Using iplanet with bea

I just got started with this projectwhere we need iplanet to play therole of web-server that uses a weblogicapp server as middle tier.And a portion of the site needs securesessions with the browser.Now, my question is, should i install thecertificates on the iplanet or do i doit on the weblogic server. And what arethe pros and cons associated with havingiplanet handle the HTTPS communicationand forward the request to the BEA app which might then handle the request in non-secure mode(lets say, the web-server and app-server are running on the same box).Any help regarding this would be greatly appreciated.

You need to have a certificate on the Web server, whether that is WebLogic
or Apache/iPlanet/IIS. If you want to have SSL between the Web server
plug-in and WebLogic, you will need to have a certificate there on WebLogic
as well.
More information should be in the documentation.
Michael
Michael Girdley
BEA Systems
Learning WebLogic? http://learnweblogic.com
Buy the only book covering J2EE & WebLogic 6:
http://www.amazon.com/exec/obidos/ASIN/0130911119/learnweblogic/103-9227026-
4636613
"bobby" <[email protected]> wrote in message
news:3b78a7b0$[email protected]..
I just got started with this projectwhere we need iplanet to play theroleof web-server that uses a weblogicapp server as middle tier.And a portion of
the site needs securesessions with the browser.Now, my question is, should i
install thecertificates on the iplanet or do i doit on the weblogic server.
And what arethe pros and cons associated with havingiplanet handle the HTTPS
communicationand forward the request to the BEA app which might then handle
the request in non-secure mode(lets say, the web-server and app-server are
running on the same box).Any help regarding this would be greatly
appreciated.

Similar Messages

Using iPlanet with XSQL Servlet

Anyone have any information on how to configure the XSQL Servlet to work with iPlanet?
TIA

It won't work because iPlanet 4.1 has a broken implementation of the Servlet API's getRealPath() method, the method that XSQL Servlet uses to resolve virtual paths into absolute paths.
I just debugged a complaint that it didn't work with iPlanet this week and this was the result I found.
Their path resolution works for their own JSP implementation, but not for any other servlet.

Using WebDav with Bea repository.

Hallo!
Have anyone integrated WebDav with Weblogic Portal Repository?
I need short description how to create WebDav repository on WL 10.0.
I tried follow the "BEAWebLogic Portal Content Management
Guide" instructions but my repository is still not working as WebDav repository.
I hope to find someone who can give me some knowledge.
Best regards
Hubert.

No, the Repository would be used instead of CVS.
David

Using ACLs With iPlanet 4.1

Hello,
I hope somebody can shed some light on the following:
I'm using iPlanet 4.1 on a UN*X box, and I need to restrict access to some web assets it serves. I read through the iPlanet administrator docs and learn't that it has access control built in via ACLs, in either user/group or host-ip modes.
It seems that [by default] user/group is verified by a challege/response system in which the server causes the browser to display a name/password popup dialog, etc, etc. My question is, is it possible to suppress this popup dialog, and use a login form instead?
Also, for user/password authentication mode, it seems I need to use an LDAP server. Is that always necessary? I was hoping I could get away with some sort of config file, which I would generate from, say db information.
The iPlanet 4.1 docs also say that it's possible to authenticate against an external database, if one writes against a C-library API to connect to the database. Going directly against a DB would be great, but this seems to be a more effort than I want to invest. Is there a Java API, perhaps?
Thank you.
--A

To answer my own post:
iPlanet web server 4.1 officially supports only basic and certificate-based authentication; it has no support for forms-based authentication. No known unofficial way to hack this, either. iPlanet 6.0 web server supports forms-based authentication.
LDAP is not necessary for < 100 users. iPlanet supports "htaccess" authentication--a file based system; see docs 4538, 7980, 50267, available from http://sunsolve.sun.com/pub-cgi/show.pl?target=home
iPlanet 4.1 web server has no Java API.
--A

How do I use LDAP with iMQ 2.0?

I am looking for an example to see how to use LDAP with iMQ 2.0.
I was able to set up the config settings to access a local LDAP,
but iMQ authentication still rejects valid logins.
Let me know if I can find more info someplace.

