Web.xml / weblogic.xml security

Let's say I define security constraints in the web.xml file for my web application
using the security-constraint,auth-constraint, and security-role tags. Does this
mean that in order to add a new user I must modify weblogic.xml and specify a
new security-role-assignment? Can I specify a group name as a principal, or is
there a way to programatically add new users? Any help would be greatly appreciated.
Thank you.

yes, you can use groups as principals in weblogic.xml. then permissions are
managed through the user-group relationship.
"Leonard Pham" <[email protected]> wrote in message
news:3b657f8a$[email protected]..
>
Let's say I define security constraints in the web.xml file for my webapplication
using the security-constraint,auth-constraint, and security-role tags.Does this
mean that in order to add a new user I must modify weblogic.xml andspecify a
new security-role-assignment? Can I specify a group name as a principal,or is
there a way to programatically add new users? Any help would be greatlyappreciated.
Thank you.

Similar Messages

Weblogic 10 jaas and login.jsp and web.xml/weblogic.xml security constaints

Hello,
I struggled through and got the examples.security.jaas.SampleCallbackHandler.java and examples.common.utils.ExampleUtils.java/ExampleConstants.java into eclipse where they compile. A bean I made can call SambleCallbackHandler like such:
mybean.logmein(username,password,url). I can then do a mybean.getStatus() or even a mybean.returnCode(). It does seem to correctly identlify that it is authenticating me (I see in stdout logs that it shows success or failures. The problem I have is I do not know how to apply this weblogic and web.xml/weblogic.xml so that if authentication works it redirects me to the page requiring the authentication. In web.xml I have the following set up:
<security-role>
     <role-name>Admins</role-name>
</security-role>
<login-config>
     <auth-method>FORM</auth-method>
     <realm-name>default</realm-name>
     <form-login-config>
          <form-login-page>/login.jsp</form-login-page>
          <form-error-page>/badlogin.html</form-error-page>
     </form-login-config>
</login-config>
<security-constraint>
     <web-resource-collection>
          <web-resource-name>empower</web-resource-name>
          <description>These pages are only accessible by authorized users.</description>
          <url-pattern>/admin/*</url-pattern>
          <http-method>GET</http-method>
          <http-method>POST</http-method>
     </web-resource-collection>
<auth-constraint>
<description>These are the roles who have access</description>
<role-name>Administrators</role-name>
</auth-constraint>
     <user-data-constraint>
     <description>This is how the user data must be transmitted</description>
     <transport-guarantee>NONE</transport-guarantee>
     </user-data-constraint>
</security-constraint>
My weblogic.xml has:
<?xml version="1.0" encoding="UTF-8"?>
<wls:weblogic-web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wls="http://www.bea.com/ns/weblogic/90" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://www.bea.com/ns/weblogic/90 http://www.bea.com/ns/weblogic/90/weblogic-web-app.xsd">
<wls:security-role-assignment>
<wls:role-name>Admins</wls:role-name>
<wls:principal-name>Administrators</wls:principal-name>
<wls:principal-name>dashap</wls:principal-name>
</wls:security-role-assignment>
</wls:weblogic-web-app>
With this set up, if I try to go to a page in /admin folder in my application, it correctly pops up the login page. The jaas in the bean is doing a loginContext.login(), which I thought does authentication too, but it never goes back to the /admin page I was going to that needed the authentication. With jaas, can I not use the web.xml FORM security option? Do I Need to use j_security in the login.jsp's form's action= option and j_username and j_password for the input type names? How do I use j_username/j_password things if I am using jaas? I could just ignore using the web.xml security stuff and put something in the pages that need authentication, but it would be easier if I could use jaas with the security featurs without doing all that. Note that my code above is using a realm called default just because that was what was in the example I got from the web. Does that need to be something else?

