WLS 8.1 MDBs, Websphere MQ QMs and Security Exits....
Hi:
I am testing an MDB that is listening on a Websphere MQ 5.3 Queue. For security,
I have secured the Server Connection Channel of the Queue Manager (to which the
Queue belongs to) with a Security Exit.
Using the Foreign JMS Servers section in the Admin console, I defined a 'Foreign
JMS Connection Factory' that has the userid & password that is supposed to be
passed to Websphere MQ.
When the MDB comes up, it throws a SecurityException. In the background, the Security
Exit log indicates that the MDB tried to make multiple connections to the Server
Channel. The Deployment descriptor has the 'MAX BEANS IN FREE POOL' set to 1.
My issues are:
1. When the MDB comes up the Server Connection Channel shows multiple connections.
I know there is only one MDB, so I am curious why there would be multiple connections
to the same Channel.
2. The Security Exit log shows that the userid and passord was passed on to MQ
certain times and other times it was not. The net result is the Security Exit
rejected the MDB Connections (when the userid and pwd was blanks) and the Bean
did not come up properly.
I am concerned with Issue 2. Because, all I am able to control is giving the userid
and pwd in the Foreign JMS Server section. WLS 8.1 is supposed to pass on the
credentials properly to MQ when needed. Is WLS 8.1 NOT doing what is expected
or am I missing something?
What is the procedure to deploy a WLS 81 MDB that is listening on a queue whose
QM is secured by an MQ Security Exit.
Please help!
When you deploy any EJB or servlet that uses the "resource-reference", the
container (after a short delay) tries to make a connection to get the
XAResource for that JMS provider. It then registers that with JTA. That way,
JTA can perform transaction recovery on the JMS provider sooner rather than
later. (If we waited to register the MQSeries resource with JTA until you
used it, then if MQ had prepared transactions, they wouldn't be resolved
until you actually tried to send a message.)
As for the "multiple connections", I believe that the MQSeries JMS library
uses a single MQ "connection handle" for every JMS session. (That's because
MQ connection handles aren't thread-safe.) In our pool of the JMS Session
objects, we open more than one session initially, so that might be why
you're seeing multiple connections.
You can monitor the pooling of the JMS sessions using the console. Click on
your server in the "servers" tab in the left-hand tree view, then on
"Monitoring", then on "JMS", and then on "Monitor Pooled JMS Connections".
greg
"Sridhar Krishnaswamy" <[email protected]> wrote in message
news:[email protected]...
>
> I tried the steps you have mentioned. But the userid still does not come
across
> to MQSeries. So, I will follow up with Support. The MDB is passing on the
credentials
> fine when using the same QCF to put the messages to.
>
> On the issue of multiple connections, you are right. The connections are
because
> of the resource-ref entries. Though I am not sure why the MDB is actually
trying
> to establish multiple connections for every resource-ref entry (because
the pooling
> mechanism kicks in?). Also, in my design, some of the resource-ref are
actually
> 'stand-bys' to be used only if the MDB fails to put the message using the
primary
> resource-ref entry. I would have thought that the physical connections
will actually
> be made when the call for looking up the QCF is made by the bean or
createQueueConnection
> called. Just for my knowledge, I would like to know why the Container is
establishing
> the connections upfront.
>
> As always, I really appreciate your help, Greg.
>
> Thanks,
> Sridhar
>
> "Greg Brail" <[email protected]> wrote:
> >At the moment, the username and password used to receive messages come
> >from
> >a differenct place, and not from the "Foreign JMS Connection Factory"
> >screen. (Yes, I realize that this is confusing.) To do what you want,
> >you
> >need to define a "credential mapping":
> >
> >-- Create a WebLogic Server user using the "security" section of the
> >console, and assign the password that you will need to connect to MQ.
> >
> >-- Right-click on your MDB in the left-hand tree view, and select "Define
> >Roles and Policies for Individual Beans"
> >
> >-- You should see a list of MDBs on the screen. Click on "define
credential
> >mapping". (I forget the exact wording, but it's something like that.)
> >
> >-- On this screen, you enter the MQSeries username that you'll need to
> >set,
> >and the WebLogic user that you created in the first step. It then uses
> >the
> >password from this WebLogic username.
> >
> >If you have trouble with this, please call support. I know that some
> >people
> >have had trouble with this particular feature.
> >
> >I'm not sure about the multiple connections. Is it possible that you
> >have a
> >"resource-reference" declared for MQ somewhere?
