Tuesday, October 25, 2011

OIM 11g logging.xml getting overwritten issue

After installing and configuring OID-Connector, I tried to do a simple manual user provisioning to OID. As expected, the user creation in OID was rejected. Time to debug :(  So I included OID related login handler in $DOMAIN_NAME/config/fmwconfig/servers/oim_server1/logging.xml followed by restarting the oim managed server. To my surprise the logging.xml file got overwritten (to the original one) right after the managed server restarted.


Finally found the solution in support.oracle.com under support id 1335539.1.  This issue shows up when your admin server is in box1 and managed server is in box2. The solution is simple. Just modify the logging.xml file of Box1 (admin server) and restart the OIM managed server. The change will propagate to Box2 where the OIM managed server is running.
Posted by Kabi Patt at 7:55 PM 0 comments
Labels:

Saturday, May 14, 2011

STRIDE Threat modelling and counter measure

Here is a quick list of threats and its counter measures based on STRIDE treat model. More information at http://msdn.microsoft.com/en-us/magazine/cc163519.aspx .

THREAT                          COUNTER MEASURE
-------------------------------------------------------------
Spoofing                              Authentication
Tampering                           Digital Signature, Hashing
Repudiation                         Audit
Information Disclosure       Encryption   
DOS                                    Availability
Elevation of Privileges       Authorization, Input data sanitation
Posted by Kabi Patt at 10:14 AM 0 comments
Labels:
Subscribe to: Posts (Atom)