Search Results

Search found 43978 results on 1760 pages for 'add filter'.

Page 24/1760 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >

• Data Source Security Part 3

  - by Steve Felts

  In part one, I introduced the security features and talked about the default behavior.  In part two, I defined the two major approaches to security credentials: directly using database credentials and mapping WLS user credentials to database credentials.  Now it's time to get down to a couple of the security options (each of which can use database credentials or WLS credentials). Set Client Identifier on Connection When "Set Client Identifier" is enabled on the data source, a client property is associated with the connection.  The underlying SQL user remains unchanged for the life of the connection but the client value can change.  This information can be used for accounting, auditing, or debugging.  The client property is based on either the WebLogic user mapped to a database user using the credential map Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} or is the database user parameter directly from the getConnection() method, based on the “use database credentials” setting described earlier. To enable this feature, select “Set Client ID On Connection” in the Console.  See "Enable Set Client ID On Connection for a JDBC data source" http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/EnableCredentialMapping.html in Oracle WebLogic Server Administration Console Help. The Set Client Identifier feature is only available for use with the Oracle thin driver and the IBM DB2 driver, based on the following interfaces. For pre-Oracle 12c, oracle.jdbc.OracleConnection.setClientIdentifier(client) is used.  See http://docs.oracle.com/cd/B28359_01/network.111/b28531/authentication.htm#i1009003 for more information about how to use this for auditing and debugging.   You can get the value using getClientIdentifier()  from the driver.  To get back the value from the database as part of a SQL query, use a statement like the following. “select sys_context('USERENV','CLIENT_IDENTIFIER') from DUAL”. Starting in Oracle 12c, java.sql.Connection.setClientInfo(“OCSID.CLIENTID", client) is used.  This is a JDBC standard API, although the property values are proprietary.  A problem with setClientIdentifier usage is that there are pieces of the Oracle technology stack that set and depend on this value.  If application code also sets this value, it can cause problems. This has been addressed with setClientInfo by making use of this method a privileged operation. A well-managed container can restrict the Java security policy grants to specific namespaces and code bases, and protect the container from out-of-control user code. When running with the Java security manager, permission must be granted in the Java security policy file for permission "oracle.jdbc.OracleSQLPermission" "clientInfo.OCSID.CLIENTID"; Using the name “OCSID.CLIENTID" allows for upward compatible use of “select sys_context('USERENV','CLIENT_IDENTIFIER') from DUAL” or use the JDBC standard API java.sql.getClientInfo(“OCSID.CLIENTID") to retrieve the value. This value in the Oracle USERENV context can be used to drive the Oracle Virtual Private Database (VPD) feature to create security policies to control database access at the row and column level. Essentially, Oracle Virtual Private Database adds a dynamic WHERE clause to a SQL statement that is issued against the table, view, or synonym to which an Oracle Virtual Private Database security policy was applied.  See Using Oracle Virtual Private Database to Control Data Access http://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm for more information about VPD.  Using this data source feature means that no programming is needed on the WLS side to set this context; it is set and cleared by the WLS data source code. For the IBM DB2 driver, com.ibm.db2.jcc.DB2Connection.setDB2ClientUser(client) is used for older releases (prior to version 9.5).  This specifies the current client user name for the connection. Note that the current client user name can change during a connection (unlike the user).  This value is also available in the CURRENT CLIENT_USERID special register.  You can select it using a statement like “select CURRENT CLIENT_USERID from SYSIBM.SYSTABLES”. When running the IBM DB2 driver with JDBC 4.0 (starting with version 9.5), java.sql.Connection.setClientInfo(“ClientUser”, client) is used.  You can retrieve the value using java.sql.Connection.getClientInfo(“ClientUser”) instead of the DB2 proprietary API (even if set setDB2ClientUser()).  Oracle Proxy Session Oracle proxy authentication allows one JDBC connection to act as a proxy for multiple (serial) light-weight user connections to an Oracle database with the thin driver.  You can configure a WebLogic data source to allow a client to connect to a database through an application server as a proxy user. The client authenticates with the application server and the application server authenticates with the Oracle database. This allows the client's user name to be maintained on the connection with the database. Use the following steps to configure proxy authentication on a connection to an Oracle database. 1. If you have not yet done so, create the necessary database users. 2. On the Oracle database, provide CONNECT THROUGH privileges. For example: SQL> ALTER USER connectionuser GRANT CONNECT THROUGH dbuser; where “connectionuser” is the name of the application user to be authenticated and “dbuser” is an Oracle database user. 3. Create a generic or GridLink data source and set the user to the value of dbuser. 4a. To use WLS credentials, create an entry in the credential map that maps the value of wlsuser to the value of dbuser, as described earlier.   4b. To use database credentials, enable “Use Database Credentials”, as described earlier. 5. Enable Oracle Proxy Authentication, see "Configure Oracle parameters" in Oracle WebLogic Server Administration Console Help. 6. Log on to a WebLogic Server instance using the value of wlsuser or dbuser. 6. Get a connection using getConnection(username, password).  The credentials are based on either the WebLogic user that is mapped to a database user or the database user directly, based on the “use database credentials” setting.  You can see the current user and proxy user by executing: “select user, sys_context('USERENV','PROXY_USER') from DUAL". Note: getConnection fails if “Use Database Credentials” is not enabled and the value of the user/password is not valid for a WebLogic Server user.  Conversely, it fails if “Use Database Credentials” is enabled and the value of the user/password is not valid for a database user. A proxy session is opened on the connection based on the user each time a connection request is made on the pool. The proxy session is closed when the connection is returned to the pool.  Opening or closing a proxy session has the following impact on JDBC objects. - Closes any existing statements (including result sets) from the original connection. - Clears the WebLogic Server statement cache. - Clears the client identifier, if set. -The WebLogic Server test statement for a connection is recreated for every proxy session. These behaviors may impact applications that share a connection across instances and expect some state to be associated with the connection. Oracle proxy session is also implicitly enabled when use-database-credentials is enabled and getConnection(user, password) is called,starting in WLS Release 10.3.6.  Remember that this only works when using the Oracle thin driver. To summarize, the definition of oracle-proxy-session is as follows. - If proxy authentication is enabled and identity based pooling is also enabled, it is an error. - If a user is specified on getConnection() and identity-based-connection-pooling-enabled is false, then oracle-proxy-session is treated as true implicitly (it can also be explicitly true). - If a user is specified on getConnection() and identity-based-connection-pooling-enabled is true, then oracle-proxy-session is treated as false.

