Struts Security Sample

I am attempting to run the Struts Security Sample and am getting a Error: invalid node name (null). I have commented out the error code as suggested in the readme.html file, compiled and then removed my comments. I get this error when I try to run the logon action per the instructions. Any ideas on what else to check for this error?
Thanks!

No the file is at the workspace level not the viewcontroller project level.
The exception to this is that you can place a copy of jazn-data.xml in the meta-inf directory of a project. We do this in SRDemo for example to make it simple to distribute the credentials with the sample - however - this is not normal as you'd never normally distribute credentials as part of the application - Demos are a special case.
So check your workspace root directory.
If in doubt use a tool like filemon.exe from sysinternals.com to see where JDeveloper is writing to.

Similar Messages

Compilation error- xws-security sample aplication for signing

hi
I tried to run the sample application (xws-security) in JWSDP 1.6 but i am getting the following error.
[echo] Running wscompile....
[wscompile] C:\Sun\jwsdp-2.0\xws-security\samples\simple\build\server\WEB-INF\c
asses\simple\PingService.java:10: cannot access java.lang.Object
[wscompile] bad class file: C:\Sun\AppServer\jdk\jre\lib\rt.jar(java/lang/Objec
.class)
[wscompile] class file has wrong version 49.0, should be 48.0
[wscompile] Please remove or make sure it appears in the correct subdirectory o
the classpath.
[wscompile] public interface PingService extends javax.xml.rpc.Service {
[wscompile] ^
[wscompile] 1 error
[wscompile] error: compilation failed, errors should have been reported

it worked ....thank you ghstark

Errors trying to run the xws-security sample app

Hi all,
I'm geting errors trying to compile the xws-security sample app, does anyone have any advice? Thanks in advance!
[kerzhner@kerzhner]~/jwsdp-1.5/xws-security/samples/simple% ant run-sample Buildfile: build.xml
clean:
[delete] Deleting directory /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build
[delete] Deleting directory /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/dist
as8-check:
ws-check:
tc-check:
[mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/client/classes
[mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/server/WEB-INF/classes
[mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/dist
compile-handler-code:
[echo] Compiling the handler source code
[javac] Compiling 1 source file to /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/server/WEB-INF/classes
[javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:0: error: malformed .zip archive in CLASSPATH: /home/kerzhner/jdk1.5.0_03/lib/tools.jar/
[javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:25: error: Class or interface `java.security.cert.X509CertSelector' not found in import.
[javac] import java.security.cert.X509CertSelector;
[javac] ^
[javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:535: error: Type `X509CertSelector' not found in the declaration of the local variable `certSelector'.
[javac] X509CertSelector certSelector = new X509CertSelector();
[javac] ^
[javac] 2 errors
BUILD FAILED
file:/home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build.xml:68: Compile failed; see the compiler error output for details.

Resolved. It was a space issue. Deleted a couple of old apps and have now installed the Sample Websheet Application.

JWSDP 1.5: Certificates for XWS-Security samples expired April 9

The digitial certificates supplied with the XWS-Security samples in JWSDP 1.5 (e.g., JWSDP_HOME/xws-security/etc/client-truststore.jks) expired April 9, 2005. The XWSS sample programs now fail because the certificates are invalid. Are newer versions of the truststores available to replace the existing truststores, or do I need reinstall JWSDP to get newer certificates?
Thanks,
Mike

I am having the same problem. I tried creating my own RSA keys with the same aliases, self signing them and putting them into the key/trust stores but still get errors. What procedure is there to replace them? Included below are my steps for dropping the certs and adding in new self signed ones, that I tried.
Josh
keytool -delete -keystore server-keystore.jks -alias s1as -storepass changeit
keytool -delete -keystore client-truststore.jks -alias s1as -storepass changeit
keytool -genkey -keyalg RSA -alias s1as -keystore server-keystore.jks -dname "cn=Client" -keypass changeit -storepass changeit
keytool -selfcert -alias s1as -keystore server-keystore.jks -keypass changeit -storepass changeit
keytool -export -keystore server-keystore.jks -alias s1as -storepass changeit -file s1as
keytool -import -alias s1as -keystore client-truststore.jks -storepass changeit -file s1as
keytool -delete -keystore client-keystore.jks -alias xws-security-client -storepass changeit
keytool -delete -keystore server-truststore.jks -alias xws-security-client -storepass changeit
keytool -genkey -keyalg RSA -alias xws-security-client -keystore client-keystore.jks -dname "cn=Client" -keypass changeit -storepass changeit
keytool -selfcert -alias xws-security-client -keystore client-keystore.jks -keypass changeit -storepass changeit
keytool -export -keystore client-keystore.jks -alias xws-security-client -storepass changeit -file xws-security-client
keytool -import -alias xws-security-client -keystore server-truststore.jks -storepass changeit -file xws-security-client

Jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed

Hi everyone,
I am trying to deploy the simple sample for xws-security in the JWSDP 1.4 on redhat 9.0, I have done all the configurations as suggested by the tutorial and the readme file in the sample. But when I tried to run the sample by running "asant run-sample", I got a "wsdeploy failed" error. It looks like the following and happened at the "process-war" stage: (The earlier targets including "clean", "prepare", "gen-server", "compile-server", " set-web-inf", "raw-war" etc. work fine).
[snip]
process-war:
[echo] Running wsdeploy...
[wsdeploy] Exception in thread "main" java.lang.NoSuchMethodError: org.apache.xml.dtm.ref.sax2dtm.SAX2DTM.<init>(Lorg/apache/xml/dtm/DTMManager;Ljavax/xml/transform/Source;ILorg/apache/xml/dtm/DTMWSFilter;Lorg/apache/xml/utils/XMLStringFactory;ZIZZ)V
[wsdeploy] at org.apache.xml.dtm.ref.sax2dtm.SAX2DTM2.<init>(SAX2DTM2.java:1901)
[wsdeploy] at org.apache.xalan.xsltc.dom.SAXImpl.<init>(SAXImpl.java:767)
[wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:324)
[wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:267)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.getDOM(TransformerImpl.java:477)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:637)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:317)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.defineServletsAndListeners(DeployTool.java:553)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.run(DeployTool.java:255)
[wsdeploy] at com.sun.xml.rpc.util.ToolBase.run(ToolBase.java:43)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.Main.main(Main.java:22)
[wsdeploy] Command invoked: /work/nzw3/SUNWappserver/jdk/jre/bin/java -classpath /work/nzw3/SUNWappserver/lib/endorsed/dom.jar:/work/nzw3/SUNWappserver/lib/endorsed/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/endorsed/xalan.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/ant/lib/ant.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xml-apis.jar:/work/nzw3/SUNWappserver/lib/ant/lib/optional.jar:/work/nzw3/SUNWappserver/lib/soapprocessor.jar:/work/nzw3/SUNWappserver/lib/jaxr-api.jar:/work/nzw3/SUNWappserver/lib/saaj-api.jar:/work/nzw3/SUNWappserver/lib/activation.jar:/work/nzw3/SUNWappserver/lib/security-plugin.jar:/work/nzw3/SUNWappserver/lib/jaxb-xjc.jar:/work/nzw3/SUNWappserver/lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jhall.jar:/work/nzw3/SUNWappserver/lib/xmlsec.jar:/work/nzw3/SUNWappserver/lib/j2ee-svc.jar:/work/nzw3/SUNWappserver/lib/deployment/sun-as-jsr88-dm.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-sec.jar:/work/nzw3/SUNWappserver/lib/mail.jar:/work/nzw3/SUNWappserver/lib/appserv-admin.jar:/work/nzw3/SUNWappserver/lib/jaxb-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-cmp.jar:/work/nzw3/SUNWappserver/lib/appserv-jstl.jar:/work/nzw3/SUNWappserver/lib/jaxb-libs.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/namespace.jar:/work/nzw3/SUNWappserver/lib/jaxr-impl.jar:/work/nzw3/SUNWappserver/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-spi.jar:/work/nzw3/SUNWappserver/lib/verifier/verifierhelp.jar:/work/nzw3/SUNWappserver/lib/xalan.jar:/work/nzw3/SUNWappserver/lib/appserv-upgrade.jar:/work/nzw3/SUNWappserver/lib/appserv-assemblytool.jar:/work/nzw3/SUNWappserver/lib/deployhelp.jar:/work/nzw3/SUNWappserver/lib/j2ee.jar:/work/nzw3/SUNWappserver/lib/xmldsig.jar:/work/nzw3/SUNWappserver/lib/commons-logging.jar:/work/nzw3/SUNWappserver/lib/saaj-impl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-tags.jar:/work/nzw3/SUNWappserver/lib/appserv-ext.jar:/work/nzw3/SUNWappserver/lib/relaxngDatatype.jar:/work/nzw3/SUNWappserver/lib/admin-cli.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-api.jar:/work/nzw3/SUNWappserver/lib/jsf-api.jar:/work/nzw3/SUNWappserver/lib/jaxb-api.jar:/work/nzw3/SUNWappserver/lib/install/applications/__cp/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__ds/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__xa/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/jmsra/imqjmsra.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/cc.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admingui-jsp.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/jato.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-xml.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/help.jar:/work/nzw3/SUNWappserver/lib/install/applications/samples.jar:/work/nzw3/SUNWappserver/lib/install/applications/com_sun_web_ui/WEB-INF/lib/registrationservlet.jar:/work/nzw3/SUNWappserver/lib/install/applications/jaxr-ra/jaxr-ra.jar:/work/nzw3/SUNWappserver/lib/commons-launcher.jar:/work/nzw3/SUNWappserver/lib/jsf-impl.jar:/work/nzw3/SUNWappserver/lib/sun-appserv-ant.jar:/work/nzw3/SUNWappserver/lib/appserv-rt.jar:/work/nzw3/SUNWappserver/lib/xsdlib.jar:/work/nzw3/j2sdk1.4.2_04/lib/tools.jar com.sun.xml.rpc.tools.wsdeploy.Main -keep -tmpdir /work/nzw3/jwsdp-1.4/xws-security/samples/simple/build/server -o /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/securesimple.war /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/simple-portable.war
BUILD FAILED
file:/work/nzw3/jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed
If anyone has any idea about this problem, please let me know.
Many thanks,
Jake

