Username with Access-Class
R8 Configure
username cisco access-class 10 passs 12345
access-list 10 permit R7's seriel IP
It don't work.Who can explane and how to do
Tks!
Configure R8 so R7 can telnet into R8 using the IP address
of the serial 0/0/0 interface on R8 using the username cisco and the
password 12345. No other routers or hosts should be able to telnet to R8
using the same username and password.
Can you try this
username cisco pass 12345
access-list 10 permit R7's serial IP
line vty 0 4
access-class 10 in
login local
transport input telnet
line vty 5 15
access-class 10 in
login local
transport input telnet
HTH
Hoogen
Do rate if this helps :)
Similar Messages
-
Problems With Accessing Classes
I am having trouble calling classes that I have written. I put
all of my .java files into my bin directory, and then I compile all of them. But when I compile one that has a reference to another class file that I have written, it acts like it doesn't recognize the class. Even though I am able to compile the .java file into a class file.
I am thinking that it may have something to do with the version of the JDK I am running, JDK1.2.1. And I have also tried to run it in JDK1.3.1, but I have the same problem. If anyone has any suggestions I would really appreciate them.When you try to compile a file that has reference to another class that you have written, it looks in a place called your "classpath". You need to add the path to your classes that are needed for the current compile. I know this is a bit confusing. But here is an example:
I am trying to compile Test.java, but Test.java uses a class that I already have written and compiled called NeededByTest. If NeededByTest.class is found int c:\classes directory, I need to add that path to my classpath. I do that by typing the following at the command prompt
c:\ CLASSPATH = %CLASSPATH;C:\classes;
Note that this appends C:\classes to my classpath.
I hope that helped..
Later
Cardwell -
Sigh. I only saved a few of those pages before they deleted it.
Dammit. I only got as far as jverd actually imploding.
What did I miss?
Message was edited by:
cdelmio-jverd imploded/exploded
-filestream made some comment about you being an
avaocado shaped like Madonna circa 1984
- I said I was speechless
- the knives came outI'm sorry I missed all that!I saved the first bit, but that last part I don't have. Someone should make a website to post deleted threads.
:P
Edit -- Too easy! It's a saying! How can you .... grrr. Nevermind.
Message was edited by:
cdelmio -
Unable to access classes in third party jar files packaged with my ejb.jar
I have packaged some third party jar files in my xxx_ejb.jar file. The third party jar file contains classes that are accessed by some custom classes which are in turn accessed by my bean classes. I get the following error when my custom classes attempt to use any of the classes in one of the third party jar files:
java.lang.NoClassDefFoundError: com/Ostermiller/util/CSVParser
Shouldn't I be able to access classes in jar files that are packaged with my xxx_ejb.jar file? I see the xxx_ejb.jar file as a resource of the application classloader that contains it but I don't see the third party jar files.As per the Java EE specification, additional JAR files should be packaged on the EAR level. Only WAR files' WEB-INF/lib folder is scanned for JAR files to be added to the classloader.
-
Private, protected Access Modifiers with a class
Why cant we use private and protected access modifiers with a class?
Thanks.Matiz wrote:
>
Public access allows you to extend a parent class in some other package. If you only want users to extend your class rather than instantiate it directly, make the class abstract and design for extension.Agreed. However, would the same argument be not true for the default access at the class level? No. Default access would only allow you to extend a parent class in the same package (as opposed to some other package).
Now my confusion is why is a class allowed default access at the top level and not protected?Because protected for a top-level class makes no sense. The protected keyword provides member access to any other class in the same package and extending classes outside the package. A top-level class isn't a member of a class, by definition, so there's nothing that protected would do provide differently than public.
So, the two access modifiers for a top-level class are public and default. Public allows access to the class outside the package, whereas default restricts access to the class within the package.
~ -
Username with privilege level 15 bypass enable
Hi experts,
I guess I never really understand the authentication process on Cisco routers and devices lol. Anyway I want users with privilege level 15 to be put in the enable mode right away after login without having to type in "enable" command and enable password. Users with other privilege levels will still be put in the EXEC mode.
AAA has to be enabled because I'm using it for 802.1x as well.
The privilege level eventually will be assigned by Radius server but right now the user is created locally on the switch. Right now I have:
aaa new-model
username admin privilege 15 secret 5 $1$2bdl$VIp53G4/zpo4f9aHh.t5v0
username cisco secret 5 $1$NGdD$ehTUzwappJFMxgA7tM/YW.
line vty 0 5
access-class 100 in
exec-timeout 30 0
logging synchronous
transport input ssh
And it's not working lol. No matter I log in with "admin" or "cisco" I'm put in EXEC mode... What do I have to do to achieve this?
Thanks!Hi,
The with default keyword authorization will get applied on all the lines i.e. CONSOLE, VTY, AUX.
