Unable to provide custom security impelmentation (BPELProcessValidator)

Hey Gurus,
I got a question regarding custom implementation of BPELProcessValidator class.
My project requires me to secure each Business Process hosted in Ora BPEL PM.
I have implemented my custom class MyValidator that extends BPELProcessValidator.
I would like to use this class as my security implementation. As per the documentation
I invoke the oc4j instance that hosts Oracle BPEL with a directive -Doracle.bpel.customvalidator=D:\OraBPELPM\security.properties
security.properties file contains the name of the Java class that provides the security implementation.
This does not work though. BPEL PM doesnt even try to load this class. Do let me know if I am missing
something.
Please refer to the presentation at http://www.oracle.com/technology/products/ias/bpel/pdf/bpelsecextenstionphase2.pdf
My BPEL build : 10.1.2.0.2 [build #2196 ] - type: release
I would appreciate any pointers/code/doc that would help me implement custom security provider for BPEL.
Abhijeet

Hi Clemens,
Thanks for quick reply. I got something going today. However I still have some issues. Now the BPEL engine is not able to find the class that I have implemented.
at java.lang.Thread.run(Thread.java:534)
<2006-02-28 12:31:53,296> <ERROR> <default.collaxa.cube.engine> <MessageHandle
anager::createHandler>
java.lang.ClassNotFoundException: BusinessProcess.MyValidator
at com.evermind.naming.ContextClassLoader.findClass(ContextClassLoader
ava:500)
I tried to set the class path to point to the directory that contains BusinessProcess.MyValidator class. Set up the system CLASSPATH / Put this class in OC4J Lib and alike but never got it in with the classloader.
Strange part is that through the same OC4J instace when i tried to invoke a method in this class through a JSP I got a response. This means the OC4J did have access to my class.
Will you please let me know where I should put my classes so that collaxa implementation can find it.
Also, may I know when the security tab in the BPEL domain manager will be available to external world.
Regards
Abhijeet

Similar Messages

  • The token provider was unable to provide a security token

    I am configuring workflow for SharePoint 2013. For that I am creating a workflow farm and selected custom settings and selecting certificates from personal store. When I am select the option where it will auto generate the certificate configuration 
    successful.
    while selecting the certs from personal store, configuration failed to add host to workflow farm and throwing below error
    Configuring Workflow Manager runtime settings.
    The token provider was unable to provide a security token while accessing 'https://hostname:9355/WorkflowDefaultNamespace/$STS/Windows/'. Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship for the
    SSL/TLS secure channel.'.
    Thanks,
    Neetu
    neetu

    Hi,
    When I am trying to receive the same messages from a Azure service bus subscription using .net (C#) client,
    BusSubscriberbusSubscriber =
    newBusSubscriber("TestTopic2",
    "Endpoint=sb://overcasb.servicebus.windows.net/;SharedSecretIssuer=owner;SharedSecretValue=wqYlT4yHZimeUZacH+1V1hj/ZrKu7zK9ELaaLYDxqjc=",
    "AssetMovement",
    "AssetMovement");
    I am getting the same error here also.
    "The token provider was unable to provide a security token while accessing 'https://overcasb-sb.accesscontrol.windows.net/WRAPv0.9/'.
    Error Code: 407 Proxy Authentication Required. The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. (12209)
    By setting  <defaultProxy useDefaultCredentials="true" /> in appconfig, I got rid of the above error. And now its working fine with .net(C#) client.
    <configuration>
      <system.net>
        <defaultProxy useDefaultCredentials="true" />
      </system.net>
    </configuration>
    The same setting I tried in BTSNTSvc.exe config file and ofcourse restarted the host instance but still getting the same error. Any help?
    gautam

  • Unable to save changes in console for a custom security provider

    I built a custom security provider and dropped it in the mbeantypes folder. This gets picked up by weblogic. I then try to modify the control flags and make it SUFFICIENT. I reboot the server but when i log back in the control flag is reset to OPTIONAL. It not saving the data to the xml file. We are running it on a UNIX box.

