Switch to HTTPS

Similar Messages

• JSF / Switch between HTTP and HTTPS

  Hello!
  I want to switch between HTTP and HTTPS using JSF.
  Under Apache Struts framework I can use struts extension "sslext.jar" to configure switching between http and https in one web application.
  e.g. Login-jsp should be secured, all other jsp's should run unsecured.
  Any ideas?
  regards
  Harald.

  Thanks,
  I made the necessary enhancement for the second phase, password confirmation required when return to SSL zone after leaving it after a succesful login.
  I did the following:
  1) create a class in the application scope and/or singleton class with the servlet paths that require SSL
  2) create a plugin that reads ActionConfigs from the ModuleConfig
  3) create a filter that sets a request scope flag that says that password must re-entered.
  Code Extracts:
  1) MainshopContainer application level parameter singleton class:
  private static HashMap sslZoneMap = new HashMap(50); // key = servlet path of request, example /login.do
  public boolean isInSSLZone(String servletPath)
  return this.sslZoneMap.containsKey(servletPath);
  public void addToSSLZone(String servletPath)
  this.sslZoneMap.put(servletPath,null);
  public int getNumberOfActionsInSSLZone()
  return this.sslZoneMap.size();
  2) Struts plugin
  add a call to loadSSLZoneMap in plugin init method:
  loadSSLZoneMap(config, mainshopContainer);
  private void loadSSLZoneMap(ModuleConfig config, MainshopContainer mainshopContainer)
  throws ServletException
  try {       
  ActionConfig[] actionConfigs = config.findActionConfigs();
  for (int i = 0; i < actionConfigs.length; i++)
  if (actionConfigs.getParameter().indexOf("/jsp/account/") < 0) // /account/* = URL path for SSL zone
  // not found = not ssl zone
  System.out.println("loadSSLZoneMap, following actionConfigs excluded from SSL Zone: "+actionConfigs[i].getPath());
  else
  // found = ssl zone
  String servletPath = actionConfigs[i].getPath()+".do";
  mainshopContainer.addToSSLZone(servletPath);
  System.out.println("loadSSLZoneMap, following servletPath added to SSL Zone: "+servletPath);
  System.out.println("loadSSLZoneMap, number of actions in SSL Zone: "+mainshopContainer.getNumberOfActionsInSSLZone());
  catch (Exception ex)
  ex.printStackTrace();
  throw new ServletException("Exception caught in loadSSLZoneMap: "+ex.toString()+" Initialization aborted.",ex);
  3)
  public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
  throws IOException, ServletException {
  HttpServletRequest req = (HttpServletRequest) request;
  HttpServletResponse res = (HttpServletResponse) response;
  String servletPath = req.getServletPath();
  boolean secure= this.mainshopContainer.isInSSLZone(servletPath);
  The wole picture:
  The filter adds a RequestDTO object that includes all request parameters, one of them is the secure flag.
  I have a session scope class UserContainer that includes all the session parameters, one of them is the lastRequestDTO.(last made request)
  At the end of all my jsp's I set the lastRequestDTO variable.
  In that method I set the passwordConfirmationRequired flag if needed:
  public void setLastRequestDTO(RequestDTO _lastRequestDTO)
  if (this.lastRequestDTO != null && this.lastRequestDTO.isSecure() != _lastRequestDTO.isSecure())
  this.setPasswordConfirmationRequired(true);
  this.lastRequestDTO = _lastRequestDTO;
  I read the passwordConfirmationRequired in all my jsp's in the SSL zone that allow editing or deleting and if that flag is true, a valid password must be re-entered in order to make the updates.
  When the password is OK I reset the passwordConfirmationRequired to false.
  I need some help for the first phase, that is SSL setup for all actions related to jsp's with url path /account/*
  I tought I could define it in the web.xml:
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>All Account Related Pages</web-resource-name>
  <url-pattern>/account/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  but that doesn't work and finnaly understood why:
  Example: /WEB-INF/jsp/account/login.jsp corresponds to /login.do
  The url pattern /account/* at the container level is never encountered.
  Is it allowed to declare the following action path: /account/login instead of /login?
  If yes I could add following prefix /account to all my action paths and forward paths and this could resolve my problem.
  What's your opinion?
  If no, would your library resolve this?
  Will all the Struts/JSP/JSTL url generating tags pick-up the required protocol (http/https) according to your configuration file?
  Regards
  Fred