> >
> > greg
> >
> >"Sridhar Krishnaswamy" <[email protected]> wrote in message
> >news:[email protected]...
> >>
> >> Hi:
> >> I am testing an MDB that is listening on a Websphere MQ 5.3 Queue.
> >For
> >security,
> >> I have secured the Server Connection Channel of the Queue Manager (to
> >which the
> >> Queue belongs to) with a Security Exit.
> >>
> >> Using the Foreign JMS Servers section in the Admin console, I defined
> >a
> >'Foreign
> >> JMS Connection Factory' that has the userid & password that is supposed
> >to
> >be
> >> passed to Websphere MQ.
> >>
> >> When the MDB comes up, it throws a SecurityException. In the
background,
> >the Security
> >> Exit log indicates that the MDB tried to make multiple connections
> >to the
> >Server
> >> Channel. The Deployment descriptor has the 'MAX BEANS IN FREE POOL'
> >set to
> >1.
> >> My issues are:
> >>
> >> 1. When the MDB comes up the Server Connection Channel shows multiple
> >connections.
> >> I know there is only one MDB, so I am curious why there would be
multiple
> >connections
> >> to the same Channel.
> >> 2. The Security Exit log shows that the userid and passord was passed
> >on
> >to MQ
> >> certain times and other times it was not. The net result is the
Security
> >Exit
> >> rejected the MDB Connections (when the userid and pwd was blanks) and
> >the
> >Bean
> >> did not come up properly.
> >>
> >> I am concerned with Issue 2. Because, all I am able to control is
giving
> >the userid
> >> and pwd in the Foreign JMS Server section. WLS 8.1 is supposed to pass
> >on
> >the
> >> credentials properly to MQ when needed. Is WLS 8.1 NOT doing what is
> >expected
> >> or am I missing something?
> >>
> >> What is the procedure to deploy a WLS 81 MDB that is listening on a
> >queue
> >whose
> >> QM is secured by an MQ Security Exit.
> >>
> >> Please help!
> >
> >
>
Similar Messages
-
Authentication problem w MDB on WL8.1 and JMS Queue on WL6.1
Hi,
I'm having problems with a MessageDrivenBean that is deployed on a Weblogic 8.1
server. It listens to a JMS Queue on a Weblogic 6.1 server.
I'm getting the following error message upon deployment:
[java.lang.SecurityException: Authentication for user system denied in realm wl_realm
I've made sure that both servers are installed with the user "system" and a password
of "password".
This worked fine for two WL6.1 servers.
Here's my ejb-jar.xml:
<!DOCTYPE ejb-jar PUBLIC
'-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN'
'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
<ejb-jar>
<enterprise-beans>
<message-driven>
<ejb-name>WebResponseJMSBean</ejb-name>
<ejb-class>com.ditech.webresponse.jms.WebResponseJMSBean</ejb-class>
<transaction-type>Container</transaction-type>
<message-driven-destination>
<destination-type>javax.jms.Queue</destination-type>
</message-driven-destination>
</message-driven>
</enterprise-beans>
<assembly-descriptor>
<container-transaction>
<description>Transaction attributes for 'WebResponseJMSBean' methods</description>
<method>
<ejb-name>WebResponseJMSBean</ejb-name>
<method-name>*</method-name>
</method>
<trans-attribute>NotSupported</trans-attribute>
</container-transaction>
</assembly-descriptor>
</ejb-jar>
Here's my weblogic-ejb-jar.xml:
<?xml version="1.0"?>
<!DOCTYPE weblogic-ejb-jar PUBLIC
'-//BEA Systems, Inc.//DTD WebLogic 6.0.0 EJB//EN'
'http://www.bea.com/servers/wls600/dtd/weblogic-ejb-jar.dtd'>
<weblogic-ejb-jar>
<weblogic-enterprise-bean>
<ejb-name>WebResponseJMSBean</ejb-name>
<message-driven-descriptor>
<destination-jndi-name>com.ditech.jms.CowResponseQueue</destination-jndi-name>
<provider-url>t3://localhost:7003</provider-url>
<connection-factory-jndi-name>com.ptp.jms.AppOnlineConnectionFactory</connection-factory-jndi-name>
</message-driven-descriptor>
<jndi-name>ejb/WebResponseJMSBean</jndi-name>
</weblogic-enterprise-bean>
</weblogic-ejb-jar>
Can anyone give me any suggestions?
