Weblogic.servlet.security.ServletAuthentication Question
Hi all,
I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
Any help/clarification on this is greatly appreciated,
arif.
Hi all,
I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
Any help/clarification on this is greatly appreciated,
arif.
Similar Messages
-
Using weblogic.servlet.security.ServletAuthentication
I am currently using weblogic.servlet.security.ServletAuthentication.authenticate(Callback,
request) to peform a weblogic form-based authentication/login and would like to
see the session stored user info....
The doc for authenticate states that a session will be created, but does this
method also place user information into the session [after authentication]. If
so, how exactly do I get the default user information stored in the session after
this call?
Is there a String title associated with the user info so that I can use getAttribute(String)?
Using session.getAttributeNames(), I can see that the session has a "sessionContext"
and "org.apache.struts.action.LOCALE". Is there a way I can user/parse these objects
for the user information. Your help is very much appreciated, thanks!I think we have most of the functionality you've asked for.
ServletAuthentication.runAs() associates a Subject with the session.
weblogic.security.services.Authentication.authenticate() creates a Subject.
ServletAuthentication.authenticate() is merely a convenience wrapper around
these two methods. That is, it creates a CallbackHandler from the request,
calls authenticate() and then calls runAs(). So, in answer to your question,
yes, ServletAuthentication.authenticate() does associate the Subject with
the current session.
There is no direct way of getting the Subject associated with a session but
we can give you the current Subject which is almost always the same thing
(if you have a run-as tag the current Subject may be different than the one
associated with the session). To get the current Subject call
weblogic.security.Security.getCurrentSubject().
- Neil
"Richard " <[email protected]> wrote in message
news:4002e8a6$[email protected]..
>
I am currently usingweblogic.servlet.security.ServletAuthentication.authenticate(Callback,
request) to peform a weblogic form-based authentication/login and wouldlike to
see the session stored user info....
The doc for authenticate states that a session will be created, but doesthis
method also place user information into the session [afterauthentication]. If
so, how exactly do I get the default user information stored in thesession after
this call?
Is there a String title associated with the user info so that I can usegetAttribute(String)?
>
Using session.getAttributeNames(), I can see that the session has a"sessionContext"
and "org.apache.struts.action.LOCALE". Is there a way I can user/parsethese objects
for the user information. Your help is very much appreciated, thanks! -
Weblogic.servlet.security.ServletAuthentication
Looking at the new SP9, I am wondering about the following questions. Can
some one in BEA give us some details?
1. Why the signature of weak() method keep changing?
2. In SP8, there is a version of weak() like
weak(java.lang.String username,
java.lang.String password,
javax.servlet.http.HttpSession session)
However, in SP9, this version is dropped. I am wondering whether there
is any problem of the SP8 version.
3. In SP9, the above weak() method has been replaced by:
weak(java.lang.String username,
java.lang.String password,
javax.servlet.http.HttpSession session,
javax.servlet.http.HttpServletRequest request)
What is the benefit of this version? When we have passed in the
request, why do we still need to pass in the session?
Thanks.
Lan KeLooking at the new SP9, I am wondering about the following questions. Can
some one in BEA give us some details?
1. Why the signature of weak() method keep changing?
2. In SP8, there is a version of weak() like
weak(java.lang.String username,
java.lang.String password,
javax.servlet.http.HttpSession session)
However, in SP9, this version is dropped. I am wondering whether there
is any problem of the SP8 version.
3. In SP9, the above weak() method has been replaced by:
weak(java.lang.String username,
java.lang.String password,
javax.servlet.http.HttpSession session,
javax.servlet.http.HttpServletRequest request)
What is the benefit of this version? When we have passed in the
request, why do we still need to pass in the session?
Thanks.
Lan Ke -
+In our web app, we supply a form to accept the user info and login the
user. The following is the program.
String uid = (String )request.getParameter( "username" ) ;
String pwd = (String )request.getParameter( "password" ) ;
ServletAuthentication.logout( request ) ;
request.getSession().invalidate();
HttpSession session = request.getSession( true ) ;
session.setAttribute( ..... ) ;
int auth = ServletAuthentication.weak( uid, pwd, request ) ;
+But an exception of "java.lang.IllegalStateException: HttpSession is
invalid" is thrown by the last statement. What's wrong with the above
program?
Thanks for any help!
+In our web app, we supply a form to accept the user info and login the
user. The following is the program.
String uid = (String )request.getParameter( "username" ) ;
String pwd = (String )request.getParameter( "password" ) ;
ServletAuthentication.logout( request ) ;
request.getSession().invalidate();
HttpSession session = request.getSession( true ) ;
session.setAttribute( ..... ) ;
int auth = ServletAuthentication.weak( uid, pwd, request ) ;
+But an exception of "java.lang.IllegalStateException: HttpSession is
invalid" is thrown by the last statement. What's wrong with the above
program?
