After login(),how to get user;s home folder info?Login user's home folder.

Dear friends,I磎 trying to access a safe server through Https. The connection algorithm and all handshake stuff is done, already tested in a local server.The problem is:I磎 trying to access a IIS server with a certificate generated through the MS certsrv web page, with the following ...

hi ,i am doing project with jsp in ms-access database. this webapplication should be accessible to 10 people. all should be view the data but levels should be there.how can i get the access levels to the database like reading access to some 2 people. writing and modifying access to some 5 ...

Hi,I'm manipulating a JCEKS/SunJCE KeyStore that has grown larger than available memory on the machine. I need to be able to quickly lookup/create/and sometimes delete keys. Splitting into multiple KeyStores and loading/unloading based on which one the particular request needs isn't ideal. ...

I'm trying to use a forwarded Credential in jGSS for authentication. The problem is, after forwarding I get A GSSCredentialImpl and what I need is a KerberosTicket. The toString info of the GSSCredentialImpl is almost exactly the same as the KerberosTicket. So the data is there. But how sould ...

java.security.ProviderException: unable to parse algorithm params.Anyone any idea how to get around this problem? Is it something to do with the java.security file?

Dear friends,how can I use a PKCS12 key generated by an external tool to sign my Java application ?I磎 trying to use the keytool - is it possible ?obs: I can easly sign the application with a key generated by the keytool.... the problem started with that external key

Hi. I just decided to implement JAAS technology in my 3-tiered application. I did authentication, but can not beleive that the only way to specify authorization is to place all grants in one ore more text files and specify this(ose) file(s) in batch file running my application. I do not think ...

Hi,I am new bie to Java Security. I do not know where to start off with. Here is the requirement.I need to contact an HTTPS URL and this URL gives me output which is encypted data.I have to save this ecnrypted data into a file and I have the KEY to decrypt the data.I have tried several ways ...

Hi,I am new bie to Java Security. I do not know where to start off with. Here is the requirement.I need to contact an HTTPS URL and this URL gives me output which is encypted data.I have to save this ecnrypted data into a file and I have the KEY to decrypt the data.I have tried several ways ...

Hi,The windows sysadmin had a problem with the certificate authority and had to rebuild it and then re-issue all the certs. I got the new authority's public key, but now when I try to bind to Active Directory, I get the following message:javax.naming.CommunicationException: simple bind failed: ...

I want to run a class file with the absolute minimum of security rights. Mostly, I don't want it reading/witting files I don't tell it and I don't want it opening sockets. My command is this:"C:\Program Files\Java\jdk1.5.0_04\bin\java.exe" -Djava.security.manager ...

hello i want to protect th e folder so no one can open it so i need some api than access forlder attribute to lock it i made a s/w that locks the images with password and set correct password to see image. so i want to lock folder also so any api is there to access folder.

Hi,I have a configuration file and with java Configuration object I read the jaas configuratino from the module. Then I change the configuration in program and now I want to save It back to the file. Is there any possibility in java to make this easy.I hope somebody can help me.Thanks, ...

I need some help to figure out how to get a service ticket from a KDC. Suppose I have a service ,SRV1 (not necessarily kerberized), and I have also a keytab assign to it created by Heimdal. This keytab file contains an long term shared secret key between the KDC and SRV1 YES ? Now suppose the ...

I am trying to find a way of capturing a user's password so that I can have the user login to one of my web applications (which acts as a client), and pass it to a second application (which acts as the server).I know that I can retrieve the user from the ServletRequest using ...

Hi! I need a bit of light in one issue. I know that when I create a certificate using keytool -genkey, a public/private key pair is created along with a certificate, which are all stored in the .keystore or a file that you specify.Now, if I want that someone "sign" (or crypt) a file for me, I ...

Hi,We have a GUI application deployed in a jar file. That application reads a properties file to connect the data base and other settings.That file has to be encripted, because the end-user cannot read the content of the file.So the key to decrypt the file has to be embeded in the code. But ...

We have been signing some text as part of our product for a while now, and it has never caused us a problem before. However, it would appear that upgrading from JRE 1.4.2_07 to anything above this version (including 1.5) has broken the verification of our signatures...Currently we use the ...

Hallo,I wrote a java application that runs standalone (without app server) at server side, and make a JDBC connection. User and pwd are read from a property file.Is there any way to avoid wrtting the password as plain text in the property file ?The DBA may change the pwd at the DB, but should ...

HiI created a keystore that generated a DSA pub/Pvt key of keysize1024.I then retreived the public key for encryption using the the following codeCipher cipher = ...

HiI have a problem with configuring axis web-service client so that it can get and verify the soap-envelope signature. All I found on wsse pages is the example client-deploy.wsdd file. Part that is responsible for the signature things looks like that:<handler ...

I have a webapp running Struts, Tomcat 5 and JAAS. After a userregisters on my site they then verify their e-mail through clicking alink. How can I get them to be automatically logged in after clickingthat link using JAAS?

hello, i'm writing a java application that read user name and password from a msdos console, it is possible to make the password input invisible or looks like that ****** , please it is kind urgent

I first tried public/private keys generated by DSA for assymetric encryption buy using Cipher class. But that didn't work out and ghstark pointed out that sun doesn't support encryption with DSA and adviced me to try out RSA.So I tried RSA and everything is woking out fine. But now i want to ...

