UUP specific ?'s

Hi,
UUP is an Entity bean. Every time i call get and set methods from a JSP
page(to get/set User properties) its a potential remote call which involves
network traffic. This design wont scale very well.
A solution for that is to use Value objects. If i need to use value objects
for property sets i 'cannot' use the default wlps UUP functionality. To
solve this what i need to do is
i)set up user properties in my custom tables
ii)extend the UUP to write my own classes as defined in the personalization
server guides. These classes will use the value objects and persist them in
my custom tables.
Is my understanding correct or is there a way that i can use the default UUP
to use value objects?
Thanks,
--Kapil

Kapil,
As a side-note, we do not recommend the "split configuration" of the JSP
container of a different machine to the EJB container. If both are hosted on
the same machine WLS will use "local" calls and avoid the overhead of RMI.
Sincerely,
Daniel Selman
"kapil khanna" <[email protected]> wrote in message
news:3afc275b$[email protected]..
Hi,
UUP is an Entity bean. Every time i call get and set methods from a JSP
page(to get/set User properties) its a potential remote call whichinvolves
network traffic. This design wont scale very well.
A solution for that is to use Value objects. If i need to use valueobjects
for property sets i 'cannot' use the default wlps UUP functionality. To
solve this what i need to do is
i)set up user properties in my custom tables
ii)extend the UUP to write my own classes as defined in thepersonalization
server guides. These classes will use the value objects and persist themin
my custom tables.
Is my understanding correct or is there a way that i can use the defaultUUP
to use value objects?
Thanks,
--Kapil