Thanks for any help!
-
Hi,
In WLS6.1, i have a webapplication.
User logs into this by Form based authentication. When user clicks logoff, I tried calling ServletAuthentication.logout()/ invalidateall()/ killcookie() along with calling session.invalidate(), and then redirect the user to a controlled url.
WLS5.1 threw login page in this case(just by calling session.invalidate()), but 6.1 allows access to the url (a new session is created but the user is never logged out).
Can you pl. let me know why is this happening ? Is there a way out to logout the user by calling any properitory api ?
Thanks in advance
Mano
Hi,
In WLS6.1, i have a webapplication.
User logs into this by Form based authentication. When user clicks logoff, I tried calling ServletAuthentication.logout()/ invalidateall()/ killcookie() along with calling session.invalidate(), and then redirect the user to a controlled url.
WLS5.1 threw login page in this case(just by calling session.invalidate()), but 6.1 allows access to the url (a new session is created but the user is never logged out).
Can you pl. let me know why is this happening ? Is there a way out to logout the user by calling any properitory api ?
Thanks in advance
Mano
-
While trying to publish mesaage by MQ 5.3 .I got the following error
Please help.
<Error> <HTTP> <BEA-101083> <Connection failure.
java.io.IOException: A complete message could not be read on socket: 'weblogic.servlet.internal.MuxableSocketHTTP@1c94ff
3 - idle timeout: '30000' ms, socket timeout: '30000' ms', in the configured timeout period of '60' secs
at weblogic.socket.SocketMuxer$TimeoutTrigger.trigger(SocketMuxer.java:775)
at weblogic.time.common.internal.ScheduledTrigger.run(ScheduledTrigger.java:243)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.time.common.internal.ScheduledTrigger.executeLocally(ScheduledTrigger.java:229)
at weblogic.time.common.internal.ScheduledTrigger.execute(ScheduledTrigger.java:223)
at weblogic.time.server.ScheduledTrigger.execute(ScheduledTrigger.java:49)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Can you help me ? I have the same problem.
-
Weblogic.servlet.reloadCheckSecs in web.xml not working
Given the following web.xml file:
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application
1.2//EN" "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>
<context-param>
<param-name>weblogic.servlet.reloadCheckSecs</param-name>
<param-value>100</param-value>
</context-param>
<servlet>
<servlet-name>CookieCounter</servlet-name>
<servlet-class>servlets.CookieCounter</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CookieCounter</servlet-name>
<url-pattern>monster</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>hello.html</welcome-file>
</welcome-file-list>
<error-page>
<error-code>404</error-code>
<location>/error.jsp</location>
</error-page>
</web-app>
It seems the weblogic.servlet.reloadCheckSecs property is not taking effect.
The
default value of -1 is always used. I did stop and restart weblogic.
I also trid to set the servlet classpath in the web.xml file with
weblogic.servlet.classpath
property and it did not change the classpath for the servlet. It seems that
other
items are working such as adding new servletrs to the web application. Note
that
this is the cookie sample application that installes with the beta 2
download.
Thanks,
Dan.
Hi All:
Thanks for all your help regarding the adfAuthentication success_url. Now I am able to configure to make this work. But now I am facing another issue i.e. I am getting 401 Not authorized message when the success_url is pointed to the jspx page.
Note: I am using custom login module similar to DBProcOraDataSourceLoginModule so my roles are stored in the custom Role class. So I am not sure how to pass this role info to the security in ADF in order to authorize the page to be viewed.
Could you please help and can you point me to any specific link.
Thanks & Regards
Sridhar Doki -
Security Problem when call EJB in servlet:[Security:090398]Invalid Subject
Hi guys,
I have several years experience with Java and EJB developing,but still I cann't explain this problem although I already knew the fix...
Please,can anyone help me to explain why? Thanks very much!
