url-pattern for extension mapping in security-constraint not working

Similar Messages

• Different url-patterns for same servlet running in 2 different environments

  Hi All,
  I have a question about url mappings in my web.xml file and I hope somebody can help. The situation is that I�m putting together a web app using a combination of JSPs and servlets. I can�t develop on the machine that it will be hosted on, so I�m working and testing on my own machine and will transfer to the host machine when finished. However, the host machine is set up to map serlvets to http://�/servlet/MyServlet but the copy of tomcat I have installed locally maps to http://�/MySerlvet. My question is, when I get ready to transfer my application do I have to go through all my code and find serlvet references and insert the �servlet/� path info required by the hosting service, or can I just change the url patterns for the servlet mappings of the web.xml file on the host machine ? In other words:
  Local install of Tomcat where servlets are accessed at http://�/MyServlet
  <servlet-mapping>
  <servlet-name> MyServlet </servlet-name>
  <url-pattern>/MyServlet </url-pattern>
  </servlet-mapping>
  Host machine install of Tomcat where servlets are accessed at http://�/servlet/MyServlet
  <servlet-mapping>
  <servlet-name> MyServlet </servlet-name>
  <url-pattern>/servlet/MyServlet </url-pattern>
  </servlet-mapping>
  I guess my thinking is that it would be better/easier to have a remote and local version of the web.xml file that reflects the environment each one resides in and have only one codebase rather than 2 codebases and 1 web.xml file. Am I thinking about this in the right way, or have I misunderstood something?
  Thanks,
  Peter

  What you�re suggesting is logical, but won�t that
  effect all the other stuff I�ve got running on my
  local Tomcat install that expects servlets to be
  accessed at http://.../ServletName ?
  in web.xml, you decide of your mapping, so you could use the /servlet/ServletName pattern for your application that needs to be remote, and /ServletName for the rest of your stuff. You can even define more than one mapping for a servlet...
  In fact, you should probably put your whole application that is going to be on a remote server in it's own context, and to be ahead of dufymo :-) , learn to put it a war file for deployment.

• Obtaining url patterns for a user Role/Group

  I am looking for a way to find out how to obtain a the list of accessible urls (url
  patterns) for a role/group defined in weblogic.
  I have gotton as far as if checking if a user is in a group using: javax.ejb.SessionContext
  isCallerInRole(java.lang.String roleName)
  After checking if a user is in a role/group I want to access the url pattern authorised
  for a particular role under weblogic.
  Can this be done.

  I am looking for a way to find out how to obtain a the list of accessible urls (url
  patterns) for a role/group defined in weblogic.
  I have gotton as far as if checking if a user is in a group using: javax.ejb.SessionContext
  isCallerInRole(java.lang.String roleName)
  After checking if a user is in a role/group I want to access the url pattern authorised
  for a particular role under weblogic.
  Can this be done.

• Security constraints not being applied after using custom login module

  I am using form based authentication and I applied the custom login module - DBProcLoginModule to work with the embedded OC4J (JDeveloper 10.1.3.2). I have specified two security contraints in web.xml. The authentication is working correctly, however the security contraints are not being applied. All users are able to access all url resources. The security constraints were working properly before applying the custom login module. Pls help.
  Leena

  Hi,
  if "All users are able to access all url resources" then this indicates that the RL isn't properly protected. If the authorization would fail then noone would have access and you would see error code 401
  Make sure the role names in web.xml are the same as added by the LoginModule. Also make sure you set the dynamic.role property and the custom security provider property in the orion-application.xml
  <jazn provider="XML">
       <property name="custom.loginmodule.provider" value="true"/>
       <property name="role.mapping.dynamic" value="true"/>
  </jazn>
  Note that the above is not required (because done automatically) if the custom LoginModule configuration is deployed through the orion-application.xml file
  Frank

• Dimension security is not working if user have two roles in SSAS while connecting from Excel

  Hello Genius,
  I am facing the issue when user trying to connect the cube from excel if user have more than one role in ssas db.
  Role 1: Countryuser, I have implemented the dimension security with country
  dimension and  countrycode attribute.
  Role 2: CityUser,   I have implemented the dimension security with
  city dimension and  citycode attribute.
  If user is mapped to any one of above role dimension security is working perfectly according to the logic but mapped to both role, cube is exposing all the data in this case dimension security is not working.
  Please give me the solution to fix this issue or incase I am wrong kindly advice.
  Thanks
  Ganesh