Similar Messages

Configuring &Implementing custom UUP in Weblogic portal server 10.2

Hi,
Please try to post some reply..it's urgent.............
I'm trying to implement a custom UUP for external RDBMS(Oracle) in Weblogic 102. protal server.
when I'm trying to publish the application it's giving the following error message:
<Dec 19, 2008 12:47:11 PM IST> <Error> <Lease> <BEA-403300> <JNDI entry of timer/PortalTimer was not found in JNDI tree. Message is: javax.naming.NameNotFoundException: While trying to look up timer/PortalTimer in java:comp/env.; remaining name 'timer/PortalTimer'.
javax.naming.NameNotFoundException: While trying to look up timer/PortalTimer in java:comp/env.; remaining name 'timer/PortalTimer'
     at weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1138)
     at weblogic.jndi.internal.ApplicationNamingNode.lookup(ApplicationNamingNode.java:143)
     at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:254)
     at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:367)
     at weblogic.jndi.factories.java.ReadOnlyContextWrapper.lookup(ReadOnlyContextWrapper.java:45)
     Truncated. see log file for complete stacktrace
>
My connection methods are written here:
Note: I've configured a datasource in the weblogic servre admin console named: IBDataSource JNDI name : jdbc/IBDS.
Also i've gone through the documentation and changed the p13n-profile-config.XML accordingly and made a new property set in the Datasync project with the required property neames.
my p13n-profile-config.xml entry looks like this....
<property-adapter>
     <name>myuup</name>
     <property-mapping>myuup</property-mapping>
     <ejb-jndi>UUPEjb.jar#CustomEntityPropertyManager</ejb-jndi>
     <adapter-property>
          <name>IBDataSource</name>
          <value>jdbc:bea:oracle://192.168.0.112:1521</value>
     </adapter-property>
     <adapter-property>
     <name>UUPExampleCache</name>
     <value>UUPExampleCache</value>
     </adapter-property>
</property-adapter>
protected Connection getConnection() {
          try {
               DataSource dataSource = getDataSource();
               return dataSource.getConnection();
          } catch (SQLException ex) {
               throw new ConfigurableEntitySystemException(ex);
     protected DataSource getDataSource(){
          DataSource ds = null;
          try {
               ds = (DataSource) getEnvironmentProperty(DATA_SOURCE);
          } catch (Exception ex) {
               throw new ConfigurableEntitySystemException(ex);
          return ds;
     protected final Object getEnvironmentProperty(String propertyName) throws NamingException {
          Object envProperty = null;
          InitialContext jndiContext = new InitialContext();
          String lookupName = ( (new StringBuffer("java:comp/env/")).append(propertyName) ).toString();
          System.out.println("The lookup name is" + lookupName );
          envProperty = jndiContext.lookup(lookupName);
          System.out.println("The value of envProperty is " + envProperty);
          return envProperty;
My ejb.jar.xml entry contains:
<resource-ref>
<res-ref-name>jdbc/IBDS</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
</resource-ref>
and Weblogic-ejb-jar.xml entry contains:
<resource-description>
<res-ref-name>jdbc/IBDS</res-ref-name>
<jndi-name>jdbc/IBDS</jndi-name>
</resource-description>
When we try to access the propertyset in the portal admin console the following error message is given:----
<Dec 19, 2008 5:38:59 PM IST> <Error> <PortalAdminTools> <BEA-415125> <A ToolsException occured trying to get the resources for com.bea.p13n.controls.exceptions.P13nControlException: Remote exception trying to get properties for user weblogic__svcAdminEditor, property set RecentFavoriteItems, property RECENT_ITEM:RecentFavoriteItems.
com.bea.portal.tools.common.exceptions.ToolsException: com.bea.p13n.controls.exceptions.P13nControlException: Remote exception trying to get properties for user weblogic__svcAdminEditor, property set RecentFavoriteItems, property RECENT_ITEM
     at com.bea.portal.tools.ugm.controls.ProfileManagerControlImpl.getPropertyValues(ProfileManagerControlImpl.java:544)
     at com.bea.portal.tools.ugm.controls.ProfileManagerControlBean.getPropertyValues(ProfileManagerControlBean.java:534)
     at com.bea.jsptools.patterns.item.ItemService$DefaultItemServiceImpl.getItems(ItemService.java:515)
     at com.bea.jsptools.patterns.item.ItemService$DefaultItemServiceImpl.addItem(ItemService.java:447)
     at com.bea.jsptools.patterns.item.ItemService$DefaultItemServiceImpl.addRecentItem(ItemService.java:226)
     Truncated. see log file for complete stacktrace
com.bea.p13n.controls.exceptions.P13nControlException: Remote exception trying to get properties for user weblogic__svcAdminEditor, property set RecentFavoriteItems, property RECENT_ITEM
     at com.bea.p13n.controls.profile.PropertyControlImpl.getProperty(Unknown Source)
     at com.bea.p13n.controls.profile.PropertyControlBean.getProperty(Unknown Source)
     at com.bea.portal.tools.ugm.controls.ProfileManagerControlImpl.getPropertyValues(ProfileManagerControlImpl.java:512)
     at com.bea.portal.tools.ugm.controls.ProfileManagerControlBean.getPropertyValues(ProfileManagerControlBean.java:534)
     at com.bea.jsptools.patterns.item.ItemService$DefaultItemServiceImpl.getItems(ItemService.java:515)
     Truncated. see log file for complete stacktrace
java.rmi.RemoteException: EJB Exception: ; nested exception is:
     com.bea.p13n.usermgmt.profile.ProfileSystemException: ClassCastException trying to instantiate [UUPEjb.jar#CustomEntityPropertyManager] as a [EntityPropertyManager].
     at weblogic.ejb.container.internal.EJBRuntimeUtils.throwRemoteException(EJBRuntimeUtils.java:101)
     at weblogic.ejb.container.internal.BaseRemoteObject.handleSystemException(BaseRemoteObject.java:830)
     at weblogic.ejb.container.internal.BaseRemoteObject.handleSystemException(BaseRemoteObject.java:779)
     at weblogic.ejb.container.internal.BaseRemoteObject.postInvoke1(BaseRemoteObject.java:500)
     at weblogic.ejb.container.internal.StatelessRemoteObject.postInvoke1(StatelessRemoteObject.java:57)
     Truncated. see log file for complete stacktrace
com.bea.p13n.usermgmt.profile.ProfileSystemException: ClassCastException trying to instantiate [UUPEjb.jar#CustomEntityPropertyManager] as a [EntityPropertyManager].
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.lookupPropertyManager(ProfileManagerImpl.java:1156)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManagerByRef(ProfileManagerImpl.java:1098)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getPropertyMap(ProfileManagerImpl.java:1286)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManagerRef(ProfileManagerImpl.java:1199)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManager(ProfileManagerImpl.java:1087)
     Truncated. see log file for complete stacktrace
java.lang.ClassCastException: com.coles.ecom.ib.uup.CustomEntityPropertyManager_qp0u4g_EOImpl
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.lookupPropertyManager(ProfileManagerImpl.java:1125)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManagerByRef(ProfileManagerImpl.java:1098)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getPropertyMap(ProfileManagerImpl.java:1286)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManagerRef(ProfileManagerImpl.java:1199)
     at com.bea.p13n.usermgmt.profile.internal.ProfileManagerImpl.getEntityPropertyManager(ProfileManagerImpl.java:1087)
     Truncated. see log file for complete stacktrace
>
Edited by: user10728655 on Dec 19, 2008 4:09 AM

