Using a JAAS compliant LoginModule in OC4j
Hi.
I'm trying to set up an application to use a custom LoginModule in OC4J. The OC4J security FAQ states that this can be done by adding <!--Login Module Data-->... to the jazn-data.xml file as it is done with the oracle.security.jazn.tools.Admintool. The only users I seem to be able to authenticate with is the ones defined in the <jazn-realm> section of jazn-data.xml. If I try to remove this or parts of this section, the application fails to start.
If I deliberately misspells the classname of the login module, no error message is displayed.
Do I have to enable the use of custom login modules in any way other then adding them to the jazn-data.xml file? I not, can anyone tell me why I cant get it to work, and what I can do to get it to work?
I am using a SampleLoginModule from sun.
The classfiles for the login module is placed in a jar file in <j2ee-home>\lib directory
The OC4J is version 9.0.3.0.0
(standalone)
The login module data in jazn-data.xml:
<jazn-loginconfig>
<application>
<name>jazntest</name>
<login-modules>
<login-module>
<class>sample.module.SampleLoginModule</class>
<control-flag>required</control-flag>
<options>
<option>
<name>debug</name>
<value>true</value>
</option>
</options>
</login-module>
</login-modules>
<application>
I am wondering about the name tag in application. What name is this?
The name of the app IS jazntest.
Both in server.xml:
<application name="jazntest" path="../applications/jazntest.ear" auto-start="true" />
and in http-web-site.xml:
<web-app application="jazn-test" name="jazntest" root="/jazntest" />
Any help appreciated.
Ole
Ole, Anders,
A custom LoginModule can indeed be setup with JAZN if it's JAAS-compliant. In order to setup this up, you'll need to do the following:
1. Define the custom LoginModule in the global jazn-data.xml file (i.e. in the j2ee/home/config directory). The name-value tags are for optional parameters. Most LoginModules have a debug mode but this is optional (see the LoginModule specific documentation).
2. Put all the LoginModule files in the lib/ext directory of whichever JRE you are using (e.g. $oracle_home/jdk/jre/lib/ext). You may also need to place a copy of the "jaas.jar" file in that same directory.
3. For the actual application, you want to make sure that you do not use the container's security and authentication constraints defined in the application's web.xml file. Note: unlike the default JAZN RealmLoginModule, custom LoginModules are not integrated with these container security constraints. This means that with the custom LoginModule, you need to programmatically create a LoginContext and explicitly do a "login()" (as described in most JAAS tutorials). You may also need to restart the OC4J instance for some of these changes to take affect.
Regards,
-Lee
Similar Messages
-
OC4J 9.0.3: JAAS Compliant LoginModule support !
Hi,
I have a requirement where I need to migrate my JAAS Compliant LoginModule(implements LoginModule interface) from Weblogic to OC4J. I want to use my Custom LoginModule to perform authentication at the Web Tier and Ejb Tier and let the containers handle the details. I only want to plug in my Login Module as needed. The Login Module works absolutely fine as it is on Weblogic and JBoss, but fails to work on OC4J. This is the error that I get :-
When I call a protected EJB function the following error is found in the server.log file:
The run-as user is not an instance of com.evermind.security.User
Why is it looking for a "User" of this instance? I am using all standard JAAS compliant
classes:
javax.security.auth.spi.LoginModule to implement my Login Module
java.security.Principal to implement my Principal
java.security.acl.Group to implement by Group/Role
As of OC4J version 9.0.3 does it have Support for JAAS Compliant custom login module??
These are the source files that I have
1) JAAS Compliant Login Module (implement LoginModule interface)
2) JAAS compliant Principal (implement Principal interface)
3) JAAS compliant Group (implement Principal interface and Group interface)
4) Allow Web Tier and EJB Tier to be authenticated and authorized
Now how do I go about deploying the same on OC4J.
Any help would be appreciated.
