UCM Folders custom alternate security model

Hi All,
Im working on a Proof of Concept using UCM 10GR3 and we need help from you guys.
The content will be categorized using the Folders structure from the Oracle Folders Component.
Let’s look this example:
1. The user DANIEL creates the folder A and sets who will have access (R,RW,RWD,RWDA);
2. DENIS another user from UCM get permission to access the folder A and starts to create his own Folders (A1, A2, A3) and defines who will access these Folders and their permissions but if he doesn’t set access permission to DANIEL he (DANIEL) won’t be capable to see these Folders content .
So, this security model is defined for each Folder and won’t be hierarchical.
I`ve already explained for the customer about possible problems with inappropriate content stored inside some users Folders and the lack of permission from their superiors to control this.
But they don’t want to go another way.
This customer didn’t like UCM Collaboration Manager concept of Projects, Dashboards and so on.
They prefer Folders with this ‘ Custom’’ security model because simplicity and not hierarchical security model are crucial points.
Is there any case about the use of this security model or some ideas about how do that for Oracle Folders?
Best Regards
Daniel

I think accounts can do the trick. You'll have to write a component that automaticcly creates account if someone adds a folder.
With accounts you can give someone permission in a hierarchical way. You define for example an account A/1 A/2 A/3
If Daniel creates a folder your component can automaticlly create an account A
If Denis creates a folder A/1 your component would create A/1
If daniel grants denis the A account he gets permission to the A folder
if Denis don't grant daniel the A/1 account. he doesn't have acces to that folder. Is that what you wnat?
There is a small problem with this construction and that is that a user normally can't grant, revoke accounts. It's done in the user admin applet so you're component would normally add some functionallity so users could add delete accounts but that't kinda tricky...

Similar Messages

  • [ask] ucm security model case study

    hi fellow stellent users,
    i have a question to ask about
    this case study, that im trying to solve.
    the case study is,
    suppose a corporate named acme
    then i create security groups (public, internal, sensitive, secret),
    semantically a clearance level.
    then i create hierarchical accounts based on acme's divisions:
    acme/finance
    acme/acct
    acme/marketing
    then i create this virtual folders (primarily used in webdav integration)
    /finance: account: acme/finance
    /acct: account: acme/acct
    /marketing: account: acme/marketing
    this seems ok, so all users in the finance dept
    can only view/access/edit the /finance folder (and its contents)
    but there are new requirements:
    -suppose finance users want to create subfolder in the /finance
    eg: /finance/shared
    but they want to share this folder so that it can be accessible to
    acct and marketing users.
    so how can i do this ?
    i already tried creating new account acme/finance/shared
    assign that to the /finance/shared folder,
    and adding that account to all users that need to access that folder
    but, there seems a problem,
    when i browse ucm with Windows Explorer (webdav) with a marketing user id.
    i cant see the /finance/shared folder.
    maybe because the parent /finance folder is hidden/not permissible to them (marketing guys).
    but then, what is the workaround for this problem? can a user
    create a folder that can be shared to other accounts ? with a parent
    folder that is not shared.
    what's the best practice in ucm to accomplish this scenario,
    especially for working in windows/webdav environment.
    is there any changes that i must make to my current security model ??
    thanks,
    your answers will be very appreciated. :)

    Sapan, Yes I understand that and I have read it also. The problem is we would rather take care of the ROLES within UCM, such that subadmins should be allowed to create roles etc with UCM who have no access to LDAP. Basically we would like to give access of role creation to a subadmin rather then set it up in LDAP, but at the same time we would like users to get authenticated via LDAP, because we want to use Single Sign On.
    So basically the solution that I am looking for is following:
    1) Users get Authenticated ONLY via LDAP. No group mappings or filtering needs to be done (Use Group Filtering/Use Full Group Names in LDAP provider are NOT checked)
    2) Setup user's roles/groups within UCM by a Sub Admin.
    Basically what I would like to do is that we can have several websites in our UCM and each website can have Subadmins who can give/remove permission for users that reside in UCM (External/Internal anyone). Moreover I would like to give subadmins only rights to there OWN Website and they should not be allowed to do any administration work for other websites that they are not sub admin for. Also, none of the users/subadmins can see any search results from any other website data that they do not have permission for.
    This is a little complex requirement, first I do not know if UCM is capable of this, second I am a newbie with UCM, I have worked with Documentum in the past, so any suggestion is very welcome. Thanks!