Ok,the problem is when I call a remote EJB in one method ,that is everything about EJB is in one method,then everything is ok.But when I just return the
*remote service object from an helper class's static method, and call the service in servlet ,then I get java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076],which sundan076 is username login into the web application.*
The right way, call method directCall(param) ; The wrong way, call method staticToolCall(final Map param) .
public class EJBServletClient extends HttpServlet
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
this.doPost(request, response);
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException,
IOException
try
Map<String, String> param = new HashMap<String, String>();
param.put("CTS_CUSTOMER_ID", request.getParameter("CTS_CUSTOMER_ID"));
param.put("CTS_TASK_ID", request.getParameter("CTS_TASK_ID"));
param.put("SERIALNO", request.getParameter("SERIALNO"));
param.put("CUSTOMER_SERVICE_UM", request.getParameter("CUSTOMER_SERVICE_UM"));
Map result = this.directCall(param);
System.out.println(result);
} catch (Exception e)
e.printStackTrace();
throw new ServletException(e);
private Map directCall(Map param) throws Exception
Context context = null;
try
Properties p = new Properties();
p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
p.put(Context.SECURITY_PRINCIPAL, "username");
p.put(Context.SECURITY_CREDENTIALS, "password");
context = new InitialContext(p);
BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
BizApplyService bizApplyService = home.create();
return bizApplyService.modifyApplyCustomerInfo(param);
} finally
if (context != null)
context.close();
private Map staticToolCall(final Map param) throws Exception
BizApplyService bizApplyService = EJBTool.getBizApplyService();
return bizApplyService.modifyApplyCustomerInfo(param);
public class EJBTool
public static BizApplyService getBizApplyService() throws Exception
Context context = null;
try
Properties p = new Properties();
p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
p.put(Context.SECURITY_PRINCIPAL, "username");
p.put(Context.SECURITY_CREDENTIALS, "password");
context = new InitialContext(p);
BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
return home.create();
} finally
if (context != null)
context.close();
java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076]
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at com.pingan.rcs.css.biz.service.remote.ejb.bizApplyService_u7jjbk_EOImpl_1032_WLStub.modifyApplyCustomerInfo(Unknown Source)
at com.pingan.pafax.web.EJBServletClient.staticToolCall(EJBServletClient.java:80)
at com.pingan.pafax.web.EJBServletClient.doPost(EJBServletClient.java:43)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3594)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Caused by: java.lang.SecurityException: [Security:090398]Invalid Subject: principals=[sundan076]
at weblogic.security.service.SecurityServiceManager.seal(SecurityServiceManager.java:835)
at weblogic.security.service.SecurityServiceManager.getSealedSubjectFromWire(SecurityServiceManager.java:524)
at weblogic.rjvm.MsgAbbrevInputStream.getSubject(MsgAbbrevInputStream.java:315)
at weblogic.rmi.internal.BasicServerRef.acceptRequest(BasicServerRef.java:875)
at weblogic.rmi.internal.BasicServerRef.dispatch(BasicServerRef.java:310)
at weblogic.rmi.cluster.ClusterableServerRef.dispatch(ClusterableServerRef.java:242)
at weblogic.rjvm.RJVMImpl.dispatchRequest(RJVMImpl.java:1138)
at weblogic.rjvm.RJVMImpl.dispatch(RJVMImpl.java:1020)
at weblogic.rjvm.ConnectionManagerServer.handleRJVM(ConnectionManagerServer.java:240)
at weblogic.rjvm.ConnectionManager.dispatch(ConnectionManager.java:882)
at weblogic.rjvm.MsgAbbrevJVMConnection.dispatch(MsgAbbrevJVMConnection.java:453)
at weblogic.rjvm.t3.MuxableSocketT3.dispatch(MuxableSocketT3.java:322)
at weblogic.socket.BaseAbstractMuxableSocket.dispatch(BaseAbstractMuxableSocket.java:298)
at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:915)
at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:854)
at weblogic.socket.EPollSocketMuxer.dataReceived(EPollSocketMuxer.java:215)
at weblogic.socket.EPollSocketMuxer.processSockets(EPollSocketMuxer.java:177)
at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:42)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
Edited by: 993478 on 2013-3-12 下午8:40I tried your way,it works! Still ,does anyone know why staticToolCall() raised exception?
