WebLogic SPI (Security API)
Hi,
I'm new to WebLogic and was wondering if there was any
reason why we couldn't access the functionality in the
weblogic.security.acl.Security package directly from Java
code rather than going through JNDI calls (as the documentation
suggests)? We wanted to wrap some of this functionality in
a server side bean that would provide services to server-side
code. We are running in a WebLogic cluster. Are there any
problems with this picture?
We appreciate any help or suggestions.
Thanks,
Tiffany
Hi,
I'm new to WebLogic and was wondering if there was any
reason why we couldn't access the functionality in the
weblogic.security.acl.Security package directly from Java
code rather than going through JNDI calls (as the documentation
suggests)? We wanted to wrap some of this functionality in
a server side bean that would provide services to server-side
code. We are running in a WebLogic cluster. Are there any
problems with this picture?
We appreciate any help or suggestions.
Thanks,
Tiffany
Similar Messages
-
Revision: 19459
Revision: 19459
Author: [email protected]
Date: 2010-12-17 10:15:23 -0800 (Fri, 17 Dec 2010)
Log Message:
Security API change for auth sync sample/concept to work in WebLogic, WebSphere.
Adding the PrincipalConverter interface
Implement the converting principal in WebLogic and WebSphere login command
Modified Paths:
blazeds/trunk/modules/opt/src/weblogic/flex/messaging/security/WeblogicLoginCommand.java
blazeds/trunk/modules/opt/src/websphere/flex/messaging/security/WebSphereLoginCommand.jav a
Added Paths:
blazeds/trunk/modules/core/src/flex/messaging/security/PrincipalConverter.javaThanks for the reply dood... i've found the solution after several tries... i had to set the channel from the actionscript instead of depending on the Service-config.xml file like the following.. then it worked..
var cs:ChannelSet = new ChannelSet();
var chnl:Channel = new Channel();
var customChannel:Channel = new AMFChannel("my-amf", "http://localhost:8080/somehting/messagebroker/amf");
cs.addChannel(customChannel);
consumer = new Consumer();
consumer.channelSet = cs; -
How to use BEA Security API to build ownuser admin
Hello,
I want to build my own interface for a user admin module (create user, get role
names, etc) by using the BEA security API. I have been looking through the Javadocs
but can't find the key to how to start it, meaning what are the basic steps to
begin (e.g. first get connection to server bean, then create some generic bean,
etc etc).
Has anyone doen this?
Thanks - peterOn 13 Feb 2004 04:34:28 -0800, Peter Len <[email protected]> wrote:
>
Hello,
I want to build my own interface for a user admin module (create user,
get role
names, etc) by using the BEA security API. I have been looking through
the Javadocs
but can't find the key to how to start it, meaning what are the basic
steps to
begin (e.g. first get connection to server bean, then create some
generic bean,
etc etc).
Has anyone doen this?
Thanks - peterI'm not sure I understand exactly what you're trying to do. WebLogic
Server has a model where application code runs in the containers and the
containers call into the security framework where authentication and
authorization is handled by plug-in modules. Are you attempting to build
one of those plug-in modules? Are you trying to write an ejb or a
servlet?
PaulF
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ -
Weblogic.management.security with transactions, Please HELP
I am using weblogic.management.security.authentication API to programmatically insert/delete users and passwords into/from default security provider on Weblogic Server 8.1. I want to add transactional support to this these actions, I tried using UserTransaction API but without any luck. Does weblogi.managment.security.authenication has no transactional support (rollback-commit) or am I doing something wrong? I very much appreciate your help and looking forward to hearing from you!!!!
It doesn't rollback, Here is the code:
UserTransaction transaction = (UserTransaction)ctx.lookup("javax.transaction.UserTransaction");
transaction.begin();
UserEditorMBean userEditor = (UserEditorMBean)providers;
userEditor.createUser(userName, password, description);
transaction.rollback();I do not think you can have transactions over MBean calls as they communicate with relevant object over t3 and this objects are possibly in different class loader.