Hello again,
I got progress today, but still have some errors for the simple sample in the xws-security . (I am running on Redhat 9.0 and with Sun Java System Application Server 8) Looks like the sending message is ok, but at the receiving message stage, I got the following errors when running "asant run-sample":
[snip]
run-sample:
[echo] Running the simple.TestClient program....
[java] Service URL=http://giga15.ncl.ac.uk:8080/securesimple/Ping
[java] Sep 8, 2004 1:14:19 AM com.sun.xml.wss.filter.DumpFilter process
[java] INFO: ==== Sending Message Start ====
[java] <?xml version="1.0" encoding="UTF-8"?>
[java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
[java] <env:Header>
[java] <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
[java] <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="Id4487442798885738858">MIIFKDCCBBCgAwIBAgICBl4wDQYJKoZIhvcNAQEEBQAwcDELMAkGA1UEBhMCVUsxETAPBgNVBAoT
[java] CGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZIhvcNAQkB
[java] Fh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWswHhcNMDQwMjEwMTQzMDUyWhcNMDUwMjA5
[java] MTQzMDUyWjBcMQswCQYDVQQGEwJVSzERMA8GA1UEChMIZVNjaWVuY2UxEjAQBgNVBAsTCU5ld2Nh
[java] c3RsZTEPMA0GA1UEBxMGTkVSZVNDMRUwEwYDVQQDEwxqYWtlIHpoZW5nd3UwgZ8wDQYJKoZIhvcN
[java] AQEBBQADgY0AMIGJAoGBAO7B3texMjuzdA6zT6/F/hx3U4a+iWglhNWptB3JerhHHu7El0HkWky0
[java] 9AzYVKZ7Y3n5qpgmSOe16a2MKySii5ud44DABj+3qkRBzkb/LDgNuF02X/XORbFbuZYEWwCHckZI
[java] xQ50vJpdxJQqLOwrhMP48RXNBzrdXo9iYfcWP5cnAgMBAAGjggJiMIICXjAMBgNVHRMBAf8EAjAA
[java] MBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA+gwLAYJYIZIAYb4QgENBB8WHVVLIGUt
[java] U2NpZW5jZSBVc2VyIENlcnRpZmljYXRlMB0GA1UdDgQWBBRlyb19GkybkmGa6QnQ9fPZ7mQ+NzCB
[java] mgYDVR0jBIGSMIGPgBQCOKsRo5aAiw3TFSsIpY4w2rLaqKF0pHIwcDELMAkGA1UEBhMCVUsxETAP
[java] BgNVBAoTCGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZI
[java] hvcNAQkBFh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWuCAQAwKQYDVR0SBCIwIIEeY2Et
[java] b3BlcmF0b3JAZ3JpZC1zdXBwb3J0LmFjLnVrMBkGA1UdIAQSMBAwDgYMKwYBBAHZLwEBAQEEMD0G
[java] CWCGSAGG+EIBBAQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4vaW1wb3J0
[java] Q1JMMD0GCWCGSAGG+EIBAwQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4v
[java] aW1wb3J0Q1JMMDwGCWCGSAGG+EIBBwQvFi1odHRwOi8vY2EtcmVuZXcuZ3JpZC1zdXBwb3J0LmFj
[java] LnVrL3JlbmV3Lmh0bWwwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NhLmdyaWQtc3VwcG9ydC5h
[java] Yy51ay9jZ2ktYmluL2ltcG9ydENSTDANBgkqhkiG9w0BAQQFAAOCAQEAgdN714aoC53Wef9JGaDD
[java] PDJkmgmwVbL8ZuovBpORFsgy2GOPgIdtw15qTQx1NFbsFqW2I7d/9AteeXAk3sUGUODOvq8loeYB
[java] iA+QofduwJ0VWO8TZ0e+7+J3cDQKbsukptRJd2L2W8PeCNPojCRkfiV/nT6BiF5yjh4Ui5e+pWGw
[java] t3oN1qFDZViCFOTiB6Koi0MB+cu47gOEIxBQfP8jTEyf/SSy4RzjI+7C1LpDYCZpO/jqXMb67j9b
[java] KdcmlWhMrzNOyRDM7A11rt5nBMABgRVAJsdBZIDevfKJ/kRGxUHGHqf8Pg+3qK22mNwMN8U2plr7
[java] TgORAx6aOn4EQP2AzA==</wsse:BinarySecurityToken>
[java] <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
[java] <ds:SignedInfo>
[java] <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
[java] <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
[java] <ds:Reference URI="#Id5553294937503469412">
[java] <ds:Transforms>
[java] <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
[java] </ds:Transforms>
[java] <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
[java] <ds:DigestValue>AcRqiIoxfOWauZ/FDnng4D1C5WU=</ds:DigestValue>
[java] </ds:Reference>
[java] </ds:SignedInfo>
[java] <ds:SignatureValue>
[java] omVS7TF+IqESZuMcRdsFfet8INaU4J9Vall1oGaPMRoEkc9xks+YK2ew4nG7hSekITwJrQLx42hH
[java] Vb6HvEdWgsIrjOJslqQILQkYU7qdoptb6OEgY5lHQpjUJaTKNn4krsDXgpwZieQE45Gcu/zuP4eY
[java] v8yMhUwVUE8xHy+6dLs=
[java] </ds:SignatureValue>
[java] <ds:KeyInfo>
[java] <wsse:SecurityTokenReference>
[java] <wsse:Reference URI="#Id4487442798885738858" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
[java] </wsse:SecurityTokenReference>
[java] </ds:KeyInfo>
[java] </ds:Signature>
[java] </wsse:Security>
[java] </env:Header>
[java] <env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id5553294937503469412">
[java] <ns0:Ping>
[java] <ns0:ticket>SUNW</ns0:ticket>
[java] <ns0:text>Hello !</ns0:text>
[java] </ns0:Ping>
[java] </env:Body>
[java] </env:Envelope>
[java] ==== Sending Message End ====
[java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.DumpFilter process
[java] INFO: ==== Received Message Start ====
[java] <?xml version="1.0" encoding="UTF-8"?>
[java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
[java] <env:Body>
[java] <env:Fault>
[java] <faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:InvalidSecurityToken</faultcode>
[java] <faultstring>Certificate validation failed</faultstring>
[java] </env:Fault>
[java] </env:Body>
[java] </env:Envelope>
[java] ==== Received Message End ====
[java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.ProcessSecurityHeaderFilter process
[java] WARNING: Message does not contain wsse:Security header
[java] Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Certificate validation failed
[java] at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:515)
[java] at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
[java] at simple.PingPort_Stub.ping(PingPort_Stub.java:80)
[java] at simple.TestClient.main(TestClient.java:37)
[java] Java Result: 1
I don't know if I have configured anything wrong. Basically, i just want to sign the outgoing soap message with my own p12 format certificate, hence I have chosen the following in the $JWSDP_HOME/xws-security/samples/simple/build.properties :
client.security.config=config/sign-client.xml
server.security.config=config/dump-server.xml
Also, according to the last section of the jWSDP release notes at http://java.sun.com/webservices/docs/1.4/ReleaseNotes.html#KnownIssues
I added these two changes,
1. In the <jwsdp.home>/xws-security/samples/buildconfig/sjsas-config.xml file, delete the original .... app.classpath element definition and replace it with the following definition:
<path id="app.classpath">
<fileset dir="${sjsas.home}/lib/endorsed">
<include name="dom.jar"/>
</fileset>
<fileset dir="${sjsas.home}/lib">
<include name="*.jar"/>
</fileset>
<fileset dir="${javahome}/lib">
<include name="tools.jar"/>
</fileset>
</path>
2. In the <as.home>/domains/domain1/config/server.policy file, add the following configurations to the server.policy file, for the securesimple sample and pingservice samples, respectively.
// These permissions apply to securesimple webapp grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/securesimple/WEB-INF/-" {
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "modifyPublicCredentials"; permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "getSubject";
permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.x500.X500PrivateCredential * \"*\"","read";
permission java.security.SecurityPermission "putProviderProperty.BC";
Moreover, has the sent message really been signed correctly? how can I tell the message has been signed by my own certificate? I have done the following:
1. In the $JWSDP_HOME/xws-security/samples/simple/config/sign-client.xml, change to
<xwss:SecurityConfiguration
xmlns:xwss="http://com.sun.xml.wss.configuration" dumpMessages="true">
<xwss:Sign/>
</xwss:SecurityConfiguration>
2. In the $JWSDP_HOME/xws-security/samples/simple/config/build.xml, change to something like the following in the run-sample target,
<sysproperty key="javax.net.ssl.keyStore" value="/work/nzw3/jakenew.p12"/>
<sysproperty key="javax.net.ssl.keyStorePassword" value="jake"/>
<sysproperty key="javax.net.ssl.keyStoreType" value="pkcs12"/>
I didn't change anything about truststore.
What was the problem? What have I done wrong?
Many thanks,
Jake