Hi John,
I would like magic of course. However, in this case I want something special: my authentication provider uses special means and contents of headers, cookies and service from external identity management systems to determine the user's identity.
I do not want the application to present the login dialog! I want to derive the identity and the fact that the user is logged in from whatever the authentication provider returns in terms of Subject.
Ideally, the flow is something like:
- user accesses an unprotected resource - resource is shown, no interaction with authentication provider
- user presses a link or button that takes him/her to a protected resource
- the authentication provider is contacted to work with the identity asserter to establish the identity of the current user and create a subject object for this user
- the application can access the subject and principals
- ADF Security recognizes the identity and the roles (based on the principals) and coordinates access based on this.
the authentication method is client certificate. presumably this prompts WebLogic/OPS to use an identity asserter to work with custom headers and cookies ("... when you configure a web application to use CLIENT-CERT authentication. In this case, WebLogic can perform identity assertion based on values from request headers and cookies. If the header name or cookie name matches the active token type for the provider, the value is passed to the provider."). No login form should be presented to the user, as all information required to perform the authentication is already available.
I am trying to understand what I must do to have the ADF application adopt the subject set by the authentication provider - if anything?!
If you more ideas to share - I would love to hear them.
best regards,
Lucas

Alternate deployment descriptor for an exploded war (web.xml/weblogic.xml)

Hi.
I believe this is a simple question: Am i able to deploy an exploded war directory using an alternate deployment descriptor (web.xml outside the directory structure of my application)? According to the docs, I can do it for an ear, but I'm not sure if it can be done for an war.
http://download.oracle.com/docs/cd/E13222_01/wls/docs81b/deployment/concepts.html#1001945
http://download.oracle.com/docs/cd/E13222_01/wls/docs81/config_xml/Application.html#AltDescriptorPath
Thanks in advance.
Best regards,
Daniel.

Or should i use a deployment plan?
http://download.oracle.com/docs/cd/E13222_01/wls/docs103/deployment/config.html#wp1057141