  • UCM security modeling

    Hi,
    The use case is like this
    OID
    1. I have different groups in OID say Group1, Group2,...... 1000+ groups
    2. I have other groups (apart from the 1 mentioned above) as well in OID say OtherGroup1, OtherGroup2,...... 1000+ groups
    Please NOTE: The users presnt in Group1, Group2,.... and OtherGroup1, OtherGroup2,.... are completely different users
    Also all the groups mentioned above are already repsenr and I cannot modify the existing groups as they are used for some other purposes as well.
    I can just use the existing groups.
    In my webcenter application I crate a object say "Sales"
    And I want to create a folder in UCM by same name called as "Sales" and the contents inside this "Sales" folder should have the security as mentioned below
    1. "Content1"
         - "Group1" should have R, "Group2" should have RW, "Group3" should have RWD
         - "OtherGroup1" should have R, "OtherGroup2" should have RW, "OtherGroup3" should have RWD (This group might remain same for all contents)
    2. "Content2"
         - "Group4" should have RWD, "Group5" should have RW, "Group6" should have R
         - "OtherGroup1" should have R, "OtherGroup2" should have RW, "OtherGroup3" should have RWD (This group might remain same for all contents)
    and so on..
    So please suggest how can I achieve this type of security model in UCM.
    Thanks in advance.

    which account am I suppose to add on "Contnent1"The account will be Content1. @Content1_R is the name of a group in LDAP, which grants its members R permission to the Content1 account.
    And also what should be the "SecurityGroup" for "Content1" since "SecurityGroup" is mandatory for a content item check in. You may have to create a generic group where all users have RWD permissions - resulting permission are intersection of those from SG and accounts.
    Also once the account is added I cannot change the permission for a particular user, so the option left with me will be to assign him to different account which has desired permission for given content (that too if I can add multiple accounts).Account is a setting on a content item, and it is expected to be changed only exceptionally. What you can change, though, is membership of users in your created groups - thus, granting/revoking permissions of users to particular accounts. This can be as dynamic as you need.

  • Need Best Practice - Apex, multiple schemas, security model

    We have an oracle database which contains
    a) named database users with no objects
    b) several schemas with data tables:
    sales
    marketing
    accounting
    We need to build GUI for tables in these schemas,
    every database users should belong to a group, each user group should have access to several (not all) GUI pages.
    1) Is it possible and is it recommended (if not - why?) to create ONE workspace and ONE application inside it to have access to ALL tables in ALL schemas listed with user groups level security?
    How to do it properly?
    Some link to documentation?
    2) Which security model (apex users, database users,..) to choose and why? please recommend some links to comparison...

    Hi Marcus,
    Our developers like to see all the tables for a single custom application in its own diagram no matter where they come from and the DBA's don't want to wade through several thousand tables to find the handful we need nor have to duplicate table definitions in multiple models. In >Designer we have been doing that with Application Folders.There are no application folders in data Modeler. You can use subviews to define your subject areas. Subview is crated for each application (folder) during import form Designer repository.
    Philip

  • Assigning role to role doesn't work when applying Database security model

    I applied Oracle Database security model for BI Publisher.
    then I create some roles and users and assigned roles to users in Oracle Database.
    i also assigned appropriate folders to each role in BI Publisher.
    the users with direct roles worked successfully but i got problem when i assigned roles to a super role, and assigned this role to a super user.
    the super user could only access guest folder.
    Please help me.
    thanks.
    Daniel
    Edited by: user13344498 on Jul 5, 2010 11:13 PM

    Add a Role to a Role:
    1. From the Security Center, select Roles and Permissions; this will invoke the
    Security Center page. Here you can see the list of existing roles and permissions.
    2. Select the Add Roles icon for the Role.
    3. Select the desired role from the Available Roles list and use the Move shuttle
    button to move it to the Included Roles.
    this is from "Oracle® Business Intelligence Publisher User's Guide Release 10.1.3.2 Part No. B40017-01" book, but the security model is BI Publisher Security.

