Using the Security Manager to restrict access to a single package

Similar Messages

• Disabling the Security Manager

  When the J2EE 1.4 refernce server is running with the Security Manager disabled the web based admin console stops working (some sort of JACC error),although asadmin seems to work fine. Which leads to a few questions :
  1. Is there a way to disable the Security Manager and use the web console ?
  2. Are there other downstream effects to running the server without the Security Manager enabled ? What other features can/will fail?
  Its nice to see Sun putting an emphasis on out of the box security, but using the Security Manager is a real pain during development and is overkill for alot of internal deployments.

  Hi,
  There is no mechanism to disable the SecurityManager in J2EE 1.4. JACC (JSR115) is a new spec that went into 1.4 that allowed for plugging authorization provider in the J2EE. This spec makes it mandatory for us to have the security manager on all the time.
  If you turn off the security manager, the web console should not work properly as it is a web app and has security permissions defined that are interpreted by our JACC provider.
  Downstream effects of running the server with security manager disabled, will mean that all checks that we have as part of the server policy will fail and ofcourse all applications that use authorization checks will fail too.
  We have spent considerable time from this release to improve the performance of the system with the security manager enabled. You should look out for the next release coming out that will have these optimizations.

• An impersonation error occurred using the security context of the current user. -- Report server is on remote server and file share folder is on local server

  I have deployed a report on the server (e.g. remoteserver\reports) from my local machine. I opened the report in browser in my local machine and created a new subscription with windows file share delivery option.
  But its giving an error "Failure writing file \\localserver\subscriptions\Report1.xls : An impersonation error occurred using the security context of the current user." Here "subscriptions"
  is the folder which I have created in my local machine.
  I followed the instructions found in the link "http://msdn.microsoft.com/en-us/library/ms157386.aspx"
  Please help to solve this issue.

  Hi,
  Thank you for your reply.
  I have followed the same process. The credentials which I have given are same as my PC. But I am getting the same error. Can you please clarify the statement "Service
  account that is using for file share subscription should have write access to shared folder."
  given in the above link?
  I am the one who created the folder and subscribing the report, so probably I have the full write permissions to the shared folder. What is the service account in this context?
  I think the problem is, I am deploying the report on the server and creating the shared folder in the local machine. I tried giving shared folder permissions to the user on the server. But my local machine is in local domain and I cant access the users on
  the remote server. Do I need to create a shared folder on the server? I am new to SSRS. Please help me.
  PS: I have assigned with all roles viz. Browser, Content Manager, Publisher, Report Builder etc. and My Role name (WEBSERVER\User)
  is different from my local user name (domain\username) in domain.

• ARM approval error after upgrading to SP14: Database error while using the secure store.

  Dear GRC experts,
  After upgrading GRC 10 to SP14, assigning manual passwords during the approval of a request, the approval process is failing.
  Here is the scenario; your advice will be appreciated.
  Task: Manually assign passwords to multiple systems contained in the request
  Where: On the access request, go to “User System Details” tab
  Issue: After approving/submitting the request, the error “Database error while using the secure store” is generated
  Logs: Nothing on transactions SLG1 or ST22; however ST11 shows the error attached below:
  This is the failed approval of the request:
  Other scenarios executed as a workaround, and passed the password assignment this time:
  The approval will work if only one password is assigned to any of the given systems. The rest of the systems get an auto-generated
  password.
  ARM also accepts multiple passwords when the requestor assigns passwords on the “User System Details” prior submitting a
  request. The GRC admin can approve once reached for system approval.
  AS FYI, “Confirm Password” is only required when creating the request but not on any other stage.
  System information:
    -Netweaver 7
    -GRCFND_A SP14
    -GRCPINW SP13
  Regards,
  Gustavo

  SAP just delivered a note to fix this issue. The number is 2022294.

• Firefox will not open - I have reinstalled and used the profile manager solution. It was fine earlier today. IE working fine.

  I tried the suggested solutions including the 'clean install', any help would be most appreciated. I've used the Profile Manager, which is not much use when the browser won't even open to test it. I've also reinstalled twice, installed updates and restarted numerous times.
  Firefox does do this on occasion, but usually sorts itself out - not this time.
  Help!