Web Services Security Sample

I colud not understand that:
"9.The mail also contains links to the Root Certificate using whose key your Certificate was signed. Follow the link and click Accept. This install the root
certificate in your browser.(Use Internet Explorer)."
in the Web Services Security Sample Installation.
Is there clear info for this and "Get a Client Certificate"?
Thanks...

When you get the certificate client certificate from Verisign( or any certificate authority), you also need a root certificate from Verisign which says that this client certificate was given by Verisign.
When you provide all your info to Verisign (along with certificate request) you get the client certificate to your email address (which you gave to Verisign for sending certificate). This email address also contains the link to root address which you need to obtain in order to validate your certificate. Follow the link and do as instructed to import the root certificate in Internet Explorer. The root certificate will be imported into IE with the name "VeriSign authorized testing only.No assurances" in "Trusted Root Certificate Authorities tab"
Your Oracle Wallet manager, Internert Explorer etc will accept and use the client certificate only if the corresponding root certificate is present.
Hope this clarifies the doubt.
Chandar

Security Samples Out of Date

Hello;
I noticed that the Security Samples code is hopelessly out of date especially VPD.
Are there plans to update them?
http://otn.oracle.com/sample_code/deploy/security/9i_security.html

Hi
Thanks for providing your feedback. We are currently working on a plan to update these examples with latest releases of Oracle Software.
Best regards
-- OTN, IDC Team.