    Hi,
    I solved the problem by myself.
    The log area was at 100%, that's why the configtool wasn't able to save my changes.
    Now I changed the backup properties for the log files to AutoLog (in the Backup Wizard) and it works fine.
    Best regards,
    Christian

  • OEPE can't launch server that uses custom Security provider

    I recently migrated a Weblogic 8.1 server that we had a custom security provider for, to 10.3.2. It works fine when started with the startWeblogic.cmd file but when I try to start it using OEPE in eclipse it starts fine and runs fine but OEPE reports that
    "Unable to validate WebLogic domain.Please make sure the running WebLogic instance is an Administration Server"
    When I look at the Error Log it appears that it thinks one of my custom security classes is not found. But the server is running fine, so it is fine, it's on the classpath via the use of the EXT_PREPEND_CLASSPATH environment variable.
    I am running Weblogic 10.3.2 on Windows XP using eclipse Ganymede 3.5.2 and OEPE version 1.5.0.201003170852
    Here's the Error Log:
    eclipse.buildId=
    java.version=1.6.0_03
    java.vendor=Sun Microsystems Inc.
    BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
    Framework arguments: -product org.eclipse.epp.package.jee.product
    Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
    This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
    Created Time: 2010-05-12 14:04:01.549
    Error
    Thu May 13 14:25:11 EDT 2010
    Server Weblogic 10.3 failed to start.
    eclipse.buildId=
    java.version=1.6.0_03
    java.vendor=Sun Microsystems Inc.
    BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
    Framework arguments: -product org.eclipse.epp.package.jee.product
    Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
    This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
    Created Time: 2010-05-12 14:04:01.549
    Error
    Thu May 13 14:25:10 EDT 2010
    Another server (or another process) is running on the same TCP/IP port '7001'.
    eclipse.buildId=
    java.version=1.6.0_03
    java.vendor=Sun Microsystems Inc.
    BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
    Framework arguments: -product org.eclipse.epp.package.jee.product
    Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
    This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
    Created Time: 2010-05-12 14:04:01.549
    Warning
    Thu May 13 14:25:10 EDT 2010
    Unable to validate WebLogic domain.
    Please make sure the running WebLogic instance is an Administration Server
    eclipse.buildId=
    java.version=1.6.0_03
    java.vendor=Sun Microsystems Inc.
    BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
    Framework arguments: -product org.eclipse.epp.package.jee.product
    Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
    This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
    Created Time: 2010-05-12 14:04:01.549
    Error
    Thu May 13 14:25:10 EDT 2010
    java.io.IOException
         at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:187)
         at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:81)
         at javax.management.remote.JMXConnectorFactory.newJMXConnector(Unknown Source)
         at javax.management.remote.JMXConnectorFactory.connect(Unknown Source)
         at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.createConnector(WlsJMXHelper.java:269)
         at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.connectToJMX(WlsJMXHelper.java:76)
         at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.getDomainAttribute(WlsJMXHelper.java:139)
         at oracle.eclipse.tools.weblogic.server.internal.WlsJ2EEDeploymentHelper.validateRemote(WlsJ2EEDeploymentHelper.java:1687)
         at oracle.eclipse.tools.weblogic.server.internal.WeblogicServerBehaviour.validateRemote(WeblogicServerBehaviour.java:2646)
         at oracle.eclipse.tools.weblogic.server.internal.ServerWatcher.runOnce(ServerWatcher.java:574)
         at oracle.eclipse.tools.weblogic.server.internal.ServerWatcher.run(ServerWatcher.java:482)
         at java.lang.Thread.run(Unknown Source)
    Caused by: javax.naming.CommunicationException [Root exception is weblogic.rjvm.PeerGoneException: ; nested exception is:
         weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream]
         at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:74)
         at weblogic.jndi.internal.WLContextImpl.translateException(WLContextImpl.java:452)
         at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:408)
         at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:393)
         at javax.naming.InitialContext.lookup(Unknown Source)
         at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:170)
         ... 11 more
    Caused by: weblogic.rjvm.PeerGoneException: ; nested exception is:
         weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream
