Search Results

Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.

Page 9/645 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16 | Next Page >

Trust my work domain on a Dev Domain without a domain level password

- by Vaccano

I setup a virtual machine to host a dev version of TFS (to test plugins on). Getting a computer on my work domain requires large amounts of red tape and paperwork that I would rather not do. I created my own domain the the VM and I would like to trust all users from my work domain on that VM Domain. But when I tried to setup the trust I needed a password from my work domain (which I don't have). Am I trying to do something nefarious? I just want to be able to authenticate to my Test TFS (VM) Server as me (my login on my work domain). Is there a way to do that with out having to have a domain level password for my work domain? (My VM is a Windows Server 2008 R2 server)

Read the article
One-way forest trust between geographically distributed forests using Server 2008 R2

- by bwerks

Hi all, I'm planning out a joinder between two domains, as would take place with contracting companies. Forests A and B exist in distant sites, and there is to be a one-way forest trust so that domain users in Forest A can be authenticated on machines in Forest B. In order to facilitate this, each forest's domain controller must be able to contact each other in order to set up & confirm the trust, but my question is what underlying networking magic must take place beneath it. So far the prevailing approach has been to maintain a VPN connection between the two sites, but the technet documentation seems to indicate that DNS forwarding may be the way to go. Is this the case? Furthermore, if DNS will suffice, does that mean that there must be a server running DNS on boundary servers in each domain so that they can be reached from across the internet? How must they be configured? Thanks!

Read the article
Cross-Forest Trust

- by cdalley

I am looking at testing a cross-domain trust we can have two domain controllers (with different forests and domain names) setup so we can move everyone onto the new domain. We do NOT run exchange on site and we do not have any links to O365 to AD currently. Onto the problem: I have setup two DCs in a Virtual Machine: They are on the same network 192.168.0.* The Windows 2003 server: Name: OLDSRVR "Clone" of our current Domain Controller IP: 192.168.0.1 Domain: internal.test.com The Windows 2012 server: Name: ADCTEST01 Brand new domain setup from scratch separate to internal.test.com Domain: internal.test2.com IP: 192.168.0.2 OLDSRVR can only see ADCTEST if it has dynamic IP set. If I set a static IP it cannot see it. If I try using the dynamic IP and try to join it gets to the end then complains "??The trust relationship between this workstation and the primary domain failed" Any ideas?

Read the article
Getting JAX-WS client work on Weblogic 9.2 with ant

- by michuk

I've recently had lots of issues trying to deploy a JAX-WS web servcie client on Weblogic 9.2. It turns out there is no straightforward guide on how to achieve this, so I decided to put together this short wiki entry hoping it might be useful for others. Firstly, Weblogic 9.2 does not support web servcies using JAX-WS in general. It comes with old versions of XML-related java libraries that are incompatible with the latest JAX-WS (similar issues occur with Axis2, only Axis1 seems to be working flawlessly with Weblogic 9.x but that's a very old and unsupported library). So, in order to get it working, some hacking is required. This is how I did it (note that we're using ant in our legacy corporate project, you probably should be using maven which should eliminate 50% of those steps below): Download the most recent JAX-WS distribution from https://jax-ws.dev.java.net/ (The exact version I got was JAXWS2.2-20091203.zip) Place the JAX-WS jars with the dependencies in a separate folder like lib/webservices. Create a patternset in ant to reference those jars: Include the patternset in your WAR-related goal. This could look something like: (not the flatten="true" parameter - it's important as Weblogic 9.x is by default not smart enough to access jars located in a different lcoation than WEB-INF/lib inside your WAR file) In case of clashes, Weblogic uses its own jars by default. We want it to use the JAX-WS jars from our application instead. This is achieved by preparing a weblogic-application.xml file and placing it in META-INF folder of the deplotyed EAR file. It should look like this: javax.jws. javax.xml.bind. javax.xml.crypto. javax.xml.registry. javax.xml.rpc. javax.xml.soap. javax.xml.stream. javax.xml.ws. com.sun.xml.api.streaming.* Remember to place that weblogic-application.xml file in your EAR! The ant goal for that may look similar to: <jar destfile="${warfile}" basedir="${wardir}"/> <ear destfile="${earfile}" appxml="resources/${app.name}/application.xml"> <fileset dir="${dist}" includes="${app.name}.war"/> <metainf dir="resources/META-INF"/> </ear> Also you need to tell weblogic to prefer your WEB-INF classes to those in distribution. You do that by placing the following lines in your WEB-INF/weblogic.xml file: true And that's it for the weblogic-related configuration. Now only set up your JAX-WS goal. The one below is going to simply generate the web service stubs and classes based on a locally deployed WSDL file and place them in a folder in your app: Remember about the keep="true" parameter. Without it, wsimport generates the classes and... deletes them, believe it or not! For mocking a web service I suggest using SOAPUI, an open source project. Very easy to deploy, crucial for web servcies intergation testing. We're almost there. The final thing is to write a Java class for testing the web service, try to run it as a standalone app first (or as part of your unit tests) And then try to run the same code from withing Weblogic. It should work. It worked for me. After some 3 days of frustration. And yes, I know I should've put 9 and 10 under a single bullet-point, but the title "10 steps to deploy a JAX-WS web service under Web logic 9.2 using ant" sounds just so much better. Please, edit this post and improve it if you find something missing!

