Webserices With WS trust Security

Similar Messages

• Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection

  "[DBNETLIB] Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection"
  After patches applied on patch Tuesday the database reports the above error. 
  All accounts are domain accounts and SQLServer uses Windows auth.
  DCDIAG show no errors
  All servers and DC have been restarted,
  Message in db log confirms the connection is being denied due to trust.
  Event log shows same rejection
  Protocols enabled: named pipes, tcpip, memory
  TESTS:
  PortQry: "
  TCP port 1433 (ms-sql-s service): LISTENING"
  Connect with domain admin accounts works from multiple clients systems to DB.
  Cannot connect with newly created domain admin account
  Can connect if new admin account connect to server in terminal server session and uses UDL wizard or any other tool including isql.
  New standard user also fails to connect.
  NOTES:
  I removed the SSL patch and the IE security update to see if that was an issue.
  ¯\_(ツ)_/¯

  Has someone left the company or has an account of some nature been dropped/replaced?
  Please click "Mark As Answer" if my post helped. Tony C.
  Hi Tony,
  Srry but No.  We just installed the monthly updates.
  I went back and found I had missed removing a patch.  I missed the rollup for Windows Server 2003:
  Event Type: Information
  Event Source: NtServicePack
  Event Category: None
  Event ID: 4382
  Date:  3/12/2015
  Time:  12:26:04 PM
  User:  NETTEST\admin
  Computer: DATA1
  Description:
  Windows Server 2003 KB954920 was removed from your computer, and the previous Windows Server 2003 configuration was restored.
  After I removed that is still didn't work but after about five minutes it started working.
  I guess I ned to report that to MS after I research what might be changed to make the patch work.
  Every time I get stuck and ask for help it seems to be just before I stumble on the solution.
  Thanks for replying.
  Well - maybe this will help someone else.
  Thanks again for replying Tony
  ¯\_(ツ)_/¯

• Partially Trusted Security Policy

  Hi,
  I'm using the ODAC1110510beta.exe in my Windows XP SP2 "development" machine and Windows 2003 SP2 "test deployment" machine.
  I am able to use the Personalization Data Provider in both windows xp and 2003. The sample web app project was using WebPartManager, WebPartZone, CatalogZone, DeclarativeCatalogPart, PageCatalogPart, EditorZone, AppearanceEditorPart, BehaviorEditorPart, LayoutEditorPart, PropertyGridEditorPart.
  Upon checking in the Oracle tables that was created, several rows has been inserted when testing out the sample web app project. (note that there was an error in the installation scripts - something to do with a missing "s" in one of the tables)
  Ok, now that I have established my current setup and situation, my question now is, why is that when I run ASP.NET AJAX Toolkit "Samples" website, I get the following error message:
  Server Error in '/MicrosoftAJAXToolkit' Application.
  Configuration Error
  Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
  Parser Error Message: Type 'Oracle.Web.Management.OracleWebEventProvider' cannot be instantiated under a partially trusted security policy (AllowPartiallyTrustedCallersAttribute is not present on the target assembly).
  Source Error:
  [No relevant source lines]
  Source File: machine.config Line: 160
  Version Information: Microsoft .NET Framework Version:2.0.50727.832; ASP.NET Version:2.0.50727.832
  Things I did to try to resolve this problem is by following the instructions in the following site: http://msdn2.microsoft.com/en-us/library/zdc263t0(VS.80).aspx
  I followed and executed the following steps in:
  "To grant full trust to an assembly or folder on your local computer"
  The location C:\oracle\product\11.1.0\client_1\ASP.NET\bin\2.x\* is now added for FullTrust
  I also followed and executed the following steps in:
  "To grant full trust to an assembly or folder on a network computer or mapped drive"
  The location C:\oracle\product\11.1.0\client_1\ASP.NET\bin\2.x\* is now added for FullTrust
  But still I get the same error message when running the "Samples" AJAX Toolkit website.
  Please help on how to go about this.
  Many Thanks,
  Henry Wu

  I am, 6 months later, getting the same issue. Has something to do with Oracle.web. My intention as of now is to remove Oracle.Web.*
  What did you do?
  Thanks

• Popup with the text "Security Breach" in Safari

  My son told me he saw a popup with the text "Security Breach" when visiting a website. He is concerned that his phone may be compromized. He is using Safari, iOS 6.0.1 on a iPhone 4S. The was a n OK button on the popup. He pressed it and the popup disappeared. Is there serious danger here?