-TJ -
after PI-Upgrade to NW-PI-731-SP07, executing the PI-configuration wizard:
step 126 of 162
Assign SLD Data Supplier user to Group SAP_SLD_DATA_SUPPLIER (local SLD)
Error:
Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
Execute Java Service
Library: sap.com/tc~lm~ctc~util~core_ear
Class: com.sap.ctc.util.core.services.UserFacade
Method: void com.sap.ctc.util.core.services.UserFacade.addUserToGroup(java.lang.String, java.lang.String)
Arguments (2)
userName : SLD_DS_EXE
groupName : SAP_SLD_DATA_SUPPLIER
InvokeService- Result: ERROR
Refresh Env. Messages: false
Duration: 1.936 sec
Library Info
Default Trace
Exception Class: com.sap.security.api.DuplicateKeyException
Exception Message: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
com.sap.security.api.DuplicateKeyException: Group found, but unique name "SAP_SLD_DATA_SUPPLIER" is not unique!
at com.sap.ctc.util.infra.rfc.BaseConfig.dispatchException(BaseConfig.java:230)
at com.sap.ctc.util.core.services.impl.ume.java.GroupJavaImpl.verify(GroupJavaImpl.java:121)
at com.sap.ctc.util.core.services.impl.ume.DualGroupImpl.verify(DualGroupImpl.java:118)
at com.sap.ctc.util.core.services.content.ume.UserService.addToGroup(UserService.java:725)
at com.sap.ctc.util.core.services.UserFacade.addUserToGroup(UserFacade.java:288)
what to do?
============
o.k.
https://service.sap.com/sap/support/notes/1016283
first run the UME consistency check => found some inconsistency => did repair UME
then run again UME consistency check => found no more inconsistency !!
the again - try to run the PI-Upgrade-Wizard => but again error on executing .....see this sap-notes:
http://service.sap.com/sap/support/notes/1617234
http://service.sap.com/sap/support/notes/1661135
http://service.sap.com/sap/support/notes/1678815
http://service.sap.com/sap/support/notes/1626747 -
Using weblogic.servlet.security.ServletAuthentication
I am currently using weblogic.servlet.security.ServletAuthentication.authenticate(Callback,
request) to peform a weblogic form-based authentication/login and would like to
see the session stored user info....
The doc for authenticate states that a session will be created, but does this
method also place user information into the session [after authentication]. If
so, how exactly do I get the default user information stored in the session after
this call?
Is there a String title associated with the user info so that I can use getAttribute(String)?
Using session.getAttributeNames(), I can see that the session has a "sessionContext"
and "org.apache.struts.action.LOCALE". Is there a way I can user/parse these objects
for the user information. Your help is very much appreciated, thanks!I think we have most of the functionality you've asked for.
ServletAuthentication.runAs() associates a Subject with the session.
weblogic.security.services.Authentication.authenticate() creates a Subject.
ServletAuthentication.authenticate() is merely a convenience wrapper around
these two methods. That is, it creates a CallbackHandler from the request,
calls authenticate() and then calls runAs(). So, in answer to your question,
yes, ServletAuthentication.authenticate() does associate the Subject with
the current session.
There is no direct way of getting the Subject associated with a session but
we can give you the current Subject which is almost always the same thing
(if you have a run-as tag the current Subject may be different than the one
associated with the session). To get the current Subject call
weblogic.security.Security.getCurrentSubject().
- Neil
"Richard " <[email protected]> wrote in message
news:4002e8a6$[email protected]..
>
I am currently usingweblogic.servlet.security.ServletAuthentication.authenticate(Callback,
request) to peform a weblogic form-based authentication/login and wouldlike to
see the session stored user info....
The doc for authenticate states that a session will be created, but doesthis
method also place user information into the session [afterauthentication]. If
so, how exactly do I get the default user information stored in thesession after
this call?
Is there a String title associated with the user info so that I can usegetAttribute(String)?
>
Using session.getAttributeNames(), I can see that the session has a"sessionContext"
and "org.apache.struts.action.LOCALE". Is there a way I can user/parsethese objects
for the user information. Your help is very much appreciated, thanks! -
Weblogic.servlet.security.ServletAuthentication Question
Hi all,
I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
Any help/clarification on this is greatly appreciated,
arif.
