WebLogic SPI (Security API)

Hi,
I'm new to WebLogic and was wondering if there was any
reason why we couldn't access the functionality in the
weblogic.security.acl.Security package directly from Java
code rather than going through JNDI calls (as the documentation
suggests)? We wanted to wrap some of this functionality in
a server side bean that would provide services to server-side
code. We are running in a WebLogic cluster. Are there any
problems with this picture?
We appreciate any help or suggestions.
Thanks,
Tiffany

Hi,
I'm new to WebLogic and was wondering if there was any
reason why we couldn't access the functionality in the
weblogic.security.acl.Security package directly from Java
code rather than going through JNDI calls (as the documentation
suggests)? We wanted to wrap some of this functionality in
a server side bean that would provide services to server-side
code. We are running in a WebLogic cluster. Are there any
problems with this picture?
We appreciate any help or suggestions.
Thanks,
Tiffany

Similar Messages

  • [svn:bz-trunk] 19459: Security API change for auth sync sample/ concept to work in WebLogic, WebSphere.

    Revision: 19459
    Revision: 19459
    Author:   [email protected]
    Date:     2010-12-17 10:15:23 -0800 (Fri, 17 Dec 2010)
    Log Message:
    Security API change for auth sync sample/concept to work in WebLogic, WebSphere.
    Adding the PrincipalConverter interface
    Implement the converting principal in WebLogic and WebSphere login command
    Modified Paths:
        blazeds/trunk/modules/opt/src/weblogic/flex/messaging/security/WeblogicLoginCommand.java
        blazeds/trunk/modules/opt/src/websphere/flex/messaging/security/WebSphereLoginCommand.jav a
    Added Paths:
        blazeds/trunk/modules/core/src/flex/messaging/security/PrincipalConverter.java

    Thanks for the reply dood... i've found the solution after several tries... i had to set the channel from the actionscript instead of depending on the Service-config.xml file like the following.. then it worked..
    var cs:ChannelSet = new ChannelSet();
    var chnl:Channel = new Channel();
    var customChannel:Channel = new AMFChannel("my-amf", "http://localhost:8080/somehting/messagebroker/amf");
                    cs.addChannel(customChannel);
    consumer = new Consumer();
    consumer.channelSet = cs;

  • How to use BEA Security API to build ownuser admin

    Hello,
    I want to build my own interface for a user admin module (create user, get role
    names, etc) by using the BEA security API. I have been looking through the Javadocs
    but can't find the key to how to start it, meaning what are the basic steps to
    begin (e.g. first get connection to server bean, then create some generic bean,
    etc etc).
    Has anyone doen this?
    Thanks - peter

    On 13 Feb 2004 04:34:28 -0800, Peter Len <[email protected]> wrote:
    >
    Hello,
    I want to build my own interface for a user admin module (create user,
    get role
    names, etc) by using the BEA security API. I have been looking through
    the Javadocs
    but can't find the key to how to start it, meaning what are the basic
    steps to
    begin (e.g. first get connection to server bean, then create some
    generic bean,
    etc etc).
    Has anyone doen this?
    Thanks - peterI'm not sure I understand exactly what you're trying to do. WebLogic
    Server has a model where application code runs in the containers and the
    containers call into the security framework where authentication and
    authorization is handled by plug-in modules. Are you attempting to build
    one of those plug-in modules? Are you trying to write an ejb or a
    servlet?
    PaulF
    Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

  • Weblogic.management.security with transactions, Please HELP

    I am using weblogic.management.security.authentication API to programmatically insert/delete users and passwords into/from default security provider on Weblogic Server 8.1. I want to add transactional support to this these actions, I tried using UserTransaction API but without any luck. Does weblogi.managment.security.authenication has no transactional support (rollback-commit) or am I doing something wrong? I very much appreciate your help and looking forward to hearing from you!!!!
    It doesn't rollback, Here is the code:
    UserTransaction transaction = (UserTransaction)ctx.lookup("javax.transaction.UserTransaction");
    transaction.begin();
    UserEditorMBean userEditor = (UserEditorMBean)providers;
    userEditor.createUser(userName, password, description);
    transaction.rollback();