Thanks in Advance,
Easwar.Hello All,
As I was going through JAAS implementation using the iPlanet LDAP as our user/role data source found that its not just the LoginModule you have to write in addition to this you would end up wirting a whole new set of classes for manaing the users i.e UserManager :(
Here is the list of classes we have to implement to get the container managed declarative security model to work with the Web (web.xml) and EJB containers (ejb-jar.xml)
1 SampleAuthenticator.java
2 SampleLoginModule.java
3 SampleProvider.java
4 SampleRealm.java
5 SampleRealmManager.java
6 SampleRealmPrincipal.java
7 SampleRealmRole.java
8 SampleRealmUser.java
9 SampleRoleManager.java
10 SampleUserManager.java
I have still some doubt that after implementing this there could be some more catch and the implementation may still not work!!! :(
Have any one done such an implementation?
if some one has done this please let us know is it worth implementing them?
Thank you
Mallik -
Use custom JAAS LoginModule without UME - possible?
Hi all,
I want to deploy an application that internally makes use of JAAS to authenticate users. There is a LoginModule that authenticates users against some database tables containing all the user data and profile. The application was not designed to be deployed to NetWeaver. So it does not make use of UME or some other NetWeaver specific feature. Actually it handles user management and authoroization issues completely on its own. The only reason for having JAAS is to allow customers to plug in their own LoginModule to use some other kind of user store.
When deploying the web application to a simple servlet engine like Tomcat, all I have to do is to register my LoginModule in the "jaas.conf" file that is parsed by JAAS default implementation. I also tell the JVM where my jaas.conf file is located by appending a "-Djava..." runtime parameter to the JVM startup script.
When using other application servers like IBM WebSphere things become a bit different. Normally you use the administration GUI of that server to configure your LoginModules. WebSphere for example keeps the login configuration in an internal database rather than writing everything into a "jaas.conf" text file. But the way the application can use the LoginModule is the same as in Tomcat.
But when it comes to Netweaver, it seems to me that it's not possible to define a LoginModule that your application can use WITHOUT having to couple it tightly to UME. Or did I get something wrong? Initially I've tried to modify the JVM's parameters (using SAP J2EE Config Tool) to include the location of my "jaas.conf" file containing the my login configuration. But that did not work. The parameter was really passed to the JVM but anyway my LoginModule was not found, I guess that NetWeaver has some own implementation of the JAAS interfaces that just ignore the plain text JAAS configuration files (like WebSphere also does).
The documentation that I have downloaded from SDN doesn't seem to match the 6.4 sneak preview version that I just downloaded some days ago. They say you should deploy your LoginModule as a library and add a refernce to the application. I tried that out but it did not help. The login configuration that the application wants to access is still not found. Actually there seems to be no way to specify the name for a JAAS Login Configuration in NetWeaver. At least I cound not find that in the documentation.
So basically my question is: is it possible to deploy an application that wants to use some own LoginModule (either deployed separately or together with the application, that does not matter) without making use of Netweaver specific features like UME? The application has its own user management infrastructure and just needs a way to setup a JAAS Login Configuration to access its own LoginModule.
Thanks for any reply
Henninghttp://help.sap.com/saphelp_nw04s/helpdata/en/3f/1be040e136742ae10000000a155106/content.htm
-
Use of JAAS in WLS6 for sngle logon
We're in the design stage of a product, which will be based on Weblogic Server 6 and are hoping to use JAAS.
I'm quite new to WL in general and JAAS security and having read the documentation, I'm still not clear on a few points about how JAAS is used in WLS6.
We're intending to provide a single logon for the system and then to log users on to other services such as email etc. behind the scenes, when the user requests them.
Does JAAS in WLS6 support this and if so, how best could we achieve it?
One idea I've read on the Sun site is that you can instantiate multiple LoginContexts at different times during the user session, each using a different Configuration pointing to different LoginModules to achieve this.