  Read the article

• Reminder: WebLogic Global, Virtual Developer Day November 5

  - by jeckels

  Just a quick reminder about the FREE virtual developer day focused on WebLogic (and Coherence) coming on November 5th. This day, with content tailored for developers, will guide you through tooling updates and best practices around creating applications with WebLogic and Coherence as target platforms. We'll also explore advances in how you can manage your build, deploy and ongoing management processes to streamline your application's life cycle. And of course, we'll conclude with some hands-on labs that ensure this isn't all a bunch of made-up stuff - get your hands dirty in the code!November 5, 20139am PT/12pm ETREGISTER NOW We're offering two tracks for your attendance, though of course you're free to attend any session you wish. The first will be for pure developers with sessions around developing for WebLogic with HTML5, processing live events with Coherence, and looking at development tooling. The second is for developers who are involved in the building and management processes as part of the application life cycle. These sessions focus on using Maven for builds, using Chef and Puppet for configuration and more.We look forward to seeing you there - don't forget to invite a friend!

  Read the article

• How to make Unity's Dash save the results filtering?

  - by Vagrant232

  The dash can remember the settings for filtered results for the entire session, but not beyond that. Once the profile is logged out and back in the results would reset to their original settings; displaying all the results without filtering. How can I make the results filtering more permanent? IE: How to make the photo lens for instance always show photos from "This Computer" and not from Picasa or Facebook across sessions and not just temporarily?

  Read the article

• Oracle OpenWorld Update -- Highly Available WebLogic Messaging Architectures: Sharing a Customer Experience with Comcast

  - by Ruma Sanyal

  This session will describe a Comcast’s hands-on  experience using WebLogic JMS as their high-performance enterprise messaging system including high availability, and disaster recovery capabilities as Comcast is rolling out a cross-site active-active message bus. In the session, we will cover the following: Key capabilities in WebLogic JMS that enabled Comcast to design such an architecture Details of the architecture put in place Details about application design needed to make all of this successful Failover and fail back processes The results from this new architecture are higher availability, better performance, more flexibility, and reduced costs through better utilization of hardware and improved manageability. For more information about this and other WebLogic sessions, review the Oracle WebLogic Focus On document here. Details: Tuesday, Oct 2, 5-6pm, Moscone South Room 306

  Read the article

• Data Source Security Part 1

  - by Steve Felts

  I’ve written a couple of articles on how to store data source security credentials using the Oracle wallet.  I plan to write a few articles on the various types of security available to WebLogic Server (WLS) data sources.  There are more options than you might think! There have been several enhancements in this area in WLS 10.3.6.  There are a couple of more enhancements planned for release WLS 12.1.2 that I will include here for completeness.  This isn’t intended as a teaser.  If you call your Oracle support person, you can get them now as minor patches to WLS 10.3.6.   The current security documentation is scattered in a few places, has a few incorrect statements, and is missing a few topics.  It also seems that the knowledge of how to apply some of these features isn’t written down.  The goal of these articles is to talk about WLS data source security in a unified way and to introduce some approaches to using the available features.  Introduction to WebLogic Data Source Security Options By default, you define a single database user and password for a data source.  You can store it in the data source descriptor or make use of the Oracle wallet.  This is a very simple and efficient approach to security.  All of the connections in the connection pool are owned by this user and there is no special processing when a connection is given out.  That is, it’s a homogeneous connection pool and any request can get any connection from a security perspective (there are other aspects like affinity).  Regardless of the end user of the application, all connections in the pool use the same security credentials to access the DBMS.   No additional information is needed when you get a connection because it’s all available from the data source descriptor (or wallet). java.sql.Connection conn =  mydatasource.getConnection(); Note: You can enter the password as a name-value pair in the Properties field (this not permitted for production environments) or you can enter it in the Password field of the data source descriptor. The value in the Password field overrides any password value defined in the Properties passed to the JDBC Driver when creating physical database connections. It is recommended that you use the Password attribute in place of the password property in the properties string because the Password value is encrypted in the configuration file (stored as the password-encrypted attribute in the jdbc-driver-params tag in the module file) and is hidden in the administration console.  The Properties and Password fields are located on the administration console Data Source creation wizard or Data Source Configuration tab. The JDBC API can also be used to programmatically specify a database user name and password as in the following.  java.sql.Connection conn = mydatasource.getConnection(“user”, “password”); According to the JDBC specification, it’s supposed to take a database user and associated password but different vendors implement this differently.  WLS, by default, treats this as an application server user and password.  The pair is authenticated to see if it’s a valid user and that user is used for WLS security permission checks.  By default, the user is then mapped to a database user and password using the data source credential mapper, so this API sort of follows the specification but database credentials are one-step removed from the application code.  More details and the rationale are described later. While the default approach is simple, it does mean that only one database user is doing all of the work.  You can’t figure out who actually did the update and you can’t restrict SQL operations by who is running the operation, at least at the database level.   Any type of per-user logic will need to be in the application code instead of having the database do it.  There are various WLS data source features that can be configured to provide some per-user information about the operations to the database. WebLogic Data Source Security Options This table describes the features available for WebLogic data sources to configure database security credentials and a brief description.  It also captures information about the compatibility of these features with one another. Feature Description Can be used with Can’t be used with User authentication (default) Default getConnection(user, password) behavior – validate the input and use the user/password in the descriptor. Set client identifier Proxy Session, Identity pooling, Use database credentials Use database credentials Instead of using the credential mapper, use the supplied user and password directly. Set client identifier, Proxy session, Identity pooling User authentication, Multi Data Source Set Client Identifier Set a client identifier property associated with the connection (Oracle and DB2 only). Everything Proxy Session Set a light-weight proxy user associated with the connection (Oracle-only). Set client identifier, Use database credentials Identity pooling, User authentication Identity pooling Heterogeneous pool of connections owned by specified users. Set client identifier, Use database credentials Proxy session, User authentication, Labeling, Multi-datasource, Active GridLink Note that all of these features are available with both XA and non-XA drivers. Currently, the Proxy Session and Use Database Credentials options are on the Oracle tab of the Data Source Configuration tab of the administration console (even though the Use Database Credentials feature is not just for Oracle databases – oops).  The rest of the features are on the Identity tab of the Data Source Configuration tab in the administration console (plan on seeing them all in one place in the future). The subsequent articles will describe these features in more detail.  Keep referring back to this table to see the big picture.