There isn't a specific list of pro's / con's. Here are a few of the factors.
a. Is this a custom UUP we are talking about or out of the box UUP? (determines effort time saved)
b. What other features of WLP will be used? Will say for e.g. entitlements be used , and is so will they be based on UUP properties ? will content selectors be used? will segments be used? What are you hoping to accomplish by using the UUP? (determines what benefits you get)
c. Are there any search related requirements based on the UUP (e.g. find all users with a UUP of country='US'?) How pure should your design be i.e. do you only interact with supported BEA API's or are you willing to go to the db directly , with the knowledge that future releases may cause your code to break? (UUP's arent good for searching , you can however go directly to db or use a custom UUP)
d. what sort of caching is possible for the data(i.e is the data very time sensitive or mostly static)? what sort of updates are done ? is it one property at a time or multiple properties? is the UUP read only?How much flexibility do you need with transactions? (UUP go well with non time sensitive data which isnt updated by means other than the UUP).
regards
deepak

UUP & Rules

Hi,
My UnifiedUserProfile aggregate properties from different
sources(LDAP,Personalization Database & external corporate database).
How do I define a property set for a corporate database.?
I am able to do a "getProperty()" from UUP , but not thru the
<um:getProperty.....> where my property set has a property which is in my
corporate database ( not in LDAP or Personalization Database).
Also,
Why the confiuration 1 diagram of UUP in WLPS 2.0.1 and WLPS 3.2 are
different.
thanks & regards
Joel

Kapil,
The products now come with a migration tool that can analyse your source
code and warn you if you are using deprecated or removed APIs/features. It
is hard to generalize from your comments but there have been significant
improvements from 3.2 to 4.0. The migration tool attempts to make the
transition as easy as possible (including performing simple API
substitutions).
Please don't hesitate to post back with specific questions or issues that
you run into.
Sincerely,
Daniel Selman
"Kapil Khanna" <[email protected]> wrote in message
news:3c508bc5$[email protected]..
>
Hi,
We are planning to migrate from WLPS 3.2 to WLPS 4.0. We have purchasedlicenses
only for WLPS 4.0 not the the portal piece which is old seperately. Wehavent
used any of the custom tags that BEA provides. It was a conscious decisionthat
we made as we knew some of these tags may not be supported in futurereleases.
Due to some bugs with the way multi valued properties are handled in 3.2we had
to write custom code to perform the tasks.
We basically have custom code that makes direct calls to the UUP and tothe Rules
engine EJB. My question is, during our migration is it likely that we willencounter
significant problems with our code, that makes calls to these EJBcomponents?
Have methods in these EJB's been deprecated? Have method signatureschanged etc...?
There was no mention of any changes in the migration docs. If indeed therehave
been changes, is it documented anywhere? If not what do we expect?
Any information will be invaluable, and will help us through themigration.
Thanks!