A couple of other things I've come across which may be useful in this context are :-
the <run-as-specified-identity> tag in the deployment descriptor
LoginModules being able to share information
Any help much appreciated
DaveSorry for the delay in replying, I was on vacation
Dave <[email protected]> wrote in message
news:[email protected]...
>
Thanks for the reply Alex.
If we just have a single LoginContext with multiple LoginModules, wouldn'tthat mean that when a user logged-on, it would log them on to all of the
services at the same time ?
Yes, that is the sequence specified under JAAS
We were trying to make it so that after the initial logon to the system,the user would be logged on to other services only when they accessed them
explicitly. Does that mean that we need multiple LoginContexts still ?
Unfortunately yes, you will need multiple LoginContext instances to do that.
set configuration
new context
context.login
context.getSubject
Subject.doAs(subject, action)
>
I understand that WLS6 will only provide for JAAS Authentication, notAuthorisation. Does that mean I need to use it in conjunction with the
existing Weblogic Authorisation, such as ACLs and Realms ?
>
The WLS6 JAAS implementation wrappers the existing ACL implementation and is
independant of the realm being used. Internally the Subject.doAs method
checks the ACLs of the user associated with the specified Subject instance.
Can I also ask about the granularity of Resources that can be protected byaccess control. Would these be at the level of Servlets, beans etc.
I believe you can but I'm not sure, check in the documentation on Servlets &
beans or post a followup question in those groups
>
Is the Beta Refresh available for downloaded now ? If not, how soon doyou think it would be ?
>
The beta refresh should be available early the week of 11/13
As regards the <run-as-specified-identity> tag in the deploymentdescriptor. Could you briefly explain its use and whether it would help us
with our logon approach ?
Again I'm not sure, again please post this to the associated group Servlets,
Beans, etc.
>
Thanks very much for your help again.
Dave
"Alex McDonald" <[email protected]> wrote:
Dave,
The WLS 6 JAAS implementation will support what you intend. While there
were
several bugs in the initial WLS 6 Beta these have been fixed in the Beta
refresh, if you need the updated files sooner I can send you a zip.
I would suggest the following. Single LoginContext, multipleloginModules.
Set your first configured loginModule to prompt for theusername/password,
each of the following loginModules can than use that information behindthe
scenes or prompt as needed for additional user info. Configure the first
loginModule as REQUISITE so that it must succeed for the login process to
continue. The WLS 6 JAAS sample loginModule implementation contains theWLS
login information, additional email, etc services can be added to the
Subject container as needed.
Alex
Dave <[email protected]> wrote in message
news:[email protected]...
We're in the design stage of a product, which will be based on WeblogicServer 6 and are hoping to use JAAS.
I'm quite new to WL in general and JAAS security and having read thedocumentation, I'm still not clear on a few points about how JAAS is usedin
WLS6.
We're intending to provide a single logon for the system and then to
log
users on to other services such as email etc. behind the scenes, when the
user requests them.
Does JAAS in WLS6 support this and if so, how best could we achieve it?
One idea I've read on the Sun site is that you can instantiate multipleLoginContexts at different times during the user session, each using a
different Configuration pointing to different LoginModules to achievethis.
>>>
A couple of other things I've come across which may be useful in thiscontext are :-
the <run-as-specified-identity> tag in the deployment descriptor
LoginModules being able to share information
Any help much appreciated
Dave -
Publish using iWeb 09 using any WebDAV compliant web development software
Our School is looking at moving to the Mac Platform. We currently use Frontpage to publish our website. Our current web host says that we can use "any WebDAV compliant web development software to publish our site. Is there a way to do this using iWeb 09?
Inigo wrote:
...is it simply a case of dragging a QT movie file into iWeb 09, publish it via FTP, and hey presto, people can view my films in high quality on the web? Is it really that simple or is there a catch?