  You should check for malware or go back into regular mode and see if temorarily disabling your antivirus helps.
  You can try these free programs to scan for malware, which work with your existing antivirus software:
  '''Scan with all.'''
  * [http://www.microsoft.com/security/scanner/default.aspx Microsoft Safety Scanner]
  * [http://www.malwarebytes.org/products/malwarebytes_free/ MalwareBytes' Anti-Malware]
  * [http://support.kaspersky.com/faq/?qid=208283363 TDSSKiller - AntiRootkit Utility]
  * [http://www.surfright.nl/en/hitmanpro/ Hitman Pro]
  * [http://www.eset.com/us/online-scanner/ ESET Online Scanner]
  Further information can be found in the [[Troubleshoot Firefox issues caused by malware]] article.

• I am trying to change my password, but not remember the security questions and not access recovery email. Please give me a solution.Ana Maria Cappatto Simoes/ F. 11.50414433

  I am trying to change my password, but not remember the security questions and not access recovery email. Please give me a solution.Ana Maria Cappatto Simoes/ F. 11.50414433

  Welcome to the Apple Community.
      1.    Start here (change country if necessary) and navigate to 'Password and Security', reset your security questions using the link provided, you will receive an email to your rescue address, use the link in the email and reset your security questions.
      2.    If that doesn't help, you don't receive a reset email or you don't have a rescue address, you should contact AppleCare who will initially try to assist you with a reset email or if unsuccessful will pass you to the security team to reset your security questions for you.
      3.    If you are in a region that doesn't have international telephone support try contacting Apple through iTunes Store Support.

• Cannot find security providers when using a security manager.

  Hi all,
  I've done stuff with JAAS and JSSE before, but this is the first time I've combined the two :o)
  I have some code for an application server and I'm using SSL sockets in order to communicate with the outside world. These all work fine, no problems at all.
  However, I want to control what code is executed on the server using the security framework. When I load my server using a security manager and custom security policy it seems that my app can no longer find the security providers.
  Exception in thread "SSLServer" java.lang.RuntimeException: Could not generate DH keypair
       at com.sun.net.ssl.internal.ssl.DHKeyExchange.generateKeyPair(DHKeyExchange.java:137)
       at com.sun.net.ssl.internal.ssl.ServerHandshaker.getEphemeralDHKeys(ServerHandshaker.java:132)
       at com.sun.net.ssl.internal.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:707)
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:292)
       at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:253)
       at com.essar.hikesoft.server.netio.SSLConnectionServer.run(SSLConnectionServer.java:126)
       at java.lang.Thread.run(Thread.java:595)I start my app as follows:
  java -Djava.security.manager -Djava.security.policy==security.policy -classpath... and I have the following lines in my security.policy file
  permission java.security.SecurityPermission "insertProvider.*";
  permission java.security.SecurityPermission "putProviderProperty.*";I know that the providers are defined in the java.security file, do I have to implement my own Security manager in order to load these providers? Or have I missed something else?
  Am currently chewing through the docs at http://java.sun.com/j2se/1.5.0/docs/guide/security/spec/security-spec.doc6.html but any further assistance greatly appreciated!

  That seems to have cured it cheers - sure I copied the double '=' from somewhere, thought it was wierd at the time.
  Now to solve the odd MySQL errors :-)
  Thanks for your help.

• Can I use the Profile Manager as an MDM while distributing app through app store?

  Is it possible to use the Profile Manager within the OSX Server to provision profiles through apps purchased in the app store? 
  Ex:  userX buys app in the app store, in downloading the app they get enrolled in the MDM / OSX Server I control.  They select profile settings within my app and submit to OSX Server (Profile Manager) at which point I send back OTA the provisioned profile for them to upload.
  Ex:  https://itunes.apple.com/us/app/parentkit/id600618138?mt=8
  Thanks for the feedback!

  Is this not possible?  Is it possible but not allowed? 

