URGENT: Protecting web and J2EE Resources using Authz/RoleMapper providers in PORTAL Server?

Similar Messages

• Error 18452 "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication" on SQL Server 2008 R2 Enterprise Edition 64-bit SP2 clustered instance

  Hi there,
  I have a Windows 2008 R2 Enterprise x64 SP2 cluster which has 2 SQL Server 2008 R2 Enterprise Edition x64 SP2
  instances.
  A domain account "Domain\Login" is administrator on both physcial nodes and "sysadmin" on both SQL Server instances.
  Currently both instances are running on same node.
  While logging on to SQL Server instance 2 thru "Domain\Login" using "IP2,port2", I get error 18452 "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication". This happened in the past
  as well but issue resolved post insatllation of SQL Server 2008R2 SP2. This has re-occurred now. But it connects using 'SQLVirtual2\Instance2' without issue.
  Same login with same rights is able to access Instance 1 on both 'SQLVirtual1\Instance1' and "IP1,port1" without any issue.
  Please help resolve the issue.
  Thanks,
  AY

  Hello,
  I Confirm that I encountred the same problem when the first domain controller was dow !!
  During a restarting of the first domain controller, i tried to failover my SQL Server instance to a second node, after that I will be able to authenticate SQL Server Login but Windows Login returns Error 18452 !
  When the firts DC restart finishied restarting every thing was Ok !
  The Question here : Why the cluster instance does'nt used the second DC ???
  Best Regards     
  J.K

• Is it possible to do Continuous deployment for azure cloud services(website,web and worker roles) using VSO Release management?

  Hi,
  I am trying to do continuous deployment using visual studio online and release management for Azure cloud services. But not able to find the way to do it(with the help of different blogs, those are describing using VM only).
  I tried using Release management visual studio extension also. But no Luck.
  Please help me if it is possible to do continuous deployment using release management.
  Thanks,
  Phani

  Hi,
   Please refer to the following Forum Thread with similar question which has been answered. Let us know if this helps.
   https://social.msdn.microsoft.com/Forums/en-US/9d8322f6-36e5-4cca-a982-d420d34d2072/realease-management-deployment-to-azure-websites-webworker-roles?forum=tfsbuild
  Regards,
  Nithin Rathnakar

• I have a new Windows7 computer, transfered my files and settings from WinXP, I can use the web and receive emails using Firefox but cannot open emails. Can you help?

  I just can't open my emails that I get from msn. My yahoo and gmail messages work and I can open them fine but I can't open my msn mail with this computer.

  Most likely you have Office 2004 which are PPC-only applications and will not work in Lion. Upgrade to Office 2011. Other alternatives are:
  Apple's iWork suite (Pages, Numbers, and Keynote.)
  Open Office (Office 2007-like suite compatible with OS X.)
  NeoOffice (similar to Open Office.)
  LibreOffice (a new direction for the Open Office suite.)

• Web and Application Server

  Hi
  My web and application roles for SharePoint are on a single server in which the hardware failed.  I have SQL and the databases on another server.  Is it possible to rebuild the server and connect it to these databases to restore the data?
  Thanks

  As suggested by Scot, Rebuilding a server with the same Farm configuration database is not good to go because you may get some encountered error when associating the existing configuration databases.
  Suggesting you to create a new SharePoint farm with same build version and then attach the content databases to this newly created farm.
  Thanks 
  Ramu                                                                                                                                                                            

• NetGenesis and iPlanet portal server

  Hi Group,
  Has anyone used NetGenesis (I believe NetAnalysis is the actual name of the
  product) to track web traffic data? Have you used it for an iPlanet portal
  server web site? Can you track a portal site the same way as you would
  track a regular website?
  Thanks in advance.
  CJ

  I think the servlet container in Portal is meant to be "black boxed" - ie
  you shouldn't use it to run anything except Portal.
  So stick with your tomcat, and you can integrate it using the normal
  Portal APIs and Provider API.
  Regards
  ws
  Will Bohan wrote:
  I am fairly new to iPlanet Portal Server 3.0 (have used Tomcat and Resin
  before)
  I was wondering where should I place a war file with this server to make
  it work
  (i.e. a war file placed in tomcat_install_dir/webapps will be extracted
  and run with tomcat)
  Is there a similar location for iPlanet Portal Server 3.0? I have been
  reading the documentation
  at docs.iplanet for days and cannot find the answer...
  Thanks for the assistance
  -Will

• Sun ONE Portal Server 6.0 and struts.