Thanks in advance,
-Ben
We are facing a similar issue, between MDB's and JMS Queues on 2 separated WebLogic
8.1 domains. What I will test next week are:
1. In the domain where my MDB's are deployed, configure Foreign JMS Servers/Connection
Factories/Queues, for which passwords can be specified (not possible in weblogic-ejb-jar.xml)
2. If No.1 does not work, I will add CredentialGenerated="false" in <SecurityConfiguration>
in config.xml in both domains
3. If No. 2 still does not work, I will specify run-as principal and security-role
in my MDB DD files, and specify CredentialMapping via the WebLogic admin console.
Maybe you can try the same?
Eric Ma
"B Liu" <[email protected]> wrote:
>
>Hi,
>
>I'm having problems with a MessageDrivenBean that is deployed on a Weblogic
>8.1
>server. It listens to a JMS Queue on a Weblogic 6.1 server.
>
>I'm getting the following error message upon deployment:
>
>[java.lang.SecurityException: Authentication for user system denied in
>realm wl_realm
>
>I've made sure that both servers are installed with the user "system"
>and a password
>of "password".
>
>This worked fine for two WL6.1 servers.
>
>Here's my ejb-jar.xml:
>
><!DOCTYPE ejb-jar PUBLIC
>
>'-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN'
>
>'http://java.sun.com/dtd/ejb-jar_2_0.dtd'>
>
>
><ejb-jar>
>
> <enterprise-beans>
>
> <message-driven>
>
> <ejb-name>WebResponseJMSBean</ejb-name>
> <ejb-class>com.ditech.webresponse.jms.WebResponseJMSBean</ejb-class>
> <transaction-type>Container</transaction-type>
> <message-driven-destination>
> <destination-type>javax.jms.Queue</destination-type>
> </message-driven-destination>
>
> </message-driven>
>
> </enterprise-beans>
>
> <assembly-descriptor>
>
> <container-transaction>
>
> <description>Transaction attributes for 'WebResponseJMSBean'
>methods</description>
> <method>
> <ejb-name>WebResponseJMSBean</ejb-name>
> <method-name>*</method-name>
> </method>
> <trans-attribute>NotSupported</trans-attribute>
>
> </container-transaction>
>
> </assembly-descriptor>
>
></ejb-jar>
>
>Here's my weblogic-ejb-jar.xml:
>
><?xml version="1.0"?>
>
>
>
><!DOCTYPE weblogic-ejb-jar PUBLIC
>
>'-//BEA Systems, Inc.//DTD WebLogic 6.0.0 EJB//EN'
>
>'http://www.bea.com/servers/wls600/dtd/weblogic-ejb-jar.dtd'>
>
>
><weblogic-ejb-jar>
>
> <weblogic-enterprise-bean>
>
> <ejb-name>WebResponseJMSBean</ejb-name>
>
> <message-driven-descriptor>
>
> <destination-jndi-name>com.ditech.jms.CowResponseQueue</destination-jndi-name>
> <provider-url>t3://localhost:7003</provider-url>
> <connection-factory-jndi-name>com.ptp.jms.AppOnlineConnectionFactory</connection-factory-jndi-name>
> </message-driven-descriptor>
>
> <jndi-name>ejb/WebResponseJMSBean</jndi-name>
>
> </weblogic-enterprise-bean>
>
></weblogic-ejb-jar>
>
>
>Can anyone give me any suggestions?
>
>Thanks in advance,
>-Ben
>
-
Exchange 2010 Resource '(Mdb)MailboxDatabase001' is unhealthy and shouldn't be accessed.
Hi Everyone
We are getting the below error on all 3 of our mailbox databases when the msexchange assistant runs, we do have retention policies in place but everything in EMC says that all databases are healthy but this event says otherwise.
Service MSExchangeMailboxAssistants. 'Managed Folder Mailbox Assistant' failed to process mailbox john smith(58d9d22a-8b87-45cf-9f77-9c009a675575). The following exception caused the failure: Microsoft.Exchange.Assistants.TransientMailboxException --->
Microsoft.Exchange.Data.Directory.ResourceHealth.ResourceUnhealthyException: Resource '(Mdb)MailboxDatabase001' is unhealthy and shouldn't be accessed.