• No switch to HTTPS occurred in Web Dynpro ABAP application

  We are building a Web Dynpro ABAP application and when I logon I get:
  No switch to HTTPS occurred, so it is not secure to send a password
  I want to suppress this message but I can only find a parameter that works for BSP applications (You can suppress the message using the property BspDontShowHttpsWarning. Goto SICF and locate your service, open node and choose tab error pages. At redirect URL add '&bspdontshowhttpswarning=X').
  However, for Web dynpro this parameter does not work. Does somebody know if there is a parameter available for web dynpro ABAP applications to suppress this message?
  kind regards
  Angelique Heutinck

  Angeline
  I asume that you are using a "Basic Authentication" method, if this is your case, you should configure the SICF service with the following parametters:
  1) Go to SICF, /yourservice / double click
  2) On the "Logon Data" tab, in the "Procedure" option choose "Alternative Logon Procedure".
  3) On the same tab, at the "Logon procedure option", delete the SSO option, and change the Number of the another methods, raised the "Basic Authentication" to the first place.
  4) Go to Error pages tab, flag "System logon", and after that click over Configuration, here check "Do no display warnings"
  Hope this help you !

• Switching from HTTP to HTTPS - adverse side effects???

  Hi everybody,
  what are the possible adverse side effects when changing from HTTP to HTTPS? 
  I could imagine that previously saved web bookmarks would not work, correct?
  Links saved in roles will have to be adjusted in roles, correct?
  Anything else?
  Does anybody have knowledge/experience in this area and how do you recommend to proceed when switching a productive system from HTTP to HTTPS?
  Martin

  The web bookmarks stored on IE browser will still point to the HTTP service, not HTTPS, you will have to make the changes manually.
  The URLS for BW Reports are generated dynamically, you should be able to maintain an entry in table HTTPURLLOC and get this switched to HTTPS. see OSS note 805344 for the same.
  Thanks.

• URL redirect - how to switch from https to http

  Hi, all.
  We have some requirement that the portal session be switched to https on some iviews while the rest of the contents are in http. I am thinking of using url redirect on the web dispatcher.
  What I found is that the url redirect from http to https works great. Now if I want to switch back to http, the redirect doesn't work. Note that the http port is 80 and https port is 443 on the web dispatcher. To test, here is the parameter I did to switch from http to https. This works and transforms the url from http://ozonehomeep3.xxxxxxxxx/irj/portal/zsap_xxxxx to https://ozonehomeep3.xxxxxxxxx/irj/portal/zsap_xxxxxxxxxxxx
  icm/HTTP/redirect_0 = PREFIX=/, FROM=/irj/portal/zsap_, FOR=ozonehomeep3, FROMPROT=http, PROT=https, HOST=ozonehomeep3.XXXXXX
  If I flip it back the other way:
  icm/HTTP/redirect_0 = PREFIX=/, FROM=/irj/portal/zsap_, FOR=ozonehomeep3, FROMPROT=https, PROT=http, HOST=ozonehomeep3.XXXXXX
  When I connect using the url https://ozonehomeep3.xxxxxxxxx/irj/portal/zsap_xxxxxxxxxxxx, it ignores the parameter and the redirect to http did not happen.
  What is wrong?
  Thanks,
  Jonathan.

  Hello,
  I've had a similar problem for one of my customers.
  I've tried to do it on a root level, just Https://FQDN:port_https/ to http://FQDN:Port_http/
  I've used this parameter to solve it:
  icm/HTTP/redirect_0 = PREFIX=/, FOR=FQDN, FROMPROT=HTTPS, HOST=FQDN, PORT=80, PROT=http
  maby you should try:
  icm/HTTP/redirect_0 = PREFIX=/, FROM=/irj/portal/zsap_, FOR=FQDN, FROMPROT=HTTPS, HOST=FQDN, PORT=80, PROT=http, TO=/irj/portal/zsap_
  You should also verify that the standard http port (80) are open in the firewall from the outside, just take a telnet session to FQDN and port 80
  to quickly determined if the firewall policy are right.
  Good luck!
  Kind Regards
  Håvard Fjukstad.

