Tomcat50-jwsdp Security Manager and RMI

Similar Messages

• Security Manager and RMI

  I am developping an application that uses RMI.
  So in the code i must declare the RMISecurityManager as the security manager. But if the user specify the standard security manager on the command line it dont works.
  I understand why, because my question is :
  How the user can ensure that my application is safe if he cannot specify the basic security manager on the comnd line ( -Djava.security.manager ) ?
  tom

  First of all, you don't have to use RMISecurityManager as the security manager at all. It's a legacy class from Java 1.1. times that the RMI tutorials continue to refer to, see this thread:
  http://forum.java.sun.com/thread.jsp?forum=58&thread=161874
  Secondly, it is tricky but Java 2 allows a security manager to be set more than once -- it all depends on whether the currently installed manager allows to be replaced [RuntimePermission("setSecurityManager") permission].
  Finally, if you expect that the user will define a security policy through command line, all you have to do is code something like this:
  if (System.getSecurityManager() == null)
     System.setSecurityManager(your_security_manager);to set yours only when nothing was set on the command line.
  Vlad.

• OWSM Vs OSB: Security, Management and Monitoring

  Has anyone done a comparison of the Security, Management and Monitoring capabilities of OSB 10gR3 and OWSM?
  I think both of them have a place in the architecture, but I am looking for pointers on the overlapping capabilities in terms of security and service monitoring. When is one preferred over the other with pros and cons.
  Thanks,
  -J

  In short OSB you configure process by process. OWSM is a layer you can put across your whole enterprise.
  Other than that the functionality is very similar.
  cheers
  James

• Security Manager and Policy Files

  Hi all,
  I am writing a simple java rmi application, but understand it wont run without a Security Manager installed and a policy file.
  I think I have installed the security manger using the following in the main() method of my client application:
  System.setSecurityManager(new RMISecurityManager());However I am unsure how to use a policy file with this. I have looked on the internet, but it does not seem to be very well documented
  Please could you advise me how to create a policy file that will work for my application and where to place it in my application so that my application can use it.
  Any help would be greatfuly appreciated
  Thanx
  Aaron

  An RMI application doesn't need a security manager unless you are using the codebase feature.

• Cisco Security Manager and User-aware firewall rules

  Hello !
  I have a firewall ASA which is managed with CSM and I try to create some user-aware rules. To do this, I need to match CSM with an Active Directory server.
  I added an AAA server group matching my Active Directory server in the Identity Setting menu from Security Manager Administration and when i click on "Test", I obtain the error message "Unsuccessful Bind prevented to fetch data, please reconfigure AAA server".
  What can I do to solve this problem ?
  Thank you !
  Stephane

  You can contact your local AM to get an evaluations version, this is related to the new 'restricted' downloaded access on CCO. You need to have a service contract assocaited for that 'specific' product to download software (I know it does not make sense in case of an evaluation).
  And you also have the following alternate:
  Note:
  This download does not include  CiscoWorks Resource Manager Essentials (RME). For customers that wish to  also evaluate CiscoWorks RME or that prefer a media format rather than a  large download, an evaluation DVD can be ordered from Cisco  Marketplace. At http://www.cisco.com/pcgi-bin/marketplace/welcome.pl,  navigate to the Collateral and Subscriptions Store and search for part  number EVAL-CSMGR-4.0.
  Regards
  Farrukh

• HP Protect Tools Security Manager and Windows 7

  I need assistances for my HP ProBook 4440s. There is no HP Protect tools security manager in installed in the system.I also want to install  figer print security system.Kindly assist where necessary,
  Thanks,
  k.dineysh

  You need to contact HP Technical Support since the fingerprint reader is part of their hardware configuration and HP would be the source for support of the fingerprint reader.
  The HP Support website is found @
  http://www8.hp.com/us/en/contact-hp/contact.html
  There is also an HP Consumer Support forum @
  http://h30434.www3.hp.com/psg/
  There is even a dedicated thread for your problem found @
  http://h30434.www3.hp.com/t5/Other-Notebook-PC-Questions/HP-Probook-4530s-fingerprint-reader-not-working/m-p/1372895#M40259
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

• HP ProtectTools Security Manager and Windows 10

  I am going to be updating to Windows 10, howevver it is saying that the HP ProtectTools Security Manager is not compatible with Windows 10. 2 questions I have. The first is: Is there going to be a replacement for these tools for Windows 10?Second is: How do I uninstall the tools so that I can proceed, properly?