In case you want it for users who are trying to login to via ssh or telnet use the following:
EXEC AUTHORIZATION
Router
router(config)#aaa authorization exec TEL GRoup radius local
router(config)#line vty 0 15
router(config-line)#authorization exec TEL
ACS
Interface configuration
Check user & group for cisco av-pair.
User setup à cisco ios/pix 6.x radius attributes àcisco av-pair [ shell:priv-lvl=15]
OR
Group setup à ios/pix 6.x radius attributes à shell:priv-lvl=15
In case of radius if exec authorization is enabled and if have not specified any privilege level in the ACS server. Then user will fall under the privilege level 1 and if enable authentication is enabled or enable password is defined on the router then we can go to enable mode by typing en or en
Regards,
Anisha
P.S.: please mark this thread as resolved if you think your query is answered. -
Too Slow - Domino 6.5.4 with access manager agent 2.2 ?
I don't know how to tune Domino 6.5.4 with access manager agent 2.2?
I think AMAgent.properties is not good for SSO.
Please help me to tune it.
# $Id: AMAgent.properties,v 1.103 2005/09/19 22:08:34 madan Exp $
# Copyright ? 2002 Sun Microsystems, Inc. All rights reserved.
# U.S. Government Rights - Commercial software. Government users are
# subject to the Sun Microsystems, Inc. standard license agreement and
# applicable provisions of the FAR and its supplements. Use is subject to
# license terms. Sun, Sun Microsystems, the Sun logo and Sun ONE are
# trademarks or registered trademarks of Sun Microsystems, Inc. in the
# U.S. and other countries.
# Copyright ? 2002 Sun Microsystems, Inc. Tous droits r閟erv閟.
# Droits du gouvernement am閞icain, utlisateurs gouvernmentaux - logiciel
# commercial. Les utilisateurs gouvernmentaux sont soumis au contrat de
# licence standard de Sun Microsystems, Inc., ainsi qu aux dispositions en
# vigueur de la FAR [ (Federal Acquisition Regulations) et des suppl閙ents
# ? celles-ci.
# Distribu? par des licences qui en restreignent l'utilisation. Sun, Sun
# Microsystems, le logo Sun et Sun ONE sont des marques de fabrique ou des
# marques d閜os閑s de Sun Microsystems, Inc. aux Etats-Unis et dans
# d'autres pays.
# The syntax of this file is that of a standard Java properties file,
# see the documentation for the java.util.Properties.load method for a
# complete description. (CAVEAT: The SDK in the parser does not currently
# support any backslash escapes except for wrapping long lines.)
# All property names in this file are case-sensitive.
# NOTE: The value of a property that is specified multiple times is not
# defined.
# WARNING: The contents of this file are classified as an UNSTABLE
# interface by Sun Microsystems, Inc. As such, they are subject to
# significant, incompatible changes in any future release of the
# software.
# The name of the cookie passed between the Access Manager
# and the SDK.
# WARNING: Changing this property without making the corresponding change
# to the Access Manager will disable the SDK.
com.sun.am.cookie.name = iPlanetDirectoryPro
# The URL for the Access Manager Naming service.
com.sun.am.naming.url = http://sportal.yjy.dqyt.petrochina:80/amserver/namingservice
# The URL of the login page on the Access Manager.
com.sun.am.policy.am.login.url = http://sportal.yjy.dqyt.petrochina:80/amserver/UI/Login
# Name of the file to use for logging messages.
com.sun.am.policy.agents.config.local.log.file = c:/Sun/Access_Manager/Agents/2.2/debug/C__Lotus_Domino/amAgent
# This property is used for Log Rotation. The value of the property specifies
# whether the agent deployed on the server supports the feature of not. If set
# to false all log messages are written to the same file.
com.sun.am.policy.agents.config.local.log.rotate = true
# Name of the Access Manager log file to use for logging messages to
# Access Manager.
# Just the name of the file is needed. The directory of the file
# is determined by settings configured on the Access Manager.
com.sun.am.policy.agents.config.remote.log = amAuthLog.Dominoad.yjy.dqyt.petrochina.80