Error While Login ADF Security Sample Application

Hi All,
Jdevloper Version : 11.1.1.5.0
we are Creating ADF Login Application contains login.jspx and main.jspx pages.
we define ADF Security on this Sample Application.
when we provide valid credentials to login(username and password) it shows Error:
Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.
If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead.
The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism,
that an old resource is permanently unavailable and has no forwarding address.
ManagedBean(BackingbeanScope) doLogin():
         public String doLogin() {
        String un = _userName;
        byte[] pw = _password.getBytes();
        FacesContext ctx = FacesContext.getCurrentInstance();
        HttpServletRequest request =(HttpServletRequest)ctx.getExternalContext().getRequest();
        try {
            Subject subject =Authentication.login(new URLCallbackHandler(un, pw));
            weblogic.servlet.security.ServletAuthentication.runAs(subject,request);
            String loginUrl = "/adfAuthentication?success_url=/faces/main.jspx";
            HttpServletResponse response =(HttpServletResponse)ctx.getExternalContext().getResponse();
            RequestDispatcher dispatcher =request.getRequestDispatcher(loginUrl);
     ctx.responseComplete();
    catch (FailedLoginException fle)
                FacesMessage msg =new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect Username or Password", "An incorrect Username or Password was specified");
                ctx.addMessage(null, msg);
        return null;
In ADF Security We Define :
User : admin1
Enterprise Role : ManagerGroup(added user admin1 to this EnterpriseRole)
Application Role : Manager
Resource Grants : Resource Type : Web Page
                           login page
                          main page - Granted Role(Manager)
jazn-data.xml file
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-11_0.xsd">
<jazn-realm default="jazn.com">
    <realm>
      <name>jazn.com</name>
      <users>
        <user>
          <name>admmin1</name>
          <display-name>admmin1</display-name>
          <credentials>{903}y2I4TDwMavn90VxJJfPfgxtBsRnF0qiaMoxzP93XF74=</credentials>
        </user>
      </users>
      <roles>
        <role>
          <name>ManagerGroup</name>
          <display-name>ManagerGroup</display-name>
          <members>
            <member>
              <type>user</type>
              <name>admmin1</name>
            </member>
          </members>
        </role>
      </roles>
    </realm>
</jazn-realm>
<policy-store>
    <applications>
      <application>
        <name>ADFLogin</name>
        <app-roles>
          <app-role>
            <name>Manager</name>
            <class>oracle.security.jps.service.policystore.ApplicationRole</class>
            <display-name>Manager</display-name>
            <members>
              <member>
                <name>ManagerGroup</name>
                <class>oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl</class>
              </member>
            </members>
          </app-role>
        </app-roles>
        <jazn-policy>
          <grant>
            <grantee>
              <principals>
                <principal>
                  <name>Manager</name>
                  <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                </principal>
              </principals>
            </grantee>
            <permissions>
              <permission>
                <class>oracle.adf.share.security.authorization.RegionPermission</class>
                <name>multiofonds.adf.common.view.pageDefs.mainPageDef</name>
                <actions>view</actions>
              </permission>
            </permissions>
          </grant>
        </jazn-policy>
      </application>
    </applications>
</policy-store>
</jazn-data>
Please help us how to resolve it.
Thanks,
kumar

A best practice in this situation is to check on a running sample e.g. Oracle ADF: Security for Everyone
I guess your resource grants are not set correctly.
Timo

JSR 168 and Struts support sample error

I'm trying to get the sample webapp for JSR 168 and Struts support working with
WebLogic 8.1, and I'm having problems with the struts portlet. The other portlets
seem to work fine, but the Struts portlet gives the following error after clicking
"Save" on most of the forms:
Page Flow Error - Action Not Found
Page Flow: Global.app
Action: html-setters.do
Unable to find action html-setters.do.
That error appears in the browser. At the same time, the following exception
appears in the server window:
<Aug 18, 2003 4:34:12 PM EDT> <Error> <netui> <BEA-420012> <There was an error
while running a lifecycle stage :: Lifecycle: UIControl.render :: for the control
:: null ::.
com.bea.netuix.nf.UIControlException: For portlet [strutsPortlet], could not do
page flow lookup for the given action [html-setters.do] in the given PageFlow:
[struts/exercise-taglib].
This exception is followed by hundreds of lines of the following:
at com.bea.wlw.netui.pageflow.scoping.ScopedServletUtils.strutsLookup(ScopedServletUtils.java:363)
as well as several stack overflow errors.
I believe I have installed the JSR168 and Struts support package according to
the instructions, and have copied the required jars into the samples WEB-INF/lib
directory. I also have tried to write my own Struts application in a portlet,
and it gets the exact same errors when I try to submit a form to my actions.
Any insight would be much appreciated!
Thanks,
Patrick