By the way,here is the code as you suggested:
public class EJBServletClient extends HttpServlet
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException,
IOException
Context context = null;
try
Map<String, String> param = new HashMap<String, String>();
param.put("CTS_CUSTOMER_ID", request.getParameter("CTS_CUSTOMER_ID"));
param.put("CTS_TASK_ID", request.getParameter("CTS_TASK_ID"));
param.put("SERIALNO", request.getParameter("SERIALNO"));
param.put("CUSTOMER_SERVICE_UM", request.getParameter("CUSTOMER_SERVICE_UM"));
//Map result = this.staticToolCall(param);
Properties p = new Properties();
p.put(Context.PROVIDER_URL, "t3://10.25.32.13:31256");
p.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
p.put(Context.SECURITY_PRINCIPAL, "username");
p.put(Context.SECURITY_CREDENTIALS, "password");
context = new InitialContext(p);
Map result=EJBTool.modifyApplyCustomerInfo(context, param);
System.out.println(result);
} catch (Exception e)
e.printStackTrace();
throw new ServletException(e);
}finally
if (context != null)
try{context.close();} catch (NamingException e){e.printStackTrace();}
public class EJBTool
public static Map modifyApplyCustomerInfo(Context context, Map param) throws Exception
BizApplyServiceHome home = (BizApplyServiceHome) PortableRemoteObject.narrow(
context.lookup("ejb/rcs-css/BizApplyService"), BizApplyServiceHome.class);
BizApplyService bizApplyService = home.create();
Map result = bizApplyService.modifyApplyCustomerInfo(param);
return result;
} -
Hi,
intermittently we are seeing this exception in the server log files on weblogic 6.1
sp2, I was wondering what the cause is:
java.lang.NullPointerException
at weblogic.servlet.logging.LogManagerHttp.log(LogManagerHttp.java:292)
at weblogic.servlet.internal.HttpServer.log(HttpServer.java:835)
at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:1002)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2209)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:139)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
Did your C:\Lighthammer\Security\userdata\IlluminatorUsers.xml or other files in this directory get corrupted somehow?
If you've rebooted the box or bounced the ServletExec-xMII service, do you see anything in the SYSTEM level messages that are forced during the initialization sequence in either the Lighthammer General log or the LHSecurity General log that would give any indications to the problem?
Regards,
Jeremy -
Hi,
we have an 7x24 hour application which causes sometimes (error happend e.g. 4 times in 2 weeks) following error:
=====================
<30.06.2009 14:41 Uhr CEST> <Error> <WebLogicServer> <BEA-000337> <[STUCK] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)' has been busy for "615" seconds working on the request "weblogic.servlet.internal.ServletRequestImpl@1885c28[
GET /tls-lmrg-ViewController-context-root/faces/lmrg0001.jspx?_adf.ctrl-state=373697585_3&Adf-Rich-Message=true&unique=1246365071463&oracle.adf.view.rich.STREAM=j_id_id4:tableWa&javax.faces.ViewState=!5ea5ac22&oracle.adf.view.rich.forceHTML=true HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
Referer: http://trnas029:7001/tls-lmrg-ViewController-context-root/faces/lmrg0001.jspx?_adf.ctrl-state=373697585_3
Accept-Language: de
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)
Connection: Keep-Alive
Cookie: JSESSIONID=nGrHKG6SWG2Tg2Z515GzlxhJFRw1pdX7Gm3F1YYcL23ppXHy3kgj!-2050079672
]", which is more than the configured time (StuckThreadMaxTime) of "600" seconds. Stack trace:
java.io.FileOutputStream.writeBytes(Native Method)
java.io.FileOutputStream.write(FileOutputStream.java:260)
java.io.BufferedOutputStream.write(BufferedOutputStream.java:105)
java.io.PrintStream.write(PrintStream.java:430)
sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:202)
sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:272)
sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:276)
sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
java.util.logging.StreamHandler.flush(StreamHandler.java:225)
java.util.logging.ConsoleHandler.publish(ConsoleHandler.java:89)
java.util.logging.Logger.log(Logger.java:472)
oracle.adf.share.logging.ADFLogger.doLog(ADFLogger.java:1747)
oracle.adf.share.logging.ADFLogger.log(ADFLogger.java:430)
oracle.adf.share.logging.ADFLogger.severe(ADFLogger.java:986)
oracle.adfinternal.view.faces.model.binding.CurrencyRowKeySet._computeCurrentRowKey(CurrencyRowKeySet.java:146)
oracle.adfinternal.view.faces.model.binding.CurrencyRowKeySet.iterator(CurrencyRowKeySet.java:37)
oracle.adfinternal.view.faces.renderkit.rich.TableRendererUtils.writePojoSelectionState(TableRendererUtils.java:308)
oracle.adfinternal.view.faces.renderkit.rich.TableRenderer.renderDataBlockRows(TableRenderer.java:1608)
oracle.adfinternal.view.faces.renderkit.rich.TableRenderer._renderSingleDataBlock(TableRenderer.java:1488)
oracle.adfinternal.view.faces.renderkit.rich.TableRenderer._handleDataFetch(TableRenderer.java:918)
oracle.adfinternal.view.faces.renderkit.rich.TableRenderer.encodeAll(TableRenderer.java:394)
oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1050)
org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:224)
org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:763)
org.apache.myfaces.trinidad.component.UIXCollection.encodeEnd(UIXCollection.java:533)
org.apache.myfaces.trinidad.render.RenderUtils.encodeRecursive(RenderUtils.java:70)
oracle.adfinternal.view.faces.util.rich.InvokeOnComponentUtils$RenderCallback.invokeContextCallback(InvokeOnComponentUtils.java:97)