# Set the logging level for the specified logging categories.
# The format of the values is
# <ModuleName>[:<Level>][,<ModuleName>[:<Level>]]*
# The currently used module names are: AuthService, NamingService,
# PolicyService, SessionService, PolicyEngine, ServiceEngine,
# Notification, PolicyAgent, RemoteLog and all.
# The all module can be used to set the logging level for all currently
# none logging modules. This will also establish the default level for
# all subsequently created modules.
# The meaning of the 'Level' value is described below:
# 0 Disable logging from specified module*
# 1 Log error messages
# 2 Log warning and error messages
# 3 Log info, warning, and error messages
# 4 Log debug, info, warning, and error messages
# 5 Like level 4, but with even more debugging messages
# 128 log url access to log file on AM server.
# 256 log url access to log file on local machine.
# If level is omitted, then the logging module will be created with
# the default logging level, which is the logging level associated with
# the 'all' module.
# for level of 128 and 256, you must also specify a logAccessType.
# *Even if the level is set to zero, some messages may be produced for
# a module if they are logged with the special level value of 'always'.
com.sun.am.log.level =
# The org, username and password for Agent to login to AM.
com.sun.am.policy.am.username = UrlAccessAgent
com.sun.am.policy.am.password = LYnKyOIgdWt404ivWY6HPQ==
# Name of the directory containing the certificate databases for SSL.
com.sun.am.sslcert.dir = c:/Sun/Access_Manager/Agents/2.2/domino/cert
# Set this property if the certificate databases in the directory specified
# by the previous property have a prefix.
com.sun.am.certdb.prefix =
# Should agent trust all server certificates when Access Manager
# is running SSL?
# Possible values are true or false.
com.sun.am.trust_server_certs = true
# Should the policy SDK use the Access Manager notification
# mechanism to maintain the consistency of its internal cache? If the value
# is false, then a polling mechanism is used to maintain cache consistency.
# Possible values are true or false.
com.sun.am.notification.enable = true
# URL to which notification messages should be sent if notification is
# enabled, see previous property.
com.sun.am.notification.url = http://Dominoad.yjy.dqyt.petrochina:80/amagent/UpdateAgentCacheServlet?shortcircuit=false
# This property determines whether URL string case sensitivity is
# obeyed during policy evaluation
com.sun.am.policy.am.url_comparison.case_ignore = true
# This property determines the amount of time (in minutes) an entry
# remains valid after it has been added to the cache. The default
# value for this property is 3 minutes.
com.sun.am.policy.am.polling.interval=3
# This property allows the user to configure the User Id parameter passed
# by the session information from the access manager. The value of User
# Id will be used by the agent to set the value of REMOTE_USER server
# variable. By default this parameter is set to "UserToken"
com.sun.am.policy.am.userid.param=UserToken
# Profile attributes fetch mode
# String attribute mode to specify if additional user profile attributes should
# be introduced into the request. Possible values are:
# NONE - no additional user profile attributes will be introduced.
# HTTP_HEADER - additional user profile attributes will be introduced into
# HTTP header.
# HTTP_COOKIE - additional user profile attributes will be introduced through
# cookies.
# If not within these values, it will be considered as NONE.
com.sun.am.policy.agents.config.profile.attribute.fetch.mode=NONE
# The user profile attributes to be added to the HTTP header. The
# specification is of the format ldap_attribute_name|http_header_name[,...].
# ldap_attribute_name is the attribute in data store to be fetched and
# http_header_name is the name of the header to which the value needs
# to be assigned.
# NOTE: In most cases, in a destination application where a "http_header_name"
# shows up as a request header, it will be prefixed by HTTP_, and all
# lower case letters will become upper case, and any - will become _;
# For example, "common-name" would become "HTTP_COMMON_NAME"
com.sun.am.policy.agents.config.profile.attribute.map=cn|common-name,ou|organizational-unit,o|organization,mail|email,employeenumber|employee-
