Webservice access protection

How do I protect access webservice from the unauthorized users on WLS 8.1
SP3? I've created user and mapped user with the x509 certs. I've tried in
the WLS 8.1 SP4 with this settings and it works fine. It allows authorized
user with the DN of x509 certs.
Thanks,
-raj

The Permissions to the folder within the portal were service is deployed are all in order? Give everyone at least a "read" access and click end user check box.

Similar Messages

How do i turn on network access protection on windows 8.1 with an hp p6-2326S pc?

i got a phone call from a unknown source today at around 3 pm they said that hackers where trying to access my computer . they ran a scan and it showed thre things one was my network access protection was turned off . 2 hackers were trying to hack into my computer i cant remember the 3rd one its in my note pad but then i got this big run around and i told them from the start that i had no money and that i had just buried my mom on the 2nd of this month after a long battle and that i had just had a bad episode with my blood pressure wasnt feeling god and so on ,all of which are true once i finally convinced the worker of the fact i had no money he put his super visor on the line .the supervisor was stalling i could tell im no dummy when it comes to software and computers i taught myself xp professional and the windows 8.1 which im still learning i finally got tired of his super visor retstartd my computer and got control uninstalled skype mozilla nightly and mozilla experimental and several other prorams with my revo pro uninstaller my computer is rinning smooth now but i have seen .that ny network access protection is turned off ,how do i turn this on and is it neccasary i have malware bytes new 2.7. something full time bought and paid for protection and windows defender .i run a discclean every day and my mal;ware bytes and windows defender any thoughts and ideas would be appreciated i do have HP SUPPORT ASSISTANT AND MY WARRANTY IS UP TO DATE AND PAID FOR .. sincerely donald hutchison

dhutch1 wrote:
i got a phone call from a unknown source today at around 3 pm they said that hackers where trying to access my computer . they ran a scan and it showed thre things one was my network access protection was turned off . ...
Hi,
Now the trouble may start, you did allow people to logon to your computer and you believe them ! HP Support Assisstant is there to support your technical problems it does not know you will open the door of your house for someone to comes in to steal your money.
Now, please change all your passwords to logon to email, bank account(s) ..... before too late. Also please download the following tool nd run on your computer, hope it can remove the nasty bits.
Good luck.
BH
**Click the KUDOS thumb up on the left to say 'Thanks'**
Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.

Formcalc: access = "protected" puts protected literal in field.

Hi. I have a form that has a field, EmpNbr, appearing twice. The two fields share the same name with Data Binding set to Use Global Data. I don't want the second field to be enterable so I set the field to protected using FormCalc, see clip below. When viewing the form in Preview PDF it is indeed protected, the cursor skips the field. However, both fields show the literal protected as the initial field value. Why is the literal protected being populated and how can I prevent it?
If I change the access to readOnly, that becomes the initial value.
It doesn't help if I change FC to JS.
Below is a clip of the access command --
topmostSubform.Page1.EmpNbr[1]::calculate - (FormCalc, client)
$.access = "protected"
Thanks for any insight.
Gary

The calculate event is "special" and is setup to return whatever the script on the event does back to the caller (in your case the field). So if you add a $.rawValue to the end of your script it will return the current value of the field and all shoudl be good. Note that if you used a different event then this woudl not happen as Calculate is the only event that operates this way.
So your script shoudl be:
$.access = "protected"
$.rawValue
Hope that helps
Paul

Cannot play Adobe Access Protected Content in Chrome (version 30 and higher); Error 3321/3322?

Symptom:
An end-user cannot play Adobe Access protected content. The client application returns a persistent 3321 (Individualization Error) or 3322 (Device Binding Failure) error code.
Root Cause in Chrome Browser:
Adobe Access DRM must create a unique machine identifier (I.e. "token") to identify the the device. This token is provided to the Adobe Access license server during a license request to view DRM protected content. If Chrome Browser disables the ability for Adobe Access DRM to create a unique machine identifier, playback of Protected Content will fail with a 3321 or 3322 error code. By default, this setting is enabled and available to toggle in Chrome Browser version 30 and higher. Unchecking this option will prevent Adobe Access DRM from properly functioning. A 3321 or 3322 error that persists after a call to resetDRMVouchers is an indicator that this setting may need to be changed.
Resolution:
In your Chrome settings:
•             Click on "Show advanced settings…"
•             In the subsequent "Privacy" section, click on "Content settings…"
•             In the subsequent "Protected Content" section, make sure that the following box is checked "Allow identifiers for protected content (computer restart may be required)".
We are working with Google to allow better detection of this condition, so that the client will return a 3368 (User cancelled or user settings disallow operation) error code when the box is unchecked.