  Read the article

• Data Source Connection Pool Sizing

  - by Steve Felts

  Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman","serif";} One of the most time-consuming procedures of a database application is establishing a connection. The connection pooling of the data source can be used to minimize this overhead.  That argues for using the data source instead of accessing the database driver directly. Configuring the size of the pool in the data source is somewhere between an art and science – this article will try to move it closer to science.  From the beginning, WLS data source has had an initial capacity and a maximum capacity configuration values.  When the system starts up and when it shrinks, initial capacity is used.  The pool can grow to maximum capacity.  Customers found that they might want to set the initial capacity to 0 (more on that later) but didn’t want the pool to shrink to 0.  In WLS 10.3.6, we added minimum capacity to specify the lower limit to which a pool will shrink.  If minimum capacity is not set, it defaults to the initial capacity for upward compatibility.   We also did some work on the shrinking in release 10.3.4 to reduce thrashing; the algorithm that used to shrink to the maximum of the currently used connections or the initial capacity (basically the unused connections were all released) was changed to shrink by half of the unused connections. The simple approach to sizing the pool is to set the initial/minimum capacity to the maximum capacity.  Doing this creates all connections at startup, avoiding creating connections on demand and the pool is stable.  However, there are a number of reasons not to take this simple approach. When WLS is booted, the deployment of the data source includes synchronously creating the connections.  The more connections that are configured in initial capacity, the longer the boot time for WLS (there have been several projects for parallel boot in WLS but none that are available).  Related to creating a lot of connections at boot time is the problem of logon storms (the database gets too much work at one time).   WLS has a solution for that by setting the login delay seconds on the pool but that also increases the boot time. There are a number of cases where it is desirable to set the initial capacity to 0.  By doing that, the overhead of creating connections is deferred out of the boot and the database doesn’t need to be available.  An application may not want WLS to automatically connect to the database until it is actually needed, such as for some code/warm failover configurations. There are a number of cases where minimum capacity should be less than maximum capacity.  Connections are generally expensive to keep around.  They cause state to be kept on both the client and the server, and the state on the backend may be heavy (for example, a process).  Depending on the vendor, connection usage may cost money.  If work load is not constant, then database connections can be freed up by shrinking the pool when connections are not in use.  When using Active GridLink, connections can be created as needed according to runtime load balancing (RLB) percentages instead of by connection load balancing (CLB) during data source deployment. Shrinking is an effective technique for clearing the pool when connections are not in use.  In addition to the obvious reason that there times where the workload is lighter,  there are some configurations where the database and/or firewall conspire to make long-unused or too-old connections no longer viable.  There are also some data source features where the connection has state and cannot be used again unless the state matches the request.  Examples of this are identity based pooling where the connection has a particular owner and XA affinity where the connection is associated with a particular RAC node.  At this point, WLS does not re-purpose (discard/replace) connections and shrinking is a way to get rid of the unused existing connection and get a new one with the correct state when needed. So far, the discussion has focused on the relationship of initial, minimum, and maximum capacity.  Computing the maximum size requires some knowledge about the application and the current number of simultaneously active users, web sessions, batch programs, or whatever access patterns are common.  The applications should be written to only reserve and close connections as needed but multiple statements, if needed, should be done in one reservation (don’t get/close more often than necessary).  This means that the size of the pool is likely to be significantly smaller then the number of users.   If possible, you can pick a size and see how it performs under simulated or real load.  There is a high-water mark statistic (ActiveConnectionsHighCount) that tracks the maximum connections concurrently used.  In general, you want the size to be big enough so that you never run out of connections but no bigger.   It will need to deal with spikes in usage, which is where shrinking after the spike is important.  Of course, the database capacity also has a big influence on the decision since it’s important not to overload the database machine.  Planning also needs to happen if you are running in a Multi-Data Source or Active GridLink configuration and expect that the remaining nodes will take over the connections when one of the nodes in the cluster goes down.  For XA affinity, additional headroom is also recommended.  In summary, setting initial and maximum capacity to be the same may be simple but there are many other factors that may be important in making the decision about sizing.