  • Error during JNDI lookup Accessing Remote EJB (access to web service restricted using declarative security model)

    Hello everyone,
    I developed a Web Service prototype accessing remote EJB using the EJB
    control with special syntax in the jndi-name attribute: @jws:ejb
    home-jndi-name="t3://10.10.245.70:7131/AccountDelegatorEJB"
    Everything works fine, but I get an error when I restrict access to my web
    service with a declarative security model by implementing steps provided in
    help doc:
    - Define the web resource you wish to protect
    - Define which security role is required to access the web resource
    - Define which users are granted the required security role
    - Configure WebLogic Server security for my web service(Compatibility
    Security/Users)
    I launch the service by entering the address in a web browser. When prompted
    to accept the digital certificate, click Yes, when prompted for network
    authentication information, enter username and password, navigate to the
    Test Form tab of Test View, invoke the method by clicking the button and I
    get the following exception:
    <error>
    <faultcode>JWSError</faultcode>
    <faultstring>Error during JNDI lookup from
    jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed for
    name:t3://10.10.245.70:7131/AccountDelegatorEJB]</faultstring>
    <detail>
    <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
    lookup from jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed
    for name:t3://10.10.245.70:7131/AccountDelegatorEJB] at
    weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
    8) at
    weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
    .java:220) at
    weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
    ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
    ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64) </jwErrorDetail>
    </detail>
    </error>
    I have a simple Hello method as well in my WebService (which is also
    restricted) and it works fine, but remote EJB access doesn't. I tested my
    prototype on Weblogic 7.2 and 8.1 platforms - same result.
    Is that a bug or I am missing some additional configuration in order to get
    that working. Has anyone seen similar behavior? Is there a known resolution?
    Or a suggested way to work around the problem?
    Thank you.
    Andre

    Andre,
    It would be best if this issue is handled as an Eval Support case. Please
    BEA Customer Support at http://support.beasys.com along with the required
    files, and request that an Eval support case be created for this issue.
    Thanks
    Raj Alagumalai
    WebLogic Workshop Support
    "Andre Shergin" <[email protected]> wrote in message
    news:[email protected]...
    Anurag,
    I removed "t3", still get an error but a different one (Unable to create
    InitialContext:null):
    <error>
    <faultcode>JWSError</faultcode>
    <faultstring>Error during JNDI lookup from
    jndi://secuser1:[email protected]:7131/AccountDelegatorEJB[Unable to
    create InitialContext:null]</faultstring>
    <detail>
    <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
    lookup from
    jndi://secuser1:[email protected]:7131/AccountDelegatorEJB[Unable to
    create InitialContext:null] at
    weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
    8) at
    weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
    .java:220) at
    weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
    ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
    ibas.GetVisaHistoryTransactions.getVisaHistoryTxn(GetVisaHistoryTransactions
    .jws:67) </jwErrorDetail>
    </detail>
    </error>
    Note: inter-domain communication is configured properly. The Web Service to
    remote EJB works fine without a declarative security.
    Any other ideas?
    Thank you for your help.
    Andre
    "Anurag" <[email protected]> wrote in message
    news:[email protected]...
    Andre,
    It seems you are using the URL
    jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB
    whereas you should not be specifying the "t3:" protocol.
    The URL should be like
    jndi://secuser1:[email protected]:7131/AccountDelegatorEJB
    Please do let me know if you see any issues with this.
    Note that this will only allow you to access remote EJBs in the same WLS
    domain. For accessing EJBs on another domain, you need to configure
    inter-domain communication by
    following a few simple steps as mentioned at
    http://e-docs.bea.com/wls/docs81/ConsoleHelp/jta.html#1106135. This link has
    been provided in the EJB Control Workshop documentation.
    Regards,
    Anurag
    "Andre Shergin" <[email protected]> wrote in message
    news:[email protected]...
    Raj,
    I tried that before, it didn't help. I got similar error message:
    <error>
    <faultcode>JWSError</faultcode>
    <faultstring>Error during JNDI lookup from
    jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB[Lookup
    failed for
    name:t3://secuser1:[email protected]:7131/AccountDelegatorEJB]</faultstr
    ing>
    <detail>
    <jwErrorDetail> weblogic.jws.control.ControlException: Error during JNDI
    lookup from
    jndi:t3://secuser1:[email protected]:7131/AccountDelegatorEJB[Lookup
    failed for
    name:t3://secuser1:[email protected]:7131/AccountDelegatorEJB] at
    weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
    8) at
    weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
    .java:220) at
    weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260) at
    ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
    ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64) </jwErrorDetail>
    </detail>
    </error>
    Anything else should I try?
    P.S. AccountDelegatorEJB, the remote EJB my Web Service calls is NOTaccess
    restricted.
    I hope there is a solution.
    Thanks,
    Andre
    "Raj Alagumalai" <[email protected]> wrote in message
    news:[email protected]...
    Andre,
    Can you try using the following url with username and password
    jndi://username:password@host:7001/my.resource.jndi.object ?
    once you add webapp level security, the authenticated is the user who
    invokes the EJB.
    http://e-docs.bea.com/workshop/docs81/doc/en/workshop/guide/controls/ejb/con
    CreatingANewEJBControl.html?skipReload=true
    has more info on using remote EJB's.
    Hope this helps.
    Thanks
    Raj Alagumalai
    WebLogic Workshop Support
    "Alla Resnik" <[email protected]> wrote in message
    news:[email protected]...
    Hello everyone,
    I developed a Web Service prototype accessing remote EJB using the EJB
    control with special syntax in the jndi-name attribute: @jws:ejb
    home-jndi-name="t3://10.10.245.70:7131/AccountDelegatorEJB"
    Everything works fine, but I get an error when I restrict access to my
    web
    service with a declarative security model by implementing steps
    provided
    in
    help doc:
    - Define the web resource you wish to protect
    - Define which security role is required to access the web resource
    - Define which users are granted the required security role
    - Configure WebLogic Server security for my web service(Compatibility
    Security/Users)
    I launch the service by entering the address in a web browser. Whenprompted
    to accept the digital certificate, click Yes, when prompted for
    network
    authentication information, enter username and password, navigate tothe
    Test Form tab of Test View, invoke the method by clicking the buttonand
    I
    get the following exception:
    <error>
    <faultcode>JWSError</faultcode>
    <faultstring>Error during JNDI lookup from
    jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookup failed for
    name:t3://10.10.245.70:7131/AccountDelegatorEJB]</faultstring>
    <detail>
    <jwErrorDetail> weblogic.jws.control.ControlException: Error during
    JNDI
    lookup from jndi:t3://10.10.245.70:7131/AccountDelegatorEJB[Lookupfailed
    for name:t3://10.10.245.70:7131/AccountDelegatorEJB] at
    weblogic.knex.control.EJBControlImpl.acquireResources(EJBControlImpl.java:27
    8) at
    weblogic.knex.context.JwsInternalContext.acquireResources(JwsInternalContext
    .java:220) at
    weblogic.knex.control.ControlHandler.invoke(ControlHandler.java:260)at
    ibas.AccountControl.getTransactionHistory(AccountControl.ctrl) at
    ibas.GetSecure.retrieveVisaHistoryTxn(GetSecure.jws:64)</jwErrorDetail>
    </detail>
    </error>
    I have a simple Hello method as well in my WebService (which is also
    restricted) and it works fine, but remote EJB access doesn't. I testedmy
    prototype on Weblogic 7.2 and 8.1 platforms - same result.
    Is that a bug or I am missing some additional configuration in order
    to
    get
    that working. Has anyone seen similar behavior? Is there a knownresolution?
    Or a suggested way to work around the problem?
    Thank you.
    Andre