  This is the expected behaviour as allowed sets in roles are unioned together.
  This is not a problem when your roles are restricting across a single attribute.
  eg.
  US_role = {[Geography].[Country].[USA]
  France_role = {[Geography].[Country].[France] }
  as someone in both roles ends up seeing {[Geography].[Country].[USA], [Geography].[Country].[France] }
  But when you have different attributes:
  NY_role = {[Geography].[City].[New York] }
  France_role = {[Geography].[Country].[France] }
  The first role is unrestricted on countries and the second is unrestriced on cities which is effectively:
  NY_role = {[Geography].[Country].AllMembers , [Geography].[City].[New York]  }
  France_role = {[Geography].[Country].[France], [Geography].[City].AllMembers }
  And when you union those two sets together you end up with:
  {[Geography].[Country].AllMembers , [Geography].[City].AllMembers }
  Which means that someone in both roles can see everything.
  So if you want to restrict someone to City = New York and Country = France you have to create a
  single role where both attributes are restricted. So if you have a lot of these combinations you will either have to create a lot of "combination" roles or look at dynamic security.
  The other thing that might work is make sure that you only give some users access to certain cities and others access to certain countries. It's the mixing of the two for a single person that causes the issues.
  http://darren.gosbell.com - please mark correct answers

• TS1702 After I updated my new Ipad  with IOS 6, now Map& Dictation icon are not working. please help me

  After I updated my new Ipad  with IOS 6, now Map& Dictation icon are not working. please help me

  Thank you wjsten for your soon reply. Unfortunately on these days I'm in a country that Apple don't have any retail store here and for sake of time I prefer to fix it myself to DHL it to the nearest country to use its warranty. Do you have any idea how can I fix it? Do you think it's a software issue?

• Extension in Select-Options is not working

  Hi,
  The extension of select-options is not working for the following statement........
  SELECTION-SCREEN: BEGIN OF BLOCK sel WITH FRAME TITLE text-001.
  SELECT-OPTIONS: s_tp_no FOR e070-trkorr.
  SELECTION-SCREEN: END OF BLOCK sel.
  Please Help.......
  Thanks,
  Sheel

  SELECTION-SCREEN: BEGIN OF BLOCK sel WITH FRAME TITLE text-001.
  SELECTION-SCREEN: END OF BLOCK sel.
  Remove the colan ':' from ur code after SELECTION-SCREEN
  write it as
  SELECTION-SCREEN BEGIN OF BLOCK sel WITH FRAME TITLE text-001.
  SELECTION-SCREEN END OF BLOCK sel.

• Secure boot not working with MSI Z77a-G45 And system reserve not showing

  Ok so i re did my windows after i did a zero fill on my hard drive as it was showing a corrupted sector on my disk that seemed to fix it for now, until it comes back if it does crossing my fingers it gone for good. But now i can't seem to get Secure boot to work i mean i did not have it before as i just slapped the motherboard in with a existing windows, that was to be expected but this is a clean install of windows 8.1 and i even have secure boot on but its not working and reports as off in windows.  Is it because i have my bios set to legacy+UEFI??? would that make secure boot not work??. i even went as far as turning it off and back on again the secure boot setting nothing made a difference.  I mean its not a big deal bit would be nice to know why its not working, also another wired thing and i will post pictures of it, as i cant see my system reserved partition in disk management but diskpart says it there, i will post those pictures any ideas??. 

  fixed it is my legacy+uefi another forum got back to me.

• Amber update but map and bere drive not work

  After amber update my here map and here drive not work just open the app but not open and close automatically

  Same thing here. I have tried all things and have a similar issue
  http://discussions.nokia.com/t5/HERE-Location-base​d-services/Settings-gt-Applications-does-not-have-​...
  NOKIA NEED HELP HERE !!

• I've been using the speaker feature for dictation. Suddenly it's not working. Any ideas?

  I've been using the speaker feature for dictation. Suddenly it's not working. Any ideas?

  Please follow this article:
  http://support.apple.com/kb/TS1567
  it should help
  let me know

• HT1695 Wi-Fi to your iPhone does not work with the knowledge that I have worked Restart for the same purpose network does not work What is the solution please help as soon as

  Wi-Fi to your iPhone does not work with the knowledge that I have worked Restart for the same purpose network does not work What is the solution please help as soon as

  Okay, the Wi-Fi doesn't work.  Turn it on.
  Beyond that, we cannot offer any other assistance as you've failed to provide useful details of the problem.
  When responding, post in your native language as your English makes very little sense.

• We have 2 versions of Portuguese in our application. The problem is only for Brazilian Portuguese and the other one is working just fine. Locale for portugese-brazil (pt-BR) is not working

  We have 2 versions of Portuguese in our application. The problem is only for Brazilian Portuguese and the other one is working just fine.
  Locale for portugese-brazil (pt-BR) is not working.