Hi Brodi,
I am having the same problem as Patrick. The problem is not in the struts portlet,
but in the forms the portlet navigates to. After the struts portlet loads, I
am able to use the html:links and navigate through the pages. Though when I try
to submit a form I get the action not found error. For example the html-select
page has a form. This page loads fine, but when I hit the save button I get the
following error.
<Aug 25, 2003 11:00:00 AM EDT> <Error> <netui> <BEA-420012> <There was an error
while running a lifecycle stage :: Lifecycle: UIControl.render :: for the contro
l :: null ::.
com.bea.netuix.nf.UIControlException: For portlet [strutsPortlet], could not do
page flow lookup for the given action [html-select.do] in the given PageFlow:
struts/exercise-taglib].
The application appears to loose the struts context. It tries to find the localhost:7001/samples/html-select.do
action instead of localhost:7001/samples/struts/exercise-taglib/html-select.do
action. How do I keep the application from loosing context?
Thank you,
Karen
"Brodi Beartusk" <[email protected]> wrote:
>
Patrick-
I've seen similar things happen when the module name is either not specified
correctly
in the StrutsContent element in the portlet, or when the module is misconfigured,
usually because of either a mising config file or a mis-named config
file.
Ensure that you have a the struts config file for the exercise-taglib
module in
WEB-INF, named jpf-struts-config-struts-exercise-taglib.xml.
-Brodi Beartusk
"Patrick Callis" <[email protected]> wrote:
I'm trying to get the sample webapp for JSR 168 and Struts support working
with
WebLogic 8.1, and I'm having problems with the struts portlet. Theother
portlets
seem to work fine, but the Struts portlet gives the following errorafter
clicking
"Save" on most of the forms:
Page Flow Error - Action Not Found
Page Flow: Global.app
Action: html-setters.do
Unable to find action html-setters.do.
That error appears in the browser. At the same time, the followingexception
appears in the server window:
<Aug 18, 2003 4:34:12 PM EDT> <Error> <netui> <BEA-420012> <There was
an error
while running a lifecycle stage :: Lifecycle: UIControl.render :: for
the control
:: null ::.
com.bea.netuix.nf.UIControlException: For portlet [strutsPortlet], could
not do
page flow lookup for the given action [html-setters.do] in the given
PageFlow:
[struts/exercise-taglib].
This exception is followed by hundreds of lines of the following:
at com.bea.wlw.netui.pageflow.scoping.ScopedServletUtils.strutsLookup(ScopedServletUtils.java:363)
as well as several stack overflow errors.
I believe I have installed the JSR168 and Struts support package according
to
the instructions, and have copied the required jars into the samples
WEB-INF/lib
directory. I also have tried to write my own Struts application ina
portlet,
and it gets the exact same errors when I try to submit a form to myactions.
Any insight would be much appreciated!
Thanks,
Patrick

Problem configing WLS 9 WS Security samples w/ new keys

I am trying to modify the WebLogic "samples" webservices/security_jws example in Weblogic 9 to use a user-defined keystore and keytool generated keys and certs. So far I have modified to code to pull encoded certs from a keystore instead of the provided sample *.der files for cert and private keys. I use a different constructor as follows: ClientBSTCredentialProvider(X509Certificate, PrivateKey, X509Certificate); I build the X509Certificate by pulling certs from a JKS keystore:
java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
Certificate c1 = keystore.getCertificate(certAlias);
java.io.ByteArrayInputStream bais1 = null;
try {
bais1 = new java.io.ByteArrayInputStream(c1.getEncoded());
serverCertificate = (X509Certificate)cf.generateCertificate(bais1);
} finally {bais1.close();}
I have configured Web Service Security in the domain using "default_wss". I have configured Confidentiality and Integrity settings pointing to file system-based keystores of integrity.jks and confidentiality.jks. Passphrases are checked for encrypt. I assume I need to use my alias instead of the instruction's "Bob" and passphrase of "true". I have added my client's cert to the JDK's cacerts as a trusted cert. I have imported the server identity cert to the client.jks
The server and client build and deploy. When I run the client I get the following error. I have also tried creating an X509 TokenHandler and adding X509 to my security realm's IdentityAsserter using Default Mapper.
I am not using a Certificate Authority signed cert.
Should I be using *.der files and BEA CA signed certs with BEA supplied key generator?
[java] </detail>]; nested exception is:
[java] javax.xml.rpc.soap.SOAPFaultException: weblogic.xml.crypto.wss.WSSecurityException: weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.
[java] at examples.webservices.security_jws.client.SecureHelloWorldPortType_Stub.sayHello(SecureHelloWorldPortType_Stub.java:37)
[java] at examples.webservices.security_jws.SecureHelloWorldClient.main(SecureHelloWorldClient.java:154)
[java] Caused by: javax.xml.rpc.soap.SOAPFaultException: weblogic.xml.crypto.wss.WSSecurityException: weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instanti
ated.

Hello,
I have a problem quite similar but regarding to sending multipart messages using Oracle ESB 10.1.3.4 with Oracle Application Server 10.1.3.4.
Concretely, I have virtualized a Web Service by using an ESB service flow with a Routing Service and SOAP Service elements and where the used WSDL defines multipart messages. What do you believe that the result has been? A soap request message with only one part. Obviously, the responses are incorrect for most of the operations.
Have you found something for fixing it?
A little help would be appreciated!
Kind Regards.