• Switching between https and http requests

  Hi,
  Our application is built using ADF 10.1.3
  This application need to be integrated with an in house built single sign on system. ( SSO system is built in C# and .NET)
  This single sign on system only understand https request. Once user is validated against single sign on system, our application's authorization page is called in HTTPS mode. Once the user is authorized, he is forwarded to home page. While forwarding to home page, we want to convert the HTTPS request to HTTP.
  Currently once the user is authenticated, all requests are happening in HTTPS mode.
  We do not know how to make http request from existing https requested page.
  Any help is appreciated.
  Thanks
  Ranajit

  Hi,
  the way to do this is by redirecting the call from a PhaseListener or command button. The solution Avrom refers to is a PhaseListener that uses XML configuration file to determine whether or not the page you are navigating to requires https or http. The code that handles the protocol switch is printed below
    * Determines if the requested page requires SSL and if the current protocol
    * meets this need. If not the protocol is switched between http and https
    * @param viewId
    * @param pageRequiresSSL
    public void handleProtocolSwitch(String viewId, boolean pageRequiresSSL)
      ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
      boolean isSecureSSLChannel = ((HttpServletRequest)exctx.getRequest()).isSecure();
      // pages that require SSL and SSL is on, or pages that don't require
      // SSL but SSL is on and should be kept
      if (pageRequiresSSL && isSecureSSLChannel || !pageRequiresSSL && isSecureSSLChannel && isKeepSSLMode) {
      printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
      printDebugMessage("No protocol change required");
      // page requires SSL and SSL is not active. Switch to SSL.
      if (pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("Protocol change required to use https");
        switchToHttps(viewId);
      // switch to HTTP is page doesn't require SSL and channel isn't secure
      // and isKeepSSLMode is false
      if (!pageRequiresSSL && !isKeepSSLMode && isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel+", is keep SSL = "+isKeepSSLMode);
        printDebugMessage("Protocol change required to use http");
        switchToHttp(viewId);
      if (!pageRequiresSSL && !isSecureSSLChannel) {
        printDebugMessage("Page requires SSL = "+pageRequiresSSL+", channel is secure = "+isSecureSSLChannel);
        printDebugMessage("No protocol change required");
    * Switches from https to http using a redirect call
    * @param viewId
    private void switchToHttp(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to http URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to http on host "+ remoteHost);
        try {
            String port = httpPort.equalsIgnoreCase("80") ? "" : ":" + httpPort;
            String url = "http://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to http URL "+ url); 
            //TODO check request Map
             this.printDebugMessage(" Content size of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (IOException e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    * switches to https using a redirect call
    * @param viewId
    private void switchToHttps(String viewId) {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext exctx = facesContext.getExternalContext();
        ViewHandler vh = facesContext.getApplication().getViewHandler();
        String pageURI = vh.getActionURL(FacesContext.getCurrentInstance(), viewId);
        //redirect to https URL
        String remoteHost = getHostNameFromRequest();
        printDebugMessage("Switch to SLL/https on host "+ remoteHost);
        try {
            String port = httpsPort.equalsIgnoreCase("443") ? "" : ":" + httpsPort;
            String url = "https://" + remoteHost + port + pageURI;
            printDebugMessage("Redirecting to https URL "+ url);       
            //TODO check request Map
            this.printDebugMessage(" Content of RequestMap before redirect "+exctx.getRequestMap().size());
            exctx.redirect(url);         
        } catch (Exception e) {
            printDebugMessage("Redirect to http port failed "+ e.getMessage());
    * @return the hostname of the page request
    private String getHostNameFromRequest() {
        ExternalContext exctx = FacesContext.getCurrentInstance().getExternalContext();
        String requestUrlString = ((HttpServletRequest)exctx.getRequest()).getRequestURL().toString();
        URL requestUrl = null;
        try {
            requestUrl = new URL(requestUrlString);
        } catch (MalformedURLException e) {
            e.printStackTrace();
        String remoteHost = requestUrl.getHost();
        return remoteHost;
    }If your container doesn't support session sharing between http and https then the session is renewed. In OC4J you will have to configure this.
  Frank

• Problem when switching from https to http on Safari

  I am using a Safari browser and try to switch from https to http within the same web application.
  The Safari browser is configured so that on Safari->Preferences->Security the check box "Ask before sending a non-secure form to a secure website" is checked.
  When using the Safari browser in my web application and going from an https page to an http page, the browser shows an (expected) dialog box asking the user whether he wants to send a non secure form. Clicking Ok (twice) causes the following problematic dialog box to appear :
  Safari can't open the specified address;
  Safari can't open "(null)" because Mac OS X doesn't
  recognise Internet addresses starting with "(null)"
  How can I avoid this problem without having to uncheck the above mentioned check box in Safari->Preferences->security.