Symptom:
An end-user cannot play Adobe Access protected content. The client application returns a persistent 3321 (Individualization Error) or 3322 (Device Binding Failure) error code.
Root Cause in Chrome Browser:
Adobe Access DRM must create a unique machine identifier (I.e. "token") to identify the the device. This token is provided to the Adobe Access license server during a license request to view DRM protected content. If Chrome Browser disables the ability for Adobe Access DRM to create a unique machine identifier, playback of Protected Content will fail with a 3321 or 3322 error code. By default, this setting is enabled and available to toggle in Chrome Browser version 30 and higher. Unchecking this option will prevent Adobe Access DRM from properly functioning. A 3321 or 3322 error that persists after a call to resetDRMVouchers is an indicator that this setting may need to be changed.
Resolution:
In your Chrome settings:
•             Click on "Show advanced settings…"
•             In the subsequent "Privacy" section, click on "Content settings…"
•             In the subsequent "Protected Content" section, make sure that the following box is checked "Allow identifiers for protected content (computer restart may be required)".
We are working with Google to allow better detection of this condition, so that the client will return a 3368 (User cancelled or user settings disallow operation) error code when the box is unchecked.

Adobe Access Protection on iOS devices?

I am having an issue in terms of Adobe Access not supported in iOS. I have been developing a custom player along with a bunch of other back end Adobe Technologies only to find out now that protection is not available in iOS.
DRMManager.isSupported returns false when we test the app in iOS Simulator. DRMManager.isSupported returns true when we use Air Simulator.
I am using OS X 10.9, AIR SDK 4.0, Apache Flex 4.11.0, and Xcode 5.02, and Flash Builder 4.7.
This is a huge problem and amounts to false advertisement because the protection is supposed to be handled by Adobe AIR which is supposed to be uniform across platforms. If protection is not supported on iOS, then the appeal of write one code for multiple platforms is not there any more.
I don't understand why protection is not uniformly supported if the same Adobe Air is installed on both iOS and Android devices. I also don't understand why HDS is supported on Android but not on iOS devices. It makes no sense. The whole reason for using Adobe AIR is to not have to deal with the specifics of each platform.
We were supposed to go live on Jan 1st, but had to postpone to deal with several issues. Now it seems that we may have to reevaluate the decision to use Adobe technologies altogether.
Any suggestions from Adobe would be appreciated.