You can also find an example I put togther in the Sun One knowledge base.
If you go here:
http://knowledgebase.iplanet.com/NASApp/ikb/index.jsp
Search for article 7772
Alternatively here is the direct link
http://knowledgebase.iplanet.com/ikb/kb/articles/7772.html

Has anyone used JAAS with WebLogic?

Has anyone used JAAS with Weblogic? I was looking at their example, and I have a bunch of questions about it. Here goes:
Basically the problem is this: the plug-in LoginModule model of JAAS used in WebLogic (with EJB Servers) seems to allow clients to falsely authenticate.
Let me give you a little background on what brought me to this. You can find the WebLogic JAAS example (to which I refer below) in the pdf: http://e-docs.bea.com/wls/docs61/pdf/security.pdf . (I believe you want pages 64-74) WebLogic, I believe goes about this all wrong. They allow the client to use their own LoginModules, as well as CallBackHandlers. This is dangerous, as it allows them to get a reference (in the module) to the LoginContext's Subject and authenticate themselves (i.e. associate a Principal with the subject). As we know from JAAS, the way AccessController checks permissions is by looking at the Principal in the Subject and seeing if that Principal is granted the permission in the "policy" file (or by checking with the Policy class). What it does NOT do, is see if that Subject
has the right to hold that Principal. Rather, it assumes the Subject is authenticated.
So a user who is allowed to use their own Module (as WebLogic's example shows) could do something like:
//THEIR LOGIN MODULE (SOME CODE CUT-OUT FOR BREVITY)
public class BasicModule implements LoginModule
private NameCallback strName;
private PasswordCallback strPass;
private CallbackHandler myCB;
private Subject subj;
         //INITIALIZE THIS MODULE
           public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options)
                  try
                       //SET SUBJECT
                         subj = subject; //NOTE: THIS GIVES YOU REFERENCE
TO LOGIN CONTEXT'S SUBJECT
                                                 // AND ALLOWS YOU TO PASS
IT BACK TO THE LOGIN CONTEXT
                       //SET CALLBACKHANDLERS
                         strName = new NameCallback("Your Name: ");
                         strPass = new PasswordCallback("Password:", false);
                         Callback[] cb = { strName, strPass };
                       //HANDLE THE CALLBACKS
                         callbackHandler.handle(cb);
                  } catch (Exception e) { System.out.println(e); }
     //LOG THE USER IN
       public boolean login() throws LoginException
          //TEST TO SEE IF SUBJECT HOLDS ANYTHING YET
          System.out.println( "PRIOR TO AUTHENTICATION, SUBJECT HOLDS: " +
subj.getPrincipals().size() + " Principals");
          //SUBJECT AUTHENTICATED - BECAUSE SUBJECT NOW HOLDS THE PRINCIPAL
           MyPrincipal m = new MyPrincipal("Admin");
           subj.getPrincipals().add(m);
           return true;
         public boolean commit() throws LoginException
               return true;
    }(Sorry for all that code)
I tested the above code, and it fully associates the Subject (and its principal) with the LoginContext. So my question is, where in the process (and code) can we put the LoginContext and Modules so that a client cannot
do this? With the above example, there is no Security. (a call to: myLoginContext.getSubject().doAs(...) will work)
I think the key here is to understand JAAS's plug-in security model to mean:
(Below are my words)
The point of JAAS is to allow an application to use different ways of authenticating without changing the application's code, but NOT to allow the user to authenticate however they want.
In WebLogic's example, they unfortunately seem to have used the latter understanding, i.e. "allow the user to authenticate however they want."
That, as I think I've shown, is not security. So how do we solve this? We need to put JAAS on the server side (with no direct JAAS client-side), and that includes the LoginModules as well as LoginContext. So for an EJB Server this means that the same internal permission
checking code can be used regardless of whether a client connects through
RMI/RMI-IIOP/JEREMIE (etc). It does NOT mean that the client gets to choose
how they authenticate (except by choosing YOUR set ways).
Before we even deal with a serialized subject, we need to see how JAAS can
even be used on the back-end of an RMI (RMI-IIOP/JEREMIE) application.
I think what needs to be done, is the client needs to have the stubs for our
LoginModule, LoginContext, CallBackHandler, CallBacks. Then they can put
their info into those, and everything is handled server-side. So they may
not even need to send a Subject across anyways (but they may want to as
well).
Please let me know if anyone sees this problem too, or if I am just completely
off track with this one. I think figuring out how to do JAAS as though
everything were local, and then putting RMI (or whatever) on top is the
first thing to tackle.