Namespaces in plan.xml - can't override weblogic.xml

So, we've tried every combination we can think of, but we can't seem to get a plan.xml that successfully overrides items in weblogic.xml. It seems to be an issue around namespaces:
<May 19, 2009 10:40:57 AM MDT> <Error> <J2EE> <BEA-160197> <Unable to load descriptor /nas/scart/domain_tmps/tcatshopDomain/servers/tcatshop1/tmp/_WL_user/MasterEar/v99i42/MasterWebPortal.war/WEB-INF/weblogic.xml of module MasterWebPortal.war. The error is weblogic.descriptor.DescriptorException: VALIDATION PROBLEMS WERE FOUND
/nas/scart0/prod_ecom2/local/apps/apps92/tcatshop/THUNDER_01.09.06.004/nullplan.xml:0: problem: cvc-complex-type.2.4a: Expected elements 'description@http://www.bea.com/ns/weblogic/90 weblogic-version@http://www.bea.com/ns/weblogic/90 security-role-assignment@http://www.bea.com/ns/weblogic/90 run-as-role-assignment@http://www.bea.com/ns/weblogic/90 resource-description@http://www.bea.com/ns/weblogic/90 resource-env-description@http://www.bea.com/ns/weblogic/90 ejb-reference-description@http://www.bea.com/ns/weblogic/90 service-reference-description@http://www.bea.com/ns/weblogic/90 message-destination-descriptor@http://www.bea.com/ns/weblogic/90 session-descriptor@http://www.bea.com/ns/weblogic/90 jsp-descriptor@http://www.bea.com/ns/weblogic/90 auth-filter@http://www.bea.com/ns/weblogic/90 container-descriptor@http://www.bea.com/ns/weblogic/90 charset-params@http://www.bea.com/ns/weblogic/90 virtual-directory-mapping@http://www.bea.com/ns/weblogic/90 url-match-map@http://www.bea.com/ns/weblogic/90 security-permission@http://www.bea.com/ns/weblogic/90 context-root@http://www.bea.com/ns/weblogic/90 wl-dispatch-policy@http://www.bea.com/ns/weblogic/90 servlet-descriptor@http://www.bea.com/ns/weblogic/90 work-manager@http://www.bea.com/ns/weblogic/90 logging@http://www.bea.com/ns/weblogic/90 library-ref@http://www.bea.com/ns/weblogic/90' instead of *'session-descriptor@http://www.w3.org/2001/XMLSchema-instance' here in element weblogic-web-app@http://www.bea.com/ns/weblogic/90:<nullplan.xml>*
at weblogic.descriptor.internal.MarshallerFactory$1.evaluateResults(MarshallerFactory.java:229)
at weblogic.descriptor.internal.MarshallerFactory$1.evaluateResults(MarshallerFactory.java:216)
at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:141)
at weblogic.descriptor.DescriptorManager.createDescriptor(DescriptorManager.java:280)
at weblogic.descriptor.DescriptorManager.createDescriptor(DescriptorManager.java:248)
This is in WLP 9.2...
Plan:
<?xml version='1.0' encoding='UTF-8'?>
<deployment-plan xmlns="http://www.bea.com/ns/weblogic/90">
<application-name>MasterEar.ear</application-name>
<variable-definition>
<variable>
<name>ThundercatCookieName</name>
<value>JSESSIONID_THUNDERCAT_PLAN_XML</value>
</variable>
<variable>
<name>ThundercatCookieDomain</name>
<value>.qwest.com</value>
</variable>
</variable-definition>
<module-override>
<module-name>MasterWebPortal.war</module-name>
<module-type>war</module-type>
<module-descriptor external="false">
<root-element>weblogic-web-app</root-element>
<uri>WEB-INF/weblogic.xml</uri>
<variable-assignment>
     <name>ThundercatCookieName</name>
     <xpath>/weblogic-web-app/session-descriptor/cookie-name</xpath>
</variable-assignment>
<variable-assignment>
     <name>ThundercatCookieDomain</name>
     <xpath>/weblogic-web-app/session-descriptor/cookie-domain</xpath>
</variable-assignment>
</module-descriptor>
</module-override>
</deployment-plan>
We've tried a lot of combinations of namespaces and such to try and get it to work, and it always spits out the same error....
Thanks,
Tim

Hi Folks -
Below is the weblogic.xml (or at least one version of it).
We're trying to override the session-descriptor cookie-name and cookie-domain ...
Thanks!!
Tim
<?xml version="1.0" encoding="UTF-8"?>
<weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/90">
<context-root>home</context-root>
<jsp-descriptor>
<page-check-seconds>-1</page-check-seconds>
<precompile>true</precompile>
<precompile-continue>true</precompile-continue>
<verbose>false</verbose>
<print-nulls>false</print-nulls>
</jsp-descriptor>
<session-descriptor>
     <cookie-name>JSESSIONID_THUNDERCAT</cookie-name>
     <cookie-domain>.tservicesq.com</cookie-domain>
</session-descriptor>
<library-ref>
<library-name>wlp-tools-visitor-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-commonui-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-services-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-framework-full-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>p13n-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>beehive-controls-1.0-war</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>weblogic-controls-1.0-war</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-wsrp-producer-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-lookandfeel-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-light-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-framework-common-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>wlp-framework-struts-1.2-web-lib</library-name>
<specification-version>9.2.0</specification-version>
<implementation-version>9.2.1</implementation-version>
</library-ref>
<library-ref>
<library-name>struts-1.2</library-name>
<specification-version>1.2</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>wls-commonslogging-bridge-war</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>jstl</library-name>
<specification-version>1.1</specification-version>
<implementation-version>1.1.2</implementation-version>
</library-ref>
<library-ref>
<library-name>beehive-netui-resources-1.0</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>beehive-netui-1.0</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.0</implementation-version>
</library-ref>
<library-ref>
<library-name>QwestCmsLibrary</library-name>
<specification-version>1.0</specification-version>
<implementation-version>1.3.4.2</implementation-version>
</library-ref>
<library-ref>
<library-name>SIWebPortal.war</library-name>
</library-ref>
<library-ref>
<library-name>StylesWebPortal.war</library-name>
<specification-version>2.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>ShopWebPortal.war</library-name>
<specification-version>1.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>ProfileWebPortal.war</library-name>
<specification-version>1.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>CommonsWebPortal.war</library-name>
<specification-version>1.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>EBillWebPortal.war</library-name>
<specification-version>1.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>EPayWebPortal.war</library-name>
<specification-version>1.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
<library-ref>
<library-name>AdminWebPortal.war</library-name>
<specification-version>2.0.0</specification-version>
<implementation-version>1.0.0</implementation-version>
</library-ref>
</weblogic-web-app>

