Hi,Iam getting the following error." javax.security.auth.login.LoginException: Login Failure: all modules ignored "can some body help me to fix this one.

I'm evaluating Java IDE's. My boss wants me to evaluate IDE security issues. I can't think of any issues, or how an IDE can have anything to do with security, but didn't want to sweep it under the rug without asking all of you security experts. Are there any security concerns when selecting ...

We know MSIE is probably the worst, but do they all have major issues, is it HTTP in general or TCP/IP? Is there a web browser that is safe? Or safest of all choices?

Hi All :I have downloaded the jaas.jar in my lib\ext folder and am trying to make an authentication module. When i try to run the module as a standalone application the implemented LoginModule classes are found by the LoginContext and the application runs fine, but in an application server it ...

Lets try answering it better.I've got a signed mail, and i wanna get the certificate of this mail.How can i do that?The message is multipart and i've tried to do this by two ways: 1.- X509Certificate cert = X509Certificate.getInstance(part.getInputStream()); 2.- X509Certificate cert = ...

Hi,Is it possible to add a new user to Win NT using Java, assuming that the user running the application is an administrator?If it can't be done in Java, can anyone point me in the right direction to research this?I appreciate your help.Regards,Liam.

Hello all,I have recently integrated a JAAS LoginModule into my application code, and am not achieving expected results. I successfully deployed a custom LoginModule, principal, CallbackHandler, and Action, in such a way that when I invoke the following:SMAFCallbackHandler sch = new ...

Hello all,I have recently integrated a JAAS LoginModule into my application code, and am not achieving expected results. I successfully deployed a custom LoginModule, principal, CallbackHandler, and Action, in such a way that when I invoke the following:<code>SMAFCallbackHandler sch = new ...

Trying to develop a "fat client" to pass a Subject to the middle tier. Would somebody mind telling me how NTLoginModule is useful? Might be missing something obvious, but it is incredibly easy for somebody to re-write the pertinant "NT" classes to populate a Subject w/ false information. For ...

Hi,I need to Enforce several password policies on various web based applications. E.g password must be x long , contain symbols, not based on dictionary words etc. Is there any open source API like this out there?Thanks

The following code (see below) produces a CertificateException. The detail message buffer reads, "signed fields invalid" error.pkcs12Data is defined as, "byte [] pkcs12Data;" It holds a buffer that contains the server's private key and corresponding certificate in"Personal Information Exchange ...

I have some background processes that run as NT services. Eachprocess will run in its own VM. I would like each process to use its own java.security file. I know there must be a wayto tell the VM to use a different java.security file other thanthe default (for each process). I have search for ...

Hi there, Java Security architecture gurus,I am currently trying to find the best architecture for the new security framework for our company's application. The system requires instance based security. ACLs are stored in a database. JAAS's authentication is just fine, but its file based ...

Hi,I searched for this answer in the archives and found some similar question, but no answer.I have run most of the Kerberos JAAS tutorial with few problems. However, when I tried the delegation part of the "More things that you can do with java GSS-API and JAAS" section, I could not get it to ...

Hi,I've been trying to figure out how to develop a way, so that by using a browser-based GUI, I can allow users to upload and download files to and from an ftp server in a secure manner. I'm also concerned about sending user account information to logon to the ftp server in an unsecured ...

Hi, I get this SSL Exception when I try to run my server usingssl socket: "default ssl context init failed: Cannot resolve key"it is thrown at this line: "sslServerFactory.createServerSocket(port)"I created a kestore and trustore files using 'keytool' and the step by step from the Jsse ...

I run windows 2000 sp3 and ie6.Is there any way I can use this method ( http://www.cs.princeton.edu/sip/JavaFilter/) to prevent a hostile applet from loading itself?Thnx.

Sorry for the stupid question, but I'm fairly new to the realm of dealing with Java security...I have an applet that I want to deploy worldwide as part of an upgrade to an existing website, but I've run into the following error:"Error getting connection to: ...

hi everyone,i am using servlet to get the details of the client certificate though the Browser IE, however i got the Exception.java.lang.ClassCastException: [Ljava.security.cert.X509CertificateI found that it is failed to get the correct object in the following ...

Hi All,A very odd problem is happening with our system. We use a HttpsURLConnection to connect SSL to a https://www.securehost.com URL.Calling this URL in a web browser or posting a form to it returns some text e.g "The Response".We post to this URL over the HttpsURLConnection and get a ...

Hello,i want to write an application which times out at a Certain date.I would like to store this date in a seperate File and each time the apllication starts, it has to check first if the File has been manipulated or Changed.So, how can I remind what the original message digest ...

I would like to use the HTTP basic authentication for a webapplication using JAAS. I am not able to figure out as to how to write the CallBackHandler to invoke the browser pop-window/use the Basic Authentication of HTTP to get the user name and password.I know there is a DialogCallBackHandler ...

I'm trying to freely download an opensource version of a PKCS#12 decoder written in Java. I searched all over the internet and found one at www.semoa.org but my company won't let me use it due to licensing issues. Does anyone know where I can go to freely download a PKCS#12 ...

Hello,I am working on a project which needs to incorporate JAAS authorization with a Servlet Container抯 authentication/authorization (web.xml).Based on my understanding, (please correct me if I'm wrong) Tomcat currently handles declarative security based on a deployment descriptor known as the ...

HiI have read many posts on this forum and others, tried many things and still no luck, so I thought I'd post my problem here and see what happens. Any suggestions appreciated.I have a client(applet)/server pair. The applet-client sends strings to the server and the server replies by sending ...