Send this to:
newsgroups.bea.com / security-group.

Error occurred while finding users using API with custom field

Hi All,
I am getting the following error while searching user using API with custom attribute. Did anybody faced the same problem before ?
Hashtable<Object,Object> env = new Hashtable<Object,Object>();
env.put("java.naming.factory.initial", "weblogic.jndi.WLInitialContextFactory");
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://localhost:14000");
System.setProperty("java.security.auth.login.config","C:\\Oracle\\Middleware\\Oracle_IDM1\\designconsole\\config\\authwl.conf");
System.setProperty("OIM.AppServerType", "wls");
System.setProperty("APPSERVER_TYPE", "wls");
tcUtilityFactory ioUtilityFactory = new tcUtilityFactory(env, "xelsysadm", "Weblogic123$");
OIMClient client = new OIMClient(env);
client.login("xelsysadm", "Weblogic123$".toCharArray());
SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd");
tcUserOperationsIntf moUserUtility = (tcUserOperationsIntf)ioUtilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
Hashtable mhSearchCriteria = new Hashtable();
mhSearchCriteria.put("USR_UDF_ACTUALSTARTDATE",formatter.format(date));
tcResultSet moResultSet = moUserUtility.findAllUsers(mhSearchCriteria);
printTcResultSet(moResultSet,"abcd");
log4j:WARN No appenders could be found for logger (org.springframework.jndi.JndiTemplate).
log4j:WARN Please initialize the log4j system properly.
Exception in thread "main" Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:237)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_1036_WLStub.findAllUsersx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at com.sun.proxy.$Proxy2.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntfDelegate.findAllUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at com.sun.proxy.$Proxy3.findAllUsers(Unknown Source)
at oim.standalone.code.OIMAPIConnection.usersearch(OIMAPIConnection.java:209)
at oim.standalone.code.OIMAPIConnection.main(OIMAPIConnection.java:342)
Caused by: Thor.API.Exceptions.tcAPIException: Error occurred while finding users.
at com.thortech.xl.ejb.beansimpl.tcUserOperationsBean.findAllUsers(tcUserOperationsBean.java:4604)
at Thor.API.Operations.tcUserOperationsIntfEJB.findAllUsersx(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1614.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy347.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl.findAllUsersx(Unknown Source)
at Thor.API.Operations.tcUserOperationsIntf_e9jcxp_tcUserOperationsIntfRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Thank you

Hi J,
Thanks for the reply. But the code is working fine for OOTB attributes and for 11g API i am getting permission exception
Exception in thread "main" oracle.iam.platform.authz.exception.AccessDeniedException: You do not have permission to search the following user attributes: USR_UDF_ACTUALSTARTDATE.
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.search(UserManagerImpl.java:1465)
at sun.reflect.GeneratedMethodAccessor1034.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at oracle.iam.platform.utils.DMSMethodInterceptor.invoke(DMSMethodInterceptor.java:25)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy366.search(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManagerEJB.searchx(Unknown Source)
at sun.reflect.GeneratedMethodAccessor1449.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.oracle.pitchfork.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:34)
at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
at com.oracle.pitchfork.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:42)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy365.searchx(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl.__WL_invoke(Unknown Source)
at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl.searchx(Unknown Source)
at oracle.iam.identity.usermgmt.api.UserManager_nimav7_UserManagerRemoteImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Caused by: oracle.iam.identity.exception.SearchAttributeAccessDeniedException: You do not have permission to search the following user attributes: USR_UDF_ACTUALSTARTDATE.
at oracle.iam.identity.usermgmt.impl.UserManagerImpl.search(UserManagerImpl.java:1462)
... 44 more