How can I setup a mail-specific passcode/restriction on iPad used by multiple family members?

How can I setup a mail-specific passcode/restriction on iPad used by multiple family members?
Have an Exchange mail account setup and accessible in my mail on iPad... however my kids use it and i would like to restrict them from accessing this specific portion of the device. I tried viewing restriction options and do not see that i can apply a restriction specifically to Mail. Thanks for your help.

Not a feature of iOS. Check the AppStore to see if there are other
mail apps that allow passcode protection.
Or use Safari to log onto your email via a web-based interface and
enter your credentials each time. A bit slower, but the kids will
not know the details to login.

Cannot send email from Verizon to a specific domain using the web UI

I'm trying to send an email to a specific address on a domain I own from a Verizon account using the web UI. Whenever I click send, a popup appears saying "Your e-mail contains the following invalid e-mail addresses:" followed by the email address. I can send email to this address from a GMail account as well as my work email.
In Chrome, I can see that a "code":1002 error is being produced.
Does anyone know why this would happen? Does Verizon check destination domains for reputation? Is there any way to debug this further?

rhodeislandred wrote:
I'm trying to send an email to a specific address on a domain I own from a Verizon account using the web UI. Whenever I click send, a popup appears saying "Your e-mail contains the following invalid e-mail addresses:" followed by the email address. I can send email to this address from a GMail account as well as my work email.
In Chrome, I can see that a "code":1002 error is being produced.
Does anyone know why this would happen? Does Verizon check destination domains for reputation? Is there any way to debug this further?
What is the domain that is giving you the error?

How to pop up a system message for a specific user when She/He log on SAP

Hi Friends,
As we know SM02 setting will pop up a system message to all users in specific client in a specific period when the user log on SAP system; and we can do the same thing via using function module SM02_ADD_MESSAGE.
But now we want to pop up a message to a specific user ID when somebody log on SAP via this ID, instead of all user IDs in the client. Please do we have any similar traction / function module / class method to to do this job??
Thanks in advance.
Joe

Below code can be used to send a pop up message to all users who are logged on to the
system.
DATA: MESSAGE(128) VALUE 'Test message'.
DATA: OPCODE TYPE X VALUE 2.
DATA: BEGIN OF USR_TABL OCCURS 10.
INCLUDE STRUCTURE UINFO.
DATA: END OF USR_TABL.
CALL 'ThUsrInfo' ID 'OPCODE' FIELD OPCODE
ID 'TAB' FIELD USR_TABL-SYS.
LOOP AT USR_TABL.
CALL FUNCTION 'TH_POPUP'
EXPORTING
CLIENT = SY-MANDT
USER = USR_TABL-BNAME
MESSAGE = MESSAGE
EXCEPTIONS
USER_NOT_FOUND = 1.
ENDLOOP.
In the above code just pass the desired user ID instead of All user ID's
Edited by: harsh bhalla on Mar 26, 2009 2:14 PM

IIS 7.5 URL Rewrite: Hit specific page of a web application but should be redirected to another application's page

I have deployed 2 different web application on IIS 7.5 running on Windows Server 2008 R2 but on different port numbers i.e. one application deployed on port no. 1776 and another on 8091. I want to rewrite URL in such a way that if i hit any page of first
application such as default.aspx then it will be redirected to particular page of another application along with some changes in url.
Example: if i access any page from first application like:
http://g2wv126rbsc:1776/sites/main/commercial/commercial-solutions/financing/default1.aspx
then it should redirect to specific page of another application along with some changes in url:
http://g2wv126rbsc:8091/main/commercial/commercial-solutions/financing/default2.aspx
Note: In above mentioned url, also removed "sites".
I tried to create a inbound rule through URL Rewrite module (installed on IIS 7.5) by selecting Action as "Rewrite" but didn't find any success.
I need some examples if anyone has come across same kind of issue.
Thanks in advance.