George ~ Yes, there's a catch. Your videos will become part of iWeb's Domain file which may make it slow to open in iWeb, make backups and re-publish everything (if needed). Better to upload your videos separately to your server and embed them into your iWeb site.
iWeb '09 makes this easy if you upload your videos to YouTube: iWeb '09 has a new YouTube widget to embed your videos into your iWeb page:
http://www.apple.com/ilife/iweb/#widgets
...For high definition video, YouTube was recently ranked the best of several video sites:
Which HD video Web service is the best?
See also this article:
YouTube officially enables HQ in embedded videos
Also, I may want to show some videos encoded with Flash, not QT. Is that still possible using iWeb 09?
If you're concerned that some PC users won't have QT and won't want to install it, I think if you go the embedded YouTube route, almost all PC or Mac users will be able to view your videos — because "videos on YouTube are streamed through an Adobe Flash player."
If you'd prefer to use Flash in iWeb, this article may help:
http://web.mac.com/catucker/InsideOutside/Flash.html -
"Failed to use non CLS compliant type" when iterating SPLimitedWebPartManager.WebParts
Hi,
I having trouble updating a property of a custom web part with PowerShell, that is installed on a client's environment. The custom web part has a property called RowLimit for which I need to set an integer value.
Basically what my script does is, it gets the page with the web part (SPFile), then I get all the web parts on the page using the SPWeb.GetLimitedWebPartsManager function. Then I iterate all web parts in the manager using a 'foreach' like below:
$webpartmanager = $web.GetLimitedWebPartManager($page.Url, [System.Web.UI.WebControls.WebParts.PersonalizationScope]::Shared)
$webParts = $webpartmanager.WebParts
foreach($webPart in $webParts) {
UpdateWebPart $webPart $webPartType $webPartTitle $xmlReader
Now, the first few iterations works fine, I get the OOTB web parts and their properties, but as soon as I hit the custom web part I get this error:
The field/property: "RowLimit" for type: "OurWebPart.WebPart" differs only in case from the field/property: "rowLimit". Failed
to use non CLS compliant type.
So from what I've found online is that the web part possibly has two properties, a 'rowLimit' and a 'RowLimit' (which is legal in C#). And I've thought of ways to get around this when trying to update the property, but I'm not even getting to the point of
making the update.
Unfortunately I don't have access to the source code for the web part, and even if I did we don't have the option of making it CLS compliant and redeploying - we need to work with what is there.
Can anyone please shed some light as how to get around this problem?
Thanks!Hi,
Thanks for your sharing.
What’s more, per my knowledge, the RowLimit property is the view pagination size for the web part.
There is an article about changing the property, you can refer to it.
http://sharepointblogbyshri.blogspot.com/2013/10/sharepoint-2010-edit-pagination-size.html
Thanks,
Jason
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Jason Guo
TechNet Community Support -
Migrating JAAS LoginModule from oc4j to WLS
Hi,
We are trying to migrate oc4j enterprise web service application to weblogic which implements JAAS LoginModule.
Followed Weblogic Docs for :
Developing Custom Security Providers
http://download.oracle.com/docs/cd/E12890_01/ales/docs32/dvspisec/progrmng.html
CustomAuthProvider (SecurityProvider) class points to the LoginModule which references to
application-specific classes.
Following are the issues we are dealing with:
1.Security Provider exist at the global-context means every request to WLS is going to hit to the provider
which we do not want, we need LoginModule to work at the application-context and not the global
weblogic context.
2. Clearly there is a disconnect if LoginModule resides in EAR (web app) and standalon MBean jar is
trying to invoke the LoginModule. It can't find the LoginModule.