number,c|country
# Session attributes mode
# String attribute mode to specify if additional user session attributes should
# be introduced into the request. Possible values are:
# NONE - no additional user session attributes will be introduced.
# HTTP_HEADER - additional user session attributes will be introduced into HTTP header.
# HTTP_COOKIE - additional user session attributes will be introduced through cookies.
# If not within these values, it will be considered as NONE.
com.sun.am.policy.agents.config.session.attribute.fetch.mode=NONE
# The session attributes to be added to the HTTP header. The specification is
# of the format session_attribute_name|http_header_name[,...].
# session_attribute_name is the attribute in session to be fetched and
# http_header_name is the name of the header to which the value needs to be
# assigned.
# NOTE: In most cases, in a destination application where a "http_header_name"
# shows up as a request header, it will be prefixed by HTTP_, and all
# lower case letters will become upper case, and any - will become _;
# For example, "common-name" would become "HTTP_COMMON_NAME"
com.sun.am.policy.agents.config.session.attribute.map=
# Response Attribute Fetch Mode
# String attribute mode to specify if additional user response attributes should
# be introduced into the request. Possible values are:
# NONE - no additional user response attributes will be introduced.
# HTTP_HEADER - additional user response attributes will be introduced into
# HTTP header.
# HTTP_COOKIE - additional user response attributes will be introduced through
# cookies.
# If not within these values, it will be considered as NONE.
com.sun.am.policy.agents.config.response.attribute.fetch.mode=NONE
# The response attributes to be added to the HTTP header. The specification is
# of the format response_attribute_name|http_header_name[,...].
# response_attribute_name is the attribute in policy response to be fetched and
# http_header_name is the name of the header to which the value needs to be
# assigned.
# NOTE: In most cases, in a destination application where a "http_header_name"
# shows up as a request header, it will be prefixed by HTTP_, and all
# lower case letters will become upper case, and any - will become _;
# For example, "common-name" would become "HTTP_COMMON_NAME"
com.sun.am.policy.agents.config.response.attribute.map=
# The cookie name used in iAS for sticky load balancing
com.sun.am.policy.am.lb.cookie.name = GX_jst
# indicate where a load balancer is used for Access Manager
# services.
# true | false
com.sun.am.load_balancer.enable = false
####Agent Configuration####
# this is for product versioning, please do not modify it
com.sun.am.policy.agents.config.version=2.2
# Set the url access logging level. the choices are
# LOG_NONE - do not log user access to url
# LOG_DENY - log url access that was denied.
# LOG_ALLOW - log url access that was allowed.
# LOG_BOTH - log url access that was allowed or denied.
com.sun.am.policy.agents.config.audit.accesstype = LOG_DENY
# Agent prefix
com.sun.am.policy.agents.config.agenturi.prefix = http://Dominoad.yjy.dqyt.petrochina:80/amagent