WLS 7.0 security sample providers available on dev2dev

Sample providers for auditing, authentication, identity assertion,
authorization, and role mapping are now available on dev2dev at
http://dev2dev.bea.com/code/codedirect.jsp?highlight=codedirect
- Neil

Good job, Neil.
The sample does not show PrincipalValidator. Do you know of any example of it?
If not, can you provide one?
Much appreciated
chuck
Neil Smithline <[email protected]> wrote:
Sample providers for auditing, authentication, identity assertion,
authorization, and role mapping are now available on dev2dev at
http://dev2dev.bea.com/code/codedirect.jsp?highlight=codedirect
- Neil

Xws-security web service

Hi guys,
I finished running the xws-security samples in the JWSDP, and start trying to build a web services with xws-security feature.
I copied the "config" folder containing config xml files, and the build.properties file from the sample to my own netbeans project folder. The build file was modified as well. I simply added the "-security" option followed by the path of the config file to the <wscompile> tag in the build file.
<wscompile sourceBase="${build.generated.dir}/wsservice" features="${wscompile.service.sec.features}" config="${sec.config.name}"
mapping="${build.web.dir.real}/WEB-INF/${sec.mapping}" classpath="${wscompile.classpath}:${build.classes.dir.real}:${javac.classpath}"
nonClassDir="${build.web.dir.real}/WEB-INF/wsdl"
verbose="true" xPrintStackTrace="true" base="${build.generated.dir}/wsbinary"
keep="true"
fork="true"
define="true"
security="${client.security.config}"/>No errors came out during the Build process. However, I looked in to the wsdl file created, and found that it seemed the xws-security did not take any effects.
Did I miss something? Is adding the -security option of the wscompile command the only step I should take while deploying the xws-security?

Hi,
i am a new user of xws security.Since you have already done the simple example,I rather ask you a question about it.i am getting the following message..........wher'e build is failed!!!! i am using jdk1.5, app server 8....if you know the solution plz help me.
C:\Sun\jwsdp-1.6\xws-security\samples\simple>asant run-sample
Buildfile: build.xml
clean:
[delete] Deleting directory C:\Sun\jwsdp-1.6\xws-security\samples\simple\buil
d
[delete] Deleting directory C:\Sun\jwsdp-1.6\xws-security\samples\simple\dist
as8-check:
[mkdir] Created dir: C:\Sun\jwsdp-1.6\xws-security\samples\simple\build\clie
nt\classes
[mkdir] Created dir: C:\Sun\jwsdp-1.6\xws-security\samples\simple\build\serv
er\WEB-INF\classes
[mkdir] Created dir: C:\Sun\jwsdp-1.6\xws-security\samples\simple\dist
ws-check:
tc-check:
compile-handler-code:
[echo] Compiling the handler source code
[javac] Compiling 1 source file to C:\Sun\jwsdp-1.6\xws-security\samples\sim
ple\build\server\WEB-INF\classes
[javac] C:\Sun\jwsdp-1.6\xws-security\samples\simple\src\sample\SecurityEnvi
ronmentHandler.java:44: package com.sun.org.apache.xml.internal.security.utils d
oes not exist
[javac] import com.sun.org.apache.xml.internal.security.utils.RFC2253Parser;
[javac] ^
[javac] C:\Sun\jwsdp-1.6\xws-security\samples\simple\src\sample\SecurityEnvi
ronmentHandler.java:351: cannot find symbol
[javac] symbol : variable RFC2253Parser
[javac] location: class sample.SecurityEnvironmentHandler
[javac] RFC2253Parser.normalize(x509Cert.getIssuerDN().g
etName());
[javac] ^
[javac] C:\Sun\jwsdp-1.6\xws-security\samples\simple\src\sample\SecurityEnvi
ronmentHandler.java:410: cannot find symbol
[javac] symbol : variable RFC2253Parser
[javac] location: class sample.SecurityEnvironmentHandler
[javac] RFC2253Parser.normalize(x509Cert.getIssuerDN().g
etName());
[javac] ^
[javac] 3 errors
BUILD FAILED
C:\Sun\jwsdp-1.6\xws-security\samples\simple\build.xml:68: Compile failed; see t
he compiler error output for details.
Total time: 10 seconds

Use of security in web service

Hi,
I have tried to use security from the example jaas-sample of jwsdp 1.5 .
I just want to secure my web service with a username/password.
When I called my service from the client...I see the xml flow :
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>Ron</wsse:Username>
<wsse:Password>****</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">3k18Sv+DMhcO3aoq6YWLB4xa</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-03-01T15:26:05Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>
<ns0:getInformations/>
</env:Body>
</env:Envelope>
it seems to be correct but I have an exception :
Thread : main at 01 mars 2005 16:10:06,593 ERROR Error occured during retrieving informations
java.rmi.ServerException: JAXRPCSERVLET28 : Informations sur le port manquant
at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:497)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
It works when I not use the security option (in wscompile) ...
Have you any idea for a solution?