Read the article
New Technical Articles on SOA, Mobile, IDM, WebLogic, Coherence

- by OTN ArchBeat

For your reading pleasure... In October the following items of techie goodness from members of the architect community were added to the ever-growing library of OTN technical articles. SOA in Real Life: Mobile Solutions by Jürgen Kress, Berthold Maier, Hajo Normann, Danilo Schmeidel, Guido Schmutz, Bernd Trops, Clemens Utschig-Utschig, Torsten Winterberg Consumers are no longer content to be chained to a desktop or laptop computer. This article, teh ninth chapter in the Industrial SOA series, describes ways companies can take SOA to go. [More SOA Articles] SOA and User Interfaces by Juergen Kress, Hajo Normann, Danilo Schmiedel, Guido Schmutz, Clemens Utschig-Utschig, Torsten Winterberg, and Bernd Trops The eighth chapter in the Industrial SOA series addresses the challenges of developing user interfaces in a service oriented architecture, and describes a practical application of Thomas Erl's UI Mediator pattern.[More SOA Articles] Enterprise Grade Deployment Considerations for Oracle Identity Manager AD Connector by Firdaus Fraz Oracle Fusion Middleware solution architect Firdaus Fraz illustrates provides best practice recommendations for setting up an enterprise deployment environment for the OIM connector for Microsoft Active Directory. [More Identity Management Articles] Coherence*Web: Sharing an httpSession Among Applications in Different Oracle WebLogic Clusters by Jordi Villena SOA solution architect Jordi Villena shows how easy it is to extend Coherence*Web to enable session sharing. [More SOA Articles] Multi-Factor Authentication in Oracle WebLogic by Shailesh K. Mishra Using multi-factor authentication to protect web applications deployed on Oracle WebLogic.[More Identity Management Articles] You'll find many more articles on many more topics here.

Read the article
SOA Partner Community Workspace

- by JuergenKress

To share the latest information with the community we use the SOA Community Workspace (SOA Community membership required). At the workspace you can find training material, product presentations in ppt format, product roadmaps, sales kits, market kits, training calendar and many additional information. Please use this content in the spirit of our partnership, and do not share external confidential material (be aware of the OTN NDA). The workspace is organized by product categories in folders e.g. SOA or Business Process Management or Applications & Fusion Middleware. You can also use tags to navigate within the workspace. For large downloads we do recommend to map the workspace as a network drive or to use the ftp functions. Please be very careful when you use the workspace, as we granted everybody full access including to add and delete documents. Please do NOT delete any content. Each action creates e-mail alerts for subscribed users. You can unsubscribe these alerts at the admin page à navigate to the All Workspaces tab à click on the workspace à switch the subscription off. It would be great if you can continue to share your best practice and knowledge within the community. Therefore we also created the folder Presentations from Partners. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Facebook Wiki Mix Forum Technorati Tags: Workspace,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

