Win98 and security policies
Hello,
I am at a lost here. I have ten wireless laptops that are running Win98se
with Novell Client 3.4. Our environment is as follows: NW51sp7 servers,
Windows2K clients, ZfD4, Novell Client 4.90sp2. Running on an IP Network,
Servers do run IPX, but clients do not. These laptops are the only
systems with the older client.
I do get a log on screen for Novell and I am able to log in. I am at the
root of the tree with all rights to the tree. When I log on, there are
some restrictions that are still on the system. I am unable to get the
run command, the system tells me that it has been restricted by the
administrator. I have recreated Win95-98 User Policies and associated
with myself, but no luck.
SLP, DA configured correctly. All authentication is fine, except that it
seems that the systems have something still on the registry that it is
keeping it locked. I have battle with for over a couple of weeks and
cannot figure it out. I hope this makes sense, because I am unable to
make sense out of it anymore. Any advise/help is appreciated. Thanks.
Did you check with the ZEN Admin for any policies being pushed down
during login ?
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !)
Similar Messages
-
Digital Signatures and Security Policies
Is there a way to combine a digital signature and a Security Policy. We have a need to digitally sign a document, but not allow that signature to be removed and to not allow any further editing of the document?
Hello Francesco,
I want to generate a digital signature (PKCS#7,XML) using SAP SSF API as explained in
http://help.sap.com/saphelp_nw04/helpdata/en/4f/65c3b32107964996a56e4165077e24/content.htm and in Amol Joshi's reply in
Digital Signatures and Document Encryption api
so my question is From which PI/XI version and its SPS this SAP SSF LIBRARY is supported ?
Kind Regards,
Kubra fatima. -
Problem with XML lib Conflicts and security policies
I am getting this error when trying to run (it deploys fine) a web application that uses hibernate. The same application deploys and runs fine in tomcat. However, I need to find a way to configure the sun application server so it will work. I have attached the stack trace below. Any help would be greatly appreciated....heck a starting point would be greatly appreciated.
exception
javax.servlet.ServletException: Provider org.apache.crimson.jaxp.DocumentBuilderFactoryImpl could not be instantiated: java.lang.SecurityException: unable to instantiate Subject-based policy
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:218)
javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessController.doPrivileged(Native Method)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:147)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
root cause
javax.xml.parsers.FactoryConfigurationError: Provider org.apache.crimson.jaxp.DocumentBuilderFactoryImpl could not be instantiated: java.lang.SecurityException: unable to instantiate Subject-based policy
javax.xml.parsers.DocumentBuilderFactory.newInstance(DocumentBuilderFactory.java:99)
org.apache.jasper.xmlparser.ParserUtils.parseXMLDocument(ParserUtils.java:99)
org.apache.jasper.compiler.JspConfig.processWebDotXml(JspConfig.java:72)
org.apache.jasper.compiler.JspConfig.init(JspConfig.java:181)
org.apache.jasper.compiler.JspConfig.findJspProperty(JspConfig.java:233)
org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:164)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:419)
org.apache.jasper.compiler.Compiler.compile(Compiler.java:402)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:512)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:262)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:263)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:210)
javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessController.doPrivileged(Native Method)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:147)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)If I comment out the calls to Hibernate from my code, the error changes a little. So, it must be one of the libraries in the web-inf/lib dir. I have appended the new stack trace and a list of jars i that directory....got any ideas about the culprit??? I'll start the trial and error process....but if anyone knows i would appreciate it.