Please post ASP.NET questions in the ASP.NET forums (http://forums.asp.net ).

How to blick tree view few specific nodes

here i got a code which show how to blink tree view node but i am confuse that how to blink few node.
Answered by:
Avatar of Tamer Oz
20,185
Points
Top 0.5
Tamer Oz
Partner Joined Sep 2009
2
8
17
Tamer Oz's threads
Show activity
Treeview control - How to make a node blink?
Visual Studio Languages
.NET Framework
>
Visual C#
Question
Alert me
Question
Vote as helpful
0
Vote
Hi,
Is there a "elegant" way to make blink a treeview node?
I am thinking to use a timer with the collection of nodes that I want to make the blink effect, and update the icon ...
Friday, November 06, 2009 6:19 PM
Reply
|
Quote
|
Report as abuse
Avatar of Kikeman
Kikeman
R. BOSCH
105 Points
All replies
Question
Vote as helpful
0
Vote
Hi,
You can develop your custom control for this purpose. The logic you mentioned was correct. Here is a sample control that I developed by the logic you mentioned.
public class BlinkingTreeView : TreeView
private Timer t = new Timer();
private List<TreeNode> blinkingNodes = new List<TreeNode>();
public BlinkingTreeView()
t.Interval = 1000;
t.Tick += new EventHandler(t_Tick);
bool isNodeBlinked = false;
void t_Tick(object sender, EventArgs e)
foreach (TreeNode tn in blinkingNodes)
if (isNodeBlinked)
//update Icon
tn.Text = tn.Text.Substring(0, tn.Text.Length - 1);//to test
isNodeBlinked = false;
else
//update Icon
tn.Text = tn.Text + "*";//to test
isNodeBlinked = true;
public void AddBlinkNode(TreeNode n)
blinkingNodes.Add(n);
public void RemoveBlinkNode(TreeNode n)
blinkingNodes.Remove(n);
public void ClearBlinkNodes()
blinkingNodes.Clear();
public List<TreeNode> BlinkingNodes
get { return blinkingNodes; }
public int BlinkInterval
get { return t.Interval; }
set { t.Interval = value; }
public void StartBlinking()
isNodeBlinked = false;
t.Enabled = true;
public void StopBlinking()
t.Enabled = false;
just show me how to use BlinkingTreeView class. i will have tree view which will have few node and few nodes may have few child nodes. now how to achieve by this class BlinkingTreeView and show me how to blink few specific node not all. thanks

better to come with code. first populate tree view with some dummy node this way
Root
       Child1
                Child1-sub1
                Child1-sub2
       Child2
                Child2-sub1
                Child2-sub2
now blink Child1-sub2 & Child2-sub1. please come with code. thanks

FBL3N to BW report for specific GL's

Dear BW Experts,
I want to create report in BW for FBL3N for specific GL's, for open items.
I am done with development.
Report on standard DSO 0FIGL_O02 (0FI_GL_4)...
Simply GL in rows, with filter for open status.
Issue: Balance is not matching from ECC for one GL, because of one document,
which is closed in ECC but in DSO its still open (data is upto date in BW).
Thanks
Arun Purohit

I did re-load but without luck.....
that docment is there in BSAS(closed docs table) table not in BSIS (open docs table)...still ds 0FI_GL_4 shows that item still open....

MB5B - Stock on Posting Date, Specification for data base accec

Hi,
I am facing some problem with MB5B Transaction as when we login with t. code MB5B at the bottom of screen there is radio button selection for specification of database access for best runtime and the default the first radio button is selected i.e Database determines optimum access but with this report is coming very very slow we have to wait for 4 minuts for each material and same if we execute by selectting the second radio button i.e start off with material number i am getting data very fast with in 5 second so i want to know what is diffference between these radio buttons if we select first second or third radio buttons
one more thing we are facing problem from last 4 days only .
regards,
zafar

I dont have these 3 buttons in my MB5B in ECC6 system.
But I saw OSS Note 1005901 - MB5B: Performance problems
it explains why it is that slow.