  Hi all,
  Has anyone tried using struts with Portal Server?
  Can we use/migrate struts application to Portal Server 6.0?
  As far as I know both uses one gateway servlet.
  Pelase reply.
  Thanks.

  Hi,
  The problem with integration of struts based
  applications is usually the project funding :-)
  There is no generic struts provider, only some
  custom build pieces...
  I guess that is the reason, why "zero effort" proxy
  of a struts application via IFrame channel is the
  most implemented integration.
  Cheers,
  Alex :-)

• ABAP and J2EE-Stacks in SAP WEB AS

  Hi,
  I have two questions about the technical architecture of SAP WebAS, particularly about the ABAP- and J2EE-Server.
  Can someone recommend detailed papers/guides (besides help.sap.com)describing:
  1) the management of processes and resources in two parts (ABAP and Java)
  and
  2) The communication mechanisms between J2EE- and ABAP-server.
  What are the problems with JCo?
  Is there other possibilities to communicate between  2EE- and ABAP-server.(besides JCO), what is the performance in this case compares with JCO?
  Thank you!
  Peter Hneke

  Hi
  please have a look in to this Pdf Doc .   might be of soem help to you .
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/b52456bd-0a01-0010-6d9b-f153bf15a82f
  Apart from JCO communication between JAVA and ABAP can also be handled using ESA services .
  please have a llok at these blogs
  /people/scott.campbell/blog/2005/05/16/the-esa-is-coming-the-esa-is-coming
  /people/kevin.liu/blog/2005/10/17/esa-soa-es
  /people/harsh.chauhan/blog/2005/08/27/building-esa-and-delivering-it-through-caf
  /people/sap.user72/blog/2005/10/28/the-fundamental-problem-solved-by-esa
  Hope this helps . pelase do not forget to reward points , if helpful
  regards
  rajeshkr

• Can't open form-protected Web resource from a link in a Word or Excel doc

  I've run into an issue with OAM and Web resources protected by a Form authentication scheme.
  Summary: I have a form-protected Web resource, and I add a hyperlink to that resource into a Microsoft Word or Excel document. Now, I click on the link in the document, and a Web browser is opened with the login form. However, the browser does not have any of the session cookies (ObFormLoginCookie, ObSSOCookie) required for the form to work, so the login only results in an error page.
  (This issue is partly the fault of Word and Excel, because they try to open the link themselves, and so they get the session cookies. If they handed off all of the work to the default browser, this wouldn't be an issue.)
  Is there a simple solution to this problem? Can I write code to extend the form authentication scheme to use something like the query string instead of the ObFormLoginCookie? Or am I faced with writing a custom AccessGate?
  (I know this problem doesn't effect resources protected by Basic Over LDAP authentication, but then we lose the advantages of a custom login form.)
  Thanks,
  Matthew

  i am faceing a file download problem too..........
  i am protecting jboss application,,,,using apache, and jk....
  all work fine except for open a file(word,excel,txt,etc).
  Disable the policy domain, everything goes just fine. microsoft file dialogue opens,you can open the file directly, or save it to your computer........
  Enable the policy domain,, you can only save the file to your computer(file content is also correct),,,but cannot open it directly.it says the file path could not be found......but if the word/excel application is already running, you can open it fine...
  PS:not a computer issue,,,every computers faceing the same problem
  any avoice from you is good to me...............thanks very much

