InitialContext without CREDENTIALS in WL8.1

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Struts - A MVC web framework

Tomcat - JSP/Servlet container

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

JSP - A mailing list about Java Server Pages specification and reference

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

InitialContext without CREDENTIALS in WL8.1

InitialContext without CREDENTIALS in WL8.1

2004-07-22 - By Hyne, David

Back

That depends on whether you're in the .war deployed inside the container
or outside the container.

D
__ ____ ____ ____ ____ ____ ____

From: A mailing list for Java(tm) 2 Platform, Enterprise Edition
[mailto:J2EE-INTEREST@(protected)] On Behalf Of Vinod G
Sent: Thursday, July 22, 2004 5:34 AM
To: J2EE-INTEREST@(protected)
Subject: InitialContext without CREDENTIALS in WL8.1

Hi All,

In weblogic 8.1 I disabled guest login. Then if I try to create an
InitalContext to the server with specifying only the
INITIAL_CONTEXT_FACTORY and PROVIDER_URL (i.e NO SECUITY_CREDENTIALS and
SECURITY_PRINCIPAL ), I am able to create it. I expected to get a
secuity exception saying user guest is not authenticated.

Simple code which I used is shown .

Properties p = System.getProperties();

p.put(Context.INITIAL_CONTEXT_FACTORY,"weblogic.jndi.WLInitialContextFac
tory");
p.put(Context.PROVIDER_URL,"t3://localhost:7001/");

InitialContext ic = new InitialContext(p);

System.out.println("Got Context "+ic);

Javadoc of weblogic.jndi.WLInitialContextFactory says if no CREDENTIAL
and PRINCIPAL is specified it defaults to guest/guest. The why is it
still alows the unauthorized user to access the context.

Anybody faced the same problem earlier?

Thanks
Regards
Vinod G

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- -----

This email is confidential and may be legally privileged.

It is intended solely for the addressee. Access to this email by anyone else,
unless expressly approved by the sender or an authorized addressee, is
unauthorized.

If you are not the intended recipient, any disclosure, copying, distribution or
any action omitted or taken in reliance on it, is prohibited and may be
unlawful. If you believe that you have received this email in error, please
contact the sender, delete this e-mail and destroy all copies.

==============================================================================

===========================================================================
To unsubscribe, send email to listserv@(protected) and include in the body
of the message "signoff J2EE-INTEREST". For general help, send email to
listserv@(protected) and include in the body of the message "help".

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 5.50.4937.800" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left> </DIV>
<DIV dir=ltr align=left>That depends on whether you're in the .war deployed inside
the container or outside the container. </DIV>
<DIV dir=ltr align=left> </DIV>
<DIV dir=ltr align=left>D</DIV>
<DIV dir=ltr align=left>
<HR tabIndex=-1>
From: A mailing list for Java(tm) 2 Platform,
Enterprise Edition [mailto:J2EE-INTEREST@(protected)] On Behalf Of Vinod
G Sent: Thursday, July 22, 2004 5:34 AM To:
J2EE-INTEREST@(protected) Subject: InitialContext without
CREDENTIALS
in WL8.1 </DIV>
<DIV></DIV> Hi All, In weblogic 8.1 I disabled guest login. Then if I try to
create an InitalContext to the server with specifying only the
INITIAL_CONTEXT_FACTORY and PROVIDER_URL (i.e NO SECUITY_CREDENTIALS and
SECURITY_PRINCIPAL ), I am able to create it. I expected to get a secuity
exception saying user guest is not authenticated. Simple code which I used is shown .                
Properties p = System.getProperties();                
p.put(Context.INITIAL_CONTEXT_FACTORY,"weblogic.jndi.WLInitialContextFactory");

            
    p.put(Context.PROVIDER_URL,"t3://localhost:7001/");
            
    InitialContext ic = new InitialContext(p);                
System.out.println("Got Context "+ic); Javadoc of weblogic.jndi.WLInitialContextFactory says if no CREDENTIAL
and PRINCIPAL is specified it defaults to guest/guest. The why is it still
alows
the unauthorized user to access the context. Anybody faced the same problem earlier?
 Thanks Regards Vinod
G</BODY></HTML>

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---
-- 
 
This email is confidential and may be legally privileged. 
 
It is intended solely for the addressee. Access to this email by anyone else,
unless expressly approved by the sender or an authorized addressee, is
unauthorized. 
 
If you are not the intended recipient, any disclosure, copying, distribution or
any action omitted or taken in reliance on it, is prohibited and may be
unlawful. If you believe that you have received this email in error, please
contact the sender, delete this e-mail and destroy all copies. 
 
==============================================================================
 

===========================================================================
To unsubscribe, send email to listserv@(protected) and include in the body
of the message "signoff J2EE-INTEREST". For general help, send email to
listserv@(protected) and include in the body of the message "help".