         at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
         at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
         at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
         at weblogic.jndi.internal.ServerNamingNode_1032_WLStub.lookup(Unknown Source)
         at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:405)
         ... 14 more
    Caused by: weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream
         at weblogic.rjvm.RJVMImpl.gotExceptionReceiving(RJVMImpl.java:957)
         at weblogic.rjvm.ConnectionManager.gotExceptionReceiving(ConnectionManager.java:1030)
         at weblogic.rjvm.MsgAbbrevJVMConnection.gotExceptionReceiving(MsgAbbrevJVMConnection.java:459)
         at weblogic.rjvm.t3.MuxableSocketT3.hasException(MuxableSocketT3.java:327)
         at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:784)
         at weblogic.socket.SocketMuxer.deliverHasException(SocketMuxer.java:724)
         at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:359)
         at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
         at weblogic.work.ExecuteRequestAdapter.execute(ExecuteRequestAdapter.java:21)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
    Caused by: java.lang.AssertionError: Exception creating response stream
         at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:238)
         at weblogic.rjvm.MsgAbbrevInputStream.init(MsgAbbrevInputStream.java:173)
         at weblogic.rjvm.MsgAbbrevJVMConnection.dispatch(MsgAbbrevJVMConnection.java:439)
         at weblogic.rjvm.t3.MuxableSocketT3.dispatch(MuxableSocketT3.java:322)
         at weblogic.socket.BaseAbstractMuxableSocket.dispatch(BaseAbstractMuxableSocket.java:298)
         at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:915)
         at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:844)
         at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:335)
         ... 4 more
    Caused by: java.lang.ClassNotFoundException: com.companyname.security.principal.CompanyNameWebLogicPrincipal
         at java.net.URLClassLoader$1.run(Unknown Source)
         at java.security.AccessController.doPrivileged(Native Method)
         at java.net.URLClassLoader.findClass(Unknown Source)
         at java.lang.ClassLoader.loadClass(Unknown Source)
         at java.lang.ClassLoader.loadClass(Unknown Source)
         at java.lang.ClassLoader.loadClassInternal(Unknown Source)
         at java.lang.Class.forName0(Native Method)
         at java.lang.Class.forName(Unknown Source)
         at java.io.ObjectInputStream.resolveClass(Unknown Source)
         at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
         at java.io.ObjectInputStream.readClassDesc(Unknown Source)
         at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
         at java.io.ObjectInputStream.readObject0(Unknown Source)
         at java.io.ObjectInputStream.readObject(Unknown Source)
         at java.util.LinkedList.readObject(Unknown Source)
         at sun.reflect.GeneratedMethodAccessor46.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
         at java.io.ObjectInputStream.readSerialData(Unknown Source)
         at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
         at java.io.ObjectInputStream.readObject0(Unknown Source)
         at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
         at java.io.ObjectInputStream.readSerialData(Unknown Source)
         at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
         at java.io.ObjectInputStream.readObject0(Unknown Source)
         at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
         at java.io.ObjectInputStream.defaultReadObject(Unknown Source)
         at weblogic.security.acl.internal.AuthenticatedSubject.readObject(AuthenticatedSubject.java:406)
         at sun.reflect.GeneratedMethodAccessor57.invoke(Unknown Source)
         at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
         at java.lang.reflect.Method.invoke(Unknown Source)
         at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
         at java.io.ObjectInputStream.readSerialData(Unknown Source)
         at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
         at java.io.ObjectInputStream.readObject0(Unknown Source)
         at java.io.ObjectInputStream.readObject(Unknown Source)
         at weblogic.rjvm.InboundMsgAbbrev.readObject(InboundMsgAbbrev.java:65)
         at weblogic.rjvm.InboundMsgAbbrev.read(InboundMsgAbbrev.java:37)
         at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:227)
         ... 11 more

    I am also facing the same issue.
    i am running my web service program on tomcat. the server is weblogic 9.1. I am trying to invoke the EJBs running on the server from the tomcat.
    i am getting similar exception. anyone got a solution for this ?
    Caused by: weblogic.rjvm.PeerGoneException: ; nested exception is:weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
    thanks
    Kiranlal.