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCHealthMonitor.InternalThrottleStoreCall(MdbResourceHealthMonitorKey optionalAlternateDatabase)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ElcSubAssistant.ThrottleStoreCallAndCheckForShutdown(ExchangePrincipal mailboxOwner, MdbResourceHealthMonitorKey archiveKey)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.ProcessFolderContents(StoreId folderId, ItemQueryType itemQueryType)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.CollectItemsToExpireInNonIpm()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupEnforcerBase.CollectItemsToExpire()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.MailboxExpirationEnforcer.Invoke()
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupEnforcerManager.Invoke(MailboxDataForTags mailboxDataForTags, ElcParameters parameters)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.SysCleanupSubAssistant.Invoke(MailboxSession mailboxSession, MailboxDataForTags& mailboxDataForTags, ElcParameters parameters)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCAssistant.<>c__DisplayClass6.<InvokeInternal>b__0()
at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(TryDelegate tryDelegate, FilterDelegate filterDelegate, CatchDelegate catchDelegate)
at Microsoft.Exchange.MailboxAssistants.Assistants.ELC.ELCAssistant.InvokeInternal(InvokeArgs invokeArgs)
at Microsoft.Exchange.MailboxAssistants.Assistants.TimeBasedAssistant.Invoke(InvokeArgs invokeArgs)
at Microsoft.Exchange.Assistants.TimeBasedDatabaseJob.<>c__DisplayClass5.<ProcessMailboxUnderPoisonControl>b__3()
at Microsoft.Exchange.Assistants.Util.<>c__DisplayClass1.<CoreCatchMeIfYouCan>b__0()
--- End of inner exception stack trace ---
at Microsoft.Exchange.Assistants.Util.TraceAndThrow(CatchMe function, AIException aiException)
at Microsoft.Exchange.Assistants.Util.CatchMeIfYouCan(CatchMe function)
at Microsoft.Exchange.Assistants.Base.CatchMeIfYouCan(CatchMe function)
at Microsoft.Exchange.Assistants.TimeBasedDatabaseJob.ProcessMailboxUnderPoisonControl(MailboxData mailbox, EmergencyKit kit)
Please help...Hi,
From your description, I recommend you restart the Microsoft Exchange Mailbox Assistants service and check the result. If the issue persists, you need to re-configure the managed folder mailbox policy for the mailbox and then restart the Microsoft Exchange
Mailbox Assistants service.
Hope this can be helpful to you.
Best regards,
Amy Wang
TechNet Community Support -
Websphere 5.0 and non-jts-datasource = 2PC exception!
Hello all
We're migrating from a working weblogic 8 app to websphere 5.0, and we run into this problem.
Toplink tries to enlist the NON-JTS datasource in the global transaction. In weblogic we defined our non-jts datasource as a non-transactional datasource, but there is no such option in websphere. What is going on??
Please help
TIA
- Russ -Hello Rustam,
WebSphere 5 throws exceptions when you try to get a non-jta datasource while in a transaction - it seems to try to enlist it in the transaction I think.
This is more a WebSphere issue, since it means you cannot read outside of the transaction.
There are 3 options:
1) Don't define a non-jta datasource at all in TopLink. Draw backs to this are that there may be problems reading when there is no transaction, such as when you are using cache synch.
2) Create your own datasource (outside of WebSphere) and place it in JNDI. Then have TopLink access it as a non-jta datasource. Your datasource must be completely independent of WebSphere so that it does not attempt to associate with JTA.
3) Use a TopLink maintained read connetion pool. You can use the non-jts-connection-url sessions.xml tag, which will use the login setting defined in your project.xml. I've not tested it, but can also override the read pool in a preLogin event that should look something like:
public void preLogin(SessionEvent event) {
DatabaseLogin dbLogin(new Oracle9iPlatform());
dbLogin.setUserName("name");
dbLogin.setPassword("password");
dbLogin.setConnectionString("jdbc:oracle:thin:@ip:port:sid");
ConnectionPool readPool = new ReadConnectionPool("read", dbLogin, minCon, maxCon, event.getSession());
event.getSession().setReadConnectionPool(readPool);
Best Regards,
Chris Delahunt -
We are having problems with ADF/UIX (Jdev 10g) in Websphere 5.1. We are continually getting an error in the xmlparserv2.jar when put into the <websphere_home>/lib/ext directory. Actually, websphere cannot startup with that jar there. We installed Business Components according to the documentation found in http://otn.oracle.com/products/jdev/howtos/appservers/deploy_bc4j_to_websphere.html
I realize the doc is geared towards JDev 9.0.3 and probably an older version of websphere. I am wondering if anyone has successfully deployed Business Components to Websphere 5.1 and could you successfully run an ADF/UIX application in Websphere.