# Locale setting.
com.sun.am.policy.agents.config.locale = en_US
# The unique identifier for this agent instance.
com.sun.am.policy.agents.config.instance.name = unused
# Do SSO only
# Boolean attribute to indicate whether the agent will just enforce user
# authentication (SSO) without enforcing policies (authorization)
com.sun.am.policy.agents.config.do_sso_only = true
# The URL of the access denied page. If no value is specified, then
# the agent will return an HTTP status of 403 (Forbidden).
com.sun.am.policy.agents.config.accessdenied.url =
# This property indicates if FQDN checking is enabled or not.
com.sun.am.policy.agents.config.fqdn.check.enable = true
# Default FQDN is the fully qualified hostname that the users should use
# in order to access resources on this web server instance. This is a
# required configuration value without which the Web server may not
# startup correctly.
# The primary purpose of specifying this property is to ensure that if
# the users try to access protected resources on this web server
# instance without specifying the FQDN in the browser URL, the Agent
# can take corrective action and redirect the user to the URL that
# contains the correct FQDN.
# This property is set during the agent installation and need not be
# modified unless absolutely necessary to accommodate deployment
# requirements.
# WARNING: Invalid value for this property can result in the Web Server
# becoming unusable or the resources becoming inaccessible.
# See also: com.sun.am.policy.agents.config.fqdn.check.enable,
# com.sun.am.policy.agents.config.fqdn.map
com.sun.am.policy.agents.config.fqdn.default = Dominoad.yjy.dqyt.petrochina
# The FQDN Map is a simple map that enables the Agent to take corrective
# action in the case where the users may have typed in an incorrect URL
# such as by specifying partial hostname or using an IP address to
# access protected resources. It redirects the browser to the URL
# with fully qualified domain name so that cookies related to the domain
# are received by the agents.
# The format for this property is:
# com.sun.am.policy.agents.config.fqdn.map = [invalid_hostname|valid_hostname][,...]
# This property can also be used so that the agents use the name specified
# in this map instead of the web server's actual name. This can be
# accomplished by doing the following.
# Say you want your server to be addressed as xyz.hostname.com whereas the
# actual name of the server is abc.hostname.com. The browsers only knows
# xyz.hostname.com and you have specified polices using xyz.hostname.com at
# the Access Manager policy console, in this file set the mapping as
# com.sun.am.policy.agents.fqdn.map = valid|xyz.hostname.com
# Another example is if you have multiple virtual servers say rst.hostname.com,
# uvw.hostname.com and xyz.hostname.com pointing to the same actual server
# abc.hostname.com and each of the virtual servers have their own policies
# defined, then the fqdnMap should be defined as follows:
# com.sun.am.policy.agents.fqdn.map = valid1|rst.hostname.com,valid2|uvw.hostname.com,valid3|xyz.hostname.com
# WARNING: Invalid value for this property can result in the Web Server
# becoming unusable or the resources becoming inaccessible.
com.sun.am.policy.agents.config.fqdn.map =
# Cookie Reset
# This property must be set to true, if this agent needs to
# reset cookies in the response before redirecting to
# Access Manager for Authentication.
# By default this is set to false.
# Example : com.sun.am.policy.agents.config.cookie.reset.enable=true
com.sun.am.policy.agents.config.cookie.reset.enable=false
# This property gives the comma separated list of Cookies, that
# need to be included in the Redirect Response to Access Manager.
# This property is used only if the Cookie Reset feature is enabled.
# The Cookie details need to be specified in the following Format
# name[=value][;Domain=value]
# If "Domain" is not specified, then the default agent domain is
# used to set the Cookie.
# Example : com.sun.am.policy.agents.config.cookie.reset.list=LtpaToken,
# token=value;Domain=subdomain.domain.com
com.sun.am.policy.agents.config.cookie.reset.list=
# This property gives the space separated list of domains in
# which cookies have to be set in a CDSSO scenario. This property
# is used only if CDSSO is enabled.
# If this property is left blank then the fully qualified cookie
# domain for the agent server will be used for setting the cookie
# domain. In such case it is a host cookie instead of a domain cookie.
# Example : com.sun.am.policy.agents.config.cookie.domain.list=.sun.com .iplanet.com
com.sun.am.policy.agents.config.cookie.domain.list=
# user id returned if accessing global allow page and not authenticated
com.sun.am.policy.agents.config.anonymous_user=anonymous
# Enable/Disable REMOTE_USER processing for anonymous users
# true | false
com.sun.am.policy.agents.config.anonymous_user.enable=false
# Not enforced list is the list of URLs for which no authentication is
# required. Wildcards can be used to define a pattern of URLs.
# The URLs specified may not contain any query parameters.
# Each service have their own not enforced list. The service name is suffixed
# after "# com.sun.am.policy.agents.notenforcedList." to specify a list
# for a particular service. SPACE is the separator between the URL.
com.sun.am.policy.agents.config.notenforced_list = http://dominoad.yjy.dqyt.petrochina/*.nsf http://dominoad.yjy.dqyt.petrochina/teamroom.nsf/TROutline.gif?
OpenImageResource http://dominoad.yjy.dqyt.petrochina/icons/*.gif
# Boolean attribute to indicate whether the above list is a not enforced list
# or an enforced list; When the value is true, the list means enforced list,
# or in other words, the whole web site is open/accessible without
# authentication except for those URLs in the list.
com.sun.am.policy.agents.config.notenforced_list.invert = false
# Not enforced client IP address list is a list of client IP addresses.
# No authentication and authorization are required for the requests coming
# from these client IP addresses. The IP address must be in the form of
# eg: 192.168.12.2 1.1.1.1
com.sun.am.policy.agents.config.notenforced_client_ip_list =
# Enable POST data preservation; By default it is set to false
com.sun.am.policy.agents.config.postdata.preserve.enable = false
# POST data preservation : POST cache entry lifetime in minutes,
# After the specified interval, the entry will be dropped
com.sun.am.policy.agents.config.postcache.entry.lifetime = 10
# Cross-Domain Single Sign On URL
# Is CDSSO enabled.
com.sun.am.policy.agents.config.cdsso.enable=false
# This is the URL the user will be redirected to for authentication
# in a CDSSO Scenario.
com.sun.am.policy.agents.config.cdcservlet.url =
# Enable/Disable client IP address validation. This validate
# will check if the subsequent browser requests come from the
# same ip address that the SSO token is initially issued against
com.sun.am.policy.agents.config.client_ip_validation.enable = false
# Below properties are used to define cookie prefix and cookie max age
com.sun.am.policy.agents.config.profile.attribute.cookie.prefix = HTTP_
com.sun.am.policy.agents.config.profile.attribute.cookie.maxage = 300
# Logout URL - application's Logout URL.
# This URL is not enforced by policy.
# if set, agent will intercept this URL and destroy the user's session,
# if any. The application's logout URL will be allowed whether or not
# the session destroy is successful.
com.sun.am.policy.agents.config.logout.url=
#http://sportal.yjy.dqyt.petrochina/amserver/UI/Logout
# Any cookies to be reset upon logout in the same format as cookie_reset_list
com.sun.am.policy.agents.config.logout.cookie.reset.list =
# By default, when a policy decision for a resource is needed,
# agent gets and caches the policy decision of the resource and
# all resource from the root of the resource down, from the Access Manager.
# For example, if the resource is http://host/a/b/c, the the root of the
# resource is http://host/. This is because more resources from the
# same path are likely to be accessed subsequently.
# However this may take a long time the first time if there
# are many many policies defined under the root resource.
# To have agent get and cache the policy decision for the resource only,
# set the following property to false.
com.sun.am.policy.am.fetch_from_root_resource = true
# Whether to get the client's hostname through DNS reverse lookup for use
# in policy evaluation.
# It is true by default, if the property does not exist or if it is
# any value other than false.
com.sun.am.policy.agents.config.get_client_host_name = false
# The following property is to enable native encoding of
# ldap header attributes forwarded by agents. If set to true
# agent will encode the ldap header value in the default
# encoding of OS locale. If set to false ldap header values
# will be encoded in UTF-8
com.sun.am.policy.agents.config.convert_mbyte.enable = false
#When the not enforced list or policy has a wildcard '*' character, agent
#strips the path info from the request URI and uses the resulting request
#URI to check against the not enforced list or policy instead of the entire
#request URI, in order to prevent someone from getting access to any URI by
#simply appending the matching pattern in the policy or not enforced list.