  • Error while confgiuring Siebel Bi Publisher Security Model..

    Hi,
    Steps Done
    1)     Imported the BIPSiebelSecurityWS.XML
    2)     Replaced Existing address with the specific address of the Siebel Server
    3)     Enabled Local Super user checkbox, entered a Super user name and password
    4)     Configured the Siebel Security Model by pointing the Siebel Web Service end point with Siebel Username/Pwd
    5)     Restarted the Bipublisher
    6)     When I try to login to Bi Publisher with Siebel Credentials I am getting the error
    The server cannot be used due to configuration error, please contact admin..
    Please let us know the necessary steps ..

    Login using the credentilas used for super user. Siebel user do not work here, it will only fetch the responsibilities here as a roles for that super user.
    Thanks,
    Ravi kanth

  • BIP: Upload error (Invalid BI Publisher Security model SBL-RPT-50532)

    Hi, We have Siebel 8.1.1.5 running and having trouble integrating with BI Publisher 10.1.3.4.2 . I have setup and configure BIP as per the instructions.
    When we try to upload reports from Reports - Standard Templates View, getting the following error messages:
    Invalid BI Publisher Security Model Setting (SBL-RPT-50532) && Error (null) invoking method (null) for business service (null).
    I have setup the security model to siebel in BIP and able to login tot he console using SADMIN/SADMIN. All the required components are also online and updated the params as per the instructions.
    Any help would be greatly appreciated. Thanks in advance!

    Hi Hakan,
    Please check whether your EAI Object manager is using different srf to one that application set to. In that case try to
    set the EAI to same srf Or compile report stuff to that particular srf. And befiore that have you declared the Siebel securiy model setting in BIP.
    Please reach me at [email protected] for any issues.
    Thanks,
    Ravi

  • Creating custom BOL object model for adding Search Parameter

    Hi friends
    Can any one guide me the steps through which i can add the new field in the search criteria by using the creation of custom BOL object model in Interaction Center Web Client.
    That will be a grate help for me.
    Regards
    Pulkit
    Message was edited by:
            Pulkit Agrawal

    Hi!
    For maintaining CRMC_OBJECTS table you should use view CRMV_OBJECTS. (in transaction SM30).
    Regards,
    Alejandro.