Several paths with the virtual-directory-mapping in weblogic.xml

Hello! I don´t know if this is well posted here. Sorry, and my english is aswful :(.
I´m trying to put several paths for jsp files in an application, similar to how the extendend document root works in websphere.
How can I get this on weblogic? With this lines I only managed to get the first but the second url-pattern doesn´t work.
<weblogic-web-app>
<virtual-directory-mapping>
<local-path>/path1/</local-path>
<url-pattern>*.jsp</url-pattern>
</virtual-directory-mapping>
<virtual-directory-mapping>
<local-path>/path2</local-path>
<url-pattern>/jsp/*.jsp</url-pattern>
</virtual-directory-mapping>
</weblogic-web-app>
My intention is make that the app could access to jsp´s files in path1 and in path2. Is this possible on weblogic?
Thanks in advance

I see. In my case, x == images, so if I reverse my directory
structure I could still get this to work for me. For instance:
<virtual-directory-mapping>
<local-path>C:\webapps\context\y</local-path>
<url-pattern>/images/*</url-pattern>
</virtual-directory-mapping>
/images/z.gif would map to C:\webapps\context\y\images\z.gif.
I'll have to weigh changing our directory structure vs. keeping the
servlet we have that rewrites the URL.
Thanks for your help.
Scott Steimle.
Rajesh Mirchandani <[email protected]> wrote in message news:<[email protected]>...
From the developer
Virtual directories just replace the doc root. The doc root in your case
is C:\webapps\context\x\y. The request uri is /images/Z.gif. So the whole
thing resolves to C:\webapps\context\x\y\images\Z.gif. Which is where the
image should be located.
We have cleared up the docs. Sorry for any inconvenience.
Scott Steimle wrote:
Hi. I noticed in WebLogic Platform 7.0 there is a entry for
WEB-INF/weblogic.xml that defines a virtual directory. Example:
<!DOCTYPE weblogic-web-app PUBLIC "-//BEA Systems, Inc.//DTD Web
Application 7.0//EN"
"http://www.bea.com/servers/wls700/dtd/weblogic700-web-jar.dtd">
<weblogic-web-app>
<virtual-directory-mapping>
<local-path>C:\webapps\context\x\y</local-path>
<url-pattern>/images/*</url-pattern>
</virtual-directory-mapping>
</weblogic-web-app>
In this case I'm assuming that a request of the form
http:/host:7001/context/images/z.gif would map to the physical file
C:\webapps\context\x\y\z.gif. However I cannot get this to work. Is
my assumption about it's use incorrect? Is the syntax of
<local-path/> or <url-pattern/> wrong? Is there something you have to
do to get WebLogic to recognize the weblogin.xml file?
This is urgent. Please help.
Thanks.
Scott Steimle
Software Engineer
Convera

Weblogic.xml.schema.binding.DeserializationException

Hi all.
I am using WLS 8 and in my web application I have implemented a web service client. The client uses an API that I created with the clientgen executable providing a valid WSDL. That WSDL defines custom data types that are used during the communication to the web service server. Whenever I use one of those custom data types in my web service request everything works fine. But when I call a web service that responds with one of those custom data types I am getting the following exception:
Error occured while calling webservice! Error : web service invoke failed; nested exception is:
javax.xml.soap.SOAPException: failed to deserialize xml:weblogic.xml.schema.binding.DeserializationException: mapping lookup failure.
The weird thing is that weblogic somehow tries to refer to that custom data type with an IP address (e.g. 123.123.123.123) but in the WSDL all the URLs are defined with names (e.g. my.web-service.de) .
Has anyone experienced a similar problem and/or can help me with this issue?