LES
exception
javax.servlet.ServletException: com.sun.security.auth.PolicyFile
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:218)
javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
sun.reflect.GeneratedMethodAccessor75.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessController.doPrivileged(Native Method)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:147)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
root cause
java.lang.IncompatibleClassChangeError: com.sun.security.auth.PolicyFile
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1273)
org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1233)
java.lang.ClassLoader.loadClassInternal(ClassLoader.java:302)
java.lang.Class.forName0(Native Method)
java.lang.Class.forName(Class.java:219)
javax.security.auth.Policy$3.run(Policy.java:215)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Policy.getPolicyNoCheck(Policy.java:209)
javax.security.auth.Policy.getPolicy(Policy.java:179)
javax.security.auth.SubjectDomainCombiner$2.run(SubjectDomainCombiner.java:178)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.SubjectDomainCombiner.combine(SubjectDomainCombiner.java:174)
java.security.AccessControlContext.goCombiner(AccessControlContext.java:386)
java.security.AccessControlContext.optimize(AccessControlContext.java:310)
java.security.AccessController.checkPermission(AccessController.java:400)
java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
java.lang.SecurityManager.checkRead(SecurityManager.java:863)
java.io.File.lastModified(File.java:771)
org.apache.naming.resources.FileDirContext$FileResourceAttributes.getLastModifiedDate(FileDirContext.java:1123)
org.apache.naming.resources.ResourceAttributes.get(ResourceAttributes.java:706)
org.apache.naming.resources.DirContextURLConnection.getLastModified(DirContextURLConnection.java:211)
org.apache.jasper.compiler.Compiler.isOutDated(Compiler.java:474)
org.apache.jasper.compiler.Compiler.isOutDated(Compiler.java:450)
org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:510)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:262)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:263)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:210)
javax.servlet.http.HttpServlet.service(HttpServlet.java:861)
sun.reflect.GeneratedMethodAccessor75.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
java.security.AccessController.doPrivileged(Native Method)
java.security.AccessController.doPrivileged(Native Method)
com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:322)
com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:147)
com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:87)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:198)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:324)
org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:246)
java.security.AccessController.doPrivileged(Native Method)
javax.security.auth.Subject.doAsPrivileged(Subject.java:500)
org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:268)
org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:162)
List of Jars in WEB-INF/lib
ant-1.5.3.jar jaas.jar junit-3.8.1.jar
ant-optional-1.5.3.jar jboss-cache.jar les-util.jar
c3p0-0.8.4.5.jar jboss-common.jar log4j-1.2.8.jar
cglib-full-2.0.2.jar jboss-jmx.jar odmg-3.0.jar
concurrent-1.3.3.jar jboss-system.jar oscache-2.0.jar
connector.jar jcs-1.0-dev.jar proxool-0.8.3.jar
dom4j-1.4.jar jdbc2_0-stdext.jar swarmcache-1.0rc2.jar
ehcache-0.9.jar jgroups-2.2.7.jar
hibernate2.jar jta.jar -
Web-app scoped security policies not working in WL 8
Hi,
I can't get web-app scoped security policies working in WL 8.1
I have a simple web application. It defines a role(ROLE) and security
constraint (on *.jsp).
If I examine the web app in the administration console, I see that it
has created a role (scoped to /*) called "ROLE" just as you would
expect. It has also created a scoped policy (to *.jsp) with constraints
that the user be in the role ROLE. This is as expected, and it works.
However, if I proceed to create my own scoped policy (on *.html) with
constraints (on ALL methods) that the user be in role ROLE, then I get
no security at all. ie. I can go to server:port/foo.html and it will
work - it is not secured.
Any ideas?
On a completely unrelated issue, when I deploy an EAR (exploded) with a
WAR (exploded) and using the admin console expand the application
correpsonding to th EAR, right click on the WAR node, and try and define
a scoped role, then I get an error "There are no appropriate RoleEditor
providers configured". This sounds like a bug. Trying to define a
scoped policy works as expected.
TIA,
JonI can't get web-app scoped security policies working in WL 8.1Well, I can answer this one myself.
WebLogic 8 has a new optimisation (this wasn't present in 7 AFAIK),
available on the Security / Realm / myreal / General tab, which
determines whether or not weblogic considers authorisation of resources
protected by descriptors or not. (ie. it can force only
descriptor-protected authorisation, ignoring admin console policies).
It defaults to ignoring admin console policies, hence my problem.
Jon -
How to use ADF Security policies in OID Ldap
Hello
My application uses ADF security policies created by Jdeveloper ADF Security Wizard and page definition Edit Authorization menu. The application runs as expected using file based system-jazn-data.xml. I used the JAZNMigrationTool in order to migrate XML based policies to LDAP based policies. LDIF file was generated by the tool and then using the LDAPModify command the file was uploaded to the OID. No errors were generated during this process.
I used Oracle Directory Manager in order to examine the migration result, and compare the output to that described by
Introduction to ADF Security in JDeveloper 10.1.3.2
An Oracle JDeveloper Article
Written by Frank Nimphius, Oracle Corporation
February, 2007
I was expecting to find Read, Update privileges in the orcljaznpermissionaction and the attribute name in the orcljaznpermissiontarget as shown in Fig 15 ADF security entry in OID.
to narrow down the source of the issue, we examine the LDIF file, and there was no reference to these entries. Below is one example entry from the LDIF file
dn: orclguid=EF37EAA603C611DDBFAE635A1BB60EE0,cn=Permissions,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
changetype: add
objectclass: orcljaznpermission
objectclass: groupofuniquenames
objectclass: top
cn: EF37EAA603C611DDBFAE635A1BB60EE0
orclGuid: EF37EAA603C611DDBFAE635A1BB60EE0
orcljaznjavaclass: java.security.UnresolvedPermission
orcljaznpermissiontarget: oracle.adf.share.security.authorization.AttributePermission
orcljaznpermissionactions:
uniquemember: orclguid=EF37EAA203C611DDBFAE635A1BB60EE0,cn=Grantees,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
Note that the orcljazpermissionactions is empty and orcljaznpermissiontarget does not really specify the actual attribute name.