  • Custom security provider exception

    Good day, colleagues. I want to raise an old topic.
    I use custom security provider exceptions:
    -AccountExpiredException
    -AccountLockedException
    However, the login() method only captures FailedLoginException
    try
      CallbackHandler pwcall = new weblogic.security.URLCallbackHandler(user, pass.getBytes("UTF-8"));
      subject = weblogic.security.services.Authentication.login(pwcall);
      weblogic.servlet.security.ServletAuthentication.runAs(subject, request);
    catch (javax.security.auth.login.LoginException e) {
      e.printStackTrace();
    javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User ...
      at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:240)
      at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
      at java.security.AccessController.doPrivileged(Native Method)
    I found similar questions IdentityAssertion custom exception, FailedLoginException asked many years ago for WLS 9.2
    Their solution (wlp.propogate.login.exception.cause=true) does not work for WLS 10.3.
    How to propagate original LoginException?
    Or exception message only.

    I did it! look closely to source code:
    javax.security.auth.login.LoginContext:875
    if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
      // if REQUISITE, then immediately throw an exception
      if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) {
           if (firstRequiredError == null)
                firstRequiredError = le;
      } else {
           throwException(firstRequiredError, le);
    } else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
      // mark down that a REQUIRED module failed
      if (firstRequiredError == null)
           firstRequiredError = le;
    } else {
      // mark down that an OPTIONAL module failed
      if (firstError == null)
           firstError = le;
    javax.security.auth.login.LoginContext:922
    // we went thru all the LoginModules.
    if (firstRequiredError != null) {
      // a REQUIRED module failed -- return the error
      throwException(firstRequiredError, null);
    } else if (success == false && firstError != null) {
      // no module succeeded -- return the first error
      throwException(firstError, null);
    } else...
    I set Control flag: OPTION to DefaultAuth (was REQUIRED)
    and order it after my LoginModule. (restart required!)
    Now I catch my exceptions %)

  • How to get domain name in java code/custom security provider

    Hi all,
    I've developed a custom security provider and deployed it in WL_HOME/server/lib/mbeantypes folder. I also have multiple domain created and running in the same machine. now if a user logs in from a specific domain, say, t3://localhost:7005, how do I retrieve the domain name in my custom security provider?
    I found the following code could do it, but this code needs to know the port number in advance
    Hashtable env = new Hashtable();
    env.put(Context.PROVIDER_URL,"t3://localhost:7101");
    env.put(Context.INITIAL_CONTEXT_FACTORY,
    "weblogic.jndi.WLInitialContextFactory");
    env.put(Context.SECURITY_PRINCIPAL,"weblogic");
    env.put(Context.SECURITY_CREDENTIALS,"weblogic1");
    Context ctx = new InitialContext(env);
    MBeanHome home = (MBeanHome)ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
    String domainName = home.getDomainName();
    System.out.println(domainName);
    Any help is greatly appreciated...
    Thanks,
    Philip
    Edited by: VivaCuba on Nov 14, 2010 9:43 AM

    Check out methods in the following classes: LegacyDirectoryLocator and DirectoryLocator.
    Jonathan
    http://jonathanhult.com

