Discussions
Categories
- 196.8K All Categories
- 2.2K Data
- 235 Big Data Appliance
- 1.9K Data Science
- 449.9K Databases
- 221.6K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 549 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 533 SQLcl
- 4K SQL Developer Data Modeler
- 186.9K SQL & PL/SQL
- 21.3K SQL Developer
- 295.5K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.2K Development Tools
- 104 DevOps
- 3.1K QA/Testing
- 645.9K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 154 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 17 Java Essentials
- 158 Java 8 Questions
- 85.9K Java Programming
- 79 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.2K Java SE
- 13.8K Java Security
- 203 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 402 LiveLabs
- 37 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.6K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 230 Portuguese
OPSS authorization Logs
971638
Member Posts: 1
Hi
I have set the logger oracle.security.jps.dbg.logger to finest. And some of the log entries aren't making much sense to me like what is subjectresolver
<JpsAbsSubjectResolver> <resolveSubject> [JpsAbsFilter.doFilter] Final jpsSubject = Subject:
Principal: king
Principal: authenticated-role
Principal: ApplicationRoleopssDemo/kingrole,uname:cn=kingrole,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:7894FE60233711E2BFD89991225B906E
Principal: anonymous-role
Principal: ApplicationRoleopssDemo/kingtiger,uname:cn=kingtiger,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:789C2A50233711E2BFD89991225B906E
Private Credential: king
Private Credential: Subject:
Principal: king
Private Credential: king
, Cache-Hit:true
getPermissions: Context:null Runtime Grantee (Principals+codesource):[SubjCSGrantee: file:/C:/Users/neeshsha.ST-IDC/AppData/Roaming/JDeveloper/system11.1.2.3.39.62.76.1/DefaultDomain/servers/DefaultServer/tmp/_WL_user/adf.oracle.domain/ipbkss/APP-INF/lib/adfmweb.jar [king, authenticated-role, ApplicationRoleopssDemo/kingrole,uname:cn=kingrole,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:7894FE60233711E2BFD89991225B906E, anonymous-role, ApplicationRoleopssDemo/kingtiger,uname:cn=kingtiger,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:789C2A50233711E2BFD89991225B906E]]Requested Permissions: null
ResourceType: null
isTypedPermission: false
Simple Permissions:
Deny
Grant
(oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:SYSTEM Context Name:null Actions:getConfiguredApplications)
(oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:APPLICATION Context Name:* Actions:getApplicationPolicy)
(oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=default,keyName=* read,write)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission java.vm.specification.vendor read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission java.specification.vendor read)
Policy_Perms
Complex Permissions:
Any help ??
I have set the logger oracle.security.jps.dbg.logger to finest. And some of the log entries aren't making much sense to me like what is subjectresolver
<JpsAbsSubjectResolver> <resolveSubject> [JpsAbsFilter.doFilter] Final jpsSubject = Subject:
Principal: king
Principal: authenticated-role
Principal: ApplicationRoleopssDemo/kingrole,uname:cn=kingrole,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:7894FE60233711E2BFD89991225B906E
Principal: anonymous-role
Principal: ApplicationRoleopssDemo/kingtiger,uname:cn=kingtiger,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:789C2A50233711E2BFD89991225B906E
Private Credential: king
Private Credential: Subject:
Principal: king
Private Credential: king
, Cache-Hit:true
getPermissions: Context:null Runtime Grantee (Principals+codesource):[SubjCSGrantee: file:/C:/Users/neeshsha.ST-IDC/AppData/Roaming/JDeveloper/system11.1.2.3.39.62.76.1/DefaultDomain/servers/DefaultServer/tmp/_WL_user/adf.oracle.domain/ipbkss/APP-INF/lib/adfmweb.jar [king, authenticated-role, ApplicationRoleopssDemo/kingrole,uname:cn=kingrole,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:7894FE60233711E2BFD89991225B906E, anonymous-role, ApplicationRoleopssDemo/kingtiger,uname:cn=kingtiger,cn=Application Role,cn=opssDemo,cn=jpsXmlFarm,cn=JPSContext,cn=jpsXmlRoot,guid:789C2A50233711E2BFD89991225B906E]]Requested Permissions: null
ResourceType: null
isTypedPermission: false
Simple Permissions:
Deny
Grant
(oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:SYSTEM Context Name:null Actions:getConfiguredApplications)
(oracle.security.jps.service.policystore.PolicyStoreAccessPermission Context:APPLICATION Context Name:* Actions:getApplicationPolicy)
(oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=default,keyName=* read,write)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission java.vm.specification.vendor read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission java.specification.vendor read)
Policy_Perms
Complex Permissions:
Any help ??
This discussion has been closed.