• I was wondring if there is any top free app for cleaning up  the computer and make it run faster while booting, on startup and while surfing web. I am using a macbookpro  with IOS10.8.5, under chrome,safari,firefox net environment. thanks on yourhelp

  I was wondering if there is any top free app for cleaning up  the computer from malware, phinishing apps, adware, and othere malicious softwares and make it run faster while booting, on startup and while surfing web. I am using a Macbook pro  with IOS10.8.5, under chrome,safari,firefox net environment. thanks on your help

  I was wondering if there is any top free app for cleaning up ...
  There is no such thing, since the problems you are describing can have various causes. Seeking anything claiming to "clean" your Mac is asking for trouble, since all of those products are scams, whether they are "free" or not.
  If you are having trouble with your Mac, describe what it is. Be as specific as possible. For general recommendations read below.
  There will always be threats to your information security associated with using any Internet - connected communications tool:
  You can mitigate those threats by following commonsense practices
  Delegating that responsibility to software is an ineffective defense
  Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in neglecting point #1 above.
  OS X already includes everything it needs to protect itself from viruses and malware. Keep it that way with software updates from Apple.
  A much better question is "how should I protect my Mac":
  Never install any product that claims to "clean up", "speed up", "optimize", "boost" or "accelerate" your Mac; to "wash" it, "tune" it, or to make it "shiny". Those claims are absurd.Such products are very aggressively marketed. They are all scams.
  Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources.
  Illegally obtained software is almost certain to contain malware.
  "Questionable sources" include but are not limited to spontaneously appearing web pages or popups, download hosting sites such as C net dot com, Softonic dot com, Soft pedia dot com, Download dot com, Mac Update dot com, or any other site whose revenue is primarily derived from junk product advertisements.
  If you need to install software that isn't available from the Mac App Store, obtain it only from legitimate sources authorized by the software's developer.
  Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
  Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
  Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
  Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
  Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iCloud, iTunes, or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
  Don’t install browser extensions unless you understand their purpose:Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
  Don’t install Java unless you are certain that you need it:
  Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
  Java can be disabled in System Preferences.
  Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
  The same precaution applies to Adobe Flash Player. Newly discovered Flash vulnerabilities appear almost weekly.
  Beware spontaneous popups: Safari menu > Preferences > Security > check "Block popup windows".
  Popup windows are useful and required for some websites, but unsolicited popups are commonly used to deceive people into installing unwanted software they would never intentionally install.
  Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
  If you ever receive a popup window indicating that your Mac is infected with some ick or that you won some prize, it is 100% fraudulent. Ignore it.
  The same goes for a spontaneously appearing dialog insisting that you upgrade your video player right this instant. Such popups are frequently associated with sites that promise to deliver "free" movies or other copyrighted content that is not normally "free".
  The more insistent it is that you upgrade or install something, the more likely it is to be a scam. Close the window or tab and forget it.
  Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
  The most serious threat to your data security is phishing. Most of these attempts are pathetic and are easily recognized, but that hasn't stopped prominent public figures from recently succumbing to this age-old scam.
  OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
  Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
  If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
  Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
  Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.
  Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

• Obiee 11g and custom j2ee app using the same cookie name

  Hi,
  I wrote a same j2ee web application. i'am using authentification through a realm configured in the web.xml.
  This web app is deployed in the same weblogic than obiee 11g. What i want to do is to embed my application in a dashboard using an iframe tag, and use the same login from analytics to my custom web app.
  In this article http://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html#wp1039551, it is said that by default, all web apps in the sames weblogic server are using the same cookie name so that they share authentification between them. However, i have read in the web that analytics in obiee 11g is using a cookie with the name "ORA_BIPS_NQID".
  In the weblogic.xml of my custom application, i set the cookie-name parameter to ORA_BIPS_NQID. However, in the dashbord, it still prompt for authentification to my custom web app.
  How can we share authentification between analytics and a custom web app in the same weblogic ?
  NB : I dont want to pass the username et password through the url.
  Thanks.