Integrate with BEA Portal and Lotus Domino R5.0.12

Deal all:
I got a problem when I integrate with BEA Portal and Lotus Domino R5.0.12.
my environment is below:
- Domain Server :
Lotus Domino Server R5.0.12
BEA Personal Messaging API 4.3
(test successful on local host)
- Application Server:
BEA Weblogic 8.15
BEA Groupware portlets 2.5
I got connection successful message when I using "Domino Service Connection"
but I got "CZ: VERSION CONFLICT" error message when I add a new account by
Compoze_Groupware-Edit Account user interface.
Have anybody met the error message before... and know how to sovle the problem..
I appreciated any suggest or comment~~~
detail error message is below:
portlets.compoze.groupware.exception.ConnectionException: CZ: VERSION CONFLICT at portlets.compoze.groupware.controls.provider.SessionControlImpl.createSession(SessionControlImpl.jcs:142) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:371) at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:433) at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:406) at com.bea.wlw.runtime.jcs.container.JcsProxy.invoke(JcsProxy.java:381) at $Proxy19.createSession(Unknown Source) at portlets.compoze.groupware.controls.provider.GroupwareProviderControlImpl.updateAccount(GroupwareProviderControlImpl.jcs:4825) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.bea.wlw.runtime.core.dispatcher.DispMethod.invoke(DispMethod.java:371) at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:433) at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:406) at com.bea.wlw.runtime.core.container.Invocable.invoke(Invocable.java:249) at com.bea.wlw.runtime.jcs.container.JcsContainer.invoke(JcsContainer.java:85) at com.bea.wlw.runtime.core.bean.BaseContainerBean.invokeBase(BaseContainerBean.java:224) at com.bea.wlw.runtime.core.bean.SLSBContainerBean.invoke(SLSBContainerBean.java:109) at com.bea.wlwgen.StatelessContainer_ly05hg_ELOImpl.invoke(StatelessContainer_ly05hg_ELOImpl.java:207) at com.bea.wlwgen.GenericStatelessSLSBContAdpt.invokeOnBean(GenericStatelessSLSBContAdpt.java:62) at com.bea.wlw.runtime.core.bean.BaseDispatcherBean.runAsInvoke(BaseDispatcherBean.java:153) at com.bea.wlw.runtime.core.bean.BaseDispatcherBean.invoke(BaseDispatcherBean.java:54) at com.bea.wlw.runtime.core.bean.SyncDispatcherBean.invoke(SyncDispatcherBean.java:168) at com.bea.wlw.runtime.core.bean.SyncDispatcher_k1mrl8_EOImpl.invoke(SyncDispatcher_k1mrl8_EOImpl.java:46) at com.bea.wlw.runtime.core.dispatcher.Dispatcher.remoteDispatch(Dispatcher.java:161) at com.bea.wlw.runtime.core.dispatcher.ServiceHandleImpl.invoke(ServiceHandleImpl.java:436) at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl._invoke(WlwProxyImpl.java:326) at com.bea.wlw.runtime.core.dispatcher.WlwProxyImpl.invoke(WlwProxyImpl.java:315) at $Proxy11.updateAccount(Unknown Source) at portlets.compoze.content.options.accounts.editAccount.editAccountController.saveChangesAccountAction(editAccountController.jpf:534) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at com.bea.wlw.netui.pageflow.FlowController.invokeActionMethod(FlowController.java:1512) at com.bea.wlw.netui.pageflow.FlowController.getActionMethodForward(FlowController.java:1447) at com.bea.wlw.netui.pageflow.FlowController.internalExecute(FlowController.java:778) at com.bea.wlw.netui.pageflow.PageFlowController.internalExecute(PageFlowController.java:211) at com.bea.wlw.netui.pageflow.FlowController.execute(FlowController.java:608) at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484) at com.bea.wlw.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:1504) at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274) at com.bea.wlw.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:674) at com.bea.wlw.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:527) at com.bea.wlw.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:152) at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507) at com.bea.wlw.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1734) at com.bea.wlw.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1754) at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.executeAction(ScopedContentCommonSupport.java:561) at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.processActionInternal(ScopedContentCommonSupport.java:121) at com.bea.portlet.adapter.scopedcontent.PageFlowStubImpl.processAction(PageFlowStubImpl.java:98) at com.bea.netuix.servlets.controls.content.NetuiContent.raiseScopedAction(NetuiContent.java:150) at com.bea.netuix.servlets.controls.content.NetuiContent.raiseScopedAction(NetuiContent.java:109) at com.bea.netuix.servlets.controls.content.NetuiContent.handlePostbackData(NetuiContent.java:224) at com.bea.netuix.nf.ControlLifecycle$3.visit(ControlLifecycle.java:171) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:355) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walkRecursive(ControlTreeWalker.java:365) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:126) at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:105) at com.bea.netuix.nf.Lifecycle.runInbound(Lifecycle.java:173) at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:137) at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:333) at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:196) at com.bea.netuix.servlets.manager.PortalServlet.doPost(PortalServlet.java:772) at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:150) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1072) at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:28) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27) at com.bea.p13n.servlets.PortalServletFilter.doFilter(PortalServletFilter.java:293) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6987) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3892) at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2766) at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224) at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)