TIA...Brian,
Ya, after figuring out the JDK 1.3 issue, I thought it best to go back and try it on Websphere 5.1 (I was trying it on 5.0.2.2). Since IBM's material says 5.1 supports 1.4, that seemed logical. I don't know much about Websphere, but can't see where one can plug in a different JDK. Perhaps someone can chime in on that.
BUT, I did get a simple ADF UIX application to work on IBM Websphere 5.1.0.3. As I alluded to in previous posts, it would seem that the lib\ext has a different purpose in 5.1. The contents of this location are somehow used for the internals of WAS, so the server cannot even start if you follow the previous how to document at:
http://otn.oracle.com/products/jdev/howtos/appservers/deploy_bc4j_to_websphere.html
To get away from this, I created a separate location as a library in Websphere and put the following jars into the location:
adfm.jar
adfmejb.jar
adfmtl.jar
bc4jct.jar
bc4jctejb.jar
bc4jdomorcl.jar
bc4jhtml.jar
bc4jimdomains.jar
bc4jmt.jar
bc4jmtejb.jar
bc4juixtags.jar
classes12.jar
collections.jar
commons-el.jar
jdev-cm.jar
jdev-rt.jar
jsp-el-api.jar
nls_charset12.jar
ojmisc.jar
oracle-el.jar
ordhttp.jar
ordim.jar
regexp.jar
runtime12.jar
share.jar
struts.jar
uix2.jar
uix2tags.jar
xmlparserv2.jar
(Honestly, I don't know how I came to this exact list of jars. Some I added by working through class not found exceptions, others are in here because of the how to document. In any case, I can't vouch for its completeness or correctness.)
I created the location that all of these jars were in as a shared library (environment -> shared libraries). Then, I added the library to the deployed application (Applications -> Enterprise Applications -> <the application deployed> -> Configuration Tab -> libraries.
I'm admittedly quite a novice with Websphere, so I can't say if this is the correct way to do it, but it works. :) -
How to find document for WebSphere Portal Server and OIM Integration?
Last time, I used WebSphere Portal Server and OAM that works well. Herein the document for integration http://download-west.oracle.com/docs/cd/B28196_01/idmanage.1014/b25347/websphr.htm.
Now, I would like to use OIM to integrate with WebSphere Portal Server. Is there any document like above? If yes, please let me know where I can find it or give me a link.
Hope to get your response soon.
Thanks in advance.
Message was edited by:
user596181Is it possible to do that? I need to configure WebSphere Application Server and WebSphere Portal with enabling global security by using "Custom User Register" and LTPA to integrate with Oracle Identity Management (OIM).
Any comment is highly appreciate! -
Diff b/w "Customer exits" and "User-exit"
Hi,
What is the difference b/w customer exits and user-exit and also please explain me what are the various types of customer and user-exits.
Thanks in advance.
RamanaHi,
Types of Exits
There are several different types of customer exits. Each of these exits acts as hooks where you can attach or "hang" your own add-ons.
Menu Exits
Menu exits add items to the pulldown menus in standard SAP applications. You can use these menu items to call up your own screens or to trigger entire add-on applications.
SAP creates menu exits by defining special menu items in the Menu Painter. These special entries have function codes that begin with "+" (a plus sign). You specify the menu items text when activating the item in an add-on project.
Screen Exits
Screen exits add fields to screens in R/3 applications. SAP creates screen exits by placing special subscreen areas on a standard R/3 screen and calling a customer subscreen from the standard screens flow logic.
Function Module Exits
Function module exits add functions to R/3 applications. Function module exits play a role in both menu and screen exits. When you add a new menu item to a standard pulldown menu, you use a function module exit to define the actions that should take place once your menu is activated. Function module exits also control the data flow between standard programs and screen exit fields.
SAP application developers create function module exits by writing calls to customer functions into the source code of standard R/3 programs. These calls have the following syntax: CALL CUSTOMER-FUNCTION 001.
<b>User exits:</b>
https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/abap/abap-code-samples/userexits%20in%20a%20transaction.doc
In order to find out the user exits for any tcode,
1. get the developement class of the tcode from SE93.