  • Invoke a business service base in a WSDL with customer WS-Security Policy

    Customer write a Web service (Refer to the attachment file “HTTPS_PartyServicePortType.WSDL”)which declare a WS-Security Policy and apply this it to WS binding ,How can I generate a business service base in this WSDL and invoke it successfully?
    When create a business service in OSB, we get a error with below messages
    [[OSB Kernel:398133]The service is based on WSDL with Web Services Security Policies that are not natively supported by Oracle Service Bus. Please select OWSM Policies - From OWSM Policy Store option and attach equivalent OWSM security policy. For the Business Service, either you can add the necessary client policies manually by clicking Add button or you can let Oracle Service Bus automatically pick and add compatible client policies by clicking Add Compatible button.
    After enhanced the OSB domain with OWSM extension, we found the OOTB OWSM defined cannot support the HttpsToken and OSB cannot support below WS-Policy defined in OWSM, refer to http://docs.oracle.com/cd/E21764_01/doc.1111/e15866/owsm.htm#OSBDV1681
    51.2.8.1 Unsupported Assertion
    •     binding-permission-authorization
    •     http-security
    •     OptimizedMimeSerialization (MTOM)
    •     RMAssertion (Reliable Messaging)
    •     sca-component-authorization
    •     sca-component-permission-authorization
    •     UsingAddressing
    •     wss-saml-token-bearer-over-ssl (Authentication)
    it means that we cannot generate a web service with customer WS-security Policy
    The WS-Security Policy is shown as below:
    <wsp:Policy wsu:Id="WSHttpBinding_IPartyServicePortType_policy">
    <wsp:ExactlyOne>
    <wsp:All>
    <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
    <wsp:Policy>
    <sp:TransportToken>
    <wsp:Policy>
    <sp:HttpsToken RequireClientCertificate="false"/>
    </wsp:Policy>
    </sp:TransportToken>
    <sp:AlgorithmSuite>
    <wsp:Policy><sp:Basic256/></wsp:Policy>
    </sp:AlgorithmSuite>
    <sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout>
    </wsp:Policy>
    </sp:TransportBinding>
    <wsaw:UsingAddressing/>
    </wsp:All>
    </wsp:ExactlyOne>
    </wsp:Policy>
    BestRegards!
    Simon

    Hi
    According to
    http://e-docs.bea.com/wls/docs90/webserv/annotations.html#1050414
    If you are going to publish the policy file in the Web Service archive, the policy XML file must be located in either the META-INF/policies or WEB-INF/policies directory of the EJB JAR file (for EJB implemented Web Services) or WAR file (for Java class implemented Web Services), respectively.
    Can you make sure the policy file is in there?
    Also there is a sample from the developer at http://dev2dev.bea.com/blog/jlee/archive/2005/09/how_to_use_anno.html
    Vimala-