• Using the transition manager on a movie clip prevents me from physically moving it after that

  Hi,
  I'm using the transitions manager to animate certain objects
  in my movie. let's say I'm using it on a ball - using the following
  code:
  import mx.transitions.Tween;
  import mx.transitions.easing.*;
  function zoomIn(_mc) {
  new Tween(_mc, "_xScale", Bounce.easeOut, 0, 100, .3, true);
  new Tween(_mc, "_yScale", Bounce.easeOut, 0, 100, .3, true);
  function zoomOut(_mc) {
  new Tween(_mc, "_xScale", None.easeIn, this._xscale, 0, .05,
  true);
  new Tween(_mc, "_yScale", None.easeIn, this._xscale, 0, .05,
  true);
  and then calling it later with this:
  zoomIn(ball_mc);
  That works fine. But at a later stage of the movie I then try
  to move the location of the ball - not with code but by adding a
  key frame and physically moving it's location. When I play the
  movie back it does not show that it moves.
  I'd really just like to know why this is!
  Thanks,
  Ray

  I think that once the Tween plays, the ball_mc, now resides
  in it's final resting place, it might do this with all instances of
  the mc, interesting though. I would have thought the same, maybe if
  you move it and give it a different instance name it will not
  effect the position on the new keyframe.

• How enable my AMD adapter using the device manager

  The message that comes up after updating my AMD driver is this:
  The Catalyst Control Center is not supported by the driver version of your enabled graphics adapter.  Please update your AMD graphics driver, or enable your AMD adapter using the Displays Manager. 
  I am running Windows 7 Home premium
  HP Pavilion DV 7 notebook pc
  Intel Graphics 3000
  Radeon HD 6490M
  please help

  I'm new to this
  What is the solution?

• Can my employer view my activity (games, twitter usage, etc.) on my personal phone if I use the Citrix Receiver app to access corporate emails?

  Can my employer view my activity (games, twitter usage, etc.) on my personal phone if I use the Citrix Receiver app to access corporate emails?

  No, they cannot see this through Citrix. Citrix is only a 'window' for you to look into the company applications. You do not transfer info from the phone related to other activities.

• Firefox is running in the background, but the process can't be ended using the task manager?

  The program wouldn't open because it was apparently still running in the background, so I restarted a few times which didn't help. Then I tried using the task manager to end the process but that didn't work either. Then opened the command prompt and used taskkill, then pskill (using the PID number) but neither worked. The problem wasn't with how I was using these commands as they could close any other program I had running, just not firefox.exe*32. Any ideas?

  Try:
  *http://kb.mozillazine.org/Firefox.exe_always_open

• About 2/3 of the time I leave Firefox, it is evidently retained in memory so I can't restart it without using the task manager. I don't use Norton or Skype programs. How do I keep this from happening?

  About 2/3 of the time I leave Firefox, it is evidently retained in memory so I can't restart it without using the task manager. I don't use Norton or Skype programs. How do I keep this from happening?
  == After I have used Firefox and "closed" it.

  See this:
  https://support.mozilla.com/en-US/kb/Firefox+hangs#Hang_at_exit

• Create a recovery catalog by using the Enterprise Manager Console

  Dear Sirs:
  I am using the Oracle9i database release 2. After installing the management server and running the Enterprise Manager Configuration Assistant, there was no recovery catalog and no CATTBS tablespace created. According to the Help and to your documentation entitled “Oracle Enterprise Manager Configuratrion Guide” this recovery catalog and CATTBS tablespace should be created automatically.
  Of course I am not running any target database on the same machine.
  How can I create a recovery catalog by using the Enterprise Manager Console, and not by using the rman command prompt?
  Please its urgent and I need an answer as soon as possible.
  Thank you in advance with best regards

  Dear Sir:
  Thank you very much for your reply, but unfortunately it didn’t help me. This article is repeating what is mentioned in the Help and the documents that I downloaded earlier. As I said earlier I know how to setup the recovery catalog by using the rman command prompt, but I couldn’t do it by using the Oracle Enterprise Manager Console. By using the wizards it is supposed to be created automatically but nothing of this happened.
  Please I need help urgently.

• HT3728 I do not need another wireless network but want to use the airport express for printer access only.  Can this be done and how?

  I do not need another wireless network but want to use the airport express for printer access only.  Can this be done and how?

  You can configure the AirPort Expess to "Join a wireless network" and enable the Ethernet port so that Ethernet devices will be able to connect.
  In order to print from the iOS devices, you will need to have an application like Printopia installed on your Mac. The Mac must be active when you want to print.
  More details here: Printopia - AirPrint to Any Printer - Print from iPad - Print from iPhone ...
  There is a free trial available for Printopia, so make sure that it will work before you buy the AirPort Express.