#For example, if the not enforced list has the value http://host/*.gif,
#stripping the path info from the request URI will prevent someone from
#getting access to http://host/index.html by using the URL http://host/index.html?hack.gif.
#However when a web server (for exmample apache) is configured to be a reverse
#proxy server for a J2EE application server, path info is interpreted in a different
#manner since it maps to a resource on the proxy instead of the app server.
#This prevents the not enforced list or policy from being applied to part of
#the URI below the app serverpath if there is a wildcard character. For example,
#if the not enforced list has value http://host/webapp/servcontext/* and the
#request URL is http://host/webapp/servcontext/example.jsp the path info
#is /servcontext/example.jsp and the resulting request URL with path info stripped
#is http://host/webapp, which will not match the not enforced list. By setting the
#following property to true, the path info will not be stripped from the request URL
#even if there is a wild character in the not enforced list or policy.
#Be aware though that if this is set to true there should be nothing following the
#wildcard character '*' in the not enforced list or policy, or the
#security loophole described above may occur.
com.sun.am.policy.agents.config.ignore_path_info = false
# Override the request url given by the web server with
# the protocol, host or port of the agent's uri specified in
# the com.sun.am.policy.agents.agenturiprefix property.
# These may be needed if the agent is sitting behind a ssl off-loader,
# load balancer, or proxy, and either the protocol (HTTP scheme),
# hostname, or port of the machine in front of agent which users go through
# is different from the agent's protocol, host or port.
com.sun.am.policy.agents.config.override_protocol =
com.sun.am.policy.agents.config.override_host =
com.sun.am.policy.agents.config.override_port =
# Override the notification url in the same way as other request urls.
# Set this to true if any one of the override properties above is true,
# and if the notification url is coming through the proxy or load balancer
# in the same way as other request url's.
com.sun.am.policy.agents.config.override_notification.url =
# The following property defines how long to wait in attempting
# to connect to an Access Manager AUTH server.
# The default value is 2 seconds. This value needs to be increased
# when receiving the error "unable to find active Access Manager Auth server"
com.sun.am.policy.agents.config.connection_timeout =
# Time in milliseconds the agent will wait to receive the
# response from Access Manager. After the timeout, the connection
# will be drop.
# A value of 0 means that the agent will wait until receiving the response.
# WARNING: Invalid value for this property can result in
# the resources becoming inaccessible.
com.sun.am.receive_timeout = 0
# The three following properties are for IIS6 agent only.
# The two first properties allow to set a username and password that will be
# used by the authentication filter to pass the Windows challenge when the Basic
# Authentication option is selected in Microsoft IIS 6.0. The authentication
# filter is named amiis6auth.dll and is located in
# Agent_installation_directory/iis6/bin. It must be installed manually on
# the web site ("ISAPI Filters" tab in the properties of the web site).
# It must also be uninstalled manually when unintalling the agent.
# The last property defines the full path for the authentication filter log file.
com.sun.am.policy.agents.config.iis6.basicAuthentication.username =
com.sun.am.policy.agents.config.iis6.basicAuthentication.password =
com.sun.am.policy.agents.config.iis6.basicAuthentication.logFile = c:/Sun/Access_Manager/Agents/2.2/debug/C__Lotus_Domino/amAuthFilterHi,
I installed opensso (so Sun Java(TM) System Access Manager 7.5) and the agent for Domino 6.5.4 and I have the message in logs "amAgent"
2007-07-11 18:40:16.119 Error 1708:3dbcf768 PolicyAgent: render_response(): Entered.
I have the box to identify but it doesnot connect me on my opensso server.
It still identify with Domino's server
Thanks for your response
Thomas -
Okay , first off thanks for any help in advance . I just purchased a MacBook pro for my daughter for college . ( finance major ) . Her class requires Microsoft office 2010 with access . As you probably already know , and I have just learned , that is no offered for Mac. Is there an easy way To run ms office with access on a MacBook pro or have I wasted my money ?
All that matters is file compatibility. The documents look the same. I've been a professor, so I don't see any issues here at all.
Another option you may want to consider is this: Run Windows on the Mac:
Windows on Intel Macs
There are presently several alternatives for running Windows on Intel Macs.
1. Install the Apple Boot Camp software. Purchase Windows
XP w/Service Pak2, Vista, or Windows 7. For Boot Camp
4.0 and above you can only use Windows 7 or later. Follow
instructions in the Boot Camp documentation on
installation of Boot Camp, creating Driver CD, and
installing Windows. Boot Camp enables you to boot the
computer into OS X or Windows.