  Read the article

• So what is Active GridLink for RAC?

  - by Ruma Sanyal

  Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 I had referred to Active GridLink for RAC in my blog yesterday and since then got several questions on this topic. So I decided to re-visit Active GridLink. With the release of version 11g, Oracle WebLogic Server started to provide strong support for the Real Application Clusters (RAC) features in Oracle Database 11g, minimizing database access time while allowing transparent access to rich pooling management functions that maximizes both connection performance and availability. WebLogic is the only application server in the marketplace which has been fully integrated and certified with Oracle Database RAC 11g without losing any rich functionality. Active GridLink provides Fast Connection Failover (FCF), Runtime Connection Load-Balancing (RCLB), and RAC instance graceful shutdown. With the key foundation for providing deeper integration with Oracle RAC, this single data source implementation in Oracle WebLogic Server supports the full and unrestricted use of database services as the connection target for a data source. For more details and to understand how our customer NEC leverages this capability, read the whitepapers on this topic. Get in depth ‘how-to’ details from this youtube video from our resident expert, Frances Zhao.

  Read the article

• Data Source Security Part 4

  - by Steve Felts

  So far, I have covered Client Identity and Oracle Proxy Session features, with WLS or database credentials.  This article will cover one more feature, Identify-based pooling.  Then, there is one more topic to cover - how these options play with transactions.Identity-based Connection Pooling An identity based pool creates a heterogeneous pool of connections.  This allows applications to use a JDBC connection with a specific DBMS credential by pooling physical connections with different DBMS credentials.  The DBMS credential is based on either the WebLogic user mapped to a database user or the database user directly, based on the “use database credentials” setting as described earlier. Using this feature enabled with “use database credentials” enabled seems to be what is proposed in the JDBC standard, basically a heterogeneous pool with users specified by getConnection(user, password). The allocation of connections is more complex if Enable Identity Based Connection Pooling attribute is enabled on the data source.  When an application requests a database connection, the WebLogic Server instance selects an existing physical connection or creates a new physical connection with requested DBMS identity. The following section provides information on how heterogeneous connections are created:1. At connection pool initialization, the physical JDBC connections based on the configured or default “initial capacity” are created with the configured default DBMS credential of the data source.2. An application tries to get a connection from a data source.3a. If “use database credentials” is not enabled, the user specified in getConnection is mapped to a DBMS credential, as described earlier.  If the credential map doesn’t have a matching user, the default DBMS credential is used from the datasource descriptor.3b. If “use database credentials” is enabled, the user and password specified in getConnection are used directly.4. The connection pool is searched for a connection with a matching DBMS credential.5. If a match is found, the connection is reserved and returned to the application.6. If no match is found, a connection is created or reused based on the maximum capacity of the pool: - If the maximum capacity has not been reached, a new connection is created with the DBMS credential, reserved, and returned to the application.- If the pool has reached maximum capacity, based on the least recently used (LRU) algorithm, a physical connection is selected from the pool and destroyed. A new connection is created with the DBMS credential, reserved, and returned to the application. It should be clear that finding a matching connection is more expensive than a homogeneous pool.  Destroying a connection and getting a new one is very expensive.  If you can use a normal homogeneous pool or one of the light-weight options (client identity or an Oracle proxy connection), those should be used instead of identity based pooling. Regardless of how physical connections are created, each physical connection in the pool has its own DBMS credential information maintained by the pool. Once a physical connection is reserved by the pool, it does not change its DBMS credential even if the current thread changes its WebLogic user credential and continues to use the same connection. To configure this feature, select Enable Identity Based Connection Pooling.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/EnableIdentityBasedConnectionPooling.html  "Enable identity-based connection pooling for a JDBC data source" in Oracle WebLogic Server Administration Console Help. You must make the following changes to use Logging Last Resource (LLR) transaction optimization with Identity-based Pooling to get around the problem that multiple users will be accessing the associated transaction table.- You must configure a custom schema for LLR using a fully qualified LLR table name. All LLR connections will then use the named schema rather than the default schema when accessing the LLR transaction table.  - Use database specific administration tools to grant permission to access the named LLR table to all users that could access this table via a global transaction. By default, the LLR table is created during boot by the user configured for the connection in the data source. In most cases, the database will only allow access to this user and not allow access to mapped users. Connections within Transactions Now that we have covered the behavior of all of these various options, it’s time to discuss the exception to all of the rules.  When you get a connection within a transaction, it is associated with the transaction context on a particular WLS instance. When getting a connection with a data source configured with non-XA LLR or 1PC (using the JTS driver) with global transactions, the first connection obtained within the transaction is returned on subsequent connection requests regardless of the values of username/password specified and independent of the associated proxy user session, if any. The connection must be shared among all users of the connection when using LLR or 1PC. For XA data sources, the first connection obtained within the global transaction is returned on subsequent connection requests within the application server, regardless of the values of username/password specified and independent of the associated proxy user session, if any.  The connection must be shared among all users of the connection within a global transaction within the application server/JVM.

