XML Security question.

Similar Messages

• Web.xml - security constraint question

  I want to make a kind of inverted security constraint. I want to ALLOW access to one specific page over HTTP. All other pages should be HTTPS.
  Is that possible???

  Use the <security-role-ref> for the Faces Servlet to map the LDAP roles to the logical role names used by the managed bean to determine if links may be rendered.
  Bean code:
  this.isAdmin = context.getExternalContext().isUserInRole("admin");web.xml:
          <security-role>
            <role-name>Local Admin Group</role-name>
       </security-role>
       <security-role>
            <role-name>DBA Group</role-name>
       </security-role>
      <!-- Faces Servlet -->
      <servlet>
          <servlet-name>Faces Servlet</servlet-name>
          <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
          <security-role-ref>
                <role-name>admin</role-name>
                <role-link>DBA Group</role-link>
         </security-role-ref>
          <security-role-ref>
                <role-name>admin</role-name>
                <role-link>Local Admin Group</role-link>
         </security-role-ref>
      </servlet>

• How to add a new property security question in atg profile?

  Hi All,
  I want to add a new field in registration.jsp named as Security Questions; it has 3 questions and it should be ordered and cannot contain duplicate values.
  For this I have created
  1) a customUserProfile.xml under /MyModule/config/atg/userprofiling/customUserProfile.xml with the following content-
  <?xml version="1.0" encoding="UTF-8" standalone="no"?>
      <!DOCTYPE gsa-template PUBLIC "-//Art Technology Group, Inc.//DTD General SQL Adapter//EN"
          "http://www.atg.com/dtds/gsa/gsa_1.0.dtd">
  <gsa-template>
      <header>
          <name>Registration</name>
          <author></author>
      </header>
      <item-descriptor name="securityquestions">
    <table name="security_questions" id-column-names="securequestions_id">
      <property name="securityquestions" data-type="enumerated">
      <attribute name="useCodeForValue" value="false"/>
        <option value="what is your birth place" code="0"/>
    <option value="what is your favourite colour" code="1"/>
    <option value="what is your pet name" code="2"/>
      </property>
    </table>
  </item-descriptor>   
  2) a definition file under named as /MyModule/config/atg/userprofiling/customUserProfile.properties-
  $class=atg.adapter.gsa.GSARepository
  $scope=global
  repositoryName=customUserProfile
  # database access- for making repositry as versioned, use SwitchingDataSource else use JTDataSource
  dataSource=/atg/dynamo/service/jdbc/SwitchingDataSource
  transactionManager=/atg/dynamo/transaction/TransactionManager
  # our XML definitionFile
  definitionFiles=/atg/userprofiling/customUserProfile.xml
  # XML parsing
  XMLToolsFactory=/atg/dynamo/service/xml/XMLToolsFactory
  # id generation
  idGenerator=/atg/dynamo/service/IdGenerator
  </gsa-template>
  3) a droplet names as /MyModule/src/com/pa/SecurityQuestionLogin.java
  4) a registration jsp with the following code snippet for security questions-
  <dsp:droplet name="SecurityQuestionLogin">
  <dsp:select bean="SecurityQuestionLogin.securityQuestions">
      <dsp:droplet name="PossibleValues">
        <dsp:param name="itemDescriptorName" value="securityquestions"/>
        <dsp:param name="propertyName" value="type"/>
        <dsp:oparam name="output">
          <dsp:droplet name="ForEach">
            <dsp:param name="array" param="values"/>
            <dsp:oparam name="output">
              <dsp:option param="element"/>
              <dsp:valueof param="element"/>
            </dsp:oparam>
          </dsp:droplet>
  But I don't know what logic can I implement in java class for this requirement.
  Is the above structure is right for this purpose,please help!
  Regards,
  Vikas