2. Parallels Desktop for Mac and Windows XP, Vista Business,
Vista Ultimate, or Windows 7. Parallels is software
virtualization that enables running Windows concurrently
with OS X.
3. VM Fusion and Windows XP, Vista Business, Vista Ultimate,
or Windows 7. VM Fusion is software virtualization that
enables running Windows concurrently with OS X.
4. CrossOver which enables running many Windows
applications without having to install Windows. The
Windows applications can run concurrently with OS X.
5. VirtualBox is an Open Source freeware virtual machine such
as VM Fusion and Parallels that was developed by Solaris.
It is not as fully developed for the Mac as Parallels and VM
Fusion.
Note that VirtualBox, Parallels, and VM Fusion can also run other operating systems such as Linux, Unix, OS/2, Solaris, etc. There are performance differences between dual-boot systems and virtualization. The latter tend to be a little slower (not much) and do not provide the video performance of the dual-boot system. See MacTech Labs- Virtualization Benchmarks, January 2013 | MacTech for comparisons of Boot Camp, Parallels, and VM Fusion. Boot Camp is only available with Leopard or Snow Leopard. Except for Crossover and a couple of similar alternatives like DarWine you must have a valid installer disc for Windows.
You must also have an internal optical drive for installing Windows. Windows cannot be installed from an external optical drive. -
Providing developers with access to WebLogic logs
Hi all,
I keep getting asked by developers for access to WebLogic logs in restricted test environments. But due to security policies, I can't just create an account for them. In one of my previous roles we just gave developers access to a WeLogic monitor account (read-only), but I find the WebLogic admin console is not user friendly for viewing logs.
To overcome this, I created a really simple WebLogic app that lets the developers access all logs files on the managed servers.
I've blogged a quick how-to here for anyone interested in doing the same: [http://connectionserver.blogspot.com/2009/05/listing-directories-simple-weblogic.html|http://connectionserver.blogspot.com/2009/05/listing-directories-simple-weblogic.html]
Hope it helps someone :)
P.S. Perhaps someone could modify it to restrict access to certain roles.
-Mr Jones.You may run into incompatible class versions issue. Basically you have altogehter 2 different JVMs. One for EJBs (utility framework as you defiined using 1.3). Another JVM is weblogic server using JDK 1.6 where you have Client to remotely access those EJBs methods. Going back, when you generate the client stubs and skeletons, and refer them on your client side, did you ran into any issues like with incompatible class versions.
Goud -
Cannot access class java.nio.ByteBuffer
Hi All -
I'm trying to compile a java sample code.
I keep getting the error described in the subject line
cannot access class java.nio.ByteBuffer; file java\nio\ByteBuffer.class not found
I have un-ziped the java sdk 1.4.1 src.zip to a directory under c:\ and added the java\nio directory to the project setting and compile with jdk runtime 1.4.1 and yet get the same error....
I've tried by redirecting to src.zip and didn't work either....
I would appreciate your feedbacks and sorry for the lame question, consider it as a newcomer to Java world.
thanks in advanceYou test it by running the following line....
java java.nio.ByteBuffer
If it says "main not found" then your problem has nothing to do with the java install nor the classpath. The code you are trying to compile is wrong.
If it says class not found then you use this line next....
java -version
If this returns nothing then you are not using the Sun VM (you are using the MS one.) If it returns a version below 1.4 then your PATH statement is wrong (and you should uninstall all sun versions then reinstall.) You can fix the MS VM problem by altering the path so the java path is first.
If it does say 1.4 then you need to uninstall and reinstall because something is messed up. -
Problem with Access Policies (create multiple resources)
I'm having a problem with Access Policies:
The first policy must create a resource.
And the following policies should create childs on the resource.
The problem here is that when policies will add the childs, the resource is not provisioned yet.
And then each one will create a resource but i just want one resource with the childs.
When the resource is already provisioned, the policies update this resource properly.
How can I fix this?
tksRicardo,
I had a similar problem. In a post-process handler I was managing the user membership in specific roles through the removeMemberUser and the addMemberUser of the tcGroupOperationsIntf class.
The last parameter of this method was a boolean which, when true, would automatically trigger the access policies programmatically in the post-process.
The problem is that there also is an OOTB event handler for triggering access policies, so I was basically triggering the access policies twice and duplicated resources were appearing.
Hope this helps.
Cheers -
PDK 9.0.4 Error: cannot access class oracle.security.jazn.realm.RealmUser
Dear Forum,
we are developing portlets for Portal 3.0.9.8. We use the default JPDK version, that comes with the standalone Oracle OC4J 9.0.4 bundled with PDK.