    I do not think you can have transactions over MBean calls as they communicate with relevant object over t3 and this objects are possibly in different class loader.
    -TJ

  • Post-upgrade ToDo, PI configuration Wizard: com.sap.security.api.DuplicateKeyException Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!

    after PI-Upgrade to NW-PI-731-SP07,  executing the PI-configuration wizard:
    step 126 of 162
    Assign SLD Data Supplier user to Group SAP_SLD_DATA_SUPPLIER (local SLD)
    Error:
    Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
    Execute Java Service
    Library: sap.com/tc~lm~ctc~util~core_ear
    Class: com.sap.ctc.util.core.services.UserFacade
    Method: void com.sap.ctc.util.core.services.UserFacade.addUserToGroup(java.lang.String, java.lang.String)
    Arguments (2)
    userName : SLD_DS_EXE
    groupName : SAP_SLD_DATA_SUPPLIER
    InvokeService- Result: ERROR
    Refresh Env. Messages: false
    Duration: 1.936 sec
    Library Info
    Default Trace
    Exception Class: com.sap.security.api.DuplicateKeyException
    Exception Message: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
    com.sap.security.api.DuplicateKeyException: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
    at com.sap.ctc.util.infra.rfc.BaseConfig.dispatchException(BaseConfig.java:230)
    at com.sap.ctc.util.core.services.impl.ume.java.GroupJavaImpl.verify(GroupJavaImpl.java:121)
    at com.sap.ctc.util.core.services.impl.ume.DualGroupImpl.verify(DualGroupImpl.java:118)
    at com.sap.ctc.util.core.services.content.ume.UserService.addToGroup(UserService.java:725)
    at com.sap.ctc.util.core.services.UserFacade.addUserToGroup(UserFacade.java:288)
    what to do?
    ============
    o.k.
    https://service.sap.com/sap/support/notes/1016283
    first run the UME consistency check => found some inconsistency => did repair UME
    then run again UME consistency check => found no more inconsistency !!
    the again - try to run the PI-Upgrade-Wizard => but again error on executing .....

    see this sap-notes:
    http://service.sap.com/sap/support/notes/1617234
    http://service.sap.com/sap/support/notes/1661135
    http://service.sap.com/sap/support/notes/1678815
    http://service.sap.com/sap/support/notes/1626747

  • Using weblogic.servlet.security.ServletAuthentication

    I am currently using weblogic.servlet.security.ServletAuthentication.authenticate(Callback,
    request) to peform a weblogic form-based authentication/login and would like to
    see the session stored user info....
    The doc for authenticate states that a session will be created, but does this
    method also place user information into the session [after authentication]. If
    so, how exactly do I get the default user information stored in the session after
    this call?
    Is there a String title associated with the user info so that I can use getAttribute(String)?
    Using session.getAttributeNames(), I can see that the session has a "sessionContext"
    and "org.apache.struts.action.LOCALE". Is there a way I can user/parse these objects
    for the user information. Your help is very much appreciated, thanks!

    I think we have most of the functionality you've asked for.
    ServletAuthentication.runAs() associates a Subject with the session.
    weblogic.security.services.Authentication.authenticate() creates a Subject.
    ServletAuthentication.authenticate() is merely a convenience wrapper around
    these two methods. That is, it creates a CallbackHandler from the request,
    calls authenticate() and then calls runAs(). So, in answer to your question,
    yes, ServletAuthentication.authenticate() does associate the Subject with
    the current session.
    There is no direct way of getting the Subject associated with a session but
    we can give you the current Subject which is almost always the same thing
    (if you have a run-as tag the current Subject may be different than the one
    associated with the session). To get the current Subject call
    weblogic.security.Security.getCurrentSubject().
    - Neil
    "Richard " <[email protected]> wrote in message
    news:4002e8a6$[email protected]..
    >
    I am currently usingweblogic.servlet.security.ServletAuthentication.authenticate(Callback,
    request) to peform a weblogic form-based authentication/login and wouldlike to
    see the session stored user info....
    The doc for authenticate states that a session will be created, but doesthis
    method also place user information into the session [afterauthentication]. If
    so, how exactly do I get the default user information stored in thesession after
    this call?
    Is there a String title associated with the user info so that I can usegetAttribute(String)?
    >
    Using session.getAttributeNames(), I can see that the session has a"sessionContext"
    and "org.apache.struts.action.LOCALE". Is there a way I can user/parsethese objects
    for the user information. Your help is very much appreciated, thanks!