Read the article
Dynamic endpoint binding in Oracle SOA Suite by Cattle Crew

- by JuergenKress

Why is dynamic endpoint binding needed? Sometimes a BPEL process instance has to determine at run-time which implementation of a web service interface is to be called. We’ll show you how to achieve that using dynamic endpoint binding. Let’s imagine the following scenario: we’re running a car rental agency called RYLC (Rent Your Legacy Car) which operates different locations. The process of renting a car is basically identical for all locations except for the determination which cars are currently available. This is depicted in the following diagram: There are three different implementations of the GetAvailableCars service. But how can we achieve calling them dynamically at run-time using Oracle SOA Suite? How to dynamically set the service endpoint There are just a couple of implementation steps we need to perform to enable dynamic endpoint binding: create a new SOA project in JDeveloper add a CarRental BPEL process add an external reference to the GetAvailableCars service within the composite create a DVM file containing the URI’s by which the services for the different locations can be accessed set the endpointURI property on the Invoke component calling the GetAvailableCars service (value is taken from the DVM file) Read the complete article here. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Facebook Wiki Technorati Tags: Cattle crew,SOA binding,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

Read the article
WCF Error - Security processor was unable to find a security header in the message

- by quinntheeskimo

Hi, I'm getting what appears now to be a security error in my WCF Service. Originally my error was about a falted state(removed using around client proxy to clear this error), but have found more information through enabling trace. I have been unable to get my solution running after encountering this error, and even my backup copy now gets the same error. I'm not sure what has caused this to happen, I undone the changes I made (nothing relating to WCF) and still get the same error. The error from trace is - System.ServiceModel.Security.MessageSecurityException: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security. I'm not really sure what I need to do to fix this, any help would be usefull. The application was previously working.

Read the article
Buck-security - Security scanner for Ubuntu Servers

<b>Ubuntu Geek:</b> "Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks."

Read the article
[GEEK SCHOOL] Network Security 8: Keep Your System Updated for Security and Stability

- by Ciprian Rusen

Another important step in securing any computer or device is setting up automated updates. Your device’s security relies on your operating system, apps, plug-ins, and programs always being up to date. For example, using outdated Internet browsers and plug-ins like Adobe Flash, Java, or Silverlight represents a big security problem. There are many websites on the Internet that exploit security bugs in your browser or the plug-ins you have installed.Click Here to Continue Reading

Read the article
Cook a SOA/BPM Development Environment with Chef in 8 minutes! By Jorge Quilcate

- by JuergenKress

After have installed Oracle SOA Suite once and over again, you start to finding out that these are boilerplate tasks and do not generate much value, because this are only the initial step to implement solutions with SOA and BPM. In this post I will show you how to automate these steps using Chef. Chef is a software provisioning tool that enable transform infrastructure as code. The goal is prepare a development environment with Oracle BPM Suite on Windows including the following components installed and configured: Oracle WebLogic Server 10.3.6 Oracle SOA Suite 11.1.1.7 (SOA, BPM and BAM) a BPM Domain with one server with SOA and BPM (Admin Server) and other server with BAM (optional) Read the complete article here. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Facebook Wiki Technorati Tags: Jorge Quilcate,Chef,SOA,BPM,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

Read the article
Helping managers and customers understand SOA

- by David

I frequently hear Service-Oriented Architecture (SOA) being tossed around as a buzzword among non-technical customers or program managers with little concern or understanding for what it actually entails (example: "Can I buy a SOA?"). There's also a lot of misinformation about SOA (example: "Only web apps can use SOA") and a general lack of understanding for its capabilities (example: "SOA can make your make all of your data work together"). What are some key facts that you, as someone who understand the technical side of SOA, use to educate program managers on the appropriate use and understanding of SOA? What's the best way to set the record straight with non-technical folks?