  • Java Security Model: Java Protection Domains

    1.     Policy Configuration
    Until now, security policy was hard-coded in the security manager used by Java applications. This gives us the effective but rigid Java sandbox for applets.A major enhancement to the Java sandbox is the separation of policy from mechanism. Policy is now expressed in a separate, persistent format. The policy is represented in simple ascii, and can be modified and displayed by any tools that support the policy syntax specification. This allows:
    o     Configurable policies -- no longer is the security policy hard-coded into the application.
    o     Flexible policies -- Since the policy is configurable, system administrators can enforce global polices for the enterprise. If permitted by the enterprise's global policy, end-users can refine the policy for their desktop.
    o     Fine-grain policies -- The policy configuration file uses a simple, extensible syntax that allows you to specify access on specific files or to particular network hosts. Access to resources can be granted only to code signed by trusted principals.
    o     Application policies -- The sandbox is generalized so that applications of any stripe can use the policy mechanism. Previously, to establish a security policy for an application, an developer needed to implement a subclass of the SecurityManager, and hard-code the application's policies in that subclass. Now, the application can make use of the policy file and the extensible Permission object to build an application whose policy is separate from the implementation of the application.
    o     Extensible policies -- Application developers can choose to define new resource types that require fine-grain access control. They need only define a new Permission object and a method that the system invokes to make access decisions. The policy configuration file and policy tools automatically support application-defined permissions. For example, an application could define a CheckBook object and a CheckBookPermission.
    2.     X.509v3 Certificate APIs
    Public-key cryptography is an effective tool for associating an identity with a piece of code. JavaSoft is introducing API support in the core APIs for X.509v3 certificates. This allows system administrators to use certificates from enterprise Certificate Authorities (CAs), as well as trusted third-party CAs, to cryptographically establish identities.
    3.     Protection Domains
    The central architectural feature of the Java security model is its concept of a Protection Domain. The Java sandbox is an example of a Protection Domain that places tight controls around the execution of downloaded code. This concept is generalized so that each Java class executes within one and only one Protection Domain, with associated permissions.
    When code is loaded, its Protection Domain comes into existence. The Protection Domain has two attributes - a signer and a location. The signer could be null if the code is not signed by anyone. The location is the URL where the Java classes reside. The system consults the global policy on behalf of the new Protection Domain. It derives the set of permissions for the Protection Domain based on its signer/location attributes. Those permissions are put into the Protection Domain's bag of permissions.
    4.     Access Decisions
    Access decisions are straightforward. When code tries to access a protected resource, it creates an access request. If the request matches a permission contained in the bag of permissions, then access is granted. Otherwise, access is denied. This simple way of making access decisions extends easily to application-defined resources and access control. For example, the banking application allows access to the CheckBook only when the executing code holds the appropriate CheckBookPermission.
    Sandbox model for Security
    Java is supported in applications and applets, small programs that spurred Java's early growth and are executable in a browser environment. The applet code is downloaded at runtime and executes in the context of a JVM hosted by the browser. An applet's code can be downloaded from anywhere in the network, so Java's early designers thought such code should not be given unlimited access to the target system. That led to the sandbox model -- the security model introduced with JDK 1.0.
    The sandbox model deems all code downloaded from the network untrustworthy, and confines the code to a limited area of the browser -- the sandbox. For instance, code downloaded from the network could not update the local file system. It's probably more accurate to call this a "fenced-in" model, since a sandbox does not connote strict confinement.
    While this may seem a very secure approach, there are inherent problems. First, it dictates a rigid policy that is closely tied to the implementation. Second, it's seldom a good idea to put all one's eggs in one basket -- that is, it's unwise to rely entirely on one approach to provide overall system security.
    Security needs to be layered for depth of defense and flexible enough to accommodate different policies -- the sandbox model is neither.
    java.security.ProtectionDomain
    This class represents a unit of protection within the Java application environment, and is typically associated with a concept of "principal," where a principal is an entity in the computer system to which permissions (and as a result, accountability) are granted.
    A domain conceptually encloses a set of classes whose instances are granted the same set of permissions. Currently, a domain is uniquely identified by a CodeSource, which encapsulates two characteristics of the code running inside the domain: the codebase (java.net.URL), and a set of certificates (of type java.security.cert.Certificate) for public keys that correspond to the private keys that signed all code in this domain. Thus, classes signed by the same keys and from the same URL are placed in the same domain.