Hello,I would like to retrieve a private key from KeyChains, in MAC OSX Tiger, and later, do an RSA signature with this key. In Apple JDK 1.4.2 , the KeyStore class now access to KeyChains data. This is true, because I can list and read all certificates of the Keychains. But when I try to ...

hiI want to know the advantages and disadvantages of Cipher. I am working on it but dont know much.also help me to know more about Cipher through documents.Please do needful.ThanksAnup K

Hi,I am looking for a single sign-on solution for Tomcat platform. This solution should work on Active Directory-Internet Explorer 6-Tomcat 5 combo.The requirement is - When a user requests a certain page from his browser, the web server must be able to identify the (active directory domain ...

Friends,I'm not certainly clear, if this could be a better forum, But still most of the web developers are with java and have to come across security measures.Okay, My issue is here >I'm getting something strange here,may be if I'm wrong please correct me.All i'm going to talk is about ...

HiMy application creates certificates. At the moment I'm using Bouncycastle. Now I want to create the certificates without using org.bouncycastle.x509.X509V3CertificateGenerator. What things (attributes) do I need to set in a X509Certificate in order to communicate via SSL? Which methods of a ...

Hello,I have an HTTP client authentication which I do not have source for but provides some crucial webservices functionality. However, it does not support authentication in any way (it is in beta phase). I have to if possible begin working with it before it will have authentication built ...

Hi,I have a simple java application where i want to use the rbac i.e, a user can have multiple roles and his access to various application functions will be based on his role. What is the best way to implement it in Java? Is there any code snippet avilable?Waiting for replies as i need it ...

Hi all,I'm looking for a bit of advice. We have a J2EE application we have written, and are considering hosting such that we can give access to external clients. Our server hosts some EJBs and the GUI is a Web Start client. The user enters some data on the client and it is sent to the EJB ...

Hello,I have a class that parses the Base64 representation of an X.509 Certificate using the following code:CertificateFactory cf = CertificateFactory.getInstance("X.509");bais = new ByteArrayInputStream(certBytes);cert = (X509Certificate) cf.generateCertificate(bais);Generally, this code works ...

Hi,I have configured my application for login authentication (FORM Based) using jakarta-tomcat-5.0.28 (Eclipse 3.1). With my configuration I don抰 have any issue to get into the login page, but upon key-in the user-id and password, its not get authenticated and its going to AuthError.html page ...

Hello!We are trying to implement a login/security environment using Tomcat 5.5's JAASRealm and Struts as a MVC-Framework.After Login ,which fails with error "HTTP Status 403 - Access to the requested ressource has been denied", we can navigate manually to our output.jsp and use ...<%= ...

Hi,I have configured my application for login authentication (FORM Based) using jakarta-tomcat-5.0.28 (Eclipse 3.1). With my configuration I don抰 have any issue to get into the login page, but upon key-in the user-id and password, its get authenticated and its immediately redirecting to ...

HiI'm an Application Developer attempting to create a web application compatable with the J2EE web component specifications. This means that my security is declarative in the web.xml through security-constraints mapped to the logical roles that my application defines.This allows me to make my ...

Hi all,I am trying to use SmartCard client authentication (pkcs#11, JDK 1.5.0_3, SafeSign for Starcos 1.0.9, SCR531 card controller, Tomcat 5.5.12 with clientAuth=true). When I access the protected site, the browser plugin (which is installed by SafeSign) shows a window that allows to choose ...

We have tried to send Verisign certificates generated using JSSE, but they complain that the certificates are corrupted. After several conversations with them, we believe that the problem may be that not only do they require the key algorithm to be RSA, but they also require that the signature ...

Hi;I would like to use a effective password generator (in java) without GUI (batch mode).Regards;

Question like in topic ;-) waitin for answer !Do i have to write my own SecurityManager ? Or maybe someone had written it ? Please respond... for me it is very necessery :)Best regards...Student form Poland.

Hi,I want to use a free Certificate Authority tool to issue signed certificates that are then to be used with the Java Certification path API in order to create verification paths and validate it. I intend to install this CA in multiple sub-systems that exist in a large system (some ...

hello all,iam new to java please help me .my program has thrown the exception:java.security.AccessControlException: access denied (java.io.FilePermission F:\read)using applets a dynamic jtree should be displayed.when a user clicks a node a file should be retrived and display the directories and ...

I am new to Kerberos, I am trying to run the gss kerberos shipped in JDK 5.0. Looking at the Kerberos requirement section, I am seeing this"In order to run the sample programs, you will need access to a Kerberos installation. As described in the following sections, you may also need a krb5.conf ...

We are designing a client server system, and we are running into a single sign on problem.Basically, a client's requests are served by many sockets, although the client doesn't know its requests are served by multiple sockets. For every socket, the user identity has to be authenticated via ...

Simple Security QuestionsFirst a little background ...I am a recent college graduate on my first job in a startup financial investment company. I am one of three employees thus far and I act as the IT guy / Network Administrator / Software Developer. I make Java programs to generate reports and ...

Hi all,i have question regarding the use of Entrust with java application on unix1)I want to use Entrust for encryption/decryption of the file in my core java application on unix platform.What should be requiremnet for the same and how it is implemented?.2) I want to Use Entrust for ...

Hi!I am starting to get frustrated. I have created an applet that reads words from a textfile during runtime. However, thew Security Manager doesn't give me permission to access the textfile, even though I have tried to change the content of the java.security and java.policy files. I added the ...

I'm trying to sign a jar file using jarsigner and a smartcard.Here is the output fromkeytool -keystore NONE -store type PKCS11 -list -v:Keystore type: PKCS11Keystore pZvider: SunPKCS11-SmartCardYour keystore contains 1 entryAlias name: 005578_Local_244055191934Entry type: keyEntryCertificate ...