  • Custom Security Provider impossible to remove the MBean Jar File

    Hi,
    I am currently developping a custom security provider for Weblogic. I
    have deploy my Mbean File Jar on a remote server weblogic running on
    solaris. NO authentication provider for this security provider has
    been defined in the console, it means there is no link with this
    security provider. Nevertheless, when I remove the MJF the server
    crashes when starting:
    <...>
    <May 21, 2003 3:37:08 PM CEST> <Critical> <WebLogicServer> <000364>
    <Server failed during initialization.
    Exception:weblogic.management.configuration.ConfigurationException: -
    with nested exception:
    [javax.management.MBeanException: Commo type:
    be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
    not loaded. Checks MJFs.]
    javax.management.MBeanException: Commo type:
    be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
    not loaded. Checks MJFs.
    at weblogic.management.commo.CommoModelMBean.load(CommoModelMBean.java:588)
    at weblogic.management.commo.Commo.initInstances(Commo.java:241)
    at weblogic.management.commo.Commo.init(Commo.java:125)
    at weblogic.management.AdminServerAdmin.initializeCommo(AdminServerAdmin.java:477)
    at weblogic.management.AdminServerAdmin.initialize(AdminServerAdmin.java:108)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:659)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
    at weblogic.Server.main(Server.java:32)
    <...>
    I have been looking through all the config file where the MJF
    (removed) could be linked but I did not find anything.
    I am really confused because with my local weblogic running on
    win2000, there is no problem to remove this MJF.
    Thx in advance,
    tiggy

    Tiggy,
    Remove the userConfig directory under your domain directory. That should
    fix the problem.
    Thanks,
    ~satya
    Tiggy wrote:
    Hi,
    I am currently developping a custom security provider for Weblogic. I
    have deploy my Mbean File Jar on a remote server weblogic running on
    solaris. NO authentication provider for this security provider has
    been defined in the console, it means there is no link with this
    security provider. Nevertheless, when I remove the MJF the server
    crashes when starting:
    <...>
    <May 21, 2003 3:37:08 PM CEST> <Critical> <WebLogicServer> <000364>
    <Server failed during initialization.
    Exception:weblogic.management.configuration.ConfigurationException: -
    with nested exception:
    [javax.management.MBeanException: Commo type:
    be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
    not loaded. Checks MJFs.]
    javax.management.MBeanException: Commo type:
    be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
    not loaded. Checks MJFs.
    at weblogic.management.commo.CommoModelMBean.load(CommoModelMBean.java:588)
    at weblogic.management.commo.Commo.initInstances(Commo.java:241)
    at weblogic.management.commo.Commo.init(Commo.java:125)
    at weblogic.management.AdminServerAdmin.initializeCommo(AdminServerAdmin.java:477)
    at weblogic.management.AdminServerAdmin.initialize(AdminServerAdmin.java:108)
    at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:659)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
    at weblogic.Server.main(Server.java:32)
    <...>
    I have been looking through all the config file where the MJF
    (removed) could be linked but I did not find anything.
    I am really confused because with my local weblogic running on
    win2000, there is no problem to remove this MJF.
    Thx in advance,
    tiggy

  • Unable to use a custom security realm with Netscape Directory Server in WebLogic 7

    I have all users and groups stored in a Netscape LDAP server (version 4.1.6 on
    Solaris 8), so I want to create a custom security realm in WebLogic 7 (also run
    on Solaris 8) which uses my LDAP server as the Authenticator. I tried this by
    using the Admin Console and followed exactly the steps in Chapter 3 of the "Managing
    WebLogic Security" doc. However, when I rebooted WebLogic and logged into the
    Admin Console again and clicked the Users node under my custom realm, I saw this
    message in the right-hand pane: "There are no Authentication providers available
    that support the creation of Users". Also, I don't see my custom realm in the
    dropdown list under mydomain -> Security tab -> General tab -> Default Realm.
    What did I do wrong? Also, where does WebLogic store the custom security realm
    info? It is definitely not in config.xml.
    Thanks,
    Eric Ma