Hi all.
I am using WLS 8 and in my web application I have implemented a web service client. The client uses an API that I created with the clientgen executable providing a valid WSDL. That WSDL defines custom data types that are used during the communication to the web service server. Whenever I use one of those custom data types in my web service request everything works fine. But when I call a web service that responds with one of those custom data types I am getting the following exception:
Error occured while calling webservice! Error : web service invoke failed; nested exception is:
javax.xml.soap.SOAPException: failed to deserialize xml:weblogic.xml.schema.binding.DeserializationException: mapping lookup failure.
The weird thing is that weblogic somehow tries to refer to that custom data type with an IP address (e.g. 123.123.123.123) but in the WSDL all the URLs are defined with names (e.g. my.web-service.de) .
Has anyone experienced a similar problem and/or can help me with this issue?

Difference betwwen weblogic.xml & weblogic-application.xml

Hi,
Can someone explain the Difference betwwen weblogic.xml & weblogic-application.xml in a portal application with some sample examples relavant to portal use cases.
Regards

Those files are not specific to portal applications. WEB-INF/weblogic.xml configures WebLogic specific settings for web applications. META-INF/weblogic-application.xml configures WebLogic specific settings for JEE applications.
http://download.oracle.com/docs/cd/E21764_01/web.1111/e13706/overview.htm#i1067610 has lots of information about applications in WLS.

Difference between prefer-application-packages in weblogic.xml and weblogic-application.xml?

Hi!
When deploying a WAR to WebLogic 10.3.5, what is the difference between the prefer-application-packages element in the files weblogic.xml and weblogic-application.xml?
In my WARs WEB-INF/lib/ I have a JAR that contains classes that are already provided by the container (but older versions).
If I do not use prefer-application-packages then my app gets the classes provided by the container.
If I use prefer-application-packages in weblogic.xml then I get the classes from WAR/WEB-INF/lib which is expected.
But if I use prefer-application-packages in weblogic-application.xml then I get the container versions. Why?
Is there a difference between those two options?
The exact data I use is:
(foo.bar.* is the conflicting package; I add or remove the linex marked with XXXX)
WEB-INF/weblogic.xml :
<?xml version="1.0" encoding="UTF-8"?>
<wls:weblogic-web-app
    xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-web-app"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd http://xmlns.oracle.com/weblogic/weblogic-web-app http://xmlns.oracle.com/weblogic/weblogic-web-app/1.2/weblogic-web-app.xsd">
    <wls:container-descriptor>
        <wls:show-archived-real-path-enabled>true</wls:show-archived-real-path-enabled>
        <wls:prefer-application-packages> 
            <wls:package-name>foo.bar.*</wls:package-name> 
        </wls:prefer-application-packages> 
        <wls:prefer-application-resources>
            <wls:resource-name>META-INF/services/some....</wls:resource-name>
            <wls:resource-name>META-INF/services/unrelated...</wls:resource-name>
            <wls:resource-name>META-INF/services/stuff...</wls:resource-name>
        </wls:prefer-application-resources>
    </wls:container-descriptor>
    <wls:jsp-descriptor>
        <wls:page-check-seconds>-1</wls:page-check-seconds>
        <wls:precompile>true</wls:precompile>
        <wls:precompile-continue>true</wls:precompile-continue>
        <wls:keepgenerated>true</wls:keepgenerated>
    </wls:jsp-descriptor>
    <wls:session-descriptor>
        <wls:persistent-store-type>replicated_if_clustered</wls:persistent-store-type>
    </wls:session-descriptor>
</wls:weblogic-web-app>
META-INF/weblogic-application.xml :
<?xml version="1.0" encoding="UTF-8"?>
<weblogic-application
    xmlns="http://xmlns.oracle.com/weblogic/weblogic-application"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/javaee_5.xsd http://xmlns.oracle.com/weblogic/weblogic-application http://xmlns.oracle.com/weblogic/weblogic-application/1.2/weblogic-application.xsd">
    <application-param>
        <param-name>webapp.encoding.default</param-name>
        <param-value>UTF-8</param-value>
    </application-param>
    <xml>
        <parser-factory>
            <saxparser-factory>
                org.apache.xerces.jaxp.SAXParserFactoryImpl
            </saxparser-factory>
            <document-builder-factory>
                org.apache.xerces.jaxp.DocumentBuilderFactoryImpl
            </document-builder-factory>
            <transformer-factory>
                org.apache.xalan.processor.TransformerFactoryImpl
            </transformer-factory>
        </parser-factory>
    </xml>
    <prefer-application-packages>
        <package-name>foo.bar.*</package-name> 
        <package-name>javax.jws.*</package-name>
        <package-name>javax.xml.ws.*</package-name>
        <package-name>org.apache.cxf.*</package-name>
        <package-name>antlr.*</package-name>
        <package-name>org.xmlsoap.schemas.wsdl.*</package-name>
    </prefer-application-packages>
</weblogic-application>