  Read the article

• Data Source Security Part 2

  - by Steve Felts

  In Part 1, I introduced the default security behavior and listed the various options available to change that behavior.  One of the key topics to understand is the difference between directly using database user and password values versus mapping from WLS user and password to the associated database values.   The direct use of database credentials is relatively new to WLS, based on customer feedback.  Some of the trade-offs are covered in this article. Credential Mapping vs. Database Credentials Each WLS data source has a credential map that is a mechanism used to map a key, in this case a WLS user, to security credentials (user and password).  By default, when a user and password are specified when getting a connection, they are treated as credentials for a WLS user, validated, and are converted to a database user and password using a credential map associated with the data source.  If a matching entry is not found in the credential map for the data source, then the user and password associated with the data source definition are used.  Because of this defaulting mechanism, you should be careful what permissions are granted to the default user.  Alternatively, you can define an invalid default user to ensure that no one can accidentally get through (in this case, you would need to set the initial capacity for the pool to zero so that the pool is populated only by valid users). To create an entry in the credential map: 1) First create a WLS user.  In the administration console, go to Security realms, select your realm (e.g., myrealm), select Users, and select New.  2) Second, create the mapping.  In the administration console, go to Services, select Data sources, select your data source name, select Security, select Credentials, and select New.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/ConfigureCredentialMappingForADataSource.html for more information. The advantages of using the credential mapping are that: 1) You don’t hard-code the database user/password into a program or need to prompt for it in addition to the WLS user/password and 2) It provides a layer of abstraction between WLS security and database settings such that many WLS identities can be mapped to a smaller set of DB identities, thereby only requiring middle-tier configuration updates when WLS users are added/removed. You can cut down the number of users that have access to a data source to reduce the user maintenance overhead.  For example, suppose that a servlet has the one pre-defined, special WLS user/password for data source access, hard-wired in its code in a getConnection(user, password) call.  Every WebLogic user can reap the specific DBMS access coded into the servlet, but none has to have general access to the data source.  For instance, there may be a ‘Sales’ DBMS which needs to be protected from unauthorized eyes, but it contains some day-to-day data that everyone needs. The Sales data source is configured with restricted access and a servlet is built that hard-wires the specific data source access credentials in its connection request.  It uses that connection to deliver only the generally needed day-to-day information to any caller. The servlet cannot reveal any other data, and no WebLogic user can get any other access to the data source.  This is the approach that many large applications take and is the reasoning behind the default mapping behavior in WLS. The disadvantages of using the credential map are that: 1) It is difficult to manage (create, update, delete) with a large number of users; it is possible to use WLST scripts or a custom JMX client utility to manage credential map entries. 2) You can’t share a credential map between data sources so they must be duplicated. Some applications prefer not to use the credential map.  Instead, the credentials passed to getConnection(user, password) should be treated as database credentials and used to authenticate with the database for the connection, avoiding going through the credential map.  This is enabled by setting the “use-database-credentials” to true.  See http://docs.oracle.com/cd/E24329_01/apirefs.1211/e24401/taskhelp/jdbc/jdbc_datasources/ConfigureOracleParameters.html "Configure Oracle parameters" in Oracle WebLogic Server Administration Console Help. Use Database Credentials is not currently supported for Multi Data Source configurations.  When enabled, it turns off credential mapping on Generic and Active GridLink data sources for the following attributes: 1. identity-based-connection-pooling-enabled (this interaction is available by patch in 10.3.6.0). 2. oracle-proxy-session (this interaction is first available in 10.3.6.0). 3. set client identifier (this interaction is available by patch in 10.3.6.0).  Note that in the data source schema, the set client identifier feature is poorly named “credential-mapping-enabled”.  The documentation and the console refer to it as Set Client Identifier. To review the behavior of credential mapping and using database credentials: - If using the credential map, there needs to be a mapping for each WLS user to database user for those users that will have access to the database; otherwise the default user for the data source will be used.  If you always specify a user/password when getting a connection, you only need credential map entries for those specific users. - If using database credentials without specifying a user/password, the default user and password in the data source descriptor are always used.  If you specify a user/password when getting a connection, that user will be used for the credentials.  WLS users are not involved at all in the data source connection process.

  Read the article

• WebLogic How-to Videos: Install, Upgrade, & Patch

  - by Ruma Sanyal

  Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 Normal 0 false false false EN-US X-NONE X-NONE MicrosoftInternetExplorer4 /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} Here is another great YouTube video by our product manager Monica Riccelli. She talks about installers now being standardized in Oracle for greater consistency -- no more WebLogic native installers. Also, JDK is no longer a part of the WebLogic install. The various installers she discusses include OUI, ZIP, OEPE, Coherence and more. Monica then takes us through a step by step install process. After the install process is complete the video takes us through the configuration wizard. The ZIP installer is then discussed and its effectiveness, such as it being the smallest downloadable option, easy, and very popular with our customers and limitations (such as for development only and not to be used in production) highlighted. Monica then takes us through the configuration wizard, its usage, and when to use WLST scripts. The video then discusses NodeManager and its usage and discusses how to reconfigure a WebLogic domain on upgrade – through our GUI tools or through command line interface. Lastly, it highlights Opatch – a patch application tool used by our customers and standardized across all Oracle products. Really detailed video. Check it out!  /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin-top:0in; mso-para-margin-right:0in; mso-para-margin-bottom:10.0pt; mso-para-margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