Hi,
The reason why you are seeing this exception is because there is a mismatch between the version of the WLPM API used by the portlets, with the version of the service that you have installed on you Domino server.
To explain a little, there are two sides to the API that is used to communicate with Lotus Domino:
1) the Java API side (used by the portlets that you have installed in the portal)
2) the Domino Service side (installed as a DSAPI filter in the HTTP task of a Domino Server)
Each Java API jar and Domino Service Executable are branded with a version number, which in your case does not match because the portlets came with one version of the Java API, and you have installed a non-matching version of the service on the Domino Service side (you probably extracted the executable for the service installation from the "BEA Personal Messaging API 4.3" bundle or installer).
The solution for this is to:
1) uninstall the Domino Service that you have plugged into the domino service
2) extract the Domino Service installer which was included with the portlet bundle. This is located in the "Program Files\compoze\groupware_portlets_bea-2.5\8.1\service\domino" directory if you ran the portlet installer, or in the "groupware_portlets_bea81-noinstall-25\groupware_portlets_bea-2.5\8.1\service\domino" directory if you used the "no-install" zip file.
As a tip, to quickly check whether the versions of the service and Java APIâ€™s that you are using are matching, perform the following steps:
1) hit the domino server with the following URL and notice the "service version": http://domino_service_url:http_port/compoze.czdo. This should be something like "Service Version: 3.6.102"
2)in your portal application (or in the portlet install bundle), open the harmony_portlets.jar file with winzip, then find the "compoze_products_information.properties" file. In this file, notice the "product.domino" version (e.g. product.domino = 3.6.102)
3) the two versions you have inspected must match in order for the connection between the portlet and service to succeed.
If you have verified that the "service" version and "java API" version (located in %portal_app_dir%/APP-INF/lib/harmony_portlets.jar, and you are still getting the exception, it is likely that there is a "harmony_portlets.jar" that included an old version of the Java API located somewhere in the portal server classpath. In this case, make sure that the only harmony_portlets.jar in the classpath is the one that was included with the portlet bundle that you have installed.
Regards,
Lev

How to use JNI with Servlets

Hi
i was trying to do some example with JNI. I can use JNI with standalone Java application but I just cannot figure out how I can use JNI with Servlet.
Can some one show me a sample code using JNI with Servlets.
thanks very much

hi,
I am also facing the same problem,
when I am using JNI with stand alone application it works fine but when i tried to use it with a servlet It gives unsatisfied linker error
stack: java.lang.UnsatisfiedLinkError: createSocket
     at RelayConnector.createSocket(Native Method)
     at RelayServlet.doGet(RelayServlet.java:70)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:891)
     at com.iplanet.server.http.servlet.NSServletRunner.Service(NSServletRunner.java:458)
It seems i have to do some path settings in my iplenet web server.
If some one have faced the problem i would be glad to know the solution for this, i am literally bugged up,....