  No. Something else is going on.
  Your son may be hogging all the bandwidth but your wireless network should never simply disappear. Moreover, if your son isn't doing anything the available bandwidth for other devices should remain unaffected.
  I suspect that something is miswired, and from what you describe I suspect that link is between the Extreme and the "other computer".
  The way to accomplish what you propose is
  Modem > Ethernet cable to Extreme's WAN port
  Extreme's LAN ports > wired Ethernet devices.
  There should be nothing but an Ethernet cable linking an Extreme LAN port and any other wired device. If you run out of available LAN ports on the Extreme, you need to by an "Ethernet switch" - they are not expensive, but don't call it a "splitter" or you will only confuse yourself. The switch would be connected to one of the Extreme's LAN ports, and you would connect additional devices to it. You can also use one of your Expresses for that purpose, assuming it is the current generation model with two Ethernet ports.

• RBAC check fails Security Constraint Not Enforced

  I configured a simple WAR to ony allow a specific role to be able to execute my Helloworld url. Now it appears that any valid user defined on the appserver can access the url. Shouldn't it be limited to the specific role i defined using the deploytool? It almost appears as if the security constraint is not being enforced. All of the users in the file realm are allowed to access it, instead of the role that's specified in the security constraints.
  I'm using Sun Java System Application Server Enterprise Edition 8.2 (build b25-fcs)
  web.xml
  <?xml version="1.0" encoding="UTF-8" standalone="no"?>
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  <display-name>Helloworld</display-name>
  <servlet>
  <display-name>HelloworldImpl</display-name>
  <servlet-name>HelloworldImpl</servlet-name>
  <servlet-class>com.boeing.mcc.trade.HelloworldImpl</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>HelloworldImpl</servlet-name>
  <url-pattern>/Helloworld</url-pattern>
  </servlet-mapping>
  <jsp-config/>
  <security-constraint>
  <display-name>SecurityConstraint</display-name>
  <web-resource-collection>
  <web-resource-name>WRCollection</web-resource-name>
  <url-pattern>/Helloworld/*</url-pattern>
  <http-method>POST</http-method>
  <http-method>GET</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>OPERATOR</role-name>
  </auth-constraint>
  <user-data-constraint>
  <transport-guarantee>NONE</transport-guarantee>
  </user-data-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>file</realm-name>
  </login-config>
  <security-role>
  <role-name>ADMIN</role-name>
  </security-role>
  <security-role>
  <role-name>ANALYST</role-name>
  </security-role>
  <security-role>
  <role-name>OPERATOR</role-name>
  </security-role>
  </web-app>
  Message was edited by:
  weinhard
  Message was edited by:
  weinhard
  Message was edited by:
  weinhard

  Note: I used the deploytool to create/package the WAR.
  sun-web.xml
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 8.1 Servlet 2.4//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_4-1.dtd">
  <sun-web-app>
  <context-root>/hello</context-root>
  <security-role-mapping>
  <role-name>OPERATOR</role-name>
  <principal-name>user1</principal-name>
  <principal-name>user2</principal-name>
  <principal-name>user3</principal-name>
  </security-role-mapping>
  <security-role-mapping>
  <role-name>ANALYST</role-name>
  <principal-name>user4</principal-name>
  <principal-name>user2</principal-name>
  <principal-name>user3</principal-name>
  <principal-name>user5</principal-name>
  </security-role-mapping>
  <security-role-mapping>
  <role-name>ADMIN</role-name>
  <principal-name>user6</principal-name>
  </security-role-mapping>
  <servlet>
  <servlet-name>HelloworldImpl</servlet-name>
  <webservice-endpoint>
  <port-component-name>HelloworldIF</port-component-name>
  <endpoint-address-uri>Helloworld</endpoint-address-uri>
  </webservice-endpoint>
  </servlet>
  <session-config>
  <session-manager persistence-type="memory">
  <manager-properties/>
  <store-properties/>
  </session-manager>
  <session-properties/>
  <cookie-properties/>
  </session-config>
  <cache enabled="true" max-entries="4096" timeout-in-seconds="30">
  <default-helper/>
  </cache>
  <class-loader delegate="true"/>
  <jsp-config/>
  <parameter-encoding default-charset="UTF8"/>
  </sun-web-app>