so, the question is how can we have the JAAS LoginModule implemented in Weblogic
at the application (EAR) level and not at Weblogic server global level
(by MBean JAR) as it used to be in oc4j
public class CustomAuthProviderimplements AuthenticationProviderV2 {
public AppConfigurationEntry getLoginModuleConfiguration() {
System.out.println("Inside getLoginModuleConfiguration.");
return new AppConfigurationEntry("com.test.security.loginmodule.CustomLoginModule",
LoginModuleControlFlag.REQUIRED,
new HashMap());
}OC4J Doc Reference : Packaging Login Modules
http://download.oracle.com/docs/cd/B31017_01/web.1013/b28957/loginmod.htm#BABCFADI
Here's how it used to be done in oc4j
http://download.oracle.com/docs/cd/B14099_19/web.1012/b14013/loginmod.htm#i1006128
Thank you
Edited by: 877976 on Aug 8, 2011 11:11 AMThere is a WebLogic Server release specific for running Oracle Forms and Reports that is available for you to switch to from Oracle AS if you are current on your support and version. Just an FYI
Edited by: ChrisBaker on Jan 4, 2010 5:33 AM -
Where to put JAAS classfiles (loginmodules) when using it from a web app
Hi,
I am using JAAS authentication from a web application, the problem is that the login modules that I use, and all the classes that the LoginModule uses are not loaded from the WEB-INF/classes or WEB_INF/lib folder. I have to put them on the jdk/jre/lib/ext. The problem is that the classes I put there collide with other applications that use the same installed JDK.
I have developed it using jdk1.3.1 and JAAS 1.0.
Is there a way to put specify where login module classes should be loaded that does not interfere with other applications (that is, I do not want to put any class on the jdk/jre/lib/ext folder).
CheersUnfortunately, the only alternatives are to put all resources required by JAAS in jre/jre/lib/ext OR on the system classpath when the JVM is started.
This is apparently due to a bug in JAAS. The implementers of JAAS have the LoginContext written so that it loads resources only from the system classpath. Unless this was, for some reason intentional. I don't know what the plans are for JAAS going forward with respect to this.
Has it been fixed in J2SE 1.4?
I'll have you know this wreaks havoc with attempting to have your LoginModule use an EJBs to authenticate a user and add Principals to the Subject. -
Using Struts with JDeveloper, BC4J and OC4J 9.0.2
Is it feasible to use Struts with JDeveloper 9.0.2, BC4J 9.0.2 and OC4J 9.0.2? We have an application that uses the BC4J JBO tags in version 9.0.2. We wish to use Struts and we want to retain the use of the JBO tags. Is there a way to do this without upgrading to 9.0.3?
Here are two related questions:
Can we upgrade to oracle9iAS 9.0.3 yet still use JDeveloper 9.0.2 and BC4J/JBO 9.0.2?
Can we upgrade to JDeveloper 9.0.3 and BC4J/JBO 9.0.3 yet still deploy to oracle9iAS 9.0.2? -
How to use RAC database connection details in oc4j.xcfg files
Hi all,
we are using oc4j.xcfg files for the application module configuration for an ADF application. and one of the database has been configured on RAC. Any input on how to specify the RAC database details in the oc4j.xcfg file specially for the host name parameter.
The example entry like in oc4j.xcfg is like
?xml version = '1.0' encoding = 'UTF-8'?>
<BC4JConfig>
<AppModuleConfigBag>
<AppModuleConfig name="AppModuleLocal">
<AppModuleJndiName>dbta.model.AppModule</AppModuleJndiName>
<DeployPlatform>LOCAL</DeployPlatform>
<JDBCName>connectDB</JDBCName>
<ApplicationName>dbta.model.AppModule</ApplicationName>
<jbo.project>Model</jbo.project>
</AppModuleConfig>
</AppModuleConfigBag>
<ConnectionDefinition name="connectDB">
<ENTRY name="ConnectionName" value="connectDB"/>
<ENTRY name="URL" value="jdbc:oracle:thin:<user>/<pass>@<server>:<Port>:<SID>"/>
<ENTRY name="HOSTNAME" value="<server>"/>
<ENTRY name="JDBC_PORT" value="<port>"/>
<ENTRY name="SID" value="<SID>"/>
<ENTRY name="ConnectionType" value="JDBC"/>
<ENTRY name="JdbcDriver" value="oracle.jdbc.driver.OracleDriver"/>
<ENTRY name="ORACLE_JDBC_TYPE" value="thin"/>
<ENTRY name="DeployPassword" value="true"/>
</ConnectionDefinition>
how to specify the failover nodes details in the above entry for host name etc.