Using Tuxedo with Oracle Real Application Clusters (RAC)

Hi all ,
Our present Producation environment is Tuxedo8.0 with Oracle 9i as database .
We are planning to implement oracle RAC .
Can any one tell us , with the current tuxedo version which is 8.0 ,can we for RAC Or we need to upgrade Tuxedo to 9.1 for RAC Implementation?
If anyone has Implemented Tuxedo and Oracle with RAC successfully
Pls share your experience.
Thanks In Adavance
Nadeer .

Subbu,
As I mentioned earlier in this thread, support for Oracle RAC has been
implemented in Tuxedo 9.1 and in the Tuxedo 8.1 and Tuxedo 9.0 rolling patch
streams. There are no plans to backport this feature to Tuxedo 8.0. If you
plan to use RAC transactionally and if it is possible for multiple services
that could be located on different RAC instances to be accessed in a single
transaction (which will be true for most applications), then you should
upgrade to a version of Tuxedo with support for Oracle RAC. The
documentation at http://e-docs.bea.com/tuxedo/tux91/ads/adorac.htm#248431
gives an overview of RAC support in Tuxedo.
Ed
<Subramonian Arumugom> wrote in message news:[email protected]..
Hello Nadeer, Hello Ed,
Has the implementation of Tuxedo8.0 with Oracle RAC was completed
successfully ?.
If it is done , I have few doubts. Could you please help me ?.
1) I hope your Tuxedo middleware connects to the oracle Database using
Oracle XA resource manager and the TMS server built using buildtms with
oracle as RM .As per the mail from Ed, migration of Tuxedo9.1 should be done
before moving to Oracle RAC.
Also from BEA documentation, Oracle RAC support was given as new feature in
Tuxedo9.1.
Our Application uses Oracle RM to connect to Oracle DB[ Oracle 10g] from
Tuxedo8.0. So do we need to upgrade to Tuxedo9.1. for using Oracle RAC ?.
Thanks for your help
Best Regards
Subbu
#9880278452
Edited by subramonian.a at 04/16/2007 12:15 AM
Edited by subramonian.a at 04/16/2007 12:19 AM
Edited by subramonian.a at 04/16/2007 1:37 AM
Edited by subramonian.a at 04/16/2007 8:20 AM

Using XA with Oracle ERP application

Hi,
We have two Tuxedo Domains that we need to establish global transaction:
First Domain - Tuxedo 6.4 with Oracle 8.0.6 database.
Second Domain - Tuxedo 6.4 with Oracle ERP application (Oracel version 8.0.5)
A Client that calls a Tuxedo server in the first domain this service doing some work
on the database and then calls another service in the second domain (using Domain
connection).
The service in the second Domain activate a Oracle API (package) from the ERP application.
The Rollback works but we problem with the commit. We recieve the following Oracle
Error - ORA-06574: Function "VIEW_ALL" references package state can not execute remotly.
Revital Bloom
[email protected]

Subbu,
As I mentioned earlier in this thread, support for Oracle RAC has been
implemented in Tuxedo 9.1 and in the Tuxedo 8.1 and Tuxedo 9.0 rolling patch
streams. There are no plans to backport this feature to Tuxedo 8.0. If you
plan to use RAC transactionally and if it is possible for multiple services
that could be located on different RAC instances to be accessed in a single
transaction (which will be true for most applications), then you should
upgrade to a version of Tuxedo with support for Oracle RAC. The
documentation at http://e-docs.bea.com/tuxedo/tux91/ads/adorac.htm#248431
gives an overview of RAC support in Tuxedo.
Ed
<Subramonian Arumugom> wrote in message news:[email protected]..
Hello Nadeer, Hello Ed,
Has the implementation of Tuxedo8.0 with Oracle RAC was completed
successfully ?.
If it is done , I have few doubts. Could you please help me ?.
1) I hope your Tuxedo middleware connects to the oracle Database using
Oracle XA resource manager and the TMS server built using buildtms with
oracle as RM .As per the mail from Ed, migration of Tuxedo9.1 should be done
before moving to Oracle RAC.
Also from BEA documentation, Oracle RAC support was given as new feature in
Tuxedo9.1.
Our Application uses Oracle RM to connect to Oracle DB[ Oracle 10g] from
Tuxedo8.0. So do we need to upgrade to Tuxedo9.1. for using Oracle RAC ?.
Thanks for your help
Best Regards
Subbu
#9880278452
Edited by subramonian.a at 04/16/2007 12:15 AM
Edited by subramonian.a at 04/16/2007 12:19 AM
Edited by subramonian.a at 04/16/2007 1:37 AM
Edited by subramonian.a at 04/16/2007 8:20 AM