Print a report to a specific printer from Forms

I have a form from where i want to print a report to a specific printer (not the default printer). Is there any way to do this from Forms 9i. Im using the Orarrp but it pops up the printer dialog and shows the default printer. Is there any way to harcod the printer name. the printer is on the network..

If i go to my control pannel and see the list of printers i take the printer name from there. should i put the path of the printer? i kno the port of the printer .it come like ip_192.1.11.1_p1 ..how do i define the printer name? if i dnt give the printer name shouldnt if fire to the default printer ..my code is as follows
declare
REPID REPORT_OBJECT;
V_REP VARCHAR2(100);
REP_STATUS VARCHAR2(20);
BEGIN
REPID := FIND_REPORT_OBJECT('CUS_PRINT');
SET_REPORT_OBJECT_PROPERTY(REPID,REPORT_EXECUTION_MODE,BATCH);
     SET_REPORT_OBJECT_PROPERTY(REPID,REPORT_COMM_MODE,SYNCHRONOUS);
SET_REPORT_OBJECT_PROPERTY(REPID,REPORT_DESTYPE,PRINTER);
     SET_REPORT_OBJECT_PROPERTY(REPID,REPORT_SERVER,'test');
SET_REPORT_OBJECT_PROPERTY(REPID,REPORT_OTHER,'P_CUSREF='||:CTRL01.CUSREF||' PARAMFORM=NO');
     MESSAGE('SET REPORT PROP');
V_REP := RUN_REPORT_OBJECT(REPID);
REP_STATUS := REPORT_OBJECT_STATUS(V_REP);
MESSAGE('RAN REPORT');
WHILE REP_STATUS IN ('RUNNING','OPENING_REPORT','ENQUEUED') LOOP
     REP_STATUS := REPORT_OBJECT_STATUS(V_REP);
END LOOP;
     IF REP_STATUS = 'FINISHED' THEN
          IF NVL('TEST',' ') <> ' ' THEN
          GEN_ALERT('NULL_ALERT','TEST');
          END IF;
          ELSE
     GEN_ALERT('NULL_ALERT','Error when running report');
     END IF;
END;
what should the desformat of the report should be..when im trying to run this it gives me 'no data found' error...why???

I'm in the trial period for Creative Cloud - I have about 19 days to go on Photoshop CC on my iMac. Can I use the same CC trial on a second machine? Specifically on a Windows 7 machine?

I'm in the trial period for Creative Cloud - I have about 19 days to go on Photoshop CC on my iMac. Can I use the same CC trial on a second machine? Specifically on a Windows 7 machine?

Nothing personal to you or Rajshee, but this is exactly why I absolutely despise these "community forums" (not just Adobe but any company). I called the Tech Support phone line today after digging and digging for a phone number, and they told me the exact opposite, and they did it a lot faster than it was possible to get a forum response. (That's really not personal, because you can't control that, but it's a fact.)
Their answer: As long as I'm signed in with the same ID, I can try, say, Photoshop CC on my iMac at home and also try Acrobat Pro CC on my Windows 7 machine at work. Same account, same login, one trial.
This makes complete sense to me as I'm financially on the hook (potentially) for the same package. If I give away my login to someone else, which I wouldn't do, I'm still on the hook. This is why the cloud approach to software is such genius and I applaud it.
BTW, 99% of the "community forum" wrong answers come on Microsoft sites, so don't feel bad.