  By default, if you don't specify a cookie-name in the weblogic.xml configuration file, the weblogic server create a cookie named JSESSIONID for your application. For exemple, if two applications use the default configuration, both of them will use the same cookie name which is JSESSIONID. In this case, when you log in the first application, your are automaticaly logged in the second application with the same credentials. I have already test this kind of integration and it works perfectly. You only need that the two applications are deployed in the same weblogic server.
  Now, i want to have the same behaviour between obiee 11g and my custom application deployed in the same weblogic server. I read somewhere in the web that obiee 11g presentation service (analytics) is configured with a cookie-name value = "ORA_BIPS_NQID". So in the weblogic.xml configuration file of my web app, i specify a cookie-name value = "ORA_BIPS_NQID" to have the same cookie-name between the two application. But, it still not work. It prompt for authentification in the dashboards.
  I now, that such an integration is possible, because the other bi applications (mapviewer, bipublisher,...) are actually other web applications. However when using, for exemple, maps in dashbords, the mapviwer application automaticaly user the credentials of the user connected in analytics.

• Building J2EE Applications using JBOSS and ECLIPSE 3.0

  Hi all
  i am trying to deploy a J2EE application using JBOSS3.2.5 and Eclipse 3.0.
  I have written the EJB bean, home, remote and a test JSP page. Can someone tell me the exact procedure...step by step ways to deploy the JBOSS server and run my application.
  My package structure is
  MyProject
  ejb
  client
  Servlet.java
  server
  Bean.java
  shared
  home.java
  remote.java
  please tell the various jar files that i must include. Kindly give information about the directory structure, the xml file details and the WAR file generation
  Thankz in advance
  Arun :)

  That is a lot of stuff! At a basic level, you can create an EAR file and put it in the JBoss auto-deployment directory. In the EAR file you should have a WAR file for the web component and a JAR file for the EJB component. And inside each archive there should be a valid deployment descriptor that contains configuration data for the component. When you start up JBoss, the application will be deployed and accessible via web browser, or there will be error messages written to the server log.

• Can we use applets as user interfaces with sockets, RMI and J2EE

  Dear Sir or Madam,
  Since I am a TA for software architecture class, some one ask me the following question: I think the answer is "No" based on the document on http://java.sun.com/sfaq/
  How I answer the quesions? Looking forward your help!!!
  1.You may have 2 applets and 2 html files. One applet with one html file may stay at a client PC and run on this PC, and the other applet with the other html file may stay at a server PC and run on this PC. In this case, all the applets are run locally.
  2.Could applets works with sockets, RMI and J2EE?
  3.Can we use applets as user interfaces with sockets, RMI and J2EE?
  Thank you very much!
  Best regards,
  Jing

  The scenario you paint doesn't quite make sense. The "server PC" wouldn't be running an applet, normally, since applets are by definition in a web browser page, and most likely involve user interaction, and "server processes" generally are done without user interaction.
  The security rules around applets are that -- by default -- applets can connect with sockets ONLY to the server from whence the applet was loaded. RMI uses sockets (J2EE is too broad a spec) and hence RMI calls would also be limited to the server from whence the applet was loaded. Within that limitation, an applet could open all the sockets it wants, so long as they are all on the server from whence the applet was loaded.
  If you want two applets on two different systems to communicate with each other, the simplest way is to have them rendevous through a server process on the server(s) from whence each applet was loaded. Maybe it's PC-a <-> server-a <-> server-b <-> PC-b ...? Or maybe PC-a and PC-b both are talking to the same server.
  The limitation is rooted in the security subsystem. You can specify a policy file and override anything in the security subsystem. That does mean signing the applet and then cajoling the user into agreeing to grant greater levels of security than the default. In such a case you can open sockets more broadly and then PC-a could talk directly to PC-b without going through any servers.
  - David

• Can we use JCo connection with non-Web Dynpro J2EE project in NW

  With Web Dynpro, we have the RFC wizard to call RFCs using JCo connection.  I am wondering, if I create a J2EE project in NW development studio, can I and how to use JCo connection to call RFCs?
  Thanks.