    Thanks for the info.
    I wonder when they will fix it.
    Jakub
    U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
    news:[email protected]..
    >
    According to BEA Tech Support, a known bug prevents the WLS 7 AdminConsole from
    displying users and groups defined in Netscape Directory Server.
    Eric Ma
    "Jakub Wroniszewski" <[email protected]> wrote:
    I have the same problem.
    Any new ideas?
    Rgds,
    Jakub
    U¿ytkownik "Eric Ma" <[email protected]> napisa³ w wiadomo¶ci
    news:[email protected]..
    Now I doubt my custom security realm is actually using the NetscapeDirectory Server
    as the authenticator. Unlike in WebLogic 6.1 Admin Console, whereclicking on
    the Users node displays all users in the LDAP server, in WebLogic 7I keep
    getting
    the message "There are no Authentication providers available that
    support
    the
    creation of Users." Any suggestions?
    "Eric Ma" <[email protected]> wrote:
    Never mind. I tried again by following the steps outlined at
    http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.deve
    l
    oper.interest.security&item=8463&utag=
    and it seemed to have worked for me.
    "Eric Ma" <[email protected]> wrote:
    I have all users and groups stored in a Netscape LDAP server (version
    4.1.6 on
    Solaris 8), so I want to create a custom security realm in WebLogic7
    (also run
    on Solaris 8) which uses my LDAP server as the Authenticator. I
    tried
    this by
    using the Admin Console and followed exactly the steps in Chapter3
    of
    the "Managing
    WebLogic Security" doc. However, when I rebooted WebLogic and logged
    into the
    Admin Console again and clicked the Users node under my custom realm,
    I saw this
    message in the right-hand pane: "There are no Authentication
    providers
    available
    that support the creation of Users". Also, I don't see my customrealm
    in the
    dropdown list under mydomain -> Security tab -> General tab ->
    Default
    Realm.
    What did I do wrong? Also, where does WebLogic store the customsecurity
    realm
    info? It is definitely not in config.xml.
    Thanks,
    Eric Ma

  • Custom secure views report is not restricting the data

    Hi,
    I have created few custom secure views reports and in which I have used the per_people_f , per_assignments_f secure views but when I am running this report from different responsibilities like (US Resp, UK Resp) it is producing the same number of records. From US resp it should produce the US employees and from UK it should produce the UK employees but this is not happening currently.it is a simple sql script which I registered as sql*plus executable.
    Can any one suggest if I am missing some thing? Urgent help would be appreciated.
    Thanks,
    Ashish

    Pl post details of OS, database and EBS versions. How have you implemented security ? What kind of concurrent program are you using ? Pl provide details. Also see these MOS Docs
    How To Enable Hr Security on Custom Reports?          (Doc ID 369345.1)
    Understanding and Using HRMS Security in Oracle HRMS          (Doc ID 394083.1)
    Need Custom Security Profile To Restrict Based On Employees Organization          (Doc ID 445142.1)
    HTH
    Srini

  • Errors encountered while using a Custom Security Realm on a Platform Domain

    Hi,
    We have created a WebLogic Platform Domain. A WebLogic Portal application(Portal
    7.0) and some Web Service apps are running on this domain.
    We have created a Custom Security Realm b'cos of our application requirements
    and now when I startup the Platform Domain, I see lot of errors.
    Some of the errors typically are
    "<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user: wlisystem,
    for the servlet: ApplicationView for the webapp: /WLI_AI_Workshop_Control_Web,
    could not be resolved to a valid user in the system. Please check if the user
    exists.
    javax.security.auth.login.LoginException: Authentication Failed: User wlisystem
    denied in Realm Adapter realm weblogic"
    or
    Unable to deploy EJB: wlai-eventprocessor-ejb.jar from wlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
    weblogic.ejb20.interfaces.PrincipalNotFoundException: Authentication Failed: User
    wlisystem denied in Realm Adapter realm weblogic
    Do we have to create any predefined user accounts in the Security Store to get
    rid of these errors. I would appreciate if anyone can suggest some tips or workarounds
    for configuring or creating a Custom Security Realm for Web Logic Platform Domain.
    Thanks
    Vikram