weblogic-application.xml has no meaning in WARs, it is only used in EARs.

WLS 7.0 SP2 - deploy error using security-permission in weblogic.xml on Win NT (jdk1.3.1)

I am trying to use this in my weblogic.xml and this is the error that I get:
weblogic-web-app>
<description>Test Web App</description>
<reference-descriptor>
<resource-description>
<res-ref-name>jdbc/TestDSRef</res-ref-name>
<jndi-name>TestJdbc</jndi-name>
</resource-description>
</reference-descriptor>
<security-permission>
<security-permission-spec>
     // grant ability to read any file
     grant codeBase "http://server/virtual_directory/-"
     permission java.io.FilePermission "<<ALL FILES>>", "read";
     </security-permission-spec>
</security-permission>
</weblogic-web-app>
Error parsing descriptor in Web appplication "e:\bea7_2\user_projects\mydomain\.\applications\.wlnotdelete\wl_comp15697.war"
[Path="e:\bea7_2\user_projects\mydomain\.\myserver\upload\ourpeople", URI="ourpeople.war"]
Any ideas on what I might be doing wrong? When I remove the security-permissions,
the application deploys fine.

I am trying to use this in my weblogic.xml and this is the error that I get:
weblogic-web-app>
<description>Test Web App</description>
<reference-descriptor>
<resource-description>
<res-ref-name>jdbc/TestDSRef</res-ref-name>
<jndi-name>TestJdbc</jndi-name>
</resource-description>
</reference-descriptor>
<security-permission>
<security-permission-spec>
     // grant ability to read any file
     grant codeBase "http://server/virtual_directory/-"
     permission java.io.FilePermission "<<ALL FILES>>", "read";
     </security-permission-spec>
</security-permission>
</weblogic-web-app>
Error parsing descriptor in Web appplication "e:\bea7_2\user_projects\mydomain\.\applications\.wlnotdelete\wl_comp15697.war"
[Path="e:\bea7_2\user_projects\mydomain\.\myserver\upload\ourpeople", URI="ourpeople.war"]
Any ideas on what I might be doing wrong? When I remove the security-permissions,
the application deploys fine.