  This may be caused by a problem with an add-on. Try the procedure in the [[Troubleshooting extensions and themes]] article.

• What is the mean of using Portal with Role Based security as entry point

  Hi Experts we have requirement of integration of Portal and MDM
  I am completely new to the MDM. So please give me some idea , what is the meanin for following points.
  1) Using the Portal with Role Based security as entry point for capacity and Routing Maintaince(These two are some modules).
  2) Additionally , Portal should have capability to enter in to the MDM for future master data maintence. Feeds of data will need to be come from  SAP 4.6c
  Please give me the clarity of what is the meanin of second point
  Regards
  Vijay

  Hi
  It requires the entire land scape like EP server and MDM server both should be configured in SLD.
  Your requirement is maintaing and updating the MDM data with Enterprise portal.We have some Business Packages to install in Portal inorder to access the functionality of MDM.
  Portal gives you a secure role based functionality of MDM through Single sign on (login into the portal access any application) to their end users.
  Please go through this link
  http://help.sap.com/saphelp_mdmgds55/helpdata/EN/45/c8cd92dc7f4ebbe10000000a11466f/frameset.htm
  You need to develope some custom applications which should be integrated into the portal to access MDM Server master data
  The estimation involves as per your requirement clearly
  Its depends upon the Landscape settings, Requirement complexity,Identify how many number of custom applications need to be developed
  Regards
  Kalyan

• Invoke a business service base in a WSDL with customer WS-Security Policy

  Customer write a Web service (Refer to the attachment file “HTTPS_PartyServicePortType.WSDL”)which declare a WS-Security Policy and apply this it to WS binding ,How can I generate a business service base in this WSDL and invoke it successfully?
  When create a business service in OSB, we get a error with below messages
  [[OSB Kernel:398133]The service is based on WSDL with Web Services Security Policies that are not natively supported by Oracle Service Bus. Please select OWSM Policies - From OWSM Policy Store option and attach equivalent OWSM security policy. For the Business Service, either you can add the necessary client policies manually by clicking Add button or you can let Oracle Service Bus automatically pick and add compatible client policies by clicking Add Compatible button.
  After enhanced the OSB domain with OWSM extension, we found the OOTB OWSM defined cannot support the HttpsToken and OSB cannot support below WS-Policy defined in OWSM, refer to http://docs.oracle.com/cd/E21764_01/doc.1111/e15866/owsm.htm#OSBDV1681
  51.2.8.1 Unsupported Assertion
  •     binding-permission-authorization
  •     http-security
  •     OptimizedMimeSerialization (MTOM)
  •     RMAssertion (Reliable Messaging)
  •     sca-component-authorization
  •     sca-component-permission-authorization
  •     UsingAddressing
  •     wss-saml-token-bearer-over-ssl (Authentication)
  it means that we cannot generate a web service with customer WS-security Policy
  The WS-Security Policy is shown as below:
  <wsp:Policy wsu:Id="WSHttpBinding_IPartyServicePortType_policy">
  <wsp:ExactlyOne>
  <wsp:All>
  <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
  <wsp:Policy>
  <sp:TransportToken>
  <wsp:Policy>
  <sp:HttpsToken RequireClientCertificate="false"/>
  </wsp:Policy>
  </sp:TransportToken>
  <sp:AlgorithmSuite>
  <wsp:Policy><sp:Basic256/></wsp:Policy>
  </sp:AlgorithmSuite>
  <sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout>
  </wsp:Policy>
  </sp:TransportBinding>
  <wsaw:UsingAddressing/>
  </wsp:All>
  </wsp:ExactlyOne>
  </wsp:Policy>
  BestRegards!
  Simon

  Hi
  According to
  http://e-docs.bea.com/wls/docs90/webserv/annotations.html#1050414
  If you are going to publish the policy file in the Web Service archive, the policy XML file must be located in either the META-INF/policies or WEB-INF/policies directory of the EJB JAR file (for EJB implemented Web Services) or WAR file (for Java class implemented Web Services), respectively.
  Can you make sure the policy file is in there?
  Also there is a sample from the developer at http://dev2dev.bea.com/blog/jlee/archive/2005/09/how_to_use_anno.html
  Vimala-

• I need help with Changing my Security Questions, I have forgotten them.