Read the article
Generating an EJB SDO Service Interface for Oracle SOA Suite by Edwin Biemond

- by JuergenKress

In Oracle SOA Suite you can use the EJB adapter as a reference or service in your composite applications. The EJB adapter has a flexible binding integration, there are 3 ways for integrating the remote interface with your composite. First you have the java interface way which I described here this follows the JAX-WS way. It means you need to use Calendar for your Java date types and leads to one big WSDL when you add a wire to a service component. Read the full article here. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Technorati Tags: EJB,SDO,Edwin Biemond,SOA Community,Oracle SOA,Oracle BPM,BPM,Community,OPN,Jürgen Kress

Read the article
SOA & BPM Specialized Partners Only! New Service to Promote Your SOA & BPM Events at oracle.com/events

- by JuergenKress

The Partner Event Publisher has just been made available to all SOA & BPM specialized partners in EMEA. Partners now have the opportunity to publish their events to the Oracle.com/events site and spread the word on their upcoming live in-person and/or live webcast events. See the demo below and click here to read more information. SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Technorati Tags: Specialization,marketing services,oracle events,SOA Community,Oracle SOA,Oracle BPM,BPM Community,OPN,Jürgen Kress

Read the article
PEX Innovation Award 2013 nominate your SOA & BPM project success

- by JuergenKress

Please submit your Oracle SOA or BPM project nomination by December 17th 2013. Key criteria: Innovation Employee satisfaction Project size & range Return of Investment Transparency SOA & BPM Partner Community For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Technorati Tags: PEX,awad,Clemens Utschig-Utschig,SOA Community,Oracle SOA,Oracle BPM,Community,OPN,Jürgen Kress

Read the article
Two-way Trust relationship between Samba 3 and AD 2008 R2

- by Romain

Did somebody already make a two-way trust relationship between Samba 3 and AD ? I've got Samba 3.5 domain (ES02) controller and AD 2008 R2 domain (ES01) controller. Trust domain seems to be ok: Trusted domains list: ES01 S-1-5-21-1816646249-803782145-3669927669 Trusting domains list: ES01 S-1-5-21-1816646249-803782145-3669927669 I can login AD domain workstation with a Samba user account and access to AD domain workstation shares from Samba workstation with Samba user account. BUT, when I try to access to Samba domain workstation shares from AD domain workstation with AD account (test), I've got this: [2012/12/16 23:00:26.146090, 5] auth/auth.c:268(check_ntlm_password) check_ntlm_password: winbind authentication for user [test] FAILED with error NT_STATUS_NO_SUCH_USER [2012/12/16 23:00:26.146123, 2] auth/auth.c:314(check_ntlm_password) check_ntlm_password: Authentication for user [test] - [test] FAILED with error NT_STATUS_NO_SUCH_USER When I try to access samba share with the Administrator account that I create on both side with same password, I've got this: [2012/12/16 22:57:22.701841, 1] rpc_server/srv_pipe_hnd.c:1602(serverinfo_to_SamInfo_base) _netr_LogonSamLogon: user ES01\Administrator has user sid S-1-5-21-1816646249-803782145-3669927669-500 but group sid S-1-5-21-3405883886-2425668597-4100599511-513. The conflicting domain portions are not supported for NETLOGON calls I don't know if winbind is working because of this: wbinfo -u root nobody smb3user administrator "wbinfo -u" should list all local and trusted users, no ? Any fresh idea would be appreciated, I've been reading all the Internet for 1 week... Regards,

Read the article
Anyone have BlazeDS working with WebLogic Security (j_security_check) ??