Hi,
I tried the xws-security samples and everything worked fine.
After editing the "java.security" according to the manual with:
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
After that change and a restart of the application server I get the same error message.
I copied the jar file "bcprov-jdk14-127.jar" from bouncycastle to the jre/lib/ext folder.
I will check further.
br
Dieter

JWSDP 1.6 xws-security Simple fails with "block not properly padded"

Environment:
- Windows 2000
- Tomcat50-jwsdp
- JAVA_HOME=C:/Progra~1/Java/jdk1.5.0_05
- Security environment handler: SecurityEnvironmentHandler.java supplied with JWSDP 1.6 (Hello, Ron!)
I get the following in the Tomcat Window:
==== Received Message End ====
Nov 13, 2005 10:38:56 AM com.sun.org.apache.xml.internal.security.encryption.XMLCipher decryptKey
INFO: Decryption of key type http://www.w3.org/2001/04/xmlenc#tripledes-cbc OK
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor decryptElementWithCipher
SEVERE: WSS_ENC0004: Exception [ Given final block not properly padded ] while trying to decrypt message
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/enco
ding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.or
g/2001/XMLSchema-instance">
<env:Body>
<env:Fault>
<faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:Fail
edCheck</faultcode>
<faultstring>Unable to decrypt message</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
==== Sending Message End ====
Please help!
George

Hi, I got the xws-security/samples/simple application
working successfully with my own keystores. I have 2
questions regarding this sample application.
1) When running the application with the
encrypt-server.xml and encrypt-client.xml
configuration, why is it necessary to import the
client's certificate into the server's truststore and
the server's certificate into client's truststore when
their certificates have already been signed by a
trusted root CA (e.g. Verisign), whose certificate is
in both truststores? Shouldn't their certificates
containing their public keys get automatically
exchanged during the connection request? It's a pain
to publish a web service and expect a manual public
certificate import for each client wanting to use the
service.Certificates are sent only when the keyReferenceType is "Direct" which is the default. It's possible that our code is checking the certificate sent with one found in the KeyStore, but a quick scan of the code doesn't show it. If that's what's happening it's a bug. All of the other key reference strategies send only a referece to the sender's certificate in which case the reciever must have a copy of that certificate in its keystore.
2) I use Tomcat to run the sample application and did
set up the SSL connector to point to the keystores.
When the client connects to the server, it uses a
http endpoint not https. I'm aware that htpps is
needed for SSL support but not clear on where does
https come into play during the client's
request/server's response process.We share the SSL keystore so that certificates don't have to be stored in more than one place. The functionality of XWS-Security and SSL is logically the same so it make sense to use the same keystore. XWS-Security operates completely separately from the transport and never knows whether HTTPS is in use or not.
Phil Goodwin
Technical Lead
XWS-Security

Spring Acegi's sample application on weblogic 8.1 sp4

Hi All,
          I am trying to deploy the Spring Acegi's sample contact application on weblogic 8.1 sp4, but getting the following deployment error
          weblogic.management.DeploymentException:
          Exception:weblogic.management.ApplicationException: start() failed.
          Module: acegi-security-sample-contacts-filter Error: weblogic.management.DeploymentException: Cannot set web app root system property when WAR file is not expanded - with nested exception:
          [java.lang.IllegalStateException: Cannot set web app root system property when WAR file is not expanded]
          at weblogic.management.deploy.slave.SlaveDeployer$ActivateTask.doCommit()V(SlaveDeployer.java:2423)
          at weblogic.management.deploy.slave.SlaveDeployer$Task.commit()V(SlaveDeployer.java:2138)
          at weblogic.management.deploy.slave.SlaveDeployer$Task.checkAutoCommit()V(SlaveDeployer.java:2237)
          at weblogic.management.deploy.slave.SlaveDeployer$Task.prepare()V(SlaveDeployer.java:2132)
          at weblogic.management.deploy.slave.SlaveDeployer$ActivateTask.prepare()V(SlaveDeployer.java:2384)
          at weblogic.management.deploy.slave.SlaveDeployer.processPrepareTask(Lweblogic.management.deploy.OamVersion;Lweblogic.management.runtime.DeploymentTaskRuntimeMBean;Z)V(SlaveDeployer.java:866)
          at weblogic.management.deploy.slave.SlaveDeployer.prepareDelta(Lweblogic.management.deploy.OamDelta;Lweblogic.management.deploy.OamVersion;ZLjava.lang.StringBuffer;)Z(SlaveDeployer.java:594)
          at weblogic.management.deploy.slave.SlaveDeployer.prepareUpdate(Ljava.util.ArrayList;Z)V(SlaveDeployer.java:508)
          at weblogic.drs.internal.SlaveCallbackHandler$1.execute(Lweblogic.kernel.ExecuteThread;)V(SlaveCallbackHandler.java:25)
          at weblogic.kernel.ExecuteThread.execute(Lweblogic.kernel.ExecuteRequest;)V(ExecuteThread.java:219)
          at weblogic.kernel.ExecuteThread.run()V(ExecuteThread.java:178)
          at java.lang.Thread.startThreadFromVM(Ljava.lang.Thread;)V(Unknown Source)
          What could be the reason?
          Thanks

Hi,
          Did you try to deploy the Spring app in exploded format ?
          Regards
          Anilkumar kari

Struts Security Sample

Similar Messages

Maybe you are looking for