Web.xml vs weblogic.xml

i have an application :(ijust joined the production team)
and the web.xml is empty .. do i need a weblogic.xml file for the webapp or not and also if the web.xml is empty like the only tag it has is <webapp> </web-app>
what should the content of weblogic.xml be:
i am guessing it will follow the web.xml and will have <weblogic> </weblogic> tags or is there anything mandatory for the weblogic.xml

As a minimum you will need a web.xml and it should not be empty if you use any servlets in your webapp, I think you can probably get away with an empty web.xml if you only use JSPs. You can configure Servlet mappings, security roles etc in the web.xml file. If your application uses none of these thats probably why your web.xml is a bit sparse.
see
http://e-docs.bea.com/wls/docs81/webapp/weblogic_xml.html
for info on weblogic.xml deployment descriptor.

prefer-web-inf-classes in weblogic.xml doesn't work

When I try to use <prefer-web-inf-classes>true</prefer-web-inf-classes> it works fine with default classloaders structure. But after I changed classloaders hierarhy by means of <classloader-structure> in weblogic-application.xml classes from web app are ignored and classes from outside web app are loaded.
Here is classloaders structure I use
<weblogic-application>
<classloader-structure>
<module-ref>
<module-uri>mywar.war</module-uri>
</module-ref>
<classloader-structure>
<module-ref>
<module-uri>myejb.jar</module-uri>
</module-ref>
</classloader-structure>
</classloader-structure>
</weblogic-application>
Has anybody encountered this before?

Hi, Rob
Does it work in WL9.2?
It seems I do it exactly as the explained at http://edocs.bea.com/wls/docs81/programming/classloading.html - and it fails :o(.
I try to run my app.ear with WL9.2 There are 2 components in it: webapp and mdb. The webapp/WEB-INF contains weblogic.xml:
<weblogic-web-app>
<container-descriptor>
<prefer-web-inf-classes>true</prefer-web-inf-classes>
</container-descriptor>
</weblogic-web-app>
Mdb is expected to run in the same mode, i.e. to prefer the webapp/WEB-INF/*.jar over the parent Weblogic classloader. To do so I add the weblogic-application.xml to the app.ear!/META-INF:
<weblogic-application>
<classloader-structure>
<module-ref>

<module-uri>webapp</module-uri>
</module-ref>
<classloader-structure>
<module-ref>
<module-uri>mdb.jar</module-uri>
</module-ref>
</classloader-structure>
</classloader-structure>
</weblogic-application>
Now, when classloader-structure specified, both webabb and mdb prefer the weblogic root loader as if prefer-web-inf-classes not defined at all.

How to edit weblogic.xml in Jdeveloper web project

Hi, All,
I created a web application in Jdeveloper11.1.1.1 and deployed to weblogic server 10.3, I found there is weblogic.xml under WEB-INF folder in war file.
I try to add something in weblogic.xml, but the problem is I cannot find weblogic.xml in Jdeveloper.
How to edit weblogic.xml in Jdeveloper? Thanks in advanced.
Best Regards,
Bill

The weblogic.xml file is generated at deploy time if it doesn't exist in your application. To create it specifically in your application at design time for editing, select the appropriate project then the New option, from the New Gallery select General -> Deployment Descriptors -> Weblogic Deployment Descriptor, and in the resulting dialog select the weblogic.xml file. It will be added to the project -> Web Content -> WEB-INF directory.
Cheers,
CM.