- by Brian

I'm working on a Flex implementation (currently using SDK 3.5) on WebLogic 10.3 (11G.) We originally used Glassfish v2.1.1 with zero issues (there was an active directory group lookup bug but it did not hinder our progress.) Since transitioning to WebLogic we have an issue where the flexsession is invalidated after logging in using j_security_check: [BlazeDS]Unexpected error encountered in Message Broker servlet flex.messaging.LocalizedException: The FlexSession is invalid. at flex.messaging.FlexSession.checkValid(FlexSession.java:943) at flex.messaging.FlexSession.getUserPrincipal(FlexSession.java:254) at flex.messaging.HttpFlexSession.getUserPrincipal(HttpFlexSession.java:286) at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:296) at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3594) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2202) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2108) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1432) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) I've tried almost every option in services-config.xml: [security [login-command class="flex.messaging.security.WeblogicLoginCommand" server="Weblogic"/> [!-- Uncomment the correct app server [login-command class="flex.messaging.security.TomcatLoginCommand" server="JBoss"> [login-command class="flex.messaging.security.JRunLoginCommand" server="JRun"/> [login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/> [login-command class="flex.messaging.security.WebSphereLoginCommand" server="WebSphere"/> --> [/security> I've even completely removed this section with no luck. The login functions correctly from a non-BlazeDS perspective. It authenticates the user correctly. Without authentication, BlazeDS works fine (no errors for any remote calls.) Together its a big ball of fail (invalid flexsession every time.) Has anyone got this working? Any tips?

Read the article
Glassfish with Webservices on non default port

- by Rick

I have a simple web service that I created that deploys perfectly on a default Glassfish V2.1 install on both a windows and a linux system. HOWEVER, In the production environment, Glassfish has the default port for the domain changed from port 8080 to port 80. Now when I try to deploy the web service it will not deploy to the server. The production server is brand new and only was a few webpages on it. Other than the port everything else seems to be the same. I cannot change the port on the production server. In fact I tried to change the port on the linux test server tfrom 8080 to port 80 and I get the same result as the production server. Any ideas - other than don't use glassfish? :)

Read the article
Applied Security for Oracle Business Intelligence Podcast

- by Tim Dexter

Listen to BI Security Meister, Bryan Wise talk about his recent book Applied Oracle Security and learn about the cutting edge techniques for Oracle Business Intelligence from a leading security expert. http://www.oracle.com/podcasts/author-podcasts.html - Applied Security for Oracle Business Intelligence Well worth the listen and of course the book is available at all discerning bookstores!

Read the article
Oracle Security Inside Out Newsletter – June Edition

- by Troy Kitch

This month’s Information In Depth Newsletter, Security Inside Out Edition is now available. In this edition we look at the Gartner Security and Risk Management Summit 2011, discuss safeguarding data from threats with Oracle Database Vault, and reveal the latest database security webcasts, videos, training, events and more. If you don’t have a subscription to this bi-monthly security information update, you can sign up here at the bottom of the page.

Read the article
Taking the fear out of a Cloud initiative through the use of security tools

- by user736511

Typical employees, constituents, and business owners interact with online services at a level where their knowledge of back-end systems is low, and most of the times, there is no interest in knowing the systems' architecture. Most application administrators, while partially responsible for these systems' upkeep, have very low interactions with them, at least at an operational, platform level. Of greatest interest to these groups is the consistent, reliable, and manageable operation of the interfaces with which they communicate. Introducing the "Cloud" topic in any evolving architecture automatically raises the concerns for data and identity security simply because of the perception that when owning the silicon, enterprises are not able to manage its content. But is this really true? In the majority of traditional architectures, data and applications that access it are physically distant from the organization that owns it. It may reside in a shared data center, or a geographically convenient location that spans large organizations' connectivity capabilities. In the end, very often, the model of a "traditional" architecture is fairly close to the "new" Cloud architecture. Most notable difference is that by nature, a Cloud setup uses security as a core function, and not as a necessary add-on. Therefore, following best practices, one can say that data can be safer in the Cloud than in traditional, stove-piped environments where data access is segmented and difficult to audit. The caveat is, of course, what "best practices" consist of, and here is where Oracle's security tools are perfectly suited for the task. Since Oracle's model is to support very large organizations, it is fundamentally concerned about distributed applications, databases etc and their security, and the related Identity Management Products, or DB Security options reflect that concept. In the end, consumers of applications and their data are to be served more safely in a controlled Cloud environment, while realizing the many cost savings associated with it. Having very fast resources to serve them (such as the Exa* platform) makes the concept even more attractive. Finally, if a Cloud strategy does not seem feasible, consider the pros and cons of a traditional vs. a Cloud architecture. Using the exact same criteria and business goals/traditions, and with Oracle's technology, you might be hard pressed to justify maintaining the technical status quo on security alone. For additional information please visit Oracle's Cloud Security page at: http://www.oracle.com/us/technologies/cloud/cloud-security-428855.html