org.apache.myfaces.trinidad.component.UIXCollection.invokeOnComponent(UIXCollection.java:1030)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.invokeOnComponent(ContextSwitchingComponent.java:153)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.invokeOnComponent(ContextSwitchingComponent.java:153)
oracle.adf.view.rich.component.fragment.UIXPageTemplate.invokeOnComponent(UIXPageTemplate.java:208)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
javax.faces.component.UIComponent.invokeOnComponent(UIComponent.java:731)
javax.faces.component.UIComponentBase.invokeOnComponent(UIComponentBase.java:664)
oracle.adfinternal.view.faces.util.rich.InvokeOnComponentUtils.renderChild(InvokeOnComponentUtils.java:29)
oracle.adfinternal.view.faces.streaming.StreamingDataManager._pprComponent(StreamingDataManager.java:577)
oracle.adfinternal.view.faces.streaming.StreamingDataManager.execute(StreamingDataManager.java:442)
oracle.adfinternal.view.faces.renderkit.rich.DocumentRenderer._encodeStreamingResponse(DocumentRenderer.java:2124)
oracle.adfinternal.view.faces.renderkit.rich.DocumentRenderer.encodeAll(DocumentRenderer.java:787)
oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1050)
org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:224)
org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:763)
org.apache.myfaces.trinidad.component.UIXComponentBase.__encodeRecursive(UIXComponentBase.java:1351)
org.apache.myfaces.trinidad.component.UIXComponentBase.encodeAll(UIXComponentBase.java:783)
javax.faces.component.UIComponent.encodeAll(UIComponent.java:942)
com.sun.faces.application.ViewHandlerImpl.doRenderView(ViewHandlerImpl.java:273)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:204)
javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:189)
org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:188)
oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:652)
oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:243)
oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:203)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:266)
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:278)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:238)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:195)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:138)
org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
weblogic.security.service.SecurityManager.runAs(Unknown Source)
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
========================
Application is developed with ADF 11g (11.1.1.0.2) and only refreshes a graph periodically via af:poll.
Any ideas what I can do to analyze and resolve the problem?
regards
Peterrepost
-
URLConnection returns NULL when called from within a weblogic servlet
The following code snippet works when executed outside of weblogic, but does
not work from within a weblogic servlet instance.
URL u = new URL("http://" + ipString + newString.toString());
URLConnection uc = u.openConnection();
BufferedReader in = new BufferedReader (new InputStreamReader(uc.getInputStream()));
String response = "", response2 = "";
while(response2 != null)
response = ((response2 = in.readLine()) == null) ? response : response + response2;
The response is quite big. When this code is executed from within a weblogic servlet instance,
in.readLine always returns a null right away. Yet a TCP/IP trace shows that the packets are coming
back to my NT machine.
Other info:
Inside of weblogic:
u's handler is of type weblogic.net.http.Hanlder
uc is of type weblogic.net.http.HttpURLConnection
Outside of weblogic:
u's handler is of type sun.net.www.protocol.http.Handler
uc is of type sun.new.www.protocol.http.HttpURLConnection
Weblogic V4.51. Running on NT.
Attempted the following to no avail:
1. installing sp11
2. changing the security to permission java.security.AllPermission;
3. adding the following calls : uc.setRequestProperty("Content-Type", "text/xml");
uc.setDoInput(true);
uc.setDoOutput(true);
4. Started playing around with modifying the java.protocol.handler.pkgs system property,
but I shouldn't have to do this.
Any help would be appreciated.There are some problems with the WL implementations of certain protocols.
WL hides the Sun implementations when you are in the WebLogic server. Here
is an a solution that was posted to a similar problem:
Https is an add-in so to speak. Try this before you create your url:
System.setProperty ("java.protocol.handler.pkgs",
"com.sun.net.ssl.internal.www.protocol");
// add the default security provider (again, in JSSE1.0.1)
int iap = java.security.Security.addProvider(new
com.sun.net.ssl.internal.ssl.Provider() );
dennisNote how the code overides the WL setting which overode the Sun setting.
Cameron Purdy
[email protected]
http://www.tangosol.com
WebLogic Consulting Available
"Brian Howell" <[email protected]> wrote in message
news:[email protected]...
>
The following code snippet works when executed outside of weblogic, butdoes
not work from within a weblogic servlet instance.
URL u = new URL("http://" + ipString + newString.toString());
URLConnection uc = u.openConnection();
BufferedReader in = new BufferedReader (newInputStreamReader(uc.getInputStream()));
>
String response = "", response2 = "";
while(response2 != null)
response = ((response2 = in.readLine()) == null) ? response : response +response2;
The response is quite big. When this code is executed from within aweblogic servlet instance,
in.readLine always returns a null right away. Yet a TCP/IP trace showsthat the packets are coming
back to my NT machine.