Your comments on point 3 are sobering and kind of a slap in the face to someone who has been developing a streaming app with the idea that Adobe Air has 99% reach in the desktop and mobile market. I went back to the Http Dynamic Streaming and Adobe Access pages to find the restrictions that I missed when I was deciding on the technologies to use.
The only hint of not being able to use HDS or OSMF on iOS was the omission that Adobe Access protection could be delivered via Adobe Air on iOS devices as shown in the first image below of the Adobe Access technical specs.
On the other hand, there all kinds of statements and illustrations that would make you believe otherwise, especially on mobile devices.
No explicit statement can be found that says that HLS is the only way to stream content to iOS devices, that the OSMF framework is HLS agnostic, and that one has to build an iOS native app from scratch if they want to consume protected HLS. I guess not smth you want to put on a page where you want to market a product.
In building a native app, how do I make up for the lost functionality that comes by default with AIR such as the integration of Adobe Access in AIR, DRM Management, SWF verification, etc.
As it stands, the OSMF framework is a half-baked solution as it cannot be used on iOS devices because it is HLS agnostic….although some folks have written plugins to enable OSMF to consume HLS.
I am currently testing a plugin to see if I can consume protected HLS. If I fail then I will scrap the entire project…which also means not buying Adobe Access or Adobe Media Servers. Neither will I be looking at Adobe Primetime.
My OSMF based app is able to consume HLS content when I debug in AIR Simulator. Testing on iOS simulator or iOS devices has yet to prove successful. Something breaks inside AIR when it is compiled using iOS SDK.
The reason why I chose Adobe technologies is because it seemed like all the pieces were there to put together a streaming solution that fit my business model. I did not want to have to write everything and Adobe technologies promised a quick time to market. Now 7 months later I am finding out that perhaps I should have read the Adobe Access technical specs with the precision of a lawyer.
In my testing, protected content cannot be consumed in AIR unless DRMManager class is available. In help.adobe.com we read the following:
“The DRMManager manages the retrieval and storage of the vouchers needed to view DRM-protected content. With the static DRMManager.getDRMManager() method, you can access the existing DRMManager object to perform the following DRM-management tasks:
Preload vouchers from a media rights server, using a DRMContentData object.
Query the local cache for an individual voucher, using a DRMContentData object.
Reset all vouchers (AIR only)
AIR profile support: This feature is supported on all desktop operating systems and AIR for TV devices, but it is not supported on mobile devices. You can test for support at run time using the DRMManager.isSupported property.”
Using OSMF 2.0 framework, I have been able to take advantage of both PHDS and Adobe Access protection schemes in my Flex based app running on Adobe Air on Android. In Android Devices, DRMManager .isSupported returns true.
In iOS, it seems to be a whole different story. As I said in my first post, DRMManager.isSupported returns false when testing via iOS Simulator but returns true when testing via Air Simulator. So the attack vector idea that you put forward cannot stand because if that was true it would require DRMManager.isSupported to be false in all debugging scenarios not just on iOS Simulator or iOS devices.
The behavior of the app in iOS simulator and Air Simulator is not consistent when it comes to responding to touch based events and rendering visual elements as well. Performance and functionality degrades even more when testing directly on iOS devices. All iOS devices exhibit the same symptoms. For example, trying to select a list item is almost impossible….item renderers simply do not respond when one tries to select an item.
No such symptoms or differences exist between AIR Simulator and Android devices. So, it seems to me that there are AIR to iOS compilation issues when a mobile air app is packaged through iOS SDK. Smth brakes inside of AIR during packaging. I believe that this is the reason why DRMManager.isSupported returns false when testing app in iOS simulator and devices.

.access = "protected"

I read a thread that this prevents fields from being in the tabbing sequence..
Through javascript I set some field (textfield) access to protected.. (and when alerting their access, I am getting that they are protected) but they are still receiving focus ! Is there a solution for this? I have some readonly fields that are readonly & should not be included in the tabbing sequence (like it used be in the good old days!!)
Thanks for any help!

Chris,
I created three text fields in LCD 8.0. I setup the second text field to be ReadOnly and in the initialize event I placed the following:
this.access = "protected";
When previewed, the second text field was not editable and was skipped in the tab order.
Rick Kuhlmann

Page Access Protection -Arguments Must Have checksum question

If we want to call popup page that is defined as "Page Access Protection -Arguments Must Have checksum", then HTMLDB_UTIL.PREPARE_URL has to be called for every used URL-OK!
 
This calculation is easy to perform in "OnLoad-Before region" process, where some hidden varible is assigned as:
:P_HIDDEN_VAR_URL:= HTMLDB_UTIL.PREPARE_URL('*f?p=&APP_ID.:2:&APP_SESSION.::NO::P_PROCESS:1'); 
and later used in call:
javascript:popupURL('&P_HIDDEN_VAR_URL.'); 
AFAIK, this approach has a limitation if popup links are placed in table grid. If in grid link is defined as:
<*a href="*javascript:popupURL('*f?p=&APP_ID.:2:&APP_SESSION.::NO:RP,2:P_PROCESS:#ID#')">#SOME_FIELD#</a> 
then no "HTMLDB_UTIL.PREPARE_URL" cannot be used, because every value depend on each grid row (ID field).
 