  Hi Nitin,
  extend ATG userProfile.xml and add properties there in user item-descriptor
  I created userProfile.xml under C:\ATG\ATG10.0.3\MyModule\config\atg\userprofiling with following contents-
  <?xml version="1.0" encoding="UTF-8" standalone="no"?>
  <!DOCTYPE gsa-template
          PUBLIC "-//Art Technology Group, Inc.//DTD General SQL Adapter//EN"
          "http://www.atg.com/dtds/gsa/gsa_1.0.dtd">
  <gsa-template>
    <item-descriptor name="user" cache-mode="simple" xml-combine="append">
  <table name="security_questions" type="auxiliary" id-column-name="securequestions_id">
  <property name="securityquestions" column-name="securityquestions" data-type="enumerated">
  <attribute name="useCodeForValue" value="false"/>
        <option value="what is your birth place" code="0"/>
    <option value="what is your favourite colour" code="1"/>
    <option value="what is your pet name" code="2"/>
    </property>
  </table>
  </item-descriptor>
  </gsa-template>
  and created userProfile.properties file with following content-
  $class=atg.adapter.gsa.GSARepository
  $scope=global
  repositoryName=userProfile
  # database access- for making repositry as versioned, use SwitchingDataSource else use JTDataSource
  dataSource=/atg/dynamo/service/jdbc/SwitchingDataSource
  transactionManager=/atg/dynamo/transaction/TransactionManager
  # our XML definitionFile
  definitionFiles=/atg/userprofiling/userProfile.xml
  # XML parsing
  XMLToolsFactory=/atg/dynamo/service/xml/XMLToolsFactory
  # id generation
  idGenerator=/atg/dynamo/service/IdGenerator
  and change the jsp code as-
  <dsp:select bean="/atg/userProfiling/Profile.securityQuestions">
      <dsp:droplet name="PossibleValues">
        <dsp:param name="itemDescriptorName" value="securityquestions"/>
        <dsp:param name="propertyName" value="type"/>
        <dsp:oparam name="output">
          <dsp:droplet name="ForEach">
            <dsp:param name="array" param="values"/>
            <dsp:oparam name="output">
              <dsp:option param="element"/>
              <dsp:valueof param="element"/>
            </dsp:oparam>
          </dsp:droplet>
        </dsp:oparam>
      </dsp:droplet>
    </dsp:select>
    </dsp:droplet>
  Have I done right?
  And what else I need to do,should I run the startsqlrepository script to create the table structure for this property?
  Thanks & Regards,
  Vikas

• HT204088 Please help login security questiona

  Hi I have an security question which I have not done before so that I could not download my iTunes download

  First I followed the instruction from the following website to setup the driver. http://www.deitel.com/books/simplyJava1/simplyjava1_AccessDatabaseInstructions.pdf
  Then I added the following REALM to my App2.xml
     <Realm  className="org.apache.catalina.realm.JDBCRealm"
            driverName="sun.jdbc.odbc.JdbcOdbcDriver"
         connectionURL="jdbc:odbc:DATABASE"
             userTable="user" userNameCol="usr" userCredCol="pswrd"
         userRoleTable="role" roleNameCol="role" />Here is what i have in my web.xml
      <security-constraint>
        <display-name>Security Constraint</display-name>
        <web-resource-collection>
           <web-resource-name>Protected</web-resource-name>
           <url-pattern>/*</url-pattern>
           <http-method>GET</http-method>
           <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
           <!-- Anyone with one of the listed roles may access this area -->
           <role-name>Manager</role-name>
        </auth-constraint>
      </security-constraint>
      <!-- Default login configuration uses form-based authentication -->
      <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>Form-Based Authentication</realm-name>
        <form-login-config>
          <form-login-page>/login.jsp</form-login-page>
          <form-error-page>/error.jsp</form-error-page>
        </form-login-config>
      </login-config>
      <!-- Security roles referenced by this web application -->
      <security-role>
         <role-name>Manager</role-name>
      </security-role>

• My iPad wont let me download apps bc security questions, but when I try to make them it freezes

  Every time I try to download an app it tells me I need to update my security questions, but once I click to make the questions the box goes white. So I'm not sure how to fix it

  The new questions show on your account on http://appleid.apple.com ? If they do then try logging out and back into your account on your phone (assuming that is where you are trying to purchase from) and see if the new questions then show on it.

• How do I delete an Apple iCloud account from my iPhone without password, security questions, or email?

  For some reason, an old iD is stuck on my phone. My iPhone 4s is nearly filled with documents and data, to the point where I cannot take pictures, and I can't reset it without using this old iD. I don't know why this is now popping up instead of the one I am registered with. I gained access to the old email the iD is under, but none of the iTunes emails are coming in so I assume it is set up under a different email. For the security question of birthdays, I tried every household member's birthday, and none worked. I have tried the password we used on that account when it was active, along with every other possiblility. I don't know what to do anymore and I have very limited use of my phone if I don't get this sorted out and deleted from my phone.
  Thank you for any help!

  Not without password.

• My old email account was disabled and I can't remember my password - how can I reset my password or move $ to a new itunes/email account?  It seems I must have mis-typed my information because I can't answer the security questions correctly...

  My old email account is disabled and I can't remember my itunes password - how can I reset my password or move $ to a new itunes/email account?  It seems I must have mis-typed my account information because I can't answer the security questions correctly...

  ➡ https://iforgot.apple.com/

• How can I access my iCloud email account when I don't remember the password and Apple won't accept the answer to my security question?

  I set up an email account with " @me.com". I get a wrong password message when I try to log in. When I try to change my password I get an INcorrect answer message to the security question I'm asked my birth date so I know I have it right, unless I did a typo when I set up the account. When I choose email me the reset password lnk I cannot retrieve the email because it won't accept the password. I wanted to justemail Apple for instructions but cannot find an email address for that. Any help would be appreciated.

  I tried that without any luck. I was hoping I could get Apple to reset it for me or delete the account so I could recreate it or at least tell me what is listed as my birth date, the security question answer.

• I've forgotten my security question answers, and now it won't let me download anything without them.., I've forgotten my security question answers, and now it won't let me download anything without them..