We want to improve our portlet by check the userid of the portal user. Therefore, we want to use oracle.portal.provider.v2.ProviderUser.getUser().getName()
in a JSP.
First - even before the method call - we included
<%@ page import="oracle.portal.provider.v2.http.ServletProviderUser" %>
But even this 1 statement gives in JDeveloper 9.0.4 with the libs pdkjava and ptlshare from the OC4J the following error:
Error: cannot access class oracle.security.jazn.realm.RealmUser; file oracle\security\jazn\realm\RealmUser.class not found
What is wrong here? What missing library we must include?
Thank You in advanceProblem solved. Need to include jazn.jar in project's lib-paths.
-
Cannot access class oracle.sql.BLOB;
Hi,
I am trying to save a .tif file into Oracle database. When I run the program in JDeveloper I get the following errors:
Error(9,19): cannot access class oracle.sql.BLOB; file oracle\sql\BLOB.class not found
Error(59,29): class BLOB not found in class mypackage1.ImageUpload
package mypackage1;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.sql.*;
import java.util.Properties;
import oracle.sql.BLOB;
Blob imgblob = rs.getBlob(1);
OutputStream blobos = ((BLOB) imgblob).getBinaryOutputStream();
...................Any help is appreciated. ThanksWhat package do I need to include in my classpath for
this. ThanksWhy don't you inspect your JAR files? Do you have WinZip? Open them with it and find the class. -
How to create a model access class ???
HI,
Can somebody tell me how to create a Model Access Class. In the Application Set, i can find the Model Access folder, but it has a list of application sets which is already created and the system asks to select a Application set. I need to create a new application set. Please help.
Regards,
ShinyHi Shiny,
I would suggest you not to create a new application set.
If you are enhancing a standard PCUI application, i would suggest you to create new model access classes and assign them to the same application set which is assigned with the standard model access class for that application.
Creating a model access class can be done through the transaction SE24(like any other Z-class).
Go to transaction CRMC_BLUEPRINT_C and you could assign this newly created Model access class to the standard application set. This can be done under Application Element->Application Set->MOdel Access Class.
If you still feel the need to create a new application set altogether, it can be done from Trx CRMC_BLUEPRINT_C->Layout of PCUI-> Application Element->Application set.
I hope it helps.
Cheers,
Gyan. -
Access Class in Default Package
Make long story short, I have to have some class in the "(default package)", related to JNI, and I will need to pass data back and forth from and to these classes from some packaged classes. I am using Java 1.4. As I know since Java 1.4, it's not possible to access classes in default package from packaged classes directly. Is there a work around? please help...
I DON'T have the C/C++ codeSo you have to do with the "old" classes in the default package.
Then use jschell's suggestion to devise proxying code that allow bridging between the packages.
since Java 1.4, I can't call the java class in the default package from packaged class any moreIf I understand jschell's post, this restriction is enforced by the Java compiler , not by the Java interpreter (JVM). Indeed this is specified in the JLS (Java Language Specifications, http://java.sun.com/docs/books/jls/third_edition/html/packages.html#7.5), not the JVM specifications (I have not verified that latter point).
So if you get an older JDK (before 1.4 they would accept the construct), you can try writing proxy classes within a named package, proxying to the old classes in the unnamed package. Once they are compiled, and jarred together for convenience, you can switch back to the current compiler (let's says 1.6) to compile the rest of your application classes, which only use the classes in the named package, using the jar as a library.
When executing the program, the JVM will execute everything without complaining, since it supports execution of compiled code that has been compiled with former versions.
Maybe you are looking for
-
Tab canvas on a content Canvas
Hi, I need to put a tab canvas on a content canvas in 10g R2. and have items from the same data block distributed across the canvases. I have set them up with the appropriate viewport for the tab canvas, but at runtime, the tab canvas does not appear
-
Please help! My LG external hard disk is not showing in finder and trouble using disk utility
I used my LG external HDD disk drive on my mac a couple of times but now it's not being recognised by my mac anymore and doesn't show up on finder. I found the disk in disk utility and when i verified it, it said: Unable to bootstrap transaction gro
-
How to get the value of sessionbean's properties in JSP?
Hi,All I want to invoke setInterval() in JSP,and invoke clearInterval() when sessionbean's property is not null.But I don't know how to get the sessionbean's property. Thanks Smile.
-
How to realize print function in JSP
How to realize print function in JSP? I know use Javascript:window.print() can print,but it will print whole page,it don't fit me;Another method is to write JSP into Excel and then print it in Excel,but it don't fit me too,because it don't print dire
-
Can i stop apps i purchase on my iphone from appearing automatically on all my devices?
Can I stop apps that I purchase from appearing across all my other devices? For example if my wife purchases something on her phone, it shows up automatically on mine.