The system-jazn-data.xml includes all entries correctly.
rgdsEurika
finally solved,
runing the JAZNMigrationTool requires setting the correct classpath,
Setting the classpath to the following
C:\>Set CLASSPATH=d:\jdevstudio10132\j2ee\home\jazn.jar
allows you to run the Jaznmigrationtool successfully, however you will find that the generated LDIF file does not include the premission actions (Read, Update ...)
if however, you add the adfshare.jar to the classpath
C:\>Set CLASSPATH=d:\jdevstudio10132\j2ee\home\jazn.jar;d:\jdevstudio10132\BC4J\lib\adfshare.jar
now the tool will migrate the permission policies , the following shows an extract from the LDIF file
dn: orclguid=A5E662E204D411DDBF8807BC4864C5C2,cn=Permissions,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
changetype: add
objectclass: orcljaznpermission
objectclass: groupofuniquenames
objectclass: top
cn: A5E662E204D411DDBF8807BC4864C5C2
orclGuid: A5E662E204D411DDBF8807BC4864C5C2
orcljaznjavaclass: oracle.adf.share.security.authorization.AttributePermission
orcljaznpermissiontarget: AppModuleDataControl.VRoleAuthorrizationsView1.RanDateTo
orcljaznpermissionactions: read,update
uniquemember: orclguid=A5E662E104D411DDBF8807BC4864C5C2,cn=Grantees,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
Ammar Sajdi
www.e-ammar.com/Oracle.html -
Document Restrictions of Security Policies
Hello,
I've been hunting around but can't find it. Is there a concise reference for how to use Adobe Acrobat8 Security features with the Adobe Document Center? Is it so new that there's no book (Quick Start, etc.) on it?
I send PDFs to people. But I only want them to be able to print the PDF, not copy any of its content. I also want the PDF to deny access after a 3 month period. I was going to use Pinion Software's AutoShred product, but then I stumbled upon Adobe8 and the Document Center, which seemed like a perfect fit. So I immediately upgraded to Adobe8 and signed up for the trial at the Document Center.
I have created security policies and everything seems to work as its supposed to. However, when I look at any security policy, there is nothing allowing me to make the kind of detailed modifications permitted in Acrobat8 - Secure / Show Security Properties / SecurityTab / and the list for Document Restrictions Summary.
For some reason, when I set up a security policy - most restrictive to only permit printing and eliminate file access after 3 months - the "page extraction: allowed" phrase shows up when I examine Show Security Properties / Security Tab / Document Restrictions Summary, even though for everything else it is "Not allowed" which is what I want.
I thought maybe its a bug, because when I close the file and then reopen it, the page extraction is grayed out. But I don't know if people I send the file to will be able to extract the pages, thus getting around my objective of not allowing them to copy/paste any of my proprietary content onto some other file format.
Anybody else have this same problem. Is there a way for me to prevent page extraction and have it show up in the Document Restrictions Summary as "Page Extraction: Not Allowed"?
Thanks,
RobertHi Holly,
Question - is that all you want to do? Or do the documents have value to you such that you want to maintain control over how long they are used, by whom, and for how long?
1. If the former, you can use password protection to protect the documents, and format them so that they cannot be altered.
From within Adobe Acrobat 8 with the document visible.
Select Secure / Password Encrypt / Permissions
Click on Restrict Editing and Printing
Key in a protection password (I use the same for all documents)
Select Printing permissions "High Resolution" from drop down menu
Select Changes Allowed "None" from Drop Down Menu
Make sure "Enable copying of text, images.... box is unchecked
Don't worry about creating Security Envelopes or anything else. Just click cancel if those windows pop up.
Your security changes will not take effect until you save the document. Once saved, you can go to Secure / Show Security Properties / Show Details to confirm that all settings are as you want.