Read the article
Internet Explorer Security: How to Configure Settings

Before jumping into the steps that are needed to configure Internet Explorer's security settings, let us first take a closer look at the four separate security zones that Microsoft has established for the browser. You will be able to tweak the settings of each of these four zones when we get into the configuration part of this tutorial, so it is best that you learn what they represent first. Internet Explorer Security Zones Internet Zone This Internet Explorer security zone refers to websites that are not on your computer or are not designated to your local intranet, which we will discuss in ...

Read the article
Spring Security Configuration Leads to Perpetual Authentication Request

- by Sammy

Hello, I have configured my web application with the following config file: <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled" />   <bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy"> <security:filter-chain-map path-type="ant"> <security:filter-chain pattern="/**" filters="securityContextPersistenceFilter, basicAuthenticationFilter, exceptionTranslationFilter, filterSecurityInterceptor" /> </security:filter-chain-map> </bean>  <bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"> <property name="securityContextRepository"> <bean class="org.springframework.security.web.context.HttpSessionSecurityContextRepository"> <property name="allowSessionCreation" value="false" /> </bean> </property> </bean>  <bean id="basicAuthenticationFilter" class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationEntryPoint" ref="authenticationEntryPoint" /> </bean>  <bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint"> <property name="realmName" value="Ayudo Web Service" /> </bean>    <bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider" /> <ref local="inMemoryAuthenticationProvider" />  </list> </property> </bean>  <bean id="inMemoryAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="propertiesUserDetails" /> </bean> <security:user-service id="propertiesUserDetails" properties="classpath:operators.properties" />  <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService" /> </bean>   <bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource" ref="dataSource" /> </bean> <bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter"> <property name="authenticationEntryPoint" ref="authenticationEntryPoint" /> <property name="accessDeniedHandler"> <bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl" /> </property> </bean> <bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor"> <property name="securityMetadataSource"> <security:filter-security-metadata-source use-expressions="true"> <security:intercept-url pattern="/*.html" access="permitAll" /> <security:intercept-url pattern="/version" access="permitAll" /> <security:intercept-url pattern="/users/activate" access="permitAll" /> <security:intercept-url pattern="/**" access="isAuthenticated()" /> </security:filter-security-metadata-source> </property> <property name="authenticationManager" ref="authenticationManager" /> <property name="accessDecisionManager" ref="accessDecisionManager" /> </bean> <bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased"> <property name="decisionVoters"> <list> <bean class="org.springframework.security.access.vote.RoleVoter" /> <bean class="org.springframework.security.web.access.expression.WebExpressionVoter" /> </list> </property> </bean> As soon as I run my application on tomcat, I get a request for username/password basic authentication dialog. Even when I try to access: localhost:8080/myapp/version, which is explicitly set to permitAll, I get the authentication request dialog. Help! Thank, Sammy