I have a JCA adapter that needs to download some of its classes from an HTTP server. I modified the j2ee RI server.policy file like this...permission java.net.SocketPermission "*.*.*.*:80", "connect, accept, listen, resolve";(I've tried other combinations, localhost, my real IP, etc.)At run ...

i was wondering, is there a way to tell your computer to let all applet have read write access? cause i was playing a java game on my computer, and there is a save game option that save your game data in a file on the desktop, but everytime i try it, it gives me a security exception. is there ...

hi!jad is a great tool - it will bring your .class files back to sources. Now I am afraid of installing my programs since someone can simply steal code.

I am writing an app that does an https post of a request and gets a result returned. The company that I am interacting with has a certificate from verisign. I know nothing about certificates! I need to validate their certificate in code as I do this transaction. I need to validate that their ...

I have installed J2SE1.4.0 and I want to work with RSA algorithm.I've downloaded and installed the "Unlimited Strength Java(TM) CryptographyExtension Policy Files".but it doesn't work and I won't use the third-party components?Does anybody have any

I have one question about Weblogic 7.01 security.I have created USER, GROUP and ROLES table in my RDBMS.Can I use the RDBMS realm if my users are in a databasetable already? Can I tune Weblogic security realm to my database tables?Any advice or links will be very appreciate. Thanks a lot for ...

Hi;To try and stop pirating of my app, I want to do a license key where I take their name, add a magic string to it, do a MD5 on that, and the hash code is the license.However, I have to put in the code I ship all of the code that does this which, with decompiling, they can find out both how I ...

Hi,I'd be ever grateful for some quick and dirty examples of how to handle registration, login, and change password scenarios for a webapp. I'd like to use a one-way hash (MD5).Registration: user enters userid and password (and some other info). UserID and Password are stored in database, but ...

Hi.I have an app that dynamically loads a jar, and through reflection instantiate some classes of this jar and call some methods. I used URLClassLoader for that.Now I need to add security. I made a derivation from URLClassLoader, and derived the following method:PermissionCollection ...

Hi all,I need help in converting a keystore from jceks to jks. I wrote a program that opens both keystore files, reads the keys from the jceks keystore and writes to jks keystore. The initial jks keystore is empty. The program executes fine, but when I use the keytool to read the new keystore I ...

NOT the appletviewer!How in the world is this done. I have the policy files set up correctly so that it works fine in the Appletviewer. But I am trying to read the contents from a file that is located in the same directory as the applet class, and it won't work. I've tried everything!I'm ...

Hi Guys,I have a small problem in reading file names from a directory(folder) on a WebServer. Problem :I have a folder on the Webserver called PDF. I would like to read all file names within this folder in a JSP. The JSP is located on Applicatin Server. Application Server and Web Server are ...

Hi all,I've written a very simple encrypter/decrypter using JCE and the sun provider. It seems to encrypt fine, but it doesn't decrypt at all. The code is below:-import java.io.*;import java.net.*;import java.security.spec.*;import javax.crypto.*;import javax.crypto.spec.*;import ...

Hi guys,i have to sign a document before sending using a private key. This private key is ALREADY generated (i received it from a customer). I would like to store it in keystore for security reason. But, apparently, the only way to store a key in keystore is generating a new one ?!!!? Please ...

Hello,I am new with Java.Here is the situation:I have a java file and a class file created using the studio one. It is a FileChooser from Swing and it is working fine when I am executing it from the studio. I am starting an HTML application, so I created a image button where I put a link to the ...

I have a peculiar problem. I have finally been able to make my java-applet access my mysql DB by configuring the .policy files. But the applet only works when I Load the html page from my own computer and the file-manager, not when I try to access it from the server(still from my own computer). ...

Hi readers,I am developing some software using JAAS and am having trouble implementing multiple sign-on. Here is exactly what happens. I have two users: guest and system. I also have an EJB which allows only "system" to access a particuar method. I would like to be able to have "guest" sign-on ...

HI Iam getting the following error while running a sample RDBMS JAAS Login ModuleError creating LoginContext. Login Failure: all modules ignoredjavax.security.auth.login.LoginException: Login Failure: all modules ignoredPlease clarify this issue.Thanks in ...

Hi Guys,I am new to Single Sing on. I am in a Urgent position to do the following Scenario. I need to Authenticate the User using the Windows UserName and Password in my Application. Anyone can help me with a Program to do a Single Sign on in Windows 2000 ...

Have you seen any examples on a Login to a database?where you can promt for a username and password and then enter into the database where the user can update,delete,find etc. Pls help.

does anyone know how to implement NT authentication using Tomcat Realms ?

Greetings to all,I was wondering if anyone has any information that discusseshow to authenticate a Java application to another web applicationusing Form authentication.Currently I'm working on a Java application that requires to login tomultiple applications that use form authentication.I'd ...

Hello:I need do verify a certificate in LDAP server (iPlanet). I'm working with struts. I'm getting a certificate inside the request object and then I need do verify this against LDAP server. I'm supposing that I'm going to use the java class java.security.cert.X509Certificate, but I don't ...

Hi!I want to use JAAS for authorization in a web-application that runs underTomcat4.1.I don't want to put my policy file neither in java_home/jre/security neitherin user.home directories (because I think it's not correct). So I am forcedto create my own implementation of java.security.Policy, ...

Please let me know how you deploy the jars