  Indeed! These instructions are useful but there is a newer version of Client Security Manager http://h20564.www2.hp.com/hpsc/swd/public/detail?swItemId=ob_141863_1 Just to inform others users, HP protect tools security Manager has been rebranded to Client Security Manager. So it's the same software, they just change the name and the logo

• Rmi with security manager not working in netbeans

  Hello i'm trying to use rmi but get the error java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:1099 connect,resolve) when i run it in netbeans. here is my code
  public static void main(String[] args) {
          if (System.getSecurityManager() == null) {
              System.setSecurityManager(new SecurityManager());
          try {
              String name = "Compute";
              Compute engine = new ComputeEngine();
              Compute stub =
                  (Compute) UnicastRemoteObject.exportObject(engine, 0);
              Registry registry = LocateRegistry.getRegistry();
              registry.rebind(name, stub);
              System.out.println("ComputeEngine bound");
          } catch (Exception e) {
              System.err.println("ComputeEngine exception:");
              e.printStackTrace();
      }It works if i don't have a security manager and it works with a security manager if i don't use netbeans to run it and use the command line. i need to use a secuirty manager because the client code is running in eclipse and it moans that there is no security manager if i run it without one
  this is the error i get when running with no security manager
  java.rmi.UnmarshalException: error unmarshalling return; nested exception is:
       java.lang.ClassNotFoundException: takenoteremote.Compute (no security manager: RMI class loader disabled)
  Please help

  I have sort of got it to work, i took out the security manager and used the code base parameter on the command line, and put my interface into a jar file. I can only get it to work though on the command line, if i run it in netbeans it doesn't find the class in the jar file it needs.
  Any ideas?

• Security manager not used with JNDI ?!

  Hi,
  I have a simple stand-alone java app that does a JNDI lookup
  and subsequent method invocation on the returned session bean.
  I never explicitly install a security manager and am wondering
  why there are no security problems getting the bean proxy
  and any subsequent code downloads from the WebLogic server.
  Seems like this would never work under under pure RMI, so
  what's going on in this case?
  Thanks, Garry

  Hi,
  According to the screenshot, it seems like compatibility problem, What's the type of your system?
  In addition, you can refer to the link below to view its compatibility list.
  http://gallery.technet.microsoft.com/LocalGPOmsi-Excellent-MS-2593b2eb
  Roger Lu
  TechNet Community Support

• Differences in setting a security manager

  Hello,
  what is the difference between installing a security manager using a system property like this:
  -Djava.security.manager=java.rmi.RMISecurityManagerand by executing the following at the beginning of the main method:
  if (System.getSecurityManager() == null) {
       System.setSecurityManager(new RMISecurityManager());
  }To my understanding of the various reference documentations for java security, they should be equivalent in the obtained result. In my case, however, the system property one doesn't work, that is classes are not downloaded dynamically; everything works fine with the java code solution.
  Many thanks,
  valerio

  Works for me.
  -Djava.security.manager=java.rmi.RMISecurityManagerThis argument needs to appear first on the command line, before any other -D and -jar arguments.
  NB the RMISecurityManager is obsolete, you can use java.lang.SecurityManager. See the Javadoc. You can just specify:
  -Djava.security.manager=defaultor just:
  -Djava.security.manager

• Default Administrator password in BI Administration Tool - Security Manager

  Hello all,
  I'm new to OBIEE and have recently been playing around in the BI Administration Tool to create my own repository (.rpd) metadata files from demo DBs. I selected "Manage" -> "Security" to open Security Manager and then set a logging level of 2 on the Administrator user.
  UNFORTUNATELY, there is a default password that apparently gets specified that I didn't notice, so when I closed my repository file and tried to re-open it, it is now challenging me for a password that I didn't set, don't know, and have not been able to find in documentation or posted threads anywhere.
  Has anyone else ever come across this problem before or know the default password? Any help would be greatly appreciated. Thanks guys.