    Hello Vikram,
    Are you using the new WLS 7.0 security framework? It is not supported for
    Portal 7.0. For Portal 7.0 apps you have to use compatibility mode (6.x
    style) security.
    Ture Hoefner
    BEA Systems, Inc.
    www.bea.com
    "Vikram Datla" <[email protected]> wrote in message
    news:3e273015$[email protected]..
    >
    Hi,
    We have created a WebLogic Platform Domain. A WebLogic Portalapplication(Portal
    7.0) and some Web Service apps are running on this domain.
    We have created a Custom Security Realm b'cos of our applicationrequirements
    and now when I startup the Platform Domain, I see lot of errors.
    Some of the errors typically are
    "<Jan 16, 2003 4:07:02 PM EST> <Error> <HTTP> <101256> <The run-as user:wlisystem,
    for the servlet: ApplicationView for the webapp:/WLI_AI_Workshop_Control_Web,
    could not be resolved to a valid user in the system. Please check if theuser
    exists.
    javax.security.auth.login.LoginException: Authentication Failed: Userwlisystem
    denied in Realm Adapter realm weblogic"
    or
    Unable to deploy EJB: wlai-eventprocessor-ejb.jar fromwlai-eventprocessor-ejb.jar:weblogic.ejb20.WLDeploymentException:
    weblogic.ejb20.interfaces.PrincipalNotFoundException: AuthenticationFailed: User
    wlisystem denied in Realm Adapter realm weblogic
    Do we have to create any predefined user accounts in the Security Store toget
    rid of these errors. I would appreciate if anyone can suggest some tips orworkarounds
    for configuring or creating a Custom Security Realm for Web Logic PlatformDomain.
    >
    Thanks
    Vikram

  • I'm unable to change my security question answers.  It keeps asking me for the answers and I don't know them!

    I'm unable to change my security question answers.  It keeps asking me for the answers and I don't know the answers.  I've reset my password 2x and it still won't let me change the answers.  Help!!

    See Kappy's great User Tips.
    See my User Tip for some help: Some Solutions for Resetting Forgotten Security Questions: Apple Support Communities https://discussions.apple.com/docs/DOC-4551
    Send Apple an email request for help at: Apple - Support - iTunes Store - Contact Us http://www.apple.com/emea/support/itunes/contact.html
    Call Apple Support in your country: Customer Service: Contacting Apple for support and service http://support.apple.com/kb/HE57
     Cheers, Tom

  • SQL Query in Custom Security when creating Security Profile

    Hello all,
    I've created a security profile with Custom security and provided a simple query in Custom Security tab-
    PERSON.PERSON_ID = FND_GLOBAL.EMPLOYEE_ID
    Custom security option is "Restrict the people visible to each user using this profile"
    I am not able to see the record as expected.
    If I Hardcode the person ID "PERSON.PERSON_ID = 13449" with "Restrict the people visible to each user using this profile", I am able to see the record.
    If I Hardcode the person ID "PERSON.PERSON_ID = 13449" with "Restrict the people visible to this profile", I am able to see the record after running PERSLM and same is in PER_PERSON_LISTS.
    Am I correct in checking with FND_GLOBAL.EMPLOYEE_ID?
    (This was mentioned in system administrator guide :
    "+Oracle HRMS assesses the custom security when the user signs on. In addition, the custom security code can include references to user specific variables, for example, fnd_profile.value() and fnd_global.employee_id.+"
    docs.oracle.com/cd/E18727_01/doc.121/e13509/T2096T2098.htm).
    I have tried with FND_GLOBAL.USER_ID / FND_PROFILE.VALUE('USER_ID') / :ASG_ID (seeded query has a join with this bind variable) - not happening.
    I've given options as below :
    Employees = None
    Contingent Worker = Restricted
    Applicant = None
    Contacts = All
    Candidates = All
    All other options - Defaulted
    Thanks,
    Sumanth

    Resolved this - One cannot see self's employee record in the form for which this is setup.
    Hence the below query though correct in syntax did not show any data.
    PERSON.PERSON_ID = FND_GLOBAL.EMPLOYEE_ID
    My original requirement was that all employees belonging to one's Organization should be displayed, and this is working fine with an updated query for the same.
    Thanks,
    Sumanth

  • Accessing Custom Security Realm and NotOwnerException.

    I have installed the RDBMS example security realm, which appears to work fine. However when I attempt to access this realm from a Servlet via Realm.getRealm("name") I get an NotOwnerException being thrown.
    Ideas ?
    regards,
    Jeff.

