Forum Stats

  • 3,853,853 Users
  • 2,264,287 Discussions
  • 7,905,483 Comments

Discussions

Portal Desktop Url is case insensitive

652669
652669 Member Posts: 8
edited Jul 31, 2008 1:16PM in WebLogic Portal
Hi,

we have a portal running as desktop in weblogic 8.1 sp6.

We have a issue if user changes the part of the url(..... /abc/myportal ) to url(..... /ABC/myportal ) still he is able to access the portal which he should not, how to make url casesensitive. This happens only for the url part after appmanager.Do we need to make any configuration change in weblogic for this?

URL to access Desktop: http://localhost:7001/DataPortal/appmanager/abc/myportal

Below is different combinations user can the portal
http://localhost:7001/DataPortal/appmanager/ABC/myportal
http://localhost:7001/DataPortal/appmanager/ABC/Myportal
http://localhost:7001/DataPortal/appmanager/Abc/myportal ..... etc

Thanks
Ravi

Comments

  • 649271
    649271 Member Posts: 76
    Hi Ravi,

    The URLs are case insensitive in Win 32 environment but on Unix environment you should be fine. Still if you want to try out, you can look here.

    Method getWebAppFilesCaseInsensitive().

    http://edocs.beasys.com/wls/docs100/javadocs_mhome/weblogic/management/configuration/SecurityConfigurationMBean.html

    I have not tried the implementation but if you try out, pls let forum know the results.

    Thanks
    Vishnu
  • 652669
    652669 Member Posts: 8
    Hi Vishnu,

    I tried changing to the configuartion in Weblogic Console

    ClusterDomain> Domain Wide Security Settings > Advanced > Web App Files Case Insensitive to "false" (options available are os,true,false) , but weblogic server didnot startup after the change and throws below exception

    ####<Jul 31, 2008 2:29:19 AM PDT> <Emergency> <WebLogicServer> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: 090790>
    ####<Jul 31, 2008 2:29:37 AM PDT> <Notice> <Log Management> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-170019> <The server log file C:\bea\user_projects\domains\ClusterDomain\AdminServer\AdminServer.log is opened. All server side log events will be written to this file.>
    ####<Jul 31, 2008 2:29:38 AM PDT> <Error> <Security> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-090790> <The Value Specified by -Dweblogic.security.URLResourceCaseMapping(os) and WebAppFilesCaseInsensitive Attribute on SecurityConfiguraitonMBean(false) does not match.>
    ####<Jul 31, 2008 2:29:38 AM PDT> <Critical> <WebLogicServer> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-000364> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: 090790
    weblogic.security.service.SecurityServiceRuntimeException: 090790
    at weblogic.security.service.SecurityServiceManager.areWebAppFilesCaseInsensitive(SecurityServiceManager.java:1021)
    at weblogic.security.service.SecurityServiceManager.initializeConfiguration(SecurityServiceManager.java:829)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:733)
    at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
    at weblogic.Server.main(Server.java:32)
    >

    I think i need have "Dweblogic.security.URLResourceCaseMapping" as "false" too in the startup batch file of server. Then it might work, iam not sure. I will try to check this.

    Thanks
    Ravi
  • 652669
    652669 Member Posts: 8
    Hi Vishnu,

    I tried changing to the configuartion in Weblogic Console

    ClusterDomain> Domain Wide Security Settings > Advanced > Web App Files Case Insensitive to "false" (options available are os,true,false) , but weblogic server didnot startup after the change and throws below exception

    ####<Jul 31, 2008 2:29:19 AM PDT> <Emergency> <WebLogicServer> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: 090790>
    ####<Jul 31, 2008 2:29:37 AM PDT> <Notice> <Log Management> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-170019> <The server log file C:\bea\user_projects\domains\ClusterDomain\AdminServer\AdminServer.log is opened. All server side log events will be written to this file.>
    ####<Jul 31, 2008 2:29:38 AM PDT> <Error> <Security> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-090790> <The Value Specified by -Dweblogic.security.URLResourceCaseMapping(os) and WebAppFilesCaseInsensitive Attribute on SecurityConfiguraitonMBean(false) does not match.>
    ####<Jul 31, 2008 2:29:38 AM PDT> <Critical> <WebLogicServer> <dev148> <AdminServer> <Main Thread> <<WLS Kernel>> <> <BEA-000364> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: 090790
    weblogic.security.service.SecurityServiceRuntimeException: 090790
    at weblogic.security.service.SecurityServiceManager.areWebAppFilesCaseInsensitive(SecurityServiceManager.java:1021)
    at weblogic.security.service.SecurityServiceManager.initializeConfiguration(SecurityServiceManager.java:829)
    at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:733)
    at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
    at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
    at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
    at weblogic.Server.main(Server.java:32)
    >

    I think i need have "Dweblogic.security.URLResourceCaseMapping" as "false" too in the startup batch file of server. Then it might work, iam not sure. I will try to check this.

    Thanks
    Ravi
  • 649271
    649271 Member Posts: 76
    Thanks Ravi for letting us know the progress. As I told I have not tried the implementation. But as you can see from the options, if your production OS is unix/linux, then you will be fine.


    Thanks
    Vishnu
This discussion has been closed.