  Read the article

• RadGrid Custom Filter

  - by Aaron

  I'm trying to add a custom filter to my RadGrid. I have a column, vendNum, which I want to allow users to filter on multiple vendNums with a comma-separated list. Basically, I want the same functionality as an "in" statement in SQL (where vendNum in (X,Y,Z)). I followed the tutorial on this site and came up with the following code to place in my RadGrid1_ItemCommand event. protected void RadGrid1_ItemCommand(object source, GridCommandEventArgs e) { if (e.CommandName == RadGrid.FilterCommandName) { Pair filterPair = (Pair)e.CommandArgument; switch (filterPair.Second.ToString()) { case "vendNum": TextBox tbPattern = (e.Item as GridFilteringItem)["vendNum"].Controls[0] as TextBox; if (tbPattern.Text.Contains(",")) { string[] values = tbPattern.Text.Split(','); if (values.Length >= 2) { e.Canceled = true; StringBuilder newFilter = new StringBuilder(); for (int i = 0; i < values.Length; i++) { if (i == values.Length - 1) newFilter.Append("[vendNum] = " + values[i]); else newFilter.Append("[vendNum] = " + values[i] + " OR "); } if (RadGrid1.MasterTableView.FilterExpression == "") RadGrid1.MasterTableView.FilterExpression = newFilter.ToString(); else RadGrid1.MasterTableView.FilterExpression = "((" + RadGrid1.MasterTableView.FilterExpression + ") AND (" + newFilter.ToString() + "))"; RadGrid1.Rebind(); } } break; default: break; } } } Doing this, though, keeps giving me an error "Expression Expected" when I try to filter with a comma separated list. I'm still able to filter a single vendNum. My FilterExpression does come out as expected. The code is failing on the RadGrid1.Rebind() statement. Has anyone dealt with this before? Any help is greatly appreciated. Thanks, Aaron

  Read the article

• Can not access response.body inside after filter block in Sinatra 1.0

  - by Petr Vostrel

  I'm struggling with a strange issue. According to http://github.com/sinatra/sinatra (secion Filters) a response object is available in after filter blocks in Sinatra 1.0. However the response.status is correctly accessible, I can not see non-empty response.body from my routes inside after filter. I have this rackup file: config.ru require 'app' run TestApp Then Sinatra 1.0.b gem installed using: gem install --pre sinatra And this is my tiny app with a single route: app.rb require 'rubygems' require 'sinatra/base' class TestApp < Sinatra::Base set :root, File.dirname(__FILE__) get '/test' do 'Some response' end after do halt 500 if response.empty? # used 500 just for illustation end end And now, I would like to access the response inside the after filter. When I run this app and access /test URL, I got a 500 response as if the response is empty, but the response clearly is 'Some response'. Along with my request to /test, a separate request to /favicon.ico is issued by the browser and that returns 404 as there is no route nor a static file. But I would expect the 500 status to be returned as the response should be empty. In console, I can see that within the after filter, the response to /favicon.ico is something like 'Not found' and response to /test really is empty even though there is response returned by the route. What do I miss?

  Read the article

• Android addTextChangedListener onTextChanged not fired when Backspace is pressed?

  - by tsil

  I use addTextChangeListener to filter a list items. When the user enters a character on the editText, items are filtered based on user input. For example, if the user enters "stackoverflow", all items that contains "stackoverflow" are displayed. It works fine except that once the user press backspace to delete character(s), items are no longer filtered until he deletes all characters. For example, my items are: "stackoverflow 1", "stackoverflow 2", "stackoverflow 3", "stackoverflow 4". If user input is "stackoverflow", all items are displayed. If user input is "stackoverflow 1", only "stackoverflow 1" is displayed. Then user deletes the last 2 characters (1 and the space). User input is now "stackoverflow" but "stackoverflow 1" is still displayed and the other items are not displayed. This is my custom filter: private class ServiceFilter extends Filter { @Override protected FilterResults performFiltering(CharSequence constraint) { FilterResults results = new FilterResults(); if (constraint == null || constraint.length() == 0) { // No filter implemented we return all the list results.values = origServiceList; results.count = origServiceList.size(); } else { List<ServiceModel> nServiceList = new ArrayList<ServiceModel>(); for (ServiceModel s : serviceList) { if (s.getName().toLowerCase().contains(constraint.toString().toLowerCase())) { nServiceList.add(s); } } results.values = nServiceList; results.count = nServiceList.size(); } return results; } @Override protected void publishResults(CharSequence constraint, FilterResults results) { if (results.count == 0) { notifyDataSetInvalidated(); } else { serviceList = (List<ServiceModel>) results.values; notifyDataSetChanged(); } } } And how I handle text change event: inputSearch.addTextChangedListener(new TextWatcher() { @Override public void afterTextChanged(Editable arg0) { // TODO Auto-generated method stub } @Override public void beforeTextChanged(CharSequence arg0, int arg1, int arg2, int arg3) { // TODO Auto-generated method stub } @Override public void onTextChanged(CharSequence cs, int arg1, int arg2, int arg3) { if (cs.length() >= 1) { mAdapter.getFilter().filter(cs); } else { mAdapter = new ServiceAdapter(MyActivity.this, R.layout.ussd_list_item, serviceList); listView.setAdapter(mAdapter); } } });

  Read the article

• Bayesian filtering for forum posts

  - by Andrew Davey

  Has anyone used a Bayesian filter to let forum members classify posts and so over time only display interesting posts? A Bayesian filter seems to work well for detecting email spam. Is this a viable approach to filter forum posts for users?

  Read the article

• what is the 'name__iexact' mean in my code ..