Thanks
NavinHere you are; all you want at
http://www.oracle.com/technology/sample_code/tech/java/sqlj_jdbc/files/9i_jdbc/OCIdriverTAFSample/OCIdriverTAFSample.java.html -
Renewable Ticket using keytab (JAAS) - Problem
Hi,
I am using a Key tab file with the below JAAS configuration.
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab = true
useTicketCache = true
keyTab="xyz.keytab"
storeKey=true
principal="user/xyz.com"
The configuration works only if the Kinit is called before hand and the ticket is present in the cache. I am checking a condition for renewable ticket using JAAS API and it works.
Now if I modify the JAAS configuration not to use ticket cache i.e., by setting the useTicketCache = false then without calling Kinit and just using the keyTab is failing to set the renewable flag although I am able to get the ticket authenticated from the kerberos using JAAS API. Below is the JAAS configuration.
com.sun.security.auth.module.Krb5LoginModule required
useKeyTab = true
useTicketCache = false
keyTab="xyz.keytab"
storeKey=true
principal="user/xyz.com"
Please let me know how do we use keytab in JAAS API bypassing kinit command and the renewable ticket flag is set.
Thanks,
Raghavendra NandagopalThanks for the reply
When I run this code
loginCtx = new LoginContext( "Client",
new LoginCallbackHandler( username, password));
which uses this package import javax.security.auth.login.LoginContext;
It starts connecting to kerberos and I see it mentioning UDP ports in the console, I thought this was part of JAAS but it seems I was mistaken, that is not a problem now
So the question now is, is there a way to get SOAP in between the client and the kerberos without sending the username and password? -
How to use this to comply w/dade county deadlines
I own an Apple Macbook. It is my personla property. The school system that has employed me for 12 years has not yet provided me with any technical equipment that I might use from home, to do work-related projects. Specifically sensitive time lined items. Adobe is installed on the Microsoft Outlook lite version on schools desktop computers. How/is it possible to install Adobe and AutoScan on my own personal macbook so that I can comply with the timely deadlines set by administration ? Thank you.
|__________| <black stripe
|~~~~~~~~~~~~| <sum space
|~~~~~~+~~~~~| <buttons in a circle like a clickwheel
|~~~~~~~~~~~~|
|~~|<<*~~*>>|~~|
|~~~~~~~~~~~~|
|~~~~~~-~~~~~|
|~~~~~~~~~~~~|
|~~~~MENU~~~~| <menu button in a circle again
|~~~~~~~~~~~~|
|~~~~~~~~~~~~|
|~~~~~~~~~~~~| -
How to redefine the used size of memory for the OC4J of the JDeveloper
Hi!!!
I am developing a project that works with net (Route), when I I execute the application of the error because the bank that it loads demands more free memory of the OC4J, somebody knows as I I configure a bigger size of memory for the OC4J in the JDveloper?
thanks...Try setting these parameters under project properties -> Run/Debug configuration -> Java options
-
How to map roles by using JAAS
Dear all,
i am implementing JAAS by using my own custom LoginModule, which will access to my database and get user login and password and do verification myself.
and i know that i need to set the secruity roles, secruity constraint in web.xml, and i have set Login Configuration to Form-Based Authentication.
here is part of my web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>LogonMain</web-resource-name>
<url-pattern>*.do</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
<role-name>sales</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>LogonMain.jsp</form-login-page>
<form-error-page>LogonMain.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>manager</role-name>
</security-role>
<security-role>
<role-name>sales</role-name>
</security-role>
<security-role>
<role-name>staff</role-name>
</security-role>
here is my question, it seems that all data action in my pages are protected, and i dont know how to map a particular user to the role that i define in web.xml.