  Guys,
  First, let me thank you all for you quick responses and willingness to give me a hand. It's greatly appreciated. And thanks Ally for noticing the name! Glad you liked it. :)
  Unfortunately, my problem still exists. None of the following passwords worked for me: <blank>, "Administrator", "administrator", or "ADMINISTRATOR".
  Also, I should clarify for the thread that I'm not using Paint.rpd or SH.rpd; I'm creating my own repository from scratch. For those who read this post and have literally 90 seconds to spare, I would ask you to try and recreate this same thing with me and see if it's just me (and if I'm crazy):
  1) Open OBI Administration Tool
  2) DO NOT open an existing repository, create a new one. Name it whatever; mine is the default "Metadata1.rpd"
  3) Don't bother adding any metadata to it, go immediately to "Manage" --> "Security" --> "Users" and open up the Administrator user by double-clicking it.
  4) Notice there is a "Password" and "Confirm Password" value already defined by default! DON'T change it (this is the password in question that I accidentally accepted). Just click the "OK" button without making any changes to that form.
  5) Save, close, and then try to re-open this repository you just created. It should be challenging you for a password now, right? And I bet it will not accept <blank> or any variation of "Administrator".
  Believe me, I know better now in the future to not let this happen. But I can't for the life of me figure out this password that was automatically populated and WHY there would be one there in the first place! I was walking through a lab that told me to open this security setting for Administrator to set a logging level, but it did not mention anything about a setting a password. So, I created a repository that I have now magically locked myself out of. :)
  Can anyone else please try to recreate this and let me know if it's just me or not? I am using BI Administration Tool version: 10.1.3.3.2.071217.1900.
  Thanks again guys.

• Searching for the Recording Security Manager utility

  The WLS v6.1 docs on managing security (http://edocs.beasys.com/wls/docs61/adminguide/cnfgsec.html#1074675)
  mentions a Recording Security Manager utility for detecting and resolving permission
  problems. Can someone point me to it?

  Hi Dan,
  Its available on the BEA developer center
  http://developer.bea.com/do_login.jsp
  You will need to have a login and password to access this site .
  Just search for Recording Security Manager and you will get the tool
  yeshwant
  Dan McHarness wrote:
  The WLS v6.1 docs on managing security (http://edocs.beasys.com/wls/docs61/adminguide/cnfgsec.html#1074675)
  mentions a Recording Security Manager utility for detecting and resolving permission
  problems. Can someone point me to it?

• Java.security.manager ?

  My understanding about Java SecurityManager is when you want to use it,
  it have to be installed. It can be installed through
  using -Djava.security.manager
  option with java command or calling setSecurityManager() in the application.
  I'm sure that WLS startup script marketed with WLS5.1
  used -Djava.security.manager
  option, however, WLS6.1 and WLS7.0's script don't use the option. Do they
  install a SecurityManager through setSecurityManager() method?
  I'm just curious to know why they are different between WLS5.1 and
  WLS6.1/7.0.
  Thanks in advance,
  Koji Sekiguchi

  6.1 and 7.0 do not install a SecurityManager programattically. It was
  decided that most people do not make use of the added security provided
  by the security manager and that it has a significant performance hit on
  the VM (I think we found 6-7% degradation but it was a long time ago so
  I may be way off) so that it did not make sense to run with it by
  default. Instead we tell people to turn it on who need it. It seems
  better because all of the security conscious people know to look for it
  and all of the security unaware folk don't know enough to turn it off so
  they are stuck with the degradation.
  The SecurityManager is really most helpful if you are installing
  untrusted applications on your app server (something most users don't
  do). It does next-to-nothing to prevent remote attacks.
  Neil Smithline
  Koji Sekiguchi wrote:
  My understanding about Java SecurityManager is when you want to use it,
  it have to be installed. It can be installed through
  using -Djava.security.manager
  option with java command or calling setSecurityManager() in the application.
  I'm sure that WLS startup script marketed with WLS5.1
  used -Djava.security.manager
  option, however, WLS6.1 and WLS7.0's script don't use the option. Do they
  install a SecurityManager through setSecurityManager() method?
  I'm just curious to know why they are different between WLS5.1 and
  WLS6.1/7.0.
  Thanks in advance,
  Koji Sekiguchi

• Cisco Security Manager, need global search, i.e. filters are not good at all

  Does anybody know how to work effectively with security manager and filtering?
  It is extremely time consuming and frustrating to work with Cisco Security Manager in regards to search for entries or filter. I have not been able to find some kind of global search, is there?
  How do other people cope with this?

  It appears to have been a temporary issue as the backup is running fine again now... closing the thread.

• Custom Security Manager or Security Event Interception from WebLogic Console

  Hello,
  I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
  Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
  I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
  I use Weblogic Server 6.0 sp2
  serge

  Hi Daniel,
  > a custom security manager for the standard CM Repository
  And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
  The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
  > java.lang.NoSuchMethodException: MySecurityManager.<init>
  This exception only complains about a missing constructor!? Have you implemented a default constructor?!
  > If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
  The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
  There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
  Hope it helps
  Detlev