  - by zjm1126

  Map.objects.filter(name__iexact=self.cleaned_data["name"]).count() thanks

  Read the article

• Django filters - Using an AllValuesFilter (with a LinkWidget) on a ManyToManyField

  - by magnetix

  This is my first Stack Overflow question, so please let me know if I do anything wrong. I wish to create an AllValues filter on a ManyToMany field using the wonderful django-filters application. Basically, I want to create a filter that looks like it does in the Admin, so I also want to use the LinkWidget too. Unfortunately, I get an error (Invalid field name: 'operator') if I try this the standard way: # Models class Organisation(models.Model): name = models.CharField() ... class Sign(models.Model): name = models.CharField() operator = models.ManyToManyField('Organisation', blank=True) ... # Filter class SignFilter(LinkOrderFilterSet): operator = django_filters.AllValuesFilter(widget=django_filters.widgets.LinkWidget) class Meta: model = Sign fields = ['operator'] I got around this by creating my own filter with the many to many relationship hard coded: # Models class Organisation(models.Model): name = models.CharField() ... class Sign(models.Model): name = models.CharField() operator = models.ManyToManyField('Organisation', blank=True) ... # Filter class MyFilter(django_filters.ChoiceFilter): @property def field(self): cd = {} for row in self.model.objects.all(): orgs = row.operator.select_related().values() for org in orgs: cd[org['id']] = org['name'] choices = zip(cd.keys(), cd.values()) list.sort(choices, key=lambda x:(x[1], x[0])) self.extra['choices'] = choices return super(AllValuesFilter, self).field class SignFilter(LinkOrderFilterSet): operator = MyFilter(widget=django_filters.widgets.LinkWidget) I am new to Python and Django. Can someone think of a more generic/elegant way of doing this?

  Read the article

• Array filteration PHP

  - by Muhammad Sajid

  I have an array with values like: Array ( [0] => Array ( [parent] => Basic [parentId] => 1 [child] => Birthday [childId] => 2 ) [1] => Array ( [parent] => Basic [parentId] => 1 [child] => Gender [childId] => 3 ) [2] => Array ( [parent] => Geo [parentId] => 10 [child] => Current City [childId] => 11 ) [3] => Array ( [parent] => Known me [parentId] => 5 [child] => My personality [childId] => 7 ) [4] => Array ( [parent] => Known me [parentId] => 5 [child] => Best life moment [childId] => 8 ) ) And I want to filter this array such that their filtration based on parent index, and the final result would be like: Array ( [0] => Array ( [parent] => Basic [parentId] => 1 [child] => Array ( [0] => Birthday [1] => Gender ) ) [1] => Array ( [parent] => Geo [parentId] => 10 [child] => Array ( [0] => Current City ) ) [2] => Array ( [parent] => Known me [parentId] => 5 [child] => Array ( [0] => My personality [1] => Best life moment ) ) ) For that I coded : $filter = array(); $f = 0; for ($i=0; $i<count($menuArray); $i++) { $c = 0; for( $b = 0; $b < count($filter); $b++ ){ if( $filter[$b]['parent'] == $menuArray[$i]['parent'] ){ $c++; } } if ($c == 0) { $filter[$f]['parent'] = $menuArray[$i]['parent']; $filter[$f]['parentId'] = $menuArray[$i]['parentId']; $filter[$f]['child'][] = $menuArray[$i]['child']; $f++; } } But it results : Array ( [0] => Array ( [parent] => Basic [parentId] => 1 [child] => Array ( [0] => Birthday ) ) [1] => Array ( [parent] => Geo [parentId] => 10 [child] => Array ( [0] => Current City ) ) [2] => Array ( [parent] => Known me [parentId] => 5 [child] => Array ( [0] => My personality ) ) ) Could anyone point out my missing LOC?

  Read the article

• How can I add multiple filters to a XSLT for-each statement?

  - by Huuuze

  I have the following XSLT node: <xsl:for-each select="Book[title != 'Moby Dick']"> .... </xsl:for-each> However, I'd like use multiple filters in the for-each. I've tried the following, but it doesn't seem to work: <!-- Attempt #1 --> <xsl:for-each select="Book[title != 'Moby Dick'] or Book[author != 'Rowling'] "> .... </xsl:for-each> <!-- Attempt #2 --> <xsl:for-each select="Book[title != 'Moby Dick' or author != 'Rowling']"> .... </xsl:for-each>

  Read the article

• css: filters how to disable them for a certain class?

  - by jony

  On IE I'm having a bit of trouble with my CSS: body.transparent { background-color: transparent; color:#ffffff; text-shadow: 0 -1px #000, 1px 0 #000, 0 1px #000, -1px 0 #000; Filter:Glow(Color=#000000, Strength=1); } body.transparent a { text-shadow: none; filter: -;) } The glow filter needs to be excluded on body.transparent a, like the shadow is. But I just can't disable the filter for the the links. How do I do this??

  Read the article

• How to apply multiple filters to sharepoint list

  - by Juraj Hajek

  Hi all, I have sharepoint list with several columns - month, year and some custom data. I want to provide 2 dropdowns to allow user select month and year to filter rows. I added "Choice Filter" webpart for month and set connection to list (this works). I added second "Choice Filter" for year and I wanted to do the same. However, I cannot set connection to list, because mylist is disabled in webpart menu "Edit-Connections-Send filter values to". How can I apply 2 filtering criteria? Thanks, Juraj

  Read the article

• Breaking change October: Status waiting when create custom audience with add user data file?