  I have somehow a similar problem,too. My site is in https upon login which maintains some session data. One of the features of my site is the file upload (servlet) which does some batch processing. Since my https session terminates(timeout)upon uploading, I resorted to switching the link to an http session using
  File Upload
  When I do "session.getAttribute('data')" in my servlet after being called by the "upload.jsp", a NullPointerException is thrown at that particular line.
  My question:
  1. Upon uploading of file/data via https, is there a maximum bytes that it can only process? My file is just less than 1MB and it terminates the session. How do I go about it? Should I switch it then to an http?
  2. If I switch from https to an http session, SSL session data can not be retrieved from an http session?
  Thanks!

• Issues switching to HTTPS

  Hi all.
  I followed Scott Spadafore's advice on forcing a specific page to HTTPS:
  Re: HTTPS and LOGIN
  I'm getting redirected to the right protocol, but the wrong port. The problem seems to be here:
  htp.p('Location: http://'||
  owa_util.get_cgi_env('HTTP_HOST')||
  owa_util.get_cgi_env('SCRIPT_NAME') ||
  owa_util.get_cgi_env('PATH_INFO')||'?'||
  owa_util.get_cgi_env('QUERY_STRING'));
  HTTP_HOST returns "host.mcg.edu:7779" in non-SSL mode, and "host.mcg.edu:4443" in SSL mode. HTTP_HOST contains the port of the protocol I'm switching from, so for example when switching to HTTP, I get:
  http://host.mcg.edu:4443/pls/htmldb... <-- SSL port
  If I use the SERVER_NAME CGI variable (host.mcg.edu) and then hardcode the http or https port number, it works. Not very portable, though, as our production environment uses default ports (80 and 443).
  What am I doing wrong?
  Thanks for your insight.
  -John

  John,
  you could also use mod_rewrite to configure this stuff directly in your Apache (Oracle Http Server powered by Apache :).
  http://blog.murf.org/?p=24
  This way you would have the configuration in a single place.
  ~Dietmar.

• No switch to HTTPS occurred, so it is not secure to send a password

  Hi,
  I have created one SAP Transaction iview with Tcode “HRESSIN_F16” which is accessed through ESS service in portal.  This iview uses system with logon ticket say ESS. When we access this iview in our local LAN using HTTP URL it works fine.
  But when we access it through HTTPS (https://www.mycompany.com) we get a logon popup saying “No switch to HTTPS occurred, so it is not secure to send a password” even though we have implemented SSO with logon tickets.
  What are the possible causes?
  Regards,
  Bharat Mistry.

  Hi Joerg,
  Thanks for your quick reply.I will do as you suggest and then let you know whatever result
  Ok I am explaning you in detail.
  I have created one SAP Transaction iview with Tcode “HRESSIN_F16” which is accessed through ESS service in portal. This iview uses system with logon ticket say ESS. When we access this iview in our local LAN using HTTP URL it works fine.We have Web dispatcher also.
  In our case their is situation of (SSL termination without metadata exchange).Means upto Web dispatcher HTTPS then from it to WEB AS HTTP.
  When we access it through HTTPS , we get a logon popup saying “No switch to HTTPS occurred, so it is not secure to send a password” even though we have implemented SSO with logon tickets.
  But even after this warning if We provide username and password set on ECC6,it gives error either user name or password is incorrect.
  And I am sure that username and password are same as ECC6.
  There is also no problem of authorization,we had also tried with SAP_ALL.
  Here it is web dispatcher profile parameter
  SAPSYSTEM = 8
  wdisp/shm_attach_mode = 6
  rdisp/mshost = ....
  ms/http_port = 8101
  DIR_INSTANCE = /secudir
  ssl/ssl_lib=/secudir/libsapcrypto.so
  ssl/server_pse=/secudir/sec/.....pse
  wdisp/auto_refresh = 120
  wdisp/max_servers = 100
  wdisp/server_info_location = /msgserver/text/logon
  icm/server_port_0 = PROT=HTTPS,PORT=443
  icm/server_port_1 = PROT=HTTP,PORT=0
  icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=/webdisp/admin
  wdisp/HTTPS/dest_logon_group = APPS
  wdisp/ssl_encrypt = 0
  wdisp/add_client_protocol_header = true
  icm/HTTPS/verify_client = 0
  icm/HTTP/redirect_0 = PREFIX=/, TO=/irj/index.html
  #icm/HTTP/redirect_0 = PREFIX=/, TO=/APPS~irj
  is/HTTP/show_detailed_errors = false
  icm/HTTP/error_templ_path = /webdisp/error
  icm/HTTP/file_access_0 = PREFIX=/images/,DOCROOT=/webdisp/images
  Thanks & Regards,
  Sunny
  Edited by: Sunny Patel on Jan 21, 2008 2:07 PM

• Would it be possible that saved passwords would work on both http and https version of the same site as some pages are switching from http to https?