Hi all,
I am developing on WebLogic 5.1 with service pack 6 installed. WegLogic 5.1 documentation on the ServletAuthentication class says that along with the non-static weak() method, there are two static versions of the weak() method available in the class that one could use. I would like to use the static version that takes in username, password, and the servlet request or session object. But I tried compiling my program, the compiler could not find the method implementation.
This prompted me to run the javap utility on the weblogic.servlet.security.ServletAuthentication class in the weblogic510sp6.jar file and sure enough I did not find the static methods in that class.
I did see them in an older Weblogicaux.jar file's version of ServletAuthentication class. Does that mean that these methods are deprecated and if so I would love to know the reason. For implementations that store passwords in an encrypted form those are the only methods that are useful.
Any help/clarification on this is greatly appreciated,
arif.
-
Hi ,
Can i know , in Ep5.0 , what jar file has com.sap.security.api ? Please reply soon...
Thank you ,
avinashso , is there a procedure for me to use the Ep5.0 API and retrieve details from the data sources (for usermapping) ?
Please reply me soon....
thank you,
avinash -
Weblogic.xml.security.SecurityConfigurationException running encrypt example
Hi,
I am trying to run the tutorial examples that are detailed at http://webservice.bea.com.
I am having problems running the encrypt SOAP messages example.
The command line client version works fine (the full transaction goes smoothly,
returning me the string I sent using the encryption). The browser version, though
, gives me an error.
(See attached).
I am using WLS 8.1. sp2.
I configured the server keystore and client keystore using the command line utilities
included
in the zipped example.
I configured the servers default identity asserter as well as the ssl & keystore
according to the
instructions of the zipped file.
Thanks in advance.i meet the same problem as Juan Campos'.
the error information as follow:
Request sent to the server
<!--REQUEST.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
Response from the server
<!--RESPONSE.................-->
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<env:Header>
</env:Header>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Exception during processing: weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided (see Fault Detail for stacktrace)</faultstring>
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">weblogic.xml.security.SecurityConfigurationException: Service requires signed requests, but no Token was provided
at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:325)
at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:101)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:423)
at weblogic.webservice.server.servlet.ServletBase.invokeMultiOutput(ServletBase.java:349)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeMultiOutput(WebServiceServlet.java:354)
at weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.java:300)
at weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServiceServlet.java:344)
at weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:266)
at weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:158)
at weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet.java:255)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:971)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:402)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:305)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6350)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:317)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3635)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2585)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
</bea_fault:stacktrace>
</detail>
</env:Fault>
</env:Body>
</env:Envelope>
i try Bruce Stephens' advise,but don't know exactly how to do,(which certificate should be imported?)will someone please tell the details? -
Security API failed with error 60008
HI, I have been tryng to wrap some files (or something like that) but when I select the files it comes up with an error box saying "security API failed with error 60008" can anyone help me fix this or tell me what it is?
Launch Disk Utility and run Repair Permissions on the startup volume. Try whatever you were doing again. If there's no change, continue as follows.
Triple-click the line below to select it:
/private/tmp
Right-click or control-click the highlighted line and select
Services ▹ Show Info
from the contextual menu.* An Info dialog should open.
Does the dialog show "You can read and write" in the Sharing & Permissions section?
In the General section, is the box labeled Locked checked?
*If you don't see the contextual menu item, copy the selected text to the Clipboard (command-C). Open a TextEdit window and paste into it (command-V). Select the line you just pasted and continue as above. -
Security API help needed / howto list user in group
Hi there,
i have tried all example programs of the hyperion security api. hard work to correct the errors in these scripts.
now i can create native groups an users and can create groups on groups or put users in native groups.
i have read the java doc / reference for the security api too but its not possible for me to list users of a group (group reference by name).
is there anybody who can help with a code sample to list users of a group like "testgroup" ?
something like (...getGroups(context,"testgroup")...) ??