  - by THACH LN

  In my system, I create a custom audience - data file - mobile advertiser ids with 10k user. After I created it, I refreshed API link to get information about the audience which I've just created: https://graph.facebook.com/act_xxx/customaudiences?fields=id,account_id,name,lookalike_spec,retention_days,subtype,approximate_count,rule,delivery_status,operation_status,data_source,permission_for_actions&limit=500&access_token=xxx. (After breaking change in October 2014, status field not return. So I see operation_status) I see that: "operation_status": { "code": 410, "description": "No file has been uploaded for this audience, or the previous upload has failed due to system error. Please try uploading the file again." } But after about 10s, I refresh again, and operation_status change to: "operation_status": { "code": 200, "description": "Normal" } My quetions is: how to check this audience's status is waiting ( uploading file) , like when I create on facebook not my our system. Thanks for all anwser.

  Read the article

• Amazon S3 Tips: Quickly Add/Modify HTTP Headers To All Files Recursively

  - by Gopinath

  Amazon S3 is an dead cheap cloud storage service that offers unlimited storage in pay as you use model. Recently we moved all the images and other static files(scripts & css) of Tech Dreams to Amazon S3 to reduce load on VPS server. Amazon S3 is cheap, but monthly bill will shoot up if images/static files of the blog are not cached properly (more details). By adding caching HTTP Headers Cache-Control or Expires to all the files hosted on Amazon S3 we reduced the monthly bills and also load time of blog pages. Lets see how to add custom headers to files stored on Amazon S3 service. Updating HTTP Headers of one file at a time The web interface of Amazon S3 Management console allows adding custom HTTP headers to one file at a time  through “Properties”  window (to access properties, right on a file and select Properties menu). So if you have to add headers to 100s of files then this is not the way to go! Updating HTTP Headers of multiple files of a folder recursively To update HTTP headers of multiple files in a folder recursively, we can use CloudBerry Explorer freeware or Bucket Explorer trail ware applications. CloudBerry is my favourite as it’s a freeware and also it’s has excellent interface to access Amazon S3 from desktops. Adding HTTP Headers with CloudBerry application is straight forward – right click on the required folders and choose the option “Set HTTP Headers”. Download CloudBerry Explorer This article titled,Amazon S3 Tips: Quickly Add/Modify HTTP Headers To All Files Recursively, was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

  Read the article

• Can't add to panel nor delete panel

  - by david

  Hello everybody! I cannot add any applet to any (top or bottom) panel, cannot delete any panel nor create a new panel. When I right-click on the panel the only options available are: Properties, Help or About panels. [I cannot post an image because of spam prevention, so I'll do my best] I can see when I right-click (bold means clickable): Add to panel Properties Delete this panel New panel Help About Panels Trying to solve this I did what is usually suggested: gconftool-2 –-recursive-unset /apps/panel # might be optional rm -rf ~/.gconf/apps/panel pkill gnome-panel but I only got a nice empty panel (no Applications Places System, no clock, no shutdown button...) to which I couldn't add any applet, so I decided to take the default profiles in .gconf and .gconfd from a live CD and overwrite mines. Now we are back to the beginning. I also have tried to lock completely the panel (with both gconf-editor and pessulus) and later unlock it completely but it didn't work. Here is the system information: $ lsb_release Distributor ID: Ubuntu Description: Ubuntu 10.04.2 LTS Release: 10.04 Codename: lucid Thank you very much.

  Read the article

• Be careful when installing the Blend Windows Phone 7 Add-In

  - by Laurent Bugnion

  There was a small issue today with the release of the Windows Phone Developer Tools CTP (April 2010 Refresh) refresh. The issue is that the Expression Blend Add-in Preview for Windows Phone (April Refresh) is not compatible with Blend 4.0.20408.0, which was the public RC (release candidate). A few days ago, the Blend team released a fix for an issue that was sometimes causing a crash when Blend was starting up. This new release (V4.0.20421.0) was not very well announced however, and many people (including me) did not install it. After all, Blend did not crash at startup of either of my machines, so I didn’t deem necessary to install yet a new RC. However, it is now clear that the Windows Phone 7 Add-In needs this latest-and-greatest version to work. If you have Blend 4.0.20408.0, you won’t be able to work with Windows Phone 7 in Blend. To add to the confusion, the page where you can download V4.0.20421.0 from has an error, and the wrong version number is wrong (at least at the time of writing). Do not let this confuse you. You must download this version and install it. Hopefully this helps clarify some of the confusion… Happy WinPhone7 coding :) Laurent

  Read the article

• Add copyright notice to a website

  - by PeeHaa

  Not really a programming question, but I find it related. If not (or you find this question too subjective), please tell me, yell at me, swear at me, kick me in the nuts, or just vote to close :) I've read some questions and answers here on SO about adding copyright notices, but not the specific ones I am looking for. I want to add a copyright notice to a website I created. Something like (c) Me 2010. All rights reserved. I am aware that everything written by someone is automatically copyrighted (if I'm not mistaken and perhaps depending on country laws). I see some sites use the following format for this (c) Me 2009-2010. However for me that makes no sense to add an 'end-date' to the notice. I am aware I can code to update the notice every year, but I just find it strange. Or is it just me? Another question is: I also use copyrighted code from others (they are all mentioned in the credits incl. links to their licenses ofc) on my site. Would it still be OK to add the copyright notice to the site with only Me in it? So to sum it up I have 2 questions: What is THE RIGHT WAYTM of adding a copyright notice on a website (or code or whatever)? If there is one. Is it allowed to copyright code with other copyrighted code within it?

  Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31  | Next Page >