How to use authid with rwservlet via WebLogic Thin Client

1. Using J2EE Thin Client for WebLogic (WL) to submit interactive requests for Oracle Reports (App Server 10g) running on another server without SSO.
2. After starting basic Infrastructure, we start rwserver in batch mode (no other mid-tier components are used).
3. It appears that the cgicmd.dat file in the Thin Client conf directory on the WL server controls the DB access with the key:connect string info it has.
4. We had been allowing the testers to come in via the web through a SunOne (iPlanet/Netscape) web server instance, which in turn connects to the WL server running the Thin Client instance.
5. We noticed that anyone could run rwservlet to view report status with the showjobs command via a URL through the same mechanism as point #4 above, and were concerned about security of the reports - "bad".
6. Then someone realized the showmap command could also be specified, and thus see the DB connect string (Id/pw/SID) - "worse".
I researched securing Reports, and read through the white paper, "Securing Oracle9i Reports", and although it discusses security without using SSO, all it says is "users accessing a secured instance of Oracle9iAS Reports Services will be challenged to identify themselves by the Reports Servlet, using its own authentication mechanism (as with Reports6i)", but I can find no explanation of how that works, nor how it would work with the WL Thin Client.
Questions:
1. How are the Id's/passwords set up under AS 10g "as with Reports6i" in this environment going through the WL Thin Client?
2. Is there anything else that needs to be done to secure the created reports, and the connect string info (i.e. using authid with rwservlet?showjob, and not allowing the rwservlet?showmap to be executed at all)?
TIA,
ROC

the JDBC Developer's Guide (11gR2)
gives an example in chapter 9 under "JDBC Thin Driver Support for Encryption and Integrity", sub- "Setting Encryption and Integrity Parameters in Java"
from Oracle SQL Devloper, without redirecting the client to use the OCI/thick driver, choose, new database connection, connection type Advanced. add the entry from the example noted above to the Custom JDBC URL form.
for example:
Properties prop = new Properties();
prop.setProperty(OracleConnection.CONNECTION_PROPERTY_THIN_NET_ENCRYPTION_LEVEL,"REQUIRED");
prop.setProperty(OracleConnection.CONNECTION_PROPERTY_THIN_NET_ENCRYPTION_TYPES,"(AES128)");
OracleDataSource ods = new OracleDataSource(); ods.setProperties(prop); ods.setURL(jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=xxxx)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=xxxx)(INSTANCE_NAME=xxxx))));
Connection conn = ods.getConnection();
strange side note!, we could not get this to encrypt unless the sqlnet.ora file included the SQLNET.ENCRYPTION_SERVER=required. if this was set to default(accepted), and even though the jdbc thin client properties set to required, the network traffic was still clear text.
good luck

Managed server does not start with BEA-090870 security error

I am getting this autorization error
<Sep 22, 2014 11:07:23 PM EDT> <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /opt/app/oracle/middleware/v12c/oracle_home/wlserver/server/lib/XACMLAuthorizerInit.ldift..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: weblogic.security.spi.ProviderInitializationException: A failure occurred attempting to load LDIF for provider Authorizer from file /opt/app/oracle/middleware/v12c/oracle_home/wlserver/server/lib/XACMLAuthorizerInit.ldift.
It use to be working. I am looking for a way to correct this.
Thanks

hi
the following link may hekpful to you
http://webservices.bea.com:8080/Clarify/getCaseDetails.do?caseID=537204
open a support case with bea
Regards
Prasanna Yalam