    A domain also encompasses the permissions granted to code in the domain, as determined by the security policy currently in effect.
    Classes that have the same permissions but are from different code sources belong to different domains.
    A class belongs to one and only one ProtectionDomain.
    Note that currently in Java 2 SDK, v 1.2, protection domains are created "on demand" as a result of class loading. The getProtectionDomain method in java.lang.Class can be used to look up the protection domain that is associated with a given class. Note that one must have the appropriate permission (the RuntimePermission "getProtectionDomain") to successfully invoke this method.
    Today all code shipped as part of the Java 2 SDK is considered system code and run inside the unique system domain. Each applet or application runs in its appropriate domain, determined by its code source.
    It is possible to ensure that objects in any non-system domain cannot automatically discover objects in another non-system domain. This partition can be achieved by careful class resolution and loading, for example, using different classloaders for different domains. However, SecureClassLoader (or its subclasses) can, at its choice, load classes from different domains, thus allowing these classes to co-exist within the same name space (as partitioned by a classloader).
    jarsigner and keytool
    example : cd D:\EicherProject\EicherWEB\Web Content jarsigner -keystore eicher.store source.jar eichercert
    The javakey tool from JDK 1.1 has been replaced by two tools in Java 2.
    One tool manages keys and certificates in a database. The other is responsible for signing and verifying JAR files. Both tools require access to a keystore that contains certificate and key information to operate. The keystore replaces the identitydb.obj from JDK 1.1. New to Java 2 is the notion of policy, which controls what resources applets are granted access to outside of the sandbox (see Chapter 3).
    The javakey replacement tools are both command-line driven, and neither requires the use of the awkward directive files required in JDK 1.1.x. Management of keystores, and the generation of keys and certificates, is carried out by keytool. jarsigner uses certificates to sign JAR files and to verify the signatures found on signed JAR files.
    Here we list simple steps of doing the signing. We assume that JDK 1.3 is installed and the tools jarsigner and keytool that are part of JDK are in the execution PATH. Following are Unix commands, however with proper changes, these could be used in Windows as well.
    1. First generate a key pair for our Certificate:
    keytool -genkey -keyalg rsa -alias AppletCert
    2. Generate a certification-signing request.
    keytool -certreq -alias AppletCert > CertReq.pem
    3. Send this CertReq.pem to VeriSign/Thawte webform. Let the signed reply from them be SignedCert.pem.
    4. Import the chain into keystore:
    keytool -import -alias AppletCert -file SignedCert.pem
    5. Sign the CyberVote archive �TeleVote.jar�:
    jarsigner TeleVote.jar AppletCert
    This signed applet TeleVote.jar can now be made available to the web server. For testing purpose we can have our own test root CA. Following are the steps to generate a root CA by using openssl.
    1. Generate a key pair for root CA:
    openssl genrsa -des3 -out CyberVoteCA.key 1024
    2. Generate an x509 certificate using the above keypair:
    openssl req -new -x509 -days key CyberVoteCA.key -out CyberVoteCA.crt
    3. Import the Certificate to keystore.
    keytool -import -alias CyberVoteRoot -file CyberVoteCA.crt
    Now, in the step 3 of jar signing above, instead of sending the request certificate to VeriSign/Thawte webform for signing, we 365 - can sign using our newly created root CA using this command:
    openssl x509 -req -CA CyberVoteCA.crt -CAkey CyberVoteCA.key -days 365 -in CertReq.pem -out SignedCert.pem �Cacreateserial
    However, our test root CA has to be imported to the keystore of voter�s web browser in some way. [This was not investigated. We used some manual importing procedure which is not recommended way]
    The Important Classes
    The MessageDigest class, which is used in current CyberVote mockup system (see section 2), is an engine class designed to provide the functionality of cryptographically secure message digests such as SHA-1 or MD5. A cryptographically secure message digest takes arbitrary-sized input (a byte array), and generates a fixed-size output, called a digest or hash. A digest has the following properties:
    � It should be computationally infeasible to find two messages that hashed to the same value.
    � The digest does not reveal anything about the input that was used to generate it.
    Message digests are used to produce unique and reliable identifiers of data. They are sometimes called the "digital fingerprints" of data.
    The (Digital)Signature class is an engine class designed to provide the functionality of a cryptographic digital signature algorithm such as DSA or RSA with MD5. A cryptographically secure signature algorithm takes arbitrary-sized input and a private key and generates a relatively short (often fixed-size) string of bytes, called the signature, with the following properties:
    � Given the public key corresponding to the private key used to generate the signature, it should be possible to verify the authenticity and integrity of the input.
    � The signature and the public key do not reveal anything about the private key.
    A Signature object can be used to sign data. It can also be used to verify whether or not an alleged signature is in fact the authentic signature of the data associated with it.
    ----Cheers
    ---- Dinesh Vishwakarma

