSL-certificate(.PEM) to a WLC 5508 via the "Management->HTTP-HTTPS"-Tab, but always get the error messages:
  *TransferTask: Mar 30 07:51:20.882: %UPDATE-3-CERT_INST_FAIL: updcode.c:1276 Failed to install Webauth certificate. rc = 1
  *TransferTask: Mar 30 07:51:20.882: %SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4028 Cannot PEM decode private key
  any idea how to resolve this problem?

  Yes, the password is entered correctly, double checked that again
  (does the ios probably not like special characters as password, such as ! or / ?)
  is there a maximum lenght for encryption keys? its 2048 right now
  otherwise i did as explained in http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00806e367a.shtml
  (the .pem is not the root certificate, only a server ca)
  edit: ok "Management" tab would have been the wrong attempt in the first place, it seems (actually want to be it a webauth not a webadmin certificate), "Security->web auth->certificate" seems to be the way to go, according to http://www.entrust.net/knowledge-base/technote.cfm?tn=8029 still the same problem though.http://www.entrust.net/knowledge-base/technote.cfm?tn=8029
  1 – Your SSL certificate (webserver)
  2 - The Entrust cross certificate (L1C)
  3 – The Entrust Root certificate (Entrust 2048 root)
  are all included in the certificate
  Product Version.................................. 7.0.98.0 - so should be able to use chained certificates according to the first link.