  yes, of course.
  Add jar sapjco.jar then
  import com.sap.mw.jco.*;
  public class Bapi1 extends Object {
     JCO.Client mConnection;
     JCO.Repository mRepository;
     public Bapi1() {
        try {
           // Change the logon information to your own system/user
           mConnection =
              JCO.createClient("001", // SAP client
                "<userid>", // userid
                "****", // password
                null, // language
                "<hostname>", // application server host name
                "00"); // system number
          mConnection.connect();
          mRepository = new JCO.Repository("SAPJCo", mConnection);
        catch (Exception ex) {
          ex.printStackTrace();
          System.exit(1);
        JCO.Function function = null;
        JCO.Table codes = null;
        try {
           function = this.createFunction("BAPI_COMPANYCODE_GETLIST");
           if (function == null) {
             System.out.println("BAPI_COMPANYCODE_GETLIST" +
                                " not found in SAP.");
             System.exit(1);
           mConnection.execute(function);
           JCO.Structure returnStructure =
             function.getExportParameterList().getStructure("RETURN");
           if (! (returnStructure.getString("TYPE").equals("") ||
                  returnStructure.getString("TYPE").equals("S")) ) {
             System.out.println(returnStructure.getString("MESSAGE"));
             System.exit(1);
           codes =
             function.getTableParameterList().getTable("COMPANYCODE_LIST");
           for (int i = 0; i < codes.getNumRows(); i++) {
             codes.setRow(i);
             System.out.println(codes.getString("COMP_CODE") + '\t' +
                                codes.getString("COMP_NAME"));
        catch (Exception ex) {
          ex.printStackTrace();
          System.exit(1);
        try {
          codes.firstRow();
          for (int i = 0; i < codes.getNumRows(); i++, codes.nextRow()) {
            function = this.createFunction("BAPI_COMPANYCODE_GETDETAIL");
            if (function == null) {
              System.out.println("BAPI_COMPANYCODE_GETDETAIL" +
                                 " not found in SAP.");
              System.exit(1);
       function.getImportParameterList().
         setValue(codes.getString("COMP_CODE"), "COMPANYCODEID");
       function.getExportParameterList().
         setActive(false, "COMPANYCODE_ADDRESS");
       mConnection.execute(function);
       JCO.Structure returnStructure =
         function.getExportParameterList().getStructure("RETURN");
       if (! (returnStructure.getString("TYPE").equals("") ||
              returnStructure.getString("TYPE").equals("S") ||
              returnStructure.getString("TYPE").equals("W")) ) {
          System.out.println(returnStructure.getString("MESSAGE"));
       JCO.Structure detail =
         function.getExportParameterList().
         getStructure("COMPANYCODE_DETAIL");
       System.out.println(detail.getString("COMP_CODE") + '\t' +
                          detail.getString("COUNTRY") + '\t' +
                          detail.getString("CITY"));
    catch (Exception ex) {
      ex.printStackTrace();
      System.exit(1);
    mConnection.disconnect();
  public JCO.Function createFunction(String name) throws Exception {
     try {
       IFunctionTemplate ft =
          mRepository.getFunctionTemplate(name.toUpperCase());
       if (ft == null)
         return null;
       return ft.getFunction();
     catch (Exception ex) {
       throw new Exception("Problem retrieving JCO.Function object.");
  public static void main (String args[]) {
     Bapi1 app = new Bapi1();
  Link: [http://help.sap.com/saphelp_nw04/helpdata/en/35/42e13d82fcfb34e10000000a114084/frameset.htm]

• Empty report returned from WEBI and Crystal report when using external hier

  Hi,
  WEBI and Crystal report build from BEX query returned empty report when we used external hierarchy 0PROFIT_CTR.  In BEX we don't have any problems with it.
  No authority check is perfomed on the hierarchy when we start the report in WEBI/Crystal. Only check on the hierarchy is performed when the root authorization is assigned to the user

  We using BO4  SP12