Access to Oracle 8i DB using iPlanet web server

Hi ,
I have been trying to implement Connection Pooling in my application using the built-in features of iPlanet App server 6.5 . For the same i have made the following entries:
1. web.xml
<resource-ref>
<description>Ptrade Entry</description>
<res-ref-name>jdbc/ptradeDataSource</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
2. ias-web.xml
<resource-ref>
<res-ref-name>jdbc/ptradeDataSource</ref-ref-name>
<jndi-name>jdbc/ptrade/ptradeDB</jndi-name>
</resource-ref>
3. Also my class tries to ge the context using
try {
InitialContext ic = new InitialContext();
ds = (DataSource)ic.lookup("java:comp/env/jdbc/ptradeDataSource");
catch (NamingException ne) {
System.out.println("Naming Exception" + ne);
Connection dbc = ds.getConnection();
return dbc;
However i am getting an javax.naming.NameNotfoundException: can't locate jdbc/ptradeDataSource.
Could somebody pls tell me what is wrong with my configuration and code?

Hi Rahul,
Thanks for bringing this page to my
notice..But there are still a few doubts which i
have...
. I have worked on JNDI so far, so could you please
tell me where exactly i need to define the namespace
of JNDI ? In which all configuration files would i
need to declare the database? more specifically,Would
i need to make any changes to server.xml?Probably web.xml and server.xml
2. Could you please share any xml files that would
give the additions that i need to make in my setup?I don't use iPlanet. Not many people do these days that I know of.
You could look at the Tomcat docs on how to set up a JNDI data source. That should help.
3. Would i need to explicitly close the DB
connections in my code?You should be already. If you're not, you're writing bad code. ResultSets and Statements need to be closed as well.
%

Certificate Manager Software compatible with BEA?

Hi,
We want to use 2-way SSL certification, and create client certificates for
our clients.
I tried using Netscape CMS, but the WL documentation says it is
incompatible.
Of course, we want to be an isolated CA to make sure that no client
authenticated by
other CAs has access.
Has anyone used a certificate server compatible with BEA weblogic?
Is there a way to convert the output of Netscape CSM to a compatible format
(PEM or DER) ?
Thanks in advance,
Luis Muniz

Hi all,
I finally managed. Somehow creating the request with openSSL doesn't work.
You have to create the certificate request with the certificate request
servlet.
Now I'm going to try to create some client certificates.
"Luis Muniz" <[email protected]> wrote in message
news:[email protected]...
Hi,
I tried openSSL, here are my results:
I created a self-signed demoCA.
I created a certificate signed by this CA.
i have following files:
newkey.pem (512 bits RSA private key)
newcert.pem (certificate)
but when I start WL 61, i still get the error:
<Oct 26, 2001 12:25:49 PM CEST> <Alert> <WebLogicServer> <Security
configuration
problem with certificate file certifs/newkey.pem, java.io.IOException:
Length i
s too big: takes 108 bytes>
java.io.IOException: Length is too big: takes 108 bytes
at
weblogic.security.ASN1.ASN1Header.inputLength(ASN1Header.java:148)
at weblogic.security.ASN1.ASN1Header.input(ASN1Header.java:120)
at weblogic.security.RSAPrivateKey.input(RSAPrivateKey.java:111)
at weblogic.security.RSAPrivateKey.<init>(RSAPrivateKey.java:91)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:397)
atweblogic.t3.srvr.SSLListenThread.<init>(SSLListenThread.java:300)
atweblogic.t3.srvr.T3Srvr.initializeListenThreads(T3Srvr.java:1045)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:480)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:202)
at weblogic.Server.main(Server.java:35)
Any idea?
Thanks
"Gilbert W. Pilz Jr." <[email protected]> wrote in message
news:[email protected]...
In article <[email protected]>, [email protected] says...
Hi,
We want to use 2-way SSL certification, and create client certificates
for
our clients.
I tried using Netscape CMS, but the WL documentation says it is
incompatible.
Of course, we want to be an isolated CA to make sure that no client
authenticated by
other CAs has access.
Has anyone used a certificate server compatible with BEA weblogic?Have you tried OpenSSL?
- gil

Using iplanet with bea

Similar Messages

Maybe you are looking for