Other info:
Inside of weblogic:
u's handler is of type weblogic.net.http.Hanlder
uc is of type weblogic.net.http.HttpURLConnection
Outside of weblogic:
u's handler is of type sun.net.www.protocol.http.Handler
uc is of type sun.new.www.protocol.http.HttpURLConnection
Weblogic V4.51. Running on NT.
Attempted the following to no avail:
1. installing sp11
2. changing the security to permission java.security.AllPermission;
3. adding the following calls : uc.setRequestProperty("Content-Type","text/xml");
uc.setDoInput(true);
uc.setDoOutput(true);
4. Started playing around with modifying the java.protocol.handler.pkgssystem property,
but I shouldn't have to do this.
Any help would be appreciated. -
The servlet weblogic.servlet.AsyncInitServlet init method failed
I installed WLS 9.2.2 recently with my app being on 8.1.5 for a long time.
I chose to create a new domain instead of upgrading my existing one.
I use the eclipse 3.2.2 with the WL plugin.
When I start the server and login to the console not using eclipse it works fine.
Trying to start the server and login to the console gives a internal server error.
Any idea what could be wrong? I bolded the parts where I have looked into.
Here is the console output:
<Nov 19, 2008 3:13:02 PM CST> <Notice> <WebLogicServer> <BEA-000395> <Following extensions directory contents added to the end of the classpath:
C:\bea92\weblogic92\platform\lib\p13n\p13n-schemas.jar;C:\bea92\weblogic92\platform\lib\p13n\p13n_common.jar;*C:\bea92\weblogic92\platform\lib\p13n\p13n_system.jar*;C:\bea92\weblogic92\platform\lib\wlp\netuix_common.jar;C:\bea92\weblogic92\platform\lib\wlp\netuix_schemas.jar;C:\bea92\weblogic92\platform\lib\wlp\netuix_system.jar;C:\bea92\weblogic92\platform\lib\wlp\wsrp-common.jar>
<Nov 19, 2008 3:13:03 PM CST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) Client VM Version 1.5.0_10-b03 from Sun Microsystems Inc.>
<Nov 19, 2008 3:13:05 PM CST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 9.2 MP2 Mon Jun 25 01:32:01 EDT 2007 952826 >
<Nov 19, 2008 3:13:10 PM CST> <Info> <WebLogicServer> <BEA-000215> <Loaded License : C:\bea92\license.bea>
<Nov 19, 2008 3:13:10 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Nov 19, 2008 3:13:10 PM CST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Nov 19, 2008 3:13:11 PM CST> <Notice> <Log Management> <BEA-170019> <The server log file C:\bea92\user_projects\domains\domain\servers\AdminServer\logs\AdminServer.log is opened. All server side log events will be written to this file.>
<Nov 19, 2008 3:13:15 PM CST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Nov 19, 2008 3:13:22 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STANDBY>
<Nov 19, 2008 3:13:22 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Nov 19, 2008 3:13:30 PM CST> <Error> <HTTP> <BEA-101359> <The servlet weblogic.servlet.AsyncInitServlet init method failed while it was run in the background. The exception was: java.lang.NoClassDefFoundError: com/bea/p13n/management/ApplicationFilePoller$Handler.
java.lang.NoClassDefFoundError: com/bea/p13n/management/ApplicationFilePoller$Handler
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:620)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:260)
at java.net.URLClassLoader.access$100(URLClassLoader.java:56)
Truncated. see log file for complete stacktrace
>
<Nov 19, 2008 3:13:37 PM CST> <Notice> <Log Management> <BEA-170027> <The server initialized the domain log broadcaster successfully. Log messages will now be broadcasted to the domain log.>
<Nov 19, 2008 3:13:37 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to ADMIN>
<Nov 19, 2008 3:13:37 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RESUMING>
<Nov 19, 2008 3:13:39 PM CST> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 127.0.0.1:7005 for protocols iiop, t3, ldap, http.>
<Nov 19, 2008 3:13:39 PM CST> <Notice> <WebLogicServer> <BEA-000331> <Started WebLogic Admin Server "AdminServer" for domain "domain" running in Development Mode>
<Nov 19, 2008 3:13:40 PM CST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING>
<Nov 19, 2008 3:13:40 PM CST> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>
<Nov 19, 2008 3:22:04 PM CST> <Error> <HTTP> <BEA-101020> <[weblogic.servlet.internal.WebAppServletContext@d6c6a0 - appName: 'consoleapp', name: 'console', context-path: '/console'] Servlet failed with Exception
java.lang.NullPointerException
at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:124)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
Truncated. see log file for complete stacktrace
Edited by: user5384782 on Nov 19, 2008 1:42 PM
Edited by: user5384782 on Nov 19, 2008 3:59 PMThanks for your replies adrian and david.