Editing web.xml OR weblogic.xml programmatically

Hi there,
I am trying to edit the web.xml and weblogic.xml programmatically. I am trying to load the above deployment descriptors in DOM object. But as DTD is mentioned externally, connection to URL is failing.
But weblogic.jar contains all DTD in local machine. Is there any way to make parser to refer DTD in weblogic.jar. Or any weblogic API available to edit the deployment descriptors programatically.
Thanks in advance.
I am getting following error.
java.net.ConnectException: Connection timed out: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
at java.net.Socket.connect(Socket.java:452)
at java.net.Socket.connect(Socket.java:402)
at sun.net.NetworkClient.doConnect(NetworkClient.java:139)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:306)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:267)
at sun.net.www.http.HttpClient.New(HttpClient.java:339)
at sun.net.www.http.HttpClient.New(HttpClient.java:320)
at sun.net.www.http.HttpClient.New(HttpClient.java:315)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConne
ction.java:512)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection
.java:489)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:617)
at java.net.URL.openStream(URL.java:913)
at weblogic.apache.xerces.impl.XMLEntityManager.startEntity(XMLEntityMan
ager.java:836)
at weblogic.apache.xerces.impl.XMLEntityManager.startDTDEntity(XMLEntity
Manager.java:796)
at weblogic.apache.xerces.impl.XMLDTDScannerImpl.setInputSource(XMLDTDSc
annerImpl.java:275)
at weblogic.apache.xerces.impl.XMLDocumentScannerImpl$DTDDispatcher.disp
atch(XMLDocumentScannerImpl.java:841)
at weblogic.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocume
nt(XMLDocumentFragmentScannerImpl.java:329)
at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
n.java:525)
at weblogic.apache.xerces.parsers.DTDConfiguration.parse(DTDConfiguratio
n.java:581)
at weblogic.apache.xerces.parsers.XMLParser.parse(XMLParser.java:152)
at weblogic.apache.xerces.parsers.DOMParser.parse(DOMParser.java:257)
at weblogic.apache.xerces.jaxp.DocumentBuilderImpl.parse(DocumentBuilder
Impl.java:201)
at javax.xml.parsers.DocumentBuilder.parse(DocumentBuilder.java:151)
at JAXPandDOM.main(JAXPandDOM.java:39)

I believe you could get around this with a custom EntityResolver. It's possible that Tomcat does something like this.
However, I would question why you are trying to do this. If your container is set to Development mode, you might get away with the container automatically reloading your changes, but it certainly won't happen in Production mode, and even in Development mode, I don't know that I could predict how that would work.
You'd be better off, with respect to portability and flexibility, if you store dynamic resources in an external file, not in the web.xml or weblogic.xml file. You could have a timed "watcher" for the file, to see when it's modified.

Security in weblogic.xml

Hi,
in weblogic.xml security
<wls:security-role-assignment>
<wls:role-name>Role</wls:role-name>
<wls:principal-name>principal</wls:principal-name>
</wls:security-role-assignment>
you must enter all the principals? .. if I create a new principal I need to enter by force? I can not insert a tag that treats them all?
Thanks to all and good job
Peppe

You can enter a Weblogic Group name here or you can say externally-defined (if the name is the same as defined in weblogic externally).
You only need to explicitly specify users if you arent using weblogic groups/roles
regards
deepak

Weblogic.xml.security.SecurityConfigurationException running encrypt example

Hi,
I am trying to run the tutorial examples that are detailed at http://webservice.bea.com.
I am having problems running the encrypt SOAP messages example.
The command line client version works fine (the full transaction goes smoothly,
returning me the string I sent using the encryption). The browser version, though
, gives me an error.
(See attached).
I am using WLS 8.1. sp2.
I configured the server keystore and client keystore using the command line utilities
included
in the zipped example.
I configured the servers default identity asserter as well as the ssl & keystore
according to the
instructions of the zipped file.
Thanks in advance.

i meet the same problem as Juan Campos'.
the error information as follow:
Request sent to the server

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
     at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
     at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
     at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
     at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
     at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
     at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
     at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
     at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
     at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
     at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
     at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
     at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
     at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
     at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
     at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
     at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
     at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
     at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
Response from the server

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
     at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
     at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
     at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
     at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
     at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
     at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
     at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
     at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
     at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
     at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
     at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
     at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
     at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
     at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
     at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
     at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
     at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
     at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
     at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
i try Bruce Stephens' advise,but don't know exactly how to do,(which certificate should be imported?)will someone please tell the details?

Web.xml / weblogic.xml security

Similar Messages

Maybe you are looking for