So is there a solution in such a cases to call popup page that have mentioned type of page access protection?
 
THX!

See results below for call to prepare_url in SQL*Plus. It doesn't do anything, as you can see. The function can only generate a secure checksum (to be ultimately verified later within the application context) if it has some secret knowledge that is known only within the application context. So to expect it to work outside that context may be a requirement that conflicts with security aims.
Is your requirement to use apex_mail.send from a job? Maybe you could generate the links with user-level checksums from within the application (for every possible user/argument value combination) and save them off in a table for retrieval by the mailer program. Just a thought.
SQL> select apex_util.prepare_url('f?p=211:2:5103232296113234:x') from dual;
APEX_UTIL.PREPARE_URL('F?P=211:2:5103232296113234:X')
f?p=211:2:5103232296113234:x::::
SQL> select apex_util.prepare_url('f?p=211:2:5103232296113234:x','3') from dual;
APEX_UTIL.PREPARE_URL('F?P=211:2:5103232296113234:X','3')
f?p=211:2:5103232296113234:x::::
SQL> select apex_util.prepare_url('f?p=211:2:5103232296113234:x','2') from dual;
APEX_UTIL.PREPARE_URL('F?P=211:2:5103232296113234:X','2')
f?p=211:2:5103232296113234:x::::
SQL> select apex_util.prepare_url('f?p=211:2:5103232296113234:x','1') from dual;
APEX_UTIL.PREPARE_URL('F?P=211:2:5103232296113234:X','1')
f?p=211:2:5103232296113234:x::::
SQL>
Scott

OAM11g - How to perform direct login without accessing protected resource?

Hi,
I think this should be a common requirement as website needs to provide a direct login page.
The OAM Documentation seems focus on the flow of starting from accessing protected resource then redirect to login page.
How can we perform direct login?
I tried from my custom login page directly, but it always gives me *"PolicyEvaluationException: OAMSSA-06191: The runtime request contains no resource"* once the login form submitted.
Anyone can advise? Thanks in advance.

Thanks for the reply.
We need to cater for both the scenarios:
Scenario 1: User tries to access a protected page. He/she will be redirected to the login page. Once it is authenticated, he/she will be redirected back to the previously requested protected page
Scenario 2: User clicks the "Login" link on the homepage where the homepage is definitely unprotected. He/she will be redirected to the login page. Once it is authenticated, he/she will be redirected back to homepage.
I have tried to the "Success URL" parameter of the Authentication Policy. However, once "Success URL" is defined, Scenario 1 will NOT work...
Yes. There are some work around solution I can think about.
Example: use a intermediate page 'rediret.jsp' which is defined as the protected resource.
The flow is: clicks the "Login" link on the homepage -> a intermediate page 'rediret.jsp' -> login page -> redirect back to 'rediret.jsp' -> 'rediret.jsp' will redirect user to the Homepage...
But I think Scenario 2 should be very common and it should be a right solution for it. Please advise. Thanks

Disable Webservices access through web

Hi All,
In OFMW and AIA 11g ps3, how can we disable webservices access through web i.e. restrict webservice call from outside
world using OWSM security policies?
We dont want to use username based authentication or any other policies that is based on authentication and authorization.
Please let me know how can we achieve this?
Thanks in advance.

Hi,
I think the best way would be to block the access to services at firewall so that these services have restricted access within the network. This can be achieved only if none of the services need to be exposed over to the internet.
Regards,
Neeraj Sehgal

WebService Access Forbidden

Gents,
Can anyone help me on this below thread please
WebService Access Forbidden
Regards,
Suresh

The Permissions to the folder within the portal were service is deployed are all in order? Give everyone at least a "read" access and click end user check box.