2. If you want to do the latter, you can sign up for Adobe Live Cycle Policy Server protection of the document. Adobe just came out with a new service. Right now its free. Later to be subscription based.
https://dc.adobe.com/adc/login.do?nextURL=https%3A%2F%2Fdc.adobe.com%2Fadc%2Fadc.do
I use this, since I want to maintain control over the documents. I let people print only. No other changes, no copying, no emailing. And the document "self destructs" on the date I set for its expiration.
Regards,
Robert -
Hi All,
Can anybody pls tell me how to configure security policies like account locking,
account expiry in portal application? By default, it has a 30 minutes lock period
after 5 retries. But if I want to set other values or want to unlock account of
a user, then what to do ?
TIA,
SudarsonI have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
on a URL that looks like this :
http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
and gives the error :
( Forbidden
You don't have permisission to access /sso/auth on this server at port 7777)
when I manually change the URL to :
https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
the SSO works correctly.
The question is :
How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
Any ideas ?
Thanks in advance -
How do I migrate my Acrobat X security policies to Acrobat XI? (I'm on a mac)
I currently have both Acrobat X and XI installed on my Mac OS 10.7.5. All of my security policies, Actions, and other preferences are on X, and I don't know how to move them over to XI. I have a lot of security policies I can't afford to discard. Is there a way to migrate the policies, and hopefully also the Actions/Scripts I made in X? If so, how would I do that?
Look in the following location for the file "security-policy.acrodata":
/Users/[USERNAME]/Library/Application Support/Adobe/Acrobat/10.0/Security/
Copy it to the location:
/Users/[USERNAME]/Library/Application Support/Adobe/Acrobat/11.0/Security/ -
OWSM 11g : Authentication Providers for X.509 and SAML policies
Hi All,
I am currently trying to implement the X.509 and SAML policies. As per the documentation for these polices I need to configure an authentication provider(or Identity Assertion provider) that can handle perimeter authentication via the NameCallback. I had configured an authentication provider(default authentication provider) that handled the namecallback and passwordcallback. What I can't figure out is how do these two authentication providers differs. And, incase one has to configure for the X.509 and SAML policies how to do the same.
Any pointers will be useful. Especially, from anyone who has worked and implemented the above policies.
Thanks in advance.
Edited by: Shomit Sahdev on ८ अप्रैल, २०१० १२:२५ पूर्वाह्नAfter research by Oracle Support it actually turns out that this problem was a combination of factors:
1) some clients were effectively using an invalid certificate so it is corrrect they got an error and everything worked fine when they started using the right certificate
2) it does, however, turn out that, in the case of an error the error handling has been obfuscated in WLS 10.3.6 as compared to WLS 10.3.4 which gives a more descriptive error stating the nature of the problem (missing certificate, invalid certificate, unknown user, ...). Apparently this was deemed a security issue and has thus been replaced by a generic "internal server error". It is however possible to re-activate this older behaviour using a couple of JAVA_OPTS that you pass during server startup:
-Dweblogic.wsee.security.debug=true -Dweblogic.wsee.security.verbose=true
The above reintroduced the behaviour we had in WLS 10.3.4 and thus solves our problem! -
How do I setup security policies without Adobe LiveCycle Rights Management?
Hi Guys,
First of all I want to excuse for my english language skills . We have about 30 Users which are using Adobe Acrobat XI Standard. Our management board defined security policies for PDF files. We exported the security policies (Edit -> Preferences -> Security -> Security Settings -> Export). Then we got a file with the extension 'acrobatsecuritysettings'. Next we moved that file to a folder which everybody has read permissions. We ticked at a test computer "load security settings from a server" and type in the path to the file in this way:
smb://server/share/filename.acrobatsecuritysettings
I guess the syntax is correct but there are no security policies at 'Tools -> Protection -> Encrypt -> Manage Security Policies'. Any ideas?
I am very thankful for each reply.Interesting. Adobe obviously feel that smb is a URL - sorry, no idea what form their URL would take. You could double check that it is accessible with no username or password (i.e. guest access) since you have put no credentials in the URL.
For the intranet (htp) server - you could put it anywhere within the files making up the site. For instance you could create a folder private inside the web root, and put the file in there. You can type the URL in a browser to make sure it serves the credential file. -
The new Flash Player security policies are driving me nuts
when trying to work with local files. I'm working on development
tools that will run in the local machine, I get security issues in
many cases (from AIR interacting with loaded swf, with local
xmlsocket). It's clear and easy to implement the security
restrictions when you work with remote files (you just put the
crossdomain.xml on the server), but with local files is such a pain
(see for instance the "use-network=false" compiling option).