  Help.. I've had this issue for over a month, i have over five dollars on my iTunes account and i want to buy music and games but Itunes continuously requests for my Itunes security questions. Is there any possible way i can CHANGE then without having to make a new itunes account?

  You need to contact Apple to get the questions reset, which can be done by clicking here and picking a method for your country, or if that's not an option, by filling out and submitting this form.
  (95930)

• How can you change your security question for I tunes?

  How can you change your security question for I tunes?

  If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then the steps half-way down this page give you a reset link on your account : http://support.apple.com/kb/HT5312
  If you don't have a rescue email address (you won't be able to add one until you can answer 2 of your questions) then you will need to contact iTunes Support / Apple to get the questions reset.
  Contacting Apple about account security : http://support.apple.com/kb/HT5699
  When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down the HT5312 link above to add a rescue email address for potential future use

• I can't remember the answers to ANY of my security questions. And in order to reset them I apparently have to remember the answers to at least two, which doesn't really help me at all considering my dilemma. Anyone know what I should do??

  Please help!! I can't remember any of the answers to my security questions (I made them approximately four years ago and don't know what I was thinking).
  How can I change my questions without answering my security questions that I don't know?!??

  You need to ask Apple to reset your security questions; this can be done by phoning AppleCare and asking for the Account Security team, or clicking here and picking a method, or if your country isn't listed in either article, filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (105971)

• I've forgot my answers for security questions. Can't you reset them or do something like this?

  I have bought a new iphone 5s a week ago. Today I wanted to purchase an app. And the security system asked me for an answer for my security questions.  But I don't remember them. What should I do?

  Frequently asked questions about Apple ID - http://support.apple.com/kb/HE37 --> Can I change the answers to the security questions for my Apple ID?  --> Yes. You can change the answers to the security questions provided when you originally signed up for your Apple ID. Go to My Apple ID (http://appleid.apple.com/) and click Manage your account.
  Some Solutions for Resetting Forgotten Security Questions - https://discussions.apple.com/docs/DOC-4551
  Rescue email address and how to reset Apple ID security questions - http://support.apple.com/kb/ht5312 - "If you can't recall your Apple ID security questions and answers, the optional rescue email provides a way to reset them. Additionally, all future security-related emails for your Apple ID will be sent to the rescue email address."
  Jan 2014 post about contacting Apple to reset security questions - https://discussions.apple.com/message/24543247 and https://discussions.apple.com/message/24671039
  If you can't remember them over the space of a week you had better write them down.

• I have no "Rescue email" contact in order to reset my security questions and I don't believe I ever answered any security questions when I created my Apple ID for Itunes.  Someone kindly sent me Apple support link but to no avail!  Please Help me!

  I have no "Rescue email" contact in order to reset my security questions!!  I've been trying now for 4 days to contact Apple/Itunes but I only get sent answers from a support team that say they cannot help me with my problem!! 
  The thing is that I can't ever remember answering any security questions and without a rescue email, I'm unable to reset them or even set them for the first time!!
  I can't believe that no-one from Apple/Itunes can help me with this simple problem but unfortunately that is the case - Incredible, isn't it!!!
  Would anyone know how I could solve this problem online???   Because each time I sign into Itunes, the same security questions reappear and reappear and reappear.  In fact I've got to the point where I feel like uninstalling Itunes and downloading an alternative.
  Many thanks

  You need to ask Apple to reset your security questions; this can be done by clicking here and picking a method, or if your country isn't listed, filling out and submitting this form.
  They wouldn't be security questions if they could be bypassed without Apple verifying your identity.
  (111154)

• HT2204 I don't remember the answers to the security question to authorize my new laptop to use iTunes. How to sort this problem?

  iTunes requires me to answer to a couple of security questions to authorize me to use it on my new mac book pro, but I don't rimember the answer to them. I can I sort out this problem?
  Thank you for helping...
  Danila63

   Account Security Team (AST) 
  Check the AppleCare number for your country here:
  http://support.apple.com/kb/HE57
  Call them up, and let them know you would like to be transferred to the Account Security Team.

• How do you change your rescue email address if it's wrong and you need to update your security questions for your Apple I'D?

  When downloading apps I am asked for my apple ID which works but I can't get past the security questions. Then when I ask to reset the questions it sends an email to a rescue email address that no longer exists. Does anybody know where I can reset this email address?

  On your computer or safari on your iOS device navigate to:
            For Canada - https://appleid.apple.com/ca.
            For United States - https://appleid.apple.com/us/.
  Click the "Manage your Apple ID" button, and sign in to your iCloud account.  Once in, on the left side select "Password and Security", and this will populate our options on the right side.  You should see an option to reset your security questions. 
  Also see this article - http://support.apple.com/kb/HT5312. 
  If for any reason you can not reset these security questions, or get an error, then you may need to contact Apple directly at 1 800 692 7753.  Explain the issue, and they can get your to a "Account Security" agent, who will be able to verify your identity, and assist in resetting the security questions.