  • Weblogic.servlet.security.ServletAuthentication Question

              Hi all,
              I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
              This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
              I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
              Any help/clarification on this is greatly appreciated,
              arif.
              

              Hi all,
              I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
              This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
              I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
              Any help/clarification on this is greatly appreciated,
              arif.
              

  • Ep5.0 ? what jar file is the com.sap.security.api package in ?

    Hi ,
    Can i know , in Ep5.0 , what jar file has com.sap.security.api ? Please reply soon...
    Thank you ,
    avinash

    so , is there a procedure for me to use the Ep5.0 API and retrieve details from the data sources (for usermapping) ?
    Please reply me soon....
    thank you,
    avinash

  • Weblogic.xml.security.SecurityConfigurationException running encrypt example

    Hi,
    I am trying to run the tutorial examples that are detailed at http://webservice.bea.com.
    I am having problems running the encrypt SOAP messages example.
    The command line client version works fine (the full transaction goes smoothly,
    returning me the string I sent using the encryption). The browser version, though
    , gives me an error.
    (See attached).
    I am using WLS 8.1. sp2.
    I configured the server keystore and client keystore using the command line utilities
    included
    in the zipped example.
    I configured the servers default identity asserter as well as the ssl & keystore
    according to the
    instructions of the zipped file.
    Thanks in advance.

    i meet the same problem as Juan Campos'.
    the error information as follow:
    Request sent to the server
    <!--REQUEST.................-->
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <env:Header>
    </env:Header>
    <env:Body>
    <env:Fault>
    <faultcode>env:Server</faultcode>
    <faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
    <detail>
    <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
         at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
         at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
         at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
         at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
         at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
         at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
         at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
         at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
         at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
         at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
         at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
         at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
         at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
         at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    </bea_fault:stacktrace>
    </detail>
    </env:Fault>
    </env:Body>
    </env:Envelope>
    Response from the server
    <!--RESPONSE.................-->
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <env:Header>
    </env:Header>
    <env:Body>
    <env:Fault>
    <faultcode>env:Server</faultcode>
    <faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
    <detail>
    <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
         at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
         at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
         at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
         at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
         at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
         at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
         at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
         at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
         at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
         at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
         at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
         at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
         at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
         at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
         at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
         at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
         at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
         at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
         at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
    </bea_fault:stacktrace>
    </detail>
    </env:Fault>
    </env:Body>
    </env:Envelope>
    i try Bruce Stephens' advise,but don't know exactly how to do,(which certificate should be imported?)will someone please tell the details?

  • Security API failed with error 60008

    HI, I have been tryng to wrap some files (or something like that) but when I select the files it comes up with an error box saying "security API failed with error 60008" can anyone help me fix this or tell me what it is?

    Launch Disk Utility and run Repair Permissions on the startup volume. Try whatever you were doing again. If there's no change, continue as follows.
    Triple-click the line below to select it:
    /private/tmp
    Right-click or control-click the highlighted line and select
    Services ▹ Show Info
    from the contextual menu.* An Info dialog should open.
    Does the dialog show "You can read and write" in the Sharing & Permissions section?
    In the General section, is the box labeled Locked checked?
    *If you don't see the contextual menu item, copy the selected text to the Clipboard (command-C). Open a TextEdit window and paste into it (command-V). Select the line you just pasted and continue as above.