Is there a documentation that helps you to work with local
files and sort the eventual issues, I couldn't find one.
Now I would like to communicate with a local java xml socket,
how could I do to avoid:
*** Security Sandbox Violation ***
Connection to localhost:1023 halted - not permitted from
file:///.../bin/App.swf
Thanks a lot for any supportThis socket server made my day:
http://www.blog.lessrain.com/?p=512
chr -
Where are the EAS security policies stored? "Reset Security Policies"?
When you connect Mail app to an account using EAS, security policies from the Exchange server are applied to Windows 8.1. I know that these can be reset by going to Control Panel -> User Accounts and then clicking on the "Reset Security Policies"
option.
However, I would like to see which policies are being applied by the Exchange server, but I can't find where Windows 8.1 is storing the policy settings. Are they in the registry? Can I see them in the GPEDIT local policies?
For example, our Exchange server sets the "Max inactivity time lock" to 15 minutes. I would like to be able to see exactly which Windows setting is storing this value and enforcing it.
I've verified that it's overriding settings already in place that are stored in:
Computer Config - > Windows Settings -> Local Policies -> Security Options.
or
Computer Config - > Admin Templates -> Control Panel -> Personalization
or
User Config -> Admin Templates -> Control Panel -> Personalization
Does anyone have idea where I might be able to view these policies in Windows 8.1?Hi,
Aboved suggestions is description of the EAS policy.
If you need further assistance, feel free to let me know. I will be more than happy to be of assistance.
If the reply is helpful, please remember to mark it as answer which can benefit our Community members. Otherwise, please unpropose it and post back with your further concern.
Kate Li
TechNet Community Support -
Error deploying application with security polices: ORA-00904
Hi all,
I am using Jdeveloper 11.1.1.0 and I am trying to deploy an ADF application with secure polices on WebLogic Server 10.3.1
I have deployed the application to an EAR file and I have installed it using the weblogic console, after having defined the JDBC connection.
Have I anything to do for implementing the security polices? Miss anything?
Because when I launch the application from Jdeveloper I have no errors, while when I try to go to the URL where I have deployed the application, after loggin in, I have this error:
Caused by: java.sql.SQLSyntaxErrorException: ORA-00904: "myEntityObject"."myField": invalid identifier
at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:91)
at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:133)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:206)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:413)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1034)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:194)
at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:791)
at oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:866)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1187)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3386)
at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3430)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeQuery(OraclePreparedStatementWrapper.java:1491)
at weblogic.jdbc.wrapper.PreparedStatement.executeQuery(PreparedStatement.java:128)
at oracle.jbo.server.ViewObjectImpl.getQueryHitCount(ViewObjectImpl.java:3915)
... 91 more
## Detail 0 ##
java.sql.SQLSyntaxErrorException: ORA-00904: "TICKETEO"."ID_CATEGORIA_APERTURA": identificativo non valido
at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:91)
at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:133)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:206)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:413)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:1034)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:194)
at oracle.jdbc.driver.T4CPreparedStatement.executeForDescribe(T4CPreparedStatement.java:791)
at oracle.jdbc.driver.T4CPreparedStatement.executeMaybeDescribe(T4CPreparedStatement.java:866)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1187)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3386)
at oracle.jdbc.driver.OraclePreparedStatement.executeQuery(OraclePreparedStatement.java:3430)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeQuery(OraclePreparedStatementWrapper.java:1491)
at weblogic.jdbc.wrapper.PreparedStatement.executeQuery(PreparedStatement.java:128)
at oracle.jbo.server.ViewObjectImpl.getQueryHitCount(ViewObjectImpl.java:3915)
at oracle.jbo.server.ViewObjectImpl.getQueryHitCount(ViewObjectImpl.java:3867)
at oracle.jbo.server.QueryCollection.getEstimatedRowCount(QueryCollection.java:3517)
at oracle.jbo.server.ViewRowSetImpl.getEstimatedRowCount(ViewRowSetImpl.java:2318)
at oracle.jbo.server.ViewObjectImpl.getEstimatedRowCount(ViewObjectImpl.java:8782)
at oracle.adf.model.bc4j.DCJboDataControl.estimateRowCount(DCJboDataControl.java:1551)
thanks
Andry
Edited by: user10799119 on 4-set-2009 3.50Hi,
sincerly now I don't remember what was the problem, but it seems to me the solution was in one of these four settings:
1) check Admin Server when I create the JDBC connection.