Best Regards
KaiPlease don't cross-post. It is considered very rude to do that here:
http://forum.java.sun.com/thread.jspa?threadID=5233033&messageID=9953169#9953169 -
Add Security API to ess~cat project
Hi All,
I am trying to add the com.sap.security.api.jar to the esscatsap.com project (ESS - Working Time). I can add the file using "Add External Jars..." in project properties->java build path->libraries, but when I rebuild the project the jar file is lost and so I am unable to deploy with the security jar. Has anyone run into a similar issue? Any ideas?
Thanks,
-Kevinyou have to add jar file like this
DC meta data-used dcs(right click)-add DC-seelct track-select sc(SAP_JEE) there you will find the com.sap.api.security.sda
reward points if helpful -
Thor.API.Security API.
Hi Friends,
Please help me, where can I get "Thor.API.Security" API documentation of OIM.All -- the Thor.API.Security classes are internal classes used to support client login. These aren't intended to be called directly, and that's why they aren't exposed in the API documentation included with the server -- you should just use the normal client login APIs instead (which will use supporting code out of Thor.API.Security internally as required). Is there a specific purpose that you believe you need to call items inside Thor.API.Security?
-
WLP using CM API or SPI CM API to search?
Hello all,
I want to know Portal Administration Console using CM API or SPI CM API to search. I am not sure about SPI API. Can it use in case search in own repository ?
Thanks in advance!
Best Regards,
Coy.Hi Siddhartha,
you can use the ChannelFactory of the KM API.
The code would look somehow like:
IChannel emailChannel = ChannelFactory.getChannel(ChannelFactory.EMAIL);
Then use one of the <i>IChannel.sendTo</i> methods, to send the email.
Another (more complex) way is to use the NotificatorService. The <i>NotificatorService</i> can take <i>INotification</i> objects, that will be processed by our XML/XSL Pipeline. The idea is to have a XML Template in the /etc/notification folder that is attached to a specific type of notification (e.g. Subscription), and which can be processed by a XSL (also in /etc/notification) to create a HTML/TEXT email. The is more complex but also more flexible to allow customers to simply change the notifications by editing the XML/XSL files.
In this case the <i>NotificatorService</i> takes care of sending the (processed HTML) mail.
Hope this gives some ideas....
Regards Dirk -
8.1 security API Javadocs (downloadable)??????
I am trying to find a downloadable version of the BEA Server 8.1 security API Javadocs.
I am not always able to be online do I would like to get a downloaded version
for my laptop. Does anyone know where I can find one.
Thanks - PeterOn 16 Feb 2004 05:08:40 -0800, Peter Len <[email protected]> wrote:
>
I am trying to find a downloadable version of the BEA Server 8.1
security API Javadocs.
I am not always able to be online do I would like to get a downloaded
version
for my laptop. Does anyone know where I can find one.
Thanks - PeterPeter,
I don't think it is possible to download just the security docs. All the
javadoc can be dowloaded from http://edocs/wls/docs81/pdf.html.
PaulF
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
Maybe you are looking for
-
Is it possible for Applescript to know what link is selected in the Indesign Links Palette?
Hi there, I've written some ApplesScripts for Indesign that act on all links, missing links and/or selected links, but what if I wanted to perform an action on a link that is only selected in the links palette? Is it possible for AppleScript to know
-
How do you send photos to other divises
I cannot send send photos to non-apple users. Each time I try it say's enable MMS, But i cannot find MMS any where.
-
ASFixed newZoom = AVPageViewGetZoom(myPageView); When the acrobatpro is set to 100% this API returns me a noi 49152. Why is it such a big number and if this reflects 100% how one has to interpret it.?
-
Ho wto uninstall and reinstall the system 9 version on a PC.
Hi all, I am new to hyperion , I want to download the latest version available on oracle website , system 9 and practice . I already have that installed that on my system but I forgot the password, can any one tell me how to uninstall that and re ins
-
'Failed to accept sharing invitation'
I couldn't find a solution to this problem, so I'm posting here. I'm looking into using Adobe Story to be able work with other people, but so far I've had no luck in sharing anything with anyone. I have Adobe Story Plus, and I've tried to share a pro