  Some sites are switching from http to https protocols and some sites run both. This creates some duality when you have saved passwords. You either save passwords for both versions of the site. And if you visit the https version for the first time you just have to go and look up the password as (personally) I don't remember all of my passwords.
  Would it be possible that unless there are different passwords for different version of the site that firefox would use the one that it has already saved?

  You will have to save the password again in case the submit URL and possibly other parameters change.
  You can try this extension:
  * Saved Password Editor: https://addons.mozilla.org/firefox/addon/saved-password-editor/

• How do I switch between http and https?

  I need to be able to show a majority of a portal in http, but need to have a couple of pages/portlets use https. Does anyone know how I can setup certain items to use https and also have it automatically switch back to http for those items that don't need to be encrypted?
  Any information would be great!

  Here's what I've got in my web.xml. Note that all I'm trying to do here is replicate the functionality that was provided in WLPortal 4.0 with the HTTPS_URL_PATTERNS parameter in the old web.xml.
  web.xml section
  <security-constraint>
  <display-name>SSLResources</display-name>
  <web-resource-collection>
  <web-resource-name>SSLResources</web-resource-name>
  <description>Resources requiring SSL</description>
  <url-pattern>/appmanager/ctdportal/retail</url-pattern>
  <url-pattern>/appmanager/ctdportal/admin</url-pattern>
  <url-pattern>/appmanager/ctdportal/cos</url-pattern>
  <!--<url-pattern>/security/*</url-pattern>-->
  </web-resource-collection>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  ---------------------------------------

• Switch 2960 http

  warm greeting, I require to administer or enable by HTTP switch 2960. Somebody could to send the steps to do this activity,
  My email is [email protected]
  thank you very much,
  John Jairo Osorio

  conf t
    ip http server
  end
  wr

• Content Switch 11503 http keepalive

  Is it possible to look for the http code 200 (OK) and use this as a keepalive ?
  eg, if the error code 404 for example is found, then the service is taken down.

  problem solved

• Switching between https secure zone to http domain

  Hi,
  I'd like to know what the best way to link back to a non secure zone http domain from a secure https (worldsecuresystems.com) domain. I've seen a few articles on this subject and tried a few different approaches, but nothing that I've read/tried seems to work completely. I've tried using the full path by adding {module_defaulturl} to links e.g. <a href="{module_defaulturl}/contact.html">Contact</a> and I've tried adding a content holder e.g.<a href='/{module_contentholder name="_Template - Default Domain Host"}/about.html'>About</a>, where the host/path is added to the content holder. I've also tried using the full path hardcoded. All three approaches work for navigating between/from https to http domains, so far so good.
  However, whereas this full path approach works to enable linking within the website, the links no longer work within the Visual Editor (ICE). It appears the ICE will not work with full path links. Does anyone know of a way around this, or know of a better approach to setting up links between https and http domains? I'm thinking of using javascript to add the full path to links when the page loads whilst on a secure domain so that the script doesn't run in the ICE. But is there a better/simpler way?
  Regards, Mark.

  Thanks for the suggestion although getting to the solution requires a subscription to their service. But your suggestion helps because they mention achieving what I want with jquery, so I assume that's the accepted way to go about it. I've already implemented a solution with jquery, I was just trying to see if there was another 'more native' BC way. Cheers