    We did something similar in a past project, and it turned out to be more of a mess than
    it was worth it (not only the "chicken-egg" dilemma with system, guest, administrator
    users, etc., but also with various lookup and threading issues.) We ended up ripping
    out the code and writing a new one which does not use an EJB.
    EJB are supposed to be written in terms of container services (which security being one
    of the services the container provides) but in this scenario you'd be writing one of the
    container services in terms of EJBs, so it "breaks" the proper layering.
    In our case, we wanted to "encapsulate" our security code from Weblogic's propreitary
    realm mechanism, at the end we still achieved without having to create a session bean
    (sometimes regular Java classes work just fine) :-)
    regards,
    -Ade
    "watscheck" <[email protected]> wrote in message news:[email protected]..
    >
    Hi,
    i want to use a sessonEJB as my security store for the custom security realm in
    weblogic server 6.1.
    Has anyone experience with that?
    First i have to pass all filerealm users through my custom realm (csr) because
    it is not possible to authenticate the system and guest users before the sessionEJB
    itself is loaded.
    OK, but my problem is the authentication of the csr at the sessionEJB, which is
    itself secured by method-permission in it's assemblydesciptor. So i have to get
    an initialcontext with an authorized user for the sessionEJB an invoke all protected
    methods with this principal.
    But Bea WLS has a problem with propagating this user back to the actual application.
    Is there a way that the application (web-app and ejbs) is not affected by the
    authentification of the csr at the sessionEJB (security store)?
    And is it right that the new initialcontext in the csr always overrides the bea
    context and with that the servlet request of the web-app?
    thanks in advance
    watscheck

  • Custom Security Manager or Security Event Interception from WebLogic Console

    Hello,
    I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
    Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
    I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
    I use Weblogic Server 6.0 sp2
    serge

    Hi Daniel,
    > a custom security manager for the standard CM Repository
    And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
    The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
    > java.lang.NoSuchMethodException: MySecurityManager.<init>
    This exception only complains about a missing constructor!? Have you implemented a default constructor?!
    > If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
    The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
    There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
    Hope it helps
    Detlev

  • Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties.

    We have a web role where we have hosted a WCF service.
    We are facing the below exception intermittently on consuming the service.
    Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties.   This
    can occur if the service is configured for security and the client is not using security.
    This is intermittent. Few calls fail , and the subsequent calls succeed without making any changes.
    Please help in overcoming this abnormal behavior.
    Thanks in advance !!
    Best Regards ,
    Eswar

    Hi Eswar,
    As the error message mentioned, it may be a mismatch between the configuration on the client and the server.Try putting all your configuration in a binding configuration and then use the same binding configuration on the server and client. Since this issue
    is more related with WCF, I suggest you move to WCF forum, it is appropriate and more experts will assist you.
    Best Regards,
    Jambor
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

Maybe you are looking for

  • How to make the product-info-textfields tidy?

    Hi there, I am solving one problem, but it results to several questions (set in bold): I am about to create a product catalog, based on design createdy by someone else. There are product cells on the page. Each cell contains image & info, as usual. T

  • Connection issue with iPod Shuffle 4th Gen.

    Hello, I have problem with my iPod Shuffle 4th gen. One day i tried as always to turn it on and listen music but i heard only short "info" sound and saw short green diode impulse and nothing else. My computer (windows 7) also can't find it, after plu

  • Can one export a schema from a 64 bit Oracle DB into a 32 bit Oracle DB?

    Hello: I need to copy a schema from one DB to another. The source DB runs 64 bit version of Oracle DB but the target DB runs 32 bit version of Oracle DB. Can the schema in 64 bit DB instance be exported and imported into a 32 bit DB instance with exp

  • Bitmap indexes and group by

    I'm trying to understand why Oracle 8.1.6 sometimes uses bitmap indexes sometimes not. Of course I have all the statistics, my bitmap indexes are valid and so on. The problem is this: - I have a customer table very very large - I have many columns wi

  • Getting rid of unwanted applications

    How do i get rid of some of the applications that came on the phone? I went to setting, applications, manage/uninstall apps and i clicked on the ones that i don't want and it doesn't have uninstall on any of them. I don't use half of the applications