Access Protection

Sir i was trying to check the access rights given in the complete reference. The book says that we can access the protected variables in a different package and within a subclass. But i was not able to access the protected variable from a different package though i extended the package. i was able to access the public variable. I am also attaching my code below.
//This is the code where i am importing the package and extending the class within the package.
import PackagePPP.*;
public class PPP extends inpack
public int i=10;
protected int j=20;
private int k=30;
int l=40;
public static void main(String args[])
     inpack p = new inpack();
     System.out.println("diff package diff class-->"+p.i);
     //System.out.println("diff package diff class-->"+p.j);
     //System.out.println("diff package diff class-->"+diff.k);
     //System.out.println("diff package diff class-->"+p.l);
//This is how i have created the package.
package PackagePPP;
public class inpack
     public int i=10;
     protected int j=20;
     private int k=30;
     int l=40;
}

Hi,
The book says that we can
access the protected variables in a different package
and within a subclass. That's wrong. You can access protected attributes of classes that are in the same package, or if you are subclassing.
/Kaj

Network Access Protection -DHCP on Win 10 9926

Is there a way to add the Network Access Protection DHCP components to the Win 10 Tech Preview (build9926) ?

Hi,
Yes, NAP support was introduced to the DHCP Server role with Windows Server 2008 and is supported in Windows client and server operating systems prior to Windows 10 Technical Preview and Windows Server Technical Preview. We can refer to the link provided
by Paul for the reasons, if you have some advices, please feel free submit feedback to us via Windows FeedBack App.
Thanks for your support.
Yolanda Zhu
TechNet Community Support

Access protection using token

Where I can find some information on how to protect access to my webservice in a way that e-banks do it? To do it I want to use a token. I hope you understand what I mean.

Where I can find some information on how to protect access to my webservice in a way that e-banks do it? To do it I want to use a token. I hope you understand what I mean.

Could not find the main class - Problem with Webservice-Access

Hello Everybody,
I'm having serious Problems with accessing a WebService (Tomcat-Axis) per executable jar-File.
I constructed a simple GUI with 3 Textboxes 1 Button and 1 Resultbox.
I use eclipse so it was no Problem to simple generate the Backgroundclient by Processing the .wsdl-File of the WS.
Now I do this:
Head_tServiceLocator serviceLocator = new Head_tServiceLocator();
Head_t service = serviceLocator.getRPCCall();
RPCCallSoapBindingStub Head_t = (RPCCallSoapBindingStub) service;and use the Webservice like an Object.
All this works very well.
Now the Problem:
Head_t service = serviceLocator.getRPCCall();this Line has to throw a ServiceException.
If i add a try-catch Block to Process the Message JAVA tells me after i exported to JAR (with Manifest-stuff and so on) and double Click on the JAR the following :
Could not find the main Class - Program will exit.
And if i add a throws Declaration to the Methodheader it tells me:
Fatal Exception Occured - Program will exit
But if i Comment out that Line at least the GUI is being displayed (so it DOES find the main-Class). But then of course the Webservice won't be accessed.
All the JARs needed (axis.jar, commons-discovery.jar and so on) are in the same Directory as the Webservice-Client.jar
Please Help me.
Greets,
Zap

I am not done any typing mistake while creating the jar file i already followed the suggestion that you have mentioned but still the same error .
This is my MANIFEST.MF file created under META-INF folder
Manifest-Version: 1.0
Class-Path: qtjambi-4.4.3_01.jar qtjambi-win32-msvc2005-4.4.3_01.jar
Created-By: 1.5.0 (Sun Microsystems Inc.)
Main-Class: Ui_MainWindow
When i extracted the app.jar following this i got
1. META-INF folder inside that MAINFEST.MF file the contents i have already placed above
2. qtjambi-4.4.3_01.jar
3. qtjambi-win32-msvc2005-4.4.3_01.jar
4. Ui_MainWindow.class
Please tell me whats wrong in that i can also give you the app.jar file please let me know the email id ..

Weblogic - Webservice access

Hi,
We have an application deployed in weblogic which needs to access a webservice. The webservice is accessible through soap-ui using the right credentials. We use basic authentication to access the webservice.
I am able to access the webservice with the correct credentials from a normal java client but when the application is deployed in weblogic, I am unable to access the ws!
Is there a setting in weblogic to enable basic authentication?
(using weblogic 11g)
Thank you

There is a difference between application server and program access to a webservice. especially is SSL used server needs the key to access the web service. What error do you get?

Webservice access protection

Similar Messages

Maybe you are looking for