2. Now goto transaction SMOD and press F4,
3. give in the Deve class in the dev class and Press ENTER
this will show u the exits for any tcode.
or execute this report
http://www.erpgenie.com/sap/abap/code/abap26.htm
which gives the list of exits for a tcode
http://help.sap.com/saphelp_nw04/helpdata/en/bf/ec079f5db911d295ae0000e82de14a/frameset.htm
For information on Exits, check these links
http://www.sap-img.com/abap/a-short-tutorial-on-user-exits.htm
http://www.sapgenie.com/abap/code/abap26.htm
http://www.sap-img.com/abap/what-is-user-exits.htm
http://wiki.ittoolbox.com/index.php/HOWTO:Implement_a_screen_exit_to_a_standard_SAP_transaction
http://www.easymarketplace.de/userexit.php
http://www.sap-img.com/abap/a-short-tutorial-on-user-exits.htm
http://www.sappoint.com/abap/userexit.pdfUser-Exit
http://www.sap-img.com/abap/a-short-tutorial-on-user-exits.htm
http://www.ficoexpertonline.com/downloads/User%20ExitsWPedit.doc
http://www.easymarketplace.de/userexit.php
http://help.sap.com/saphelp_nw04/helpdata/en/c8/1975cc43b111d1896f0000e8322d00/content.htm
Check out these links too...
http://www.sap-img.com/abap/a-short-tutorial-on-user-exits.htm
http://www.sapgenie.com/abap/code/abap26.htm
http://www.sap-img.com/abap/what-is-user-exits.htm
http://wiki.ittoolbox.com/index.php/HOWTO:Implement_a_screen_exit_to_a_standard_SAP_transaction
http://www.easymarketplace.de/userexit.php
http://www.sap-img.com/abap/a-short-tutorial-on-user-exits.htm
http://www.sappoint.com/abap/userexit.pdfUser-Exit
http://www.planetsap.com/userexit_main_page.htm
http://wiki.ittoolbox.com/index.php/HOWTO:Implement_a_screen_exit_to_a_standard_SAP_transaction
USER EXITS
https://forums.sdn.sap.com/click.jspa?searchID=672084&messageID=312792
https://forums.sdn.sap.com/click.jspa?searchID=672084&messageID=1320078
https://forums.sdn.sap.com/click.jspa?searchID=672084&messageID=2669896
****Reward points if helpful.
All the best -
I have forgotten my security questions but when I click on My Apple ID and got to password and security, there is no option to rest my questions and/or send my self a rescue email, what do I do now ?
You need to contact Apple. Click here, phone them, and ask for the Account Security team, or fill out and submit this form.
(89174) -
Start up problems after Safari 3.1 and Security update
Updated safari and security update last night.
Safari downloaded and installed but there was an error downloading or installing the security update, I forgot.
After I restarted everything booted up fine, but was stuck on "Starting Mac OS X" screen.
Did a fsck and zap the pram, still stuck.
Today I tried booting up in safe mode, stuck on the gray screen with the apple logo.
Then I tried booting up from an external firewire dvd drive. Repaired permissions, repaired the disk, but it is still stuck on "Starting Mac OS X" screen. Help please...
Thank youOk i had a similar problem, with all the recent updates for Leopard, including the 10.5.2 combo update... the 12" PowerBook G4 kept getting stuck on the grey apple and spinning wheel... if it managed to get past this it would get stuck on the blue screen!!!
The way i got around this, after trying all these other tips was: Archived & Installed 10.5; restarted, waited; downloaded 10.5.2 Combo update, installed; restarted, waited; waited; waited; after getting back to desktop, restarted, waited; then ran Software Update only installing one at a time, and after each install, restarted, waited; when all Software updates completed, proceeded with iLife updates etc... It took a while (still quicker than the 3 days of failed installs and updates) with a lot of waiting on the blue screen (5-20mins) but we got there in the end. Disks where checked with Leopard Disk Utility before and after, permissions where checked before and after completing all installs, also with a DW 4.1 optimization. Also note worthy is the RAM was upgraded from the initial 256Mb (!!!) with an extra Gb. -
Bursting with translation and security attributes?
Hi folks,
I've been lurking on the forum for a while and despite not always finding a solution, existing threads normally pointed me in the right direction - so thanks :)
I'm working on EBS 11.5.10 with the latest Bi-Publisher 5.6.3 (5472959) and bursting (5968876) patches installed.
I have successfully done the following individual AR Invoice Bi-Publisher tasks:
1. translated an invoice RTF template by attaching an xliff file to the data definition,
2. applied security attributes to the template to restrict updates on the resulting PDF,
3. burst a custom AR invoice print and emailed the resultant pdf's.