  Its simple, I tried buying a Gym Buddy Application and I had to answer my security questions... Which I have forgotten I made this a while ago so I probably entered something stupid and fast to make I really regert it now. When i'm coming to this...

  Hello Adrian,
  The steps in the articles below will guide you in setting up your rescue email address and resetting your security questions:
  Rescue email address and how to reset Apple ID security questions
  http://support.apple.com/kb/HT5312
  Apple ID: All about Apple ID security questions
  http://support.apple.com/kb/HT5665
  If you continue to have issues, please contact our Account Security Team as outlined in this article for assistance with resetting the security questions:
  Apple ID: Contacting Apple for help with Apple ID account security
  http://support.apple.com/kb/HT5699
  Thank you for using Apple Support Communities.
  Best,
  Sheila M.

• NW RFC SDK: Non-SAP to ABAP with username (trust relationship)

  Hello,
  I have a quite challenging non-SAP-to-ABAP RFC scenario with a trust relationship.
  Hereu2019s the scenario:
  An Oracle database server acts as an RFC client and calls RFC function modules in an ABAP server. (I assume the Oracle programmers are going to use NW RFC SDK 7.1 or JCo 3.0 on the Oracle server and call that from their PL/SQL based database application.)
  The challenge is that I donu2019t want to use a single u201Ctechnical useru201D on the ABAP side because that would mean that all the users on the Oracle side would be mapped to one single ABAP user. Also, I donu2019t want to have to store individual ABAP passwords on the Oracle side.
  Instead, I want the ABAP server to trust the RFC client the same way it might
  a) trust a NetWeaver AS Java server after installing the Java serveru2019s certificate in transaction STRUSTSSO2 or
  b) the way it might trust another ABAP server after configuring a trust relationship (transaction SMT1?)
  The ABAP server should accept incoming RFC connections from the Oracle RFC client with just the user name and no password given and run the resulting processes in the ABAP system under the user id given in the RFC call.
  I imagine the ideal solution somehow along the following lines (simplified scenario for a PC-based prototype):
  - I download run a program that creates a certificate file (public key?) which I import into the ABAP system.
  - The same program creates a matching file (private key?) for the RFC client.
  - For reasons of simplicity, let us imagine the RFC client as a stand-alone Java SE application running on a PC.
  - The Java SE application uses the JCo library to connect to the ABAP system.
  - When opening the connection, it passes a username, but no password. Instead, it passes a Base64-encoded string that was generated by our key/certificate generator program.
  - On the ABAP side, the function modules are run under the username used by the Java SE application when establishing the RFC connection.
  Is that possible at all? How would you solve this?
  Thank you very much in advance and best regards,
  Thorsten