2) before deploying the application to an EAR file, you don't forget to uncheck Auto-generate and synchronize weblogic-jdbc.xml Descriptors during deployment in Application properties --> deployment
3) in your application module --> configuration change the connection type from jdbc URL to JDBC DataSource
4) at the end of your URL of the deployed application don't insert the ".jspx" after your page name
Hope this helps
Regards -
Applying Security policies to Web Services using WLST
Hi,
I can create security roles and assign the role expressions using WLST. I am just curious to know that if we can apply the security policies to the applications/any weblogic resource using WLST.
If yes, Can you please let me know how I can do that? I checked the Mbeans for applications and security realm, but was unable to find a way.
I am using weblogic 81 sp6 platform.
ThanksThe language used for security policies is not public in 8.1.
In 9.2, WLS supports XACML.
http://e-docs.bea.com/wls/docs92/secwlres/xacmlusing.html
<Prasanna Kulkarni> wrote in message news:[email protected]..
Hi,
I can create security roles and assign the role expressions using WLST. I am
just curious to know that if we can apply the security policies to the
applications/any weblogic resource using WLST.
If yes, Can you please let me know how I can do that? I checked the Mbeans
for applications and security realm, but was unable to find a way.
I am using weblogic 81 sp6 platform.
Thanks -
After adding a new acquistion company to our network the company is now receiving a undeliverable error message when trying to email Parent Company. The acquistion company is still hosting there own email. Emails do come
through sometime though. Odd thing is the part where it says "The following organization rejected your msessage because of relay. The server that is asking for relay has nothing to do with Exchange and is a webserver.
Your message wasn't delivered because of security
policies. Microsoft Exchange will not try to redeliver this message for you.
Please provide the following diagnostic text to your system administrator.
The following organization rejected your message: XXXXX08WEB02.
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: exch-srv.xxx.local
xxxx08WEB02 #550 5.7.1 Unable to relay for
Original message headers:
Received: from exch-srv.bb.local ([10.36.x.x]) by exch-srv.xx.local
([10.36.10.9]) with mapi; Fri, 21 Mar 2014 06:24:26 -0600
Date: Fri, 21 Mar 2014 06:24:24 -0600
Subject: Fwd: BLASER
Thread-Topic: BLASER
Thread-Index: Ac9FAH8o48EjJULkQCyOFAKdwwLLcQ==
Message-ID: <[email protected]<mailto:[email protected]>>
References: <[email protected]<mailto:[email protected]>>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative;
boundary="_000_2E7BF3C7D4A34BBE8DA45714401F4470xxxxxxcom_"
MIME-Version: 1.0
Hi,
Let’s try the following resolution:
Exchange 2007 server>EMC>server configuration>Hub Transport>Receive connector>properties>Network> add your new company server IP address in the tab “receive mail from remote servers that have these IP addresses”.
For more information, you can refer to the following article:
http://blogs.technet.com/b/exchange/archive/2006/12/28/3397620.aspx
If you have any question, please feel free to let me know.
Thanks,
Angela Shi
TechNet Community Support
Maybe you are looking for
-
SAP HCM - Payroll Posting - Finding personnel number for a credit Memo
Hi, We are currently trying to trace the personnel number associated with a vendor posting from HR-FI. A credit memo has gotten generated against the vendor (union dues vendo). The FBL1n transaction yields only a consolidated result. The document num
-
Can't open pdf attachment on Palm TX with Adobe For Palm download
I downloaded Adobe for Palm OS (v. 3.0) to open email pdf attachments, but am getting error message: Attachment (not supported in this version) winmail.dat So can not open any pdf attachments. Tried getting mail via VersaMail and via m.comcast.net -
-
BPM Worklist - WorklistServiceUtil.getTaskRemoteAppURL Has Wrong URL
Hi all, There is something wrong in our BPM Worklist configuration, and I am not sure what it is. When we are on the Administrator tab in BPM Worklist, and click on a task to view the details, we get a page not found error. The logs say it is trying
-
Thunderbird: clickable links & file associations?
Hi, I have Arch installed with the XFCE desktop environment, plus a handful of apps. I'm using Thunderbird for email and Firefox for web browsing. (OK, not very original, I admit ) 1) Firefox and Thunderbird are set as default apps for browsing and m
-
Hello, My first time using Adobe Premier CS6. I have edited a film on Avid 6 but it's far too big. I want to import this film into Adobe Premier CS6 for re editing so I can export it as a H.264 and make it small enough to post online (currently it's