Read the article
Using the SOA-BPM VIrtualBox Appliance

- by antony.reynolds

Quickstart Guide to Using Oracle Appliance for SOA/BPM Recently I have been setting up some machines for fellow engineers. My base setup consists of Oracle Enterprise Linux with Oracle Virtual Box. Note that after installing VirtualBox I needed to add the VirtualBox Extension Pack to enable RDP access amongst other features. In order to get them started quickly with some images I downloaded the pre-built appliance for SOA/BPM from OTN. Out of the box this provides a VirtualBox image that is pre-installed with everything you will need to develop SOA/BPM applications. Specifically by using the virtual appliance I got the following pre-installed and configured. Oracle Enterprise Linux 5 User oracle password oracle User root password oracle. Oracle Database XE Pre-configured with SOA/BPM repository. Set to auto-start on OS startup. Oracle SOA Suite 11g PS2 Configured with a “collapsed domain”, all services (SOA/BAM/EM) running in AdminServer. Listening on port 7001 Oracle BPM Suite 11g Configured in same domain as SOA Suite. Oracle JDeveloper 11g With SOA/BPM extensions. Networking The VM by default uses NAT (Network Address Translation) for network access. Make sure that the advanced settings for port forwarding allow access through the host to guest ports. It should be pre-configured to forward requests on the following ports Purpose Host Port Guest Port (VBox Image) SSH 2222 22 HTTP 7001 7001 Database 1521 1521 Note that only one VirtualBox image can use a given host port, so make sure you are not clashing if it seems not to work. What’s Left to Do? There is still some customization of the environment that may be required. If you need to configure a proxy server as I did then for the oracle and root users to set up an HTTP proxy Added “export http_proxy=http://proxy-host:proxy-port” to ~oracle/.bash_profile and ~root/.bash_profile Added “export http_proxy=http://proxy-host:proxy-port” to /etc/.bashrc Edited System->Preferences to set Network Proxy In Firefox set Preferences->Network->Connection Settings to “Use system proxy settings” In JDeveloper set Edit->Preferences->Web Browser and Proxy to required proxy settings You may need to configure yum to point to a public OEL yum repository – such as http://public-yum.oracle.com. If you are going to be accessing the SOA server from outside the VirtualBox image then you may want to set the soa-infra Server URLs to be the hostname of the host OS. Snap! Once I had the machine configured how I wanted to use it I took a snapshot so that I can always get back to the pristine install I have now. Snapshots are one of the big benefits of putting a development environment into a virtualized environment. I can make changes to my installation and if I mess it up I can restore the image to a last known good snapshot. Hey Presto!, Ready to Go This is the quickest way to get up and running with SOA/BPM Suite. Out of the box the download will work, I only did extra customization so I could use services outside the firewall and browse outside the firewall from within by SOA VirtualBox image. I also use yum to update the OS to the latest binaries. So have fun.

Read the article
Does the "security" repository provides anything not found in the "updates" repository?

- by netvope

For the limited number of package I looked at (e.g. apache), I found that the package version in the updates repository is always newer than or equal to the version available in the security repository (provided that they exist). This gives me the impression that all security patches posted to the security repository are also posted to the updates repository. If this is true, I can remove all <release_name>-security entries in my apt sources.list and the <release_name>-updates entries will still give me the security patches. This will speed up apt-get update quite a bit. The best documentation I can found regarding the repositories is on the community help page "Important Security Updates (raring-security)". Patches for security vulnerabilities in Ubuntu packages. They are managed by the Ubuntu Security Team and are designed to change the behavior of the package as little as possible -- in fact, the minimum required to resolve the security problem. As a result, they tend to be very low-risk to apply and all users are urged to apply security updates. "Recommended Updates (raring-updates)". Updates for serious bugs in Ubuntu packaging that do not affect the security of the system. However, it does not mention whether the updates repository also includes everything in the security repository. Can anyone confirm (or disconfirm) this?

Read the article

Search Results

Search found 16101 results on 645 pages for 'owsm webservices ws security ws trust soa secuirty'.

Page 9/645 | < Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16 | Next Page >

- by Vaccano

- by bwerks

- by cdalley

- by michuk

- by OTN ArchBeat

- by JuergenKress

- by JuergenKress

- by quinntheeskimo

- by Ciprian Rusen

- by JuergenKress

- by David

- by JuergenKress

- by JuergenKress

- by JuergenKress

- by Romain

- by Brian

- by Rick

- by Tim Dexter

- by Troy Kitch

- by user736511

- by Sammy

- by antony.reynolds

- by netvope

< Previous Page | 5 6 7 8 9 10 11 12 13 14 15 16 | Next Page >