so even though i logged in, i still cannot perform data action.
could anyone nice to tell me what could i do in this case for custom login module which accessing the database to get user login and password ?
i am appreicated your help !
thanks
KennyHi Matthew,
so the mapping is defined in orion-application.xml , right ?
i have something like this
<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE orion-application PUBLIC "-//Evermind//DTD J2EE Application runtime 1.2//EN" "http://xmlns.oracle.com/ias/dtds/orion-application.dtd">
<orion-application>
<web-module id="dbLoginModule" path="dbLoginModule.war"/>
<library path="d:\oc4j904\jdbc\lib"/>
<!-- mapping for DB Login Module -->
<security-role-mapping name="manager">
<user name="ITAH01" />
</security-role-mapping>
<jazn provider="XML">
<property name="role.mapping.dynamic" value="true"/>
</jazn>
<log>
<file path="application.log"/>
</log>
<data-sources path="./data-sources.xml"/>
<namespace-access>
<read-access>
<namespace-resource root="">
<security-role-mapping name="<jndi-user-role>">
<group name="administrators"/>
</security-role-mapping>
</namespace-resource>
</read-access>
<write-access>
<namespace-resource root="">
<security-role-mapping name="<jndi-user-role>">
<group name="administrators"/>
</security-role-mapping>
</namespace-resource>
</write-access>
</namespace-access>
</orion-application>
just wondering the library path should point to where ?
<library path="d:\oc4j904\jdbc\lib"/> this is the default path -
Create new JAAS login module & have to deploy in OC4J
Dear Experts,
Is it possible to create number of user roles under the group oc4jadmin. Then have to assign task for each user in group. please suggest me.
Thanks,
Rajesh
Edited by: Rajesh A on Mar 12, 2009 10:15 AM
Edited by: Rajesh A on Mar 12, 2009 6:48 PMh5. James,Anirudh
Is it possible to define new JAAS module that would first check with Oracle DB & then check with LDAP directory. Actually my requirement was to authenticate user with the help of backends. Here backend denotes both Oracle DB & LDAP. In the sense when user enters valid id & password it checks for existence in DB & if exist DB returns a new value (role) then have to check new value with LDAP( what are the privileges available for specified role & who is the superior for the same). The details maintaining in LDAP are dynamic so we cant able to move into DB. Every process involving here is automatic in the sense no external server connection should provide for authentication. The custom login module should be deploy in same OC4J container. Always available as service. I want to know about the following
1) How to define costom JAAS login module
2) How to configure coutom JAAS login module over OC4J
3) How to make use of it
Thanks,
Rajesh
Maybe you are looking for
-
After iOS 8 update no mobile signal and keeps crashing
My iPad 4 is about a year old and I recently updated it to ISO8 big mistake as it now has no mobile signal reception and keeps crashing. restored to factory setting using iTunes and now won't activate, iTunes account won't accept it and the iPad ke
-
Wired & Wireless UK Network Set-up - Appreciate your views/advice?
Hi Firstly, apologies if this isn't the right question for this forum. As it's re networking and I use an AE I hope this is right! I have a succesfuly workng wireless connection at home which is based on a D-Link DSL 300T ADSL Modem which has a phone
-
How to create PDF Fill in forms programatically ?
Hi I am developing an application in .Net environment. I have a requirement to create fill in pdf form through my program (Text boxes, check boxes, Group radio buttons, etc), fill and save PDF forms and finally extract entered information. I have fol
-
Wouldn't it be usefull?! I personally rarely use the sleep button, or even the rotation lock up button- What do you think? Maybe it would be easy for Apple to do this in the next update.
-
2 x SSHD using different configs?
Hi I would like to run 2 a SSHDs using two different configs. The reason is that from the internet I want to run key/passphrase but from the the LAN password is OK. I know how to run 2 x SSHDs, on 2 different ports, but how to have the second SSHD ge