    Hi,
    these concepts are used and implemented in jGuard(www.jguard.net) which enable easy JAAS integration into j2ee webapps across application servers.
    cheers,
    Charles(jGuard team).

  • CRM 7.0 security model & accessebility of data at table level

    Hi CRM Experts,
    Firstly i am new to this topic 'CRM 7.0 security model' and i want following information from you, my simple requirement of my  on going project.
    1. what are different types of roles in CRM 7.0 system and how to define those roles & which table all the role information is stored in CRM 7.0 ABAP & Java stack installled system.
    2. How are the ABAP & JAVA roles are different from each other in CRM 7.0 system.
    3. How to define portal roles in CRM 7.0 & which table or storage location these portal roles data are stored & is there any way we can extract them from CRM system, if any webservice or any mean this can be achieved?
    Basically i am interested in users/roles/authorization data in CRM 7.0 for both ABAP & JAVA stack system. please help me achieving this requirement.
    Thanks,
    Digamber.

    Digamber,
    For an overview of the changes in CRM 7.0, visit the following link:
    http://www.sap.com/germany/solutions/business-suite/crm/SAP_CRM7_Highlights.pdf
    In respect to Security model, CRM 7.0 is a bit different, where a lot of functionality is executed via BSPs that are run on a browser. However, the authorizations should be still need to assign in the the backend.
    For CRM specific security guides, I recommend you visit the SAP link - http://service.sap.com/security
    In the left pane hierarchy, go to 'Security Guides'. Scroll down to find the CRM section and download the required guides.
    Also, further there are new concepts like WEBCLIENT UI (an extra authorization layer, which is UI COMPONENT LEVEL and logical links. (Controlled by object UIU_COMP)). Standard authorization setup in the new WEBUI client is now controlled by both backend authorizations and the UIU_COMP. That means even if the user has SAP_ALL access, he will not able to perform any actions.
    Hope this provides some light!!
    Rgds,
    Raghu

  • Custom Reports Data Model - can't report on custom dictionaries

    Custom Reports Data Model - can't report on custom dictionaries
    In QA and Prod I see custom dictionaries in the Custom Reports Data Model, in Test there are none.
    Dictionaries and Sevices marked Reportable are not showing up under Dictionaries and Services Dimensions.
    I rerun the ETL and the scheduled tasks, but no luck. any suggestions?

    Do you see any error when you run the ETL, i.e. the Java ETL embedded with the app server? 

  • How to import custom classes from model to view controller in adf?

    hi...
    i have some custom classes in model layer in adf.
    i want to use them in view controller but i cannot import them.
    how is this possible?
    my jdev version is 11.1.1.5

    You normally don't have to do anything special. The view controller project has a dependency to the model project. So simply typing the class name should show you hte option to generate the need import statement for the class.
    However, not all classes which reside in the model project should be imported into the view Controller as it might break the MVC pattern.
    Timo

  • Advice on Security Model Architecture..

    Hi all,
    Just looking for the advice of the experts :)
    I am working on the security model architecture for multi-tiered java application. The application architecture breaks down roughly as follows:
    Presentation Layer (JSP/Java)
    Business Layer (Java)
    Persistence Layer (JDBC/Oracle DB)
    Now, in the DB we will preserve information about various users, as well as the user's application permissions. My question pertains to authentication/authorization. Where is it most appropriate or efficient to verify a user's access to a functionality? Assume that the user and permission information is retrieved upon login and is made available to all levels.
    The options, as I see them, include the following:
    Presention layer - UI exposes only functionality applicable to the user.
    Business layer - Encode the logic in this facade for the backend.
    Persistence layer - Encode the logic in the data access objects.
    Any thoughts?

    Well, the layered approach is one way in which java applications are constructed.. the user interface is the top layer, which is composed of jsp files and other java files, and the objects that talk to the database are the bottom layer. Maybe an example would help..
    You're looking at a page on the Java Discussion Forums. It's a jsp page. You click on the 'Watches' link (upper right). The link points to a servlet, which calls a method in an object that is in what I call the "business" or middle layer/tier. An object in this layer has methods that correspond to any request that needs to be made of the db.
    This method in turn calls method/methods in the backend, or data layer, which queries the database and returns the watches for this particular user...
    So, if you have a request/response transaction (click on a link or button, processing, and new page is loaded), it would make a round trip through the layers:
    Presentation -> Business -> Data -> DB -> Data -> Business -> Presentation

Maybe you are looking for

  • Can anybody help me pls?

    im having a problem with my jsp and its giving me a null pointer exception <%                          if(request.getParameter("username")!=null){                               String username=request.getParameter("username");                        

  • PRINTER SELECTION FOR AN iBOOK G4??

    Hello-I have recently upgraded to an iBook G4 from an 8 year old iMac rev A. Now I need to get a new printer to use, as my old one, an Epson Stylus 740,won't work with the G4. Does anyone have any advice as to what brand I should get? I just need a p

  • With new Brightbox2 router and fibre broadband, PC not shutting down on request

    Yesterday connected to fibre broadband with new Brightbox2 router. Since then have been unable to Shut Down PC, although can select Sleep OK. Also cannot access System Manager via Ctrl-Alt-Del.

  • Sphere shape

    I'm presently new to Java 3D, so I hope someone can help me out. I've created a sphere object and I've noticed that there is a distinct line along the z-axis of the sphere. The shading on the opposide sides of the line is also very different. After u

  • Problem with syncing 2 iphones to the same account

    I have 2 iphones -a 3gs and a 4g, each started out with thesame contact info. Eventually each phone had a slightly different set ofcontact info.  I named each phonewith a different name on iTunes.  Itried to sync them to the same itunes account think