The only thing I see different is that eclipse has different arguments when calling the jvm at the top.
startWebLogic.cmd:
C:\bea92\JDK150~1\bin\java -client -Xms256m -Xmx512m -XX:CompileThreshold=8000
-XX:PermSize=48m -XX:MaxPermSize=128m -Xverify:none -da -Dplatform.home=C:\b
ea92\WEBLOG~1 -Dwls.home=C:\bea92\WEBLOG~1\server -Dwli.home=C:\bea92\WEBLOG~1\i
ntegration -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testC
onsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=C:\bea92\patch_weblogic922
\profiles\default\sysext_manifest_classpath -Dweblogic.Name=AdminServer -Djava.s
ecurity.policy=C:\bea92\WEBLOG~1\server\lib\weblogic.policy weblogic.Server
eclipse:
-hotspot -Xms32m -Xmx200m -Dweblogic.ProductionModeEnabled=
Eclipse may be calling the cmd I dont know.
I will try upgrading my eclipse like adrian said, but in the meantime I appreciate any further advice/tips. -
Problem wth weblogic.servlet.jsp.jspstub
hai,
i have three pages in my application iam calling a login page which verifies the user and gets the data from the database
and iam showing the results in the secod page and logging from there.
This process iam doing with a stress tool repeatedly.
iam observing the created objects in the heapinspector the name of the product is optimiztit.
iam observing the following contents are increasing on each login process.
The objects which are increasing are as follows.
weblogic.servlet.jsp.config,
weblogic.servlet.jsp.jspstub,
weblogic.socket.IoRecord,
weblogic.rmi.internal.dgc.DGCServerHelper,
java.lang.security.exceptions
and some other weblogic related objects.
and once they reach the max heap memory my application is runnig outofmemory exception.
do i need to follow any configration setting to arrest the above object increments.
can any body give some help to over come this.it would be a great help for me if i get any healp.
Any ideas/pointers would be welcome. Thanks for your help.
Thanks,
gangadhar
Hi,
It's peculiar that you're seeing JspStub and jsp.config instances
increasing. Can you convert your application to a stand alone app that
doesn't do any database access and send me the application with instructions
on how to run it. If so, I can look into it quickly - otherwise, I can only
guess and that is a waste of time for both of us.
Alex
"gangadhar" <[email protected]> wrote in message
news:[email protected]...
> hai,
>
> i have three pages in my application iam calling a login page which
verifies the user and gets the data from the database
> and iam showing the results in the secod page and logging from there.
>
> This process iam doing with a stress tool repeatedly.
>
> iam observing the created objects in the heapinspector the name of the
product is optimiztit.
>
> iam observing the following contents are increasing on each login process.
>
> The objects which are increasing are as follows.
>
> weblogic.servlet.jsp.config,
> weblogic.servlet.jsp.jspstub,
> weblogic.socket.IoRecord,
> weblogic.rmi.internal.dgc.DGCServerHelper,
> java.lang.security.exceptions
> and some other weblogic related objects.
>
> and once they reach the max heap memory my application is runnig
outofmemory exception.
>
> do i need to follow any configration setting to arrest the above object
increments.
>
> can any body give some help to over come this.it would be a great help for
me if i get any healp.
>
> Any ideas/pointers would be welcome. Thanks for your help.
>
> Thanks,
> gangadhar
-
Security/session questions
Hi,
I have some security/session questions for you guys.
My application uses flex, blazeds and spring. I use RemoteObjects to initiate calls from flex to java. The application consists of a login screen and 'other screens' available only to authenticated users after login. When the user logs in the server stores user credentials on the FlexContext (FlexContext.getFlexSession().setAttribute). So if the server timeout is reached and the user presses 'refresh' the user is thrown out and the login screen appears.
Question 1: How can I check if the timeout is reached when the user makes a call to the server, without checking manually against the FlexContext. Are there any config parameters to set?
Question 2: Is it necesssary to check against the user credentials in the session for every flex-to-server call? (I guess someone can omit the login screen and do a manual call)
Question 3: If the answer to question 2 is yes, how can I check against the session credentials? The only way I can think of is calling a method which checks the session attribute manually, but then I have to remember to add this method call to each of the methods called from flex through Blazeds. Is it, for example, possible to call the user-logged-in method before the method given in the RemoteObject is called? (If not authenticated, do not run method).