  Hello,
  Thanks a lot for your extremely high-quality replies. Iu2019ve been trying to work with them.
  Frankly, just when (after Gregoru2019s and Timu2019s posts) I was hoping that working my way deeply enough into SNC, I would be able to solve my problem, Wolfgang comes along and tells me what Iu2019m aiming at wonu2019t work. Now Iu2019m confused.
  The way I understand Wolfgang, the special trust an AS ABAP can put into another AS ABAP or an AS Java (u201Cremote RFC client, give me one certificate and I will accept every username if they come from youu201D) can not be put into a custom-made remote server software (such as the Oracle server application) acting as the RFC client, because when acting as RFC clients, the remote AS Java or AS ABAP use proprietary elements of the RFC protocol which are not available to me when I program my RFC client in the Oracle application.
  @Wolfgang, is that correct?
  Solution 1: Individual X.509 Certificates
  Instead, I can establish X.509-based trust relationships at the level of individual usernames: create a certificate for each Oracle user, import them into the AS ABAP, map them to an ABAP user, and store the certificate on the Oracle side (Iu2019m still note sure about the different certificates and keys used publicly and privately here).
  Solution 2: AS ABAP as User Management Engine for the Oracle Application
  I can also see an alternative that would spare me the trouble of generating, importing, mapping and storing the certificates: delegate the user management to the AS ABAP and delete the (custom-built) logon and password-checking mechanism in the PL/SQL application:
  Users are created centrally in CUA and distributed along with their passwords into (among others) the AS ABAP.
  When a user logs on to the PL/SQL application, the username and password are sent for validation to an ABAP BAPI.
  If authentication is successful, the AS ABAP returns a SAPLogon ticket which can be stored in the session context of the PL/SQL application and used in subsequent RFC calls. The password (a hash?) would only be transferred once during logon.
  What do you think? Would both solutions work or am I still getting something wrong? Can you see a better alternative that would reduce
  for solution 1 the administrative overhead for synchronization
  for solution 2 the run-time dependency Oracle-ABAP and the change impact on the Oracle applicationu2019s user management concept?
  Thanks a lot,
  Thorsten

• How to run java signed applet in vista with changing IE security options

  how to run java signed applet in vista with changing IE security options. If i change the IE security settings to low. it works.
  without changing the security setting, how to run.

  j_nanaji9 wrote:
  how to run java signed applet in vista with changing IE security options. If i change the IE security settings to low. it works.
  without changing the security setting, how to run.Can't be done without changing the security setting.

• Problem with reseting my security question

  Hi,
  Recently  i want purchase cash from racing rivals, the saddest thing i forrgot my security answer,and  i went to reset my security question but i was unable to reset..so please help me out,the info from customer care doesnt help me.Thank you

  Well, if you already tried resetting through iforgot.apple.com and you could not, you need to get in touch with AppleID account security to see if they can help you with this.
  Go here:
  http://support.apple.com/kb/HT5699?viewlocale=en_US

• IPhone with IOS "Trust this computer" keeps popping up

  I have upgraded to ios 7 on my iphone, but when I now connect my phone to my car (ipod connectivity) it pops up with the "Trust this computer" box! but disappears quickly and then keeps popping up and disappearing.  I don't even have time to click TRUST!!!!
  After a couple of tries the car says there was an error and stops trying.  What the **** is going on!
  If no one knows, maybe you can tell me how to downgrade/restore to ios 7 as without this connectivity I can't listen to my music in the car?

  I finally fixed it!  Don't know really how but here goes what I did.
  You all agreed that before IOS7, by simply plug usb cable between PC and iphone that was it?!
  Updated to IOS7, liked it a little, noticed slowness, but was fairly acceptable. My problem started when I was not able to sync my outlook calendar, contacts, etc. to my phone then I freaked out, because kept having this "do you trust this computer again and again when I clicked Trust.... got me crazy.
  Someone told me to use iCloud. Did, but I can check my Iphone contacts on a website! not what I was looking for. Then I downloaded ICloud for windows, so I can sync (another procedure) to my outlook. Ran it, restarted, found that my wlan card was disabled, fixed it, restarted (anxious), when back, checked some changes made in outlook, more folders and buttons, but it seemed to work.
  I plugged the usb cable and iphone to my pc and Viola! they synchonized!! via usb cable!!
  was it the cable? the icloud installation? the rebooting? don't really know, but it works now...
  I was this close to return to IOS6 by doing all those creepy steps, but it is ok now...
  Please let  know if it work for you guys!!
  cheers!
  Manny

• Verify custom plugin signature with Adobe Default Security

  Hi,
  I have a few questions using Adobe Default Security when verifying a signature.
  I've created my own signing plugin which works well. When I verify my signature it states that it is a valid signature, that the document has not been altered and that the certificate is valid. When I remove my plugin and verify the signature with the Adobe Default Security it states that the signature is invalid and that the document has been altered or corrupted. When I use the DocSign sample plugin to verify my signature it states the the signature is unknown and that the integrety has not yet been verified.
  My question are:
  Why Adobe Default Security telling me the signature is invalid instead of unknown, like the DocSign example?
  What can I do so that signature becomes unknown and not invalid when verified with Adobe Default Security?
  Why is Adobe Default Security telling me the document has been altered or corrupted, when it has not been changed?
  Regards,
  Magda

  As this can't be debugged without a copy of your plugin, files, etc. - you will need to open up a formal support ticket for this with our Developer Support.