• SETTING PROPERTIES FOR A MAPPING VIA OMBPLUS ISN'T WORKING

  Hi, i have a problem with OMBPLUS:
  I have a script which creates a mapping and then is supposed to change properties for the mapping and seems to do so via OMBRETRIEVE. But when looking in OWB the properties aren't changed.
  If I change any of the properties inside OWB and then run the script again, then the properties are changed. Does anyone know why the behavior is like this?
  /thanx Joel
  When running the script the output looks like this:
  CREATE MAPPING 'XXX_1_IN'... DONE
  DEFAULT_OPERATING_MODE={SET BASED FAIL OVER TO ROW BASED}
  ALTER MAPPING PROPERTIES FOR 'T_A_TEST_XXX_1_IN'... DONE
  DEFAULT_OPERATING_MODE={SET BASED}
  -- ALL DONE --
  The script:
  set temp_module "TMP"
  set tmp_table1 "XXX_1"
  set tmp_table2 "XXX_2"
  set map_name "XXX_1_IN"
  puts -nonewline "CREATE MAPPING '$map_name'... "
  OMBCREATE MAPPING '$map_name' \
  ADD TABLE OPERATOR '$tmp_table1' BOUND TO TABLE '../$temp_module/$tmp_table1' \
  ADD TABLE OPERATOR '$tmp_table2' BOUND TO TABLE '../$temp_module/$tmp_table2' \
  ADD CONNECTION \
  FROM GROUP 'INOUTGRP1' OF OPERATOR '$tmp_table1' \
  TO GROUP 'INOUTGRP1' OF OPERATOR '$tmp_table2'
  OMBCOMMIT
  puts "DONE"
  set prop [OMBRETRIEVE MAPPING '$map_name' GET PROPERTIES (DEFAULT_OPERATING_MODE) ]
  puts "DEFAULT_OPERATING_MODE=$prop"
  puts -nonewline " ALTER MAPPING PROPERTIES FOR '$map_name'... "
  OMBALTER MAPPING '$map_name' \
  SET PROPERTIES (DEFAULT_OPERATING_MODE) \
  VALUES ('SET BASED')
  OMBCOMMIT
  set prop [OMBRETRIEVE MAPPING '$map_name' GET PROPERTIES (DEFAULT_OPERATING_MODE) ]
  puts "DEFAULT_OPERATING_MODE=$prop"
  puts "-- ALL DONE --"
  puts ""
  OMBDISCONNECT

  Thanks for your idea Roman, but it doesn't solve my problem.
  The problem is regardless of which property (Runtime parameters in OWB) I try to change. Before ANY property is changed via OWB (GUI) the changes via OMB doesn't come to effect (even if RETREIVE after OMBCOMMIT says so).
  Regards, Joel

• SETTING PROPERTIES FOR A MAPPING VIA OMBPLUS ISN'T WORKING (OWB10gR2)

  Hi, i have a problem with OMBPLUS:
  I have a script which creates a mapping and then is supposed to change properties for the mapping. The script worked in previous releases of OWB but after upgrading to 10gR2 I get an error that DEFAULT_OPERATING_MODE property does not exist.
  Does anyone know why I get the error?
  /thanx Joel
  When running the script the output looks like this:
  CREATE MAPPING 'XXX_1_IN'... DONE
  DEFAULT_OPERATING_MODE={SET BASED FAIL OVER TO ROW BASED}
  ALTER MAPPING PROPERTIES FOR 'T_A_TEST_XXX_1_IN'...
  OMB02902: Error setting property DEFAULT_OPERATING_MODE of T_A_TEST_XXX_1_IN: MMM1034: Property DEFAULT_OPERATING_MODE does not exist.
  -- ALL DONE --
  The script:
  set temp_module "TMP"
  set tmp_table1 "XXX_1"
  set tmp_table2 "XXX_2"
  set map_name "XXX_1_IN"
  puts -nonewline "CREATE MAPPING '$map_name'... "
  OMBCREATE MAPPING '$map_name' \
  ADD TABLE OPERATOR '$tmp_table1' BOUND TO TABLE '../$temp_module/$tmp_table1' \
  ADD TABLE OPERATOR '$tmp_table2' BOUND TO TABLE '../$temp_module/$tmp_table2' \
  ADD CONNECTION \
  FROM GROUP 'INOUTGRP1' OF OPERATOR '$tmp_table1' \
  TO GROUP 'INOUTGRP1' OF OPERATOR '$tmp_table2'
  OMBCOMMIT
  puts "DONE"
  set prop [OMBRETRIEVE MAPPING '$map_name' GET PROPERTIES (DEFAULT_OPERATING_MODE) ]
  puts "DEFAULT_OPERATING_MODE=$prop"
  puts -nonewline " ALTER MAPPING PROPERTIES FOR '$map_name'... "
  OMBALTER MAPPING '$map_name' \
  SET PROPERTIES (DEFAULT_OPERATING_MODE) \
  VALUES ('SET BASED')
  OMBCOMMIT
  puts "-- ALL DONE --"
  puts ""
  OMBDISCONNECT

  Hi, don't look at the script it was copied and pasted from an old thread. The problem is the error I get when trying to execute:
  OMBALTER MAPPING 'map_name' \
  SET PROPERTIES (DEFAULT_OPERATING_MODE) \
  VALUES ('SET BASED')
  OMB02902: Error setting property DEFAULT_OPERATING_MODE of map_name: MMM1034: Property DEFAULT_OPERATING_MODE does not exist.
  //Joel