• FRM-92050 error when trying to open form after switching to HTTP mode

  Hi all,
  Yesterday, I installed Oracle Applications 11i on Red Hat Enterprise Linux ES 4 and forms were working correctly in the default mode, which is native (socket). Following steps 4 and 5 in [Doc 201340.1|https://metalink2.oracle.com/metalink/plsql/f?p=130:14:6398415066875997204::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,201340.1,1,1,1,helvetica], I enabled HTTP mode, and now my forms are not working. When I open a form now, I get this error:
  FRM-92050: Failed to connect to the Server: /forms/formservlet:-1
  Details...
  Java Exception:
  java.io.IOException: Negative content-length from http://...
  I've searched MetaLink and the forums for this error and all the results I found deal with HTTP headers or cookies being corrupted, usually by an intermediate networking device (web proxy, web cache, SSL accelerator, etc.). I am not using anything of the sort - the client is connecting directly to the Oracle server.
  I checked the Apache error log and this is what I see:
  [Thu May 14 09:10:28 2009] [error] [client 10.11.1.114] client denied by server configuration: /work/oracle/viscomn/java/java
  [Thu May 14 09:10:28 2009] [error] [client 10.11.1.114] client denied by server configuration: /work/oracle/viscomn/java/java
  [Thu May 14 09:10:33 2009] [error] [client 10.11.1.114] File does not exist: /work/oracle/viscomn/java/oracle/forms/icons/oracle_logo_light.gif
  [Thu May 14 09:10:33 2009] [error] [client 10.11.1.114] File does not exist: /work/oracle/viscomn/java/oracle/forms/icons/oracle_logo_light.gif
  [Thu May 14 09:10:34 2009] [error] [client 10.11.1.114] File does not exist: /work/oracle/viscomn/portal/VIS_gen1-cs49/forms/formservlet
  [Thu May 14 09:10:34 2009] [error] [client 10.11.1.114] client denied by server configuration: /work/oracle/viscomn/java/oracle/ewt
  [Thu May 14 09:10:34 2009] [error] [client 10.11.1.114] client denied by server configuration: /work/oracle/viscomn/java/oracle/ewt
  [Thu May 14 09:10:34 2009] [error] [client 10.11.1.114] File does not exist: /work/oracle/viscomn/java/oracle/ewt/alert/resource/AlertBundle_en_US.properties
  I don't like the look of those "client denied by server configuration" messages. What's also odd is that the two files referenced by those messages do not exist on the file system:
  [oracle@gen1-cs49 logs]$ cat /work/oracle/viscomn/java/java
  cat: /work/oracle/viscomn/java/java: No such file or directory
  [oracle@gen1-cs49 logs]$ cat /work/oracle/viscomn/java/oracle/ewt
  cat: /work/oracle/viscomn/java/oracle/ewt: No such file or directory
  Any ideas? Are there any other logfiles I should be checking?

  First, login to System Administrator responsibility, then navigate to Concurrent > Manager > Administer > Processes > Internal Manager LogAh, OK - I was able to open the form and I see a table of managers and services and whatnot, and I see an entry for "Internal Manager", but I don't see any way to view the log. I even tried opening the details of the "Internal Manager" entry and the only button there is "Diagnostics".
  Search for VIS_*.mgr -- Sorry for the typo!Ah, that would explain it. Here are the contents of the correct logfile:
  [oracle@gen1-cs49 VIS_gen1-cs49]$ cat VIS_0514.mgr
  ========================================================================
  Starting VIS_0514@VIS Internal Concurrent Manager -- shell process ID 4314
  logfile=/work/oracle/viscomn/admin/log/VIS_gen1-cs49/VIS_0514.mgr
  PRINTER=noprint
  mailto=oracle
  restart=N
  diag=N
  sleep=60 (default)
  pmon=20 (default)
  quesiz=1 (default)
  Routine &ROUTINE has attempted to start the internal concurrent manager. The ICM is already running. Contact you system administrator for further assistance.afpdlrq received an unsuccessful result from PL/SQL procedure or function FND_DCP.Request_Session_Lock.
  Routine FND_DCP.REQUEST_SESSION_LOCK received a result code of 1 from the call to DBMS_LOCK.Request.
  Possible DBMS_LOCK.Request resultCall to establish_icm failed
  The Internal Concurrent Manager has encountered an error.
  Review concurrent manager log file for more detailed information. : 14-MAY-2009 11:06:48 -
  Shutting down Internal Concurrent Manager : 14-MAY-2009 11:06:48
  List of errors encountered:
  _ 1 _
  Routine AFPCSQ encountered an ORACLE error. .
  Review your error messages for the cause of the error. (=<POINTER>)
  List of errors encountered:
  _ 1 _
  Routine AFPCAL received failure code while parsing or running your
  concurrent program CPMGR
  Review your concurrent request log file for more detailed information.
  Make sure you are passing arguments in the correct format.
  The VIS_0514@VIS internal concurrent manager has terminated with status 1 - giving up.