• PDF with a certificate security.

  I am trying to secure mutiple PDF documents with a certiciate security. If I am understanding the certificate security feature correctly, I'd like to add multiple emails to these documents so that only the recipients listed in the email certificate security can open the file. I'd like to add the email list all at one time, rather than what appears to be an "add one at a time" method. Any help? And am I understanding the certificate security feature correctly?
  Ken

  Hi George,
  Thanks for a quick response.
  1, create PDF,
  2, exchange Digital ID
  3, encrypt PDF
  4, send the file to recipients
  Correct?
  But I am missing something between or details. I don't know where I am doing wrong..
  When I send the encrypted file, some can open and some people can not. Or print is still allowed and file was not completely secured.
  From the point of creating Digital ID, I would like to know how everyone does it in detail.
  Thank you.

• Reports XI: Infoview behavior with Row Level Security

  Post Author: pwilliamsbssp
  CA Forum: General
  I have a report that is based off a business view that has project information with an additional table used to assign report users to certain clients (each project has a client).  A filter is used to assign the report user to the current ce username.The report is scheduled by the administrator login.  Each user goes to view their report on Infoview and is able to view data for only those clients specifically assigned.   This functionality seems to work fine - everyone views one instance of the report and InfoView assigns the row level security.However, I'm running into a problem viewing report histories when adding or changing client assignments.   The historical reports come up either blank or with erroneous information (such as the current week's information instead of the previous week's data saved with the instance of the report).   I have not found a logical link between the behavior of the historical reports and the specific users.  Some can see one week and not another while others have the reverse, regardless of their security assignments.Does anyone understand the behavior of view historical reports with row-level security?  I have no idea what data/metadata is saved with each report instance and when the row-level security is being read.  Is it read when viewing the report? or, is it specific to the structure of the data when the report was run?With other reports using the same row-level security model I'm able to view the historical reports although it has the client assignments at the time the report was created.  But, at least I'm able to view the reports.Any insight welcome.Patrick Williams

  Post Author: pwilliamsbssp
  CA Forum: General
  Bump.  Anyone is welcome to tackle this question.  Please.

• Migrate SQL 2008 Analysis database to 2012 AS database along with data level security defined in current production cube

  I want to migrate Analysis Services 2008 database to 2012 AS database along with data level security defined in current production cube
  Note: Only Production environment have security, while no security is defined in development environment
  Potential Approach:
  1 - Using Synchronization Wizard: Gives me error : "The OLAP element at line1 can not appear under envelope......" and this is because Synchrinzation works only for same version
  and in my case, there are different versions of SQL (SQL 2008 and 2012)
  2 - Using Visual studio conversion wizard - Convert SQL 2008 AS project to 2012 and then process cube, so I can get the cube working but then how can I get data level security since 100's of data level security is defined in production Cube, so how can I
  migrate that across
  3 - Script out XMLA and deploy cube - But then again having issues with how can i script SSAS security
  4 - Would taking backup of SSAS 2008 database and restore to SSAS 2012 will help ?
  Any suggestions would be appreciated
  Thanks,
  Mihir

  Hi Mihir,
  According to your description, you want to migrate the SQL Server Analysis Services (SSAS) 2008 database which have some security setting with it to SSAS 2012, right? We can migrate existing Analysis Services databases either during Setup, by upgrading an
  existing instance of Analysis Services, or after Setup, by running the Migration Wizard. Generally, when migrating a database to another server, all the setting will be migrated. So in your scenario, you can refer to the steps on the links below to migrate
  your SSAS database.
  How to: Migrate Analysis Services Databases
  Migrating Existing Analysis Services Databases
  Regards,
  Charlie Liao
  TechNet Community Support