The PDF generated by the combined Invoice print correctly applies the translation and security attributes; however when I run the "XML Publisher Report Bursting Program" to the XML file the resultant burst PDF's do not apply the translation or security attributes. I assume this a limitation of bursting control files? If so, is this on the list of future enhancements to Bi-Publisher?
Here's an example of my control file document entry, I have included locale and pdf-security entries - these don't cause an error but equally don't generate the desired result (p.s. I know I'm emailing on a PRI filter - it's just a test):
<xapi:document output-type="pdf" delivery="att_email">
<xapi:template type="rtf"
location="/usr/tmp/xxxINVOICE3.rtf"
locale="fr-US"
pdf-security="true" pdf-encryption-level="1" pdf-permissions-password="xxxxxx"
filter=".//G_INVOICE_HEADER[PRINTING_OPTION='PRI']" >
</xapi:template>
</xapi:document>
Thanks
Dave=================
==Properties Idea's
=================
You would have happened to try applying the security stuff in the application for your template? Try that and see if the pdf properties get set.
If that doesn't work your left with two options:
1. create a java concurrent program and set the properties manually.
2. Log a tar.
=================
==local idea's
=================
Are you sure you don't have to create template config for the locale? i suspect that's why it's not applying the xliff translation. Also, your NLS_LANG needs to be set to FRENCH for the approriate template to be applied. If your logged-in as english your french format template will not be applied, neither will the translation. As an example you can query vl table and you'll only get american (us) but if you alter your session you'll get the translation for that language when your query the table.
location="xdo://xxxAR.xxx_XML_PRINT.fr.US"
try it out and see if that works. Note: This will only work if your session NLS_LANG is set to FRENCH. -
How to Set up HTTPOnly and SECURE FLAG for session cookies
Hi All,
To fix some vulnerability issues (found in the ethical hacking , penetration testing) I need to set up the session cookies (CFID , CFTOKEN , JSESSIONID) with "HTTPOnly" (so not to access by other non HTTP APIs like Javascript). Also I need to set up a "secure flag" for those session cookies.
I have found the below solutions.
For setting up the HTTPOnly for the session cookies.
1] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
this.sessioncookie.httponly = true;
For setting up the secure flag for the session cookies.
2] In application.cfc we can do this by using the below code. Or we can do this in CF admin side under Server Settings » Memory Variables
this.sessioncookie.secure = "true"
Here my question is how we can do the same thing in Application.cfm?. (I am using ColdFusion version 10). I know we can do this using the below code , incase of HTTPOnly (for example).
<cfapplication setclientcookies="false" sessionmanagement="true" name="test">
<cfif NOT IsDefined("cookie.cfid") OR NOT IsDefined("cookie.cftoken") OR cookie.cftoken IS NOT session.CFToken>
<cfheader name="Set-Cookie" value="CFID=#session.CFID#;path=/;HTTPOnly">
<cfheader name="Set-Cookie" value="CFTOKEN=#session.CFTOKEN#;path=/;HTTPOnly">
</cfif>
But in the above code "setclientcookies" has been set to "false". In my application (it is an existing application) this has already been set to "true". If I change this to "false" as mentioned in the above code then ColdFusion will not automatically send CFID and CFTOKEN cookies to client browser and we need to manually code CFID and CFTOKEN on the URL for every page that uses Session. Right???. And this will be headache.Right???. Or any other way to do this.
Your timely help is well appreciated.
Thanks in advance.BKBK wrote:
Abdul L Koyappayil wrote:
BKBK wrote:
You can switch httponly / secure on and off, as we have done, for CFID and CFToken. However, Tomcat automatically switches JsessionID to 'secure' when it detects that the protocol is secure, that is, HTTPS.
I couldnt understand this. I mean how are you relating this with my question.
When Tomcat detects that the communication protocol is secure (that is, HTTPS), it automatically switches on the 'secure' flag for the J2EE session cookie, JsessionID. Tomcat is configured to do that. Coldfusion has no say in it. So, for JsessionID, 'secure' is automatically set to 'false' when HTTP is detected and automatically set to 'true' when HTTPS is detected.
If this is the case then why I am getting below info for jsessionid (As you mentioned it should set with SECURE flag . Right???). Note that we are using web server - Apache vFabric .And the application that we are using is in https and there is no hit is going from https to http.