  • Security API help needed / howto list user in group

    Hi there,
    i have tried all example programs of the hyperion security api. hard work to correct the errors in these scripts.
    now i can create native groups an users and can create groups on groups or put users in native groups.
    i have read the java doc / reference for the security api too but its not possible for me to list users of a group (group reference by name).
    is there anybody who can help with a code sample to list users of a group like "testgroup" ?
    something like (...getGroups(context,"testgroup")...) ??
    Best Regards
    Kai

    Please don't cross-post. It is considered very rude to do that here:
    http://forum.java.sun.com/thread.jspa?threadID=5233033&messageID=9953169#9953169

  • Add Security API to ess~cat project

    Hi All,
    I am trying to add the com.sap.security.api.jar to the esscatsap.com project (ESS - Working Time). I can add the file using "Add External Jars..." in project properties->java build path->libraries, but when I rebuild the project the jar file is lost and so I am unable to deploy with the security jar. Has anyone run into a similar issue? Any ideas?
    Thanks,
    -Kevin

    you have to add jar file like this
    DC meta data-used dcs(right click)-add DC-seelct track-select sc(SAP_JEE) there you will find the com.sap.api.security.sda
    reward points if helpful

  • Thor.API.Security API.

    Hi Friends,
    Please help me, where can I get "Thor.API.Security" API documentation of OIM.

    All -- the Thor.API.Security classes are internal classes used to support client login. These aren't intended to be called directly, and that's why they aren't exposed in the API documentation included with the server -- you should just use the normal client login APIs instead (which will use supporting code out of Thor.API.Security internally as required). Is there a specific purpose that you believe you need to call items inside Thor.API.Security?

  • WLP using CM API or SPI CM API to search?

    Hello all,
    I want to know Portal Administration Console using CM API or SPI CM API to search. I am not sure about SPI API. Can it use in case search in own repository ?
    Thanks in advance!
    Best Regards,
    Coy.

    Hi Siddhartha,
    you can use the ChannelFactory of the KM API.
    The code would look somehow like:
    IChannel emailChannel = ChannelFactory.getChannel(ChannelFactory.EMAIL);
    Then use one of the <i>IChannel.sendTo</i> methods, to send the email.
    Another (more complex) way is to use the NotificatorService. The <i>NotificatorService</i> can take <i>INotification</i> objects, that will be processed by our XML/XSL Pipeline. The idea is to have a XML Template in the /etc/notification folder that is attached to a specific type of notification (e.g. Subscription), and which can be processed by a XSL (also in /etc/notification) to create a HTML/TEXT email. The is more complex but also more flexible to allow customers to simply change the notifications by editing the XML/XSL files.
    In this case the <i>NotificatorService</i> takes care of sending the (processed HTML) mail.
    Hope this gives some ideas....
    Regards Dirk

  • 8.1 security API Javadocs (downloadable)??????

    I am trying to find a downloadable version of the BEA Server 8.1 security API Javadocs.
    I am not always able to be online do I would like to get a downloaded version
    for my laptop. Does anyone know where I can find one.
    Thanks - Peter

    On 16 Feb 2004 05:08:40 -0800, Peter Len <[email protected]> wrote:
    >
    I am trying to find a downloadable version of the BEA Server 8.1
    security API Javadocs.
    I am not always able to be online do I would like to get a downloaded
    version
    for my laptop. Does anyone know where I can find one.
    Thanks - PeterPeter,
    I don't think it is possible to download just the security docs. All the
    javadoc can be dowloaded from http://edocs/wls/docs81/pdf.html.
    PaulF
    Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/

Maybe you are looking for

  • Is it possible for Applescript to know what link is selected in the Indesign Links Palette?

    Hi there, I've written some ApplesScripts for Indesign that act on all links, missing links and/or selected links, but what if I wanted to perform an action on a link that is only selected in the links palette? Is it possible for AppleScript to know

  • How do you send photos to other divises

    I cannot send send photos to non-apple users. Each time I try it say's enable MMS, But i cannot find MMS any where.

  • Zoom level setting

    ASFixed newZoom = AVPageViewGetZoom(myPageView); When the acrobatpro is set to 100% this API returns me a noi 49152. Why is it such a big number and if this reflects 100% how one has to interpret it.?

  • Ho wto uninstall and reinstall the system 9 version on a PC.

    Hi all, I am new to hyperion , I want to download the latest version available on oracle website , system 9 and practice . I already have that installed that on my system but I forgot the password, can any one tell me how to uninstall that and re ins

  • 'Failed to accept sharing invitation'

    I couldn't find a solution to this problem, so I'm posting here. I'm looking into using Adobe Story to be able work with other people, but so far I've had no luck in sharing anything with anyone. I have Adobe Story Plus, and I've tried to share a pro