Asking specific client certificate (not certificates trusted by authority)

As I understand from what I read so far, during the handshake negotiation for two way ssl, the server sends the client a list of trusted certificate authorities and say to the client: "hey, those are the authorities I trust. send me a certificate that can be verified by one of them".
I also read how you can customize SSLSocketFactory to, on the client side, look for a specific certificate alias (http://www.ibm.com/developerworks/java/library/j-customssl/). I would like to move this idea further and ask for specific certificates depending on what resources the user is trying to access.
For example:
Let's suppose I have two resources on my server called "bobPrivateStuff" and "alicePrivateStuff". I also have a certificate authority who can validate both Bob and Alice certificates on a custom trust keystore. In a regular scenario, the server will ask for a client certificate and will accept either Alice or Bob certificate, as both can be verified by the custom trust.
But what if Alice can't access "bobPrivateStuff"? What if when trying to open a connection, to say http://myserver.com/services/bobPrivateStuff, the server asks specifically for Bob's certificate? Can I setup the handshake in a way it will actually ask for Bob's certificate instead of only just "any certificated trusted by this CA"?
And what piece of information could be used to distinguish one certificate from another? Is the serial number unique between multiple certificates? Is this pushing the envelop too much and trying to use SSL for more than what it is intended for?

I agree 100%. It's just that we want to use certificates to validate the client's identity (instead of relying on username/password).Fine, that's exactly what SSL & PKI will do for you.
It might not be elegantBut it is!
See my point?Of course I see your point. SSL already does that. I said that. You agreed. I agree. What it doesn't do is the authorization part. Because it can't. It isn't meant to. You are supposed to do that.
Instead of the server asking for a specific certificate, it justs checks if the certificate sent by the client has access to the resource.Not quite. It should check if the identity represented by the client certificate (Certificate.getSubjectX500Principal(), or SSLSocket.getSession().getPeerPrincipal()) has access to the resource.
This way, we can leave the server untouchedNo you can't. The server has to get hold of the client principal after the handshake and authorize it against the resource.
if Bob wants to access some resources, Bob has to prove he is who he says he is.You're still confused. That's authentication, and SSL already does that for you. SSLSocket.getSession().getPeerPrincipal() returns you the authenticated identity of the peer. The server then has to check that that identity can access that resource. This is 'authorization'. You can't automate it via keystores and truststores. That's not what they do and it's not what they're for.
So I think it is perfectly plausible to do this kind of verification on the server side (i.e. "hijack" a certificate sent to validate the ssl handshake to also verify if the user has the correct privileges).There's no 'hijacking' about it, but you're concentrating on the certificate instead of the identity it represents. A client could have a large number of certificates that all authenticate the same identity. You need to think in terms of authorizing Principals to access resources.

How do I move multiple emails from Inbox to a specific folder?

I have left a lot of emails in my Inbox that should have been moved to specific folders. How do I move them in bulk to their specific folders other than moving each one individually. I have highlighted the messages concerned by searching and then selecting all. I then click on move to....
Nothing seems to be happening....I'm sure there's probably a step I'm missing here. What would it be??
A similar problem occurs when I want to do a mass delete of emails from a specific sender....

I did all that and nothing happened. As it happens, I did manage to deal with the problem, but in a rather convoluted and tedious manner. I went into Edit, Find, and Search messages, typed in the criteria and the messages I wanted moved came up. However, there was no option to "Select All" so I had to highlight each one and then move the lot to the specific folder....that also worked for the delete problem. That is a workable solution to my problem, but the lack of a "select all" option made it very time consuming. However, I guess it's a notice to me to remember to sort my emails more often.
Thanks for replying....

Share specific playlists with specific accounts?

I've just begun setting up accounts for my family members on my iMac since we are all beginning to amass our own music/movies/videos/photos. Is there an easy way to have each account have access only to specific playlists within my iTunes library (which would be every song on the iMac)? I looked at sharing playlists in iTunes preferences but I don't see how to get it to work with each account.

I just reread my post and I see I'm not being clear....
I want the admin account to have the entire library while each user has access only to user-specific playlists.

UUP specific ?'s

Similar Messages

Maybe you are looking for