Name:
JSESSIONID
Content:
782BF97F50AEC00B1EBBF1C2DBBBB92F.xyz
Domain:
xyz.abc.pqr.com
Path:
Send for:
Any kind of connection
Accessible to script:
No (HttpOnly)
Created:
Wednesday, September 3, 2014 2:25:10 AM
Expires:
When the browsing session ends
BKBK wrote:
2]When I checked CF Admin->Server Settings->Memory Variables I found that J2EE SESSION has been set to YES. So does this mean that do we need to set HTTPOnly and SECURE flag for JSESSIONID only or for CF session cookies (CFID AND CFTOKEN ) as well ?.
Set HTTPOnly / Secure for the session cookies that you wish to use. Each cookie has its pros and cons. For example, the JsessionID cookie is more secure and more Java-interoperable than CFID/CFToken but, from the explanation above, it forbids the sharing of sessions between HTTP and HTTPS.
I understood that setting thos flags (httponly/secure) is as per my wish. But my question was , is it necessary to set those flags forcf session cookies (cfid and cftoken) as we have enabled J2EE session in CF admin?. Or in other way as the session management is J2EE based do we need to set those flags for CF session cookies?.
BKBK wrote:
3]If I need to set HTTPOnly and SECURE flag for JSESSIONID , how can I do that.
It is sufficient to set the HTTPOnly only. As I explained above, Tomcat will automatically set 'secure' to 'true' when necessary, that is, when the protocol is HTTPS.
I understood that it is sufficient to set httponly only.but how we will set it for jsessionid?. This is my question. Apache vFabric will alos set secure to true automatically. Any idea?? -
My friend created me an itunes store account with his credit card , his credit card is about to expire and they are asking me to re-enter the credit card and security card number .... I don't have these numbers ... How can i create new itunes account without credit card?????
Why do you need to create a new account?
Just change the payment method.
http://support.apple.com/kb/ht1918 -
I forgot the answers for the security questions and when I try to change them (My Apple ID -> Manage your account -> Password and Security) I'm asked to answer the exact questions I'm trying to change because I don't remember the answers. How can I do it?
Can't you try the email option instead?
-
Hello, my iPod touch is not working right. It says its connected but if I select App Store, safari and other apps that require wifi pops out a note saying either"error loading" or "cannot connect to iTunes Store" and would exit the app automatically. Please help.
Thank You.See:
Can't connect to the iTunes Store -
[Request] Move Windows Control Panel applet from "System and Security" to "Programs"
The "Flash Player (32-bit)" Windows Control Panel applet should be moved from "System and Security" to "Programs" where the Java applet is.
Vote: https://bugbase.adobe.com/index.cfm?event=bug&id=2953107
Thanksnjb,
Why not just run the ThinkVantage System Update and let it install as usual. You can also "un-check" those drivers that you don't want to install.
*Non Lenovo employee*
I have a Y2P (i5) ... Feel free to ping me if you want me to test some applications with your Y2P if you have the same model. I don't mind keep doing recovery on it if needed .... =)
Maybe you are looking for
-
Error while posting MIGO for HU-Inbound Delivery
Hi All When am trying to post the MIGO for HU Inbound Delivery Creation, am getting an error saying "Required parameters missing when calling up module MARV_SINGLE_READ". Following areas I have verifed: The posting periods in MMRV shows current peri
-
Very slow reponse times in 2012 Remote Web Access
Hi all, I am having an issue on one of our customers 2012 servers. All of a sudden logging into RWA is taking around 2 minutes. It takes even longer once you have logged in to wait for the rdp links to download for the end user's PCs. I have tested
-
Non display of OPEN ITEM GL for MISGL in FAGLB03
For Open Item GL where shown balance RS.52 Lacs, But line item hown Zero amount of the same. have given proper Inputs in FAGLB03 like GL Account Number,Company Code, Fiscal Year and Ledger. can you please help me out on this.. Thanks and Regards, S
-
BPM 11g Workspace Audit Trail not showing Sub process inner activities
Hi all, I have been developing some BPM Process in JDev 11.1.1.5 and have deployed them in BPM Suite 11.1.1.5 over Windows Server 2003. I've found the following and would like to hear your opinion: 1- The Process audit trail in BPM 11g Workspace show
-
My power screen works then it fades to black and tries to restart
Today my phone got dropped in a puddle by a friend and when I got it back I dried it off it was working fine, then about an hour later my phone shut off and when it tried to turn on, it had the screen right and then the screen faded out and it tried