Hope someone got the time to help me out.I appreciate your answer, but as you yourself write, I think there must be a blazeDS way. But as nobody with extensive BlazeDS knowledge answers this post, I probably have to google this topic even more.
Following are the main changes in my application: (Introducing spring security)
Everything seems to be working as it should. But as already stated, I'm a newbie. So if anybody see something suspicious, let me know.
The main problem I had implementing Spring Security was something that should be easy, but somehow it was not: the loading of the context files. Before introducing the spring security I only had one application-context file, and this was loaded by the DispatcherServlet. When introducing security I tried to add this to the same file. It did not work. Then I tried splitting up the files, and loading both using DispatcherServlet. It did not work. Then I tried loading both using ContextLoaderListener. It did not work. Finally I found the solution. Flex settings must be loaded by the DispatcherServlet, and spring security settings must be loaded by ContextLoaderListener. This work. I don't know if this is the only solution.
On the server:
web-xml:
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/config/web-application-config.xml
/WEB-INF/config/web-application-security.xml
</param-value>
</context-param>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/config/flex-application-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
flex-application-context:
<flex:message-broker>
<flex:secured/>
</flex:message-broker>
web-application-context:
I had to implement my own authentication mechanism. Had to compare the username/password against an object attribute. So this bean is not mandatory, but I think you have to write down username/password/role in flex-application-context if not provided.
<bean id="customAuthenticationProvider" class="packagename.CustomAuthenticationProvider">
<security:custom-authentication-provider/>
</bean>
web-application-security:
<http entry-point-ref="preAuthenticatedEntryPoint" />
<beans:bean id="preAuthenticatedEntryPoint"
class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint " />
<!-- Securing the service layer -->
<global-method-security>
<protect-pointcut expression="execution(*package.ServiceImpl.*(..))" access="ROLE_USER"/>
</global-method-security>
On the client:
private function login():void {
var cs:ChannelSet = ServerConfig.getChannelSet(loginRemoteObject.destination);
var token:AsyncToken;
token = cs.login(username, password);
// Add result and fault handlers.
token.addResponder(new AsyncResponder(loginResultHandler, loginFaultHandler));
private function logout():void {
var cs:ChannelSet = ServerConfig.getChannelSet(loginRemoteObject.destination);
var token:AsyncToken = cs.logout();
// Add result and fault handlers.
token.addResponder(new AsyncResponder(logoutResultHandler, logoutResultHandler)); -
Weblogic.xml.security.SecurityConfigurationException running encrypt example
Hi,
I am trying to run the tutorial examples that are detailed at http://webservice.bea.com.
I am having problems running the encrypt SOAP messages example.
The command line client version works fine (the full transaction goes smoothly,
returning me the string I sent using the encryption). The browser version, though
, gives me an error.
(See attached).
I am using WLS 8.1. sp2.
I configured the server keystore and client keystore using the command line utilities
included
in the zipped example.
I configured the servers default identity asserter as well as the ssl & keystore
according to the
instructions of the zipped file.
Thanks in advance.i meet the same problem as Juan Campos'.
the error information as follow:
Request sent to the server
<!--REQUEST.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
Response from the server
<!--RESPONSE.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
i try Bruce Stephens' advise,but don't know exactly how to do,(which certificate should be imported?)will someone please tell the details?
Maybe you are looking for
-
What's wrong with the Record element?
The record element was used as a voice mail during the off work time. I set the start with beep=true,file type=wav,leave the file extension and path blank,set the FTP host=15.72.25.65,no firewall enabled in this server.FTP user=admin and password=111
-
JPEG decode: how to use it?
Hello experts, I am using Labview 7 Express and Windows XP. I am downloading continuous datastreams of JPEG images from network cameras (Motion-JPEG streams, not MPEG). I use the TCP Read VI to get the streams, and I save them to disk on the fly. It
-
Hi, I ran the ME5A report for all PRs. I checked all the options i.e Assigned Purchase Requisitions Closed Requiaitions Partly Orders Requisitions Released Requisitions only Requisitions for Overall Release Requisition for Item-Wise Release The resul
-
Delete a database option is not available in DBCA
Hello, I have HP-UX 11v3. I have installed Oracle Standard Edition 10.2.0.1 and after that I installed 10.2.0.4 Patch Set. I configured two databases using DBCA. At the end I save scripts (not create database) and run script from shell. The databases
-
How to get motion to read text from file?
There has to be a way to do this. I have a large file of text (transcripts from a clip several minutes long) and I want to make subtitles using Motion. How can I get Motion to read the file and create a text object with the sentence/line in the file,