OC4J Security fails to authenticate users on a 64 bit solarisx86 machine
Hi,
I am using a database login module to authenticate users. The login module I use is DBTableLoginModule. On 32 bit windows based machine, the module functions perfectly fine. When I deployed my project on a 64 bit solarisx86 machine, users are no longer able to login. On debugging the DBTableLoginModule, the authentication shows success and the commit method is return true to the OC4J security. But OC4J is redirecting to error page and I have no clue as to why it is doing so. The problem is I am not able to debug OC4J security for I have no source code for that. My question is how can i turn on debugging for OC4J Security
so I can watch out for any errors or anything that OC4J complains about so I can have better chances to overcome this problem.
Thanks
Sam
Hi,
sounds like a OC4J bug to me (or issue at least). You may want to check
OC4J
Frank
Similar Messages
-
We have installed SAP on Microsoft Windows clustered environment with Oracle on Storage.
While taking offline backup of SAP, we are getting the following error message:
BR0280I BRBACKUP time stamp: 2008-12-31 01.02.13
BR0307I Shutting down database instance PRD ...
BR0278E Command output of 'FSCMD OFFLINERESOURCE PRD.WORLD /CLUSTER=SAPCLUSTER /OFFLINE=IMMEDIATE /USER=PRDADM /DOMAIN=PARLEAGRO /PWD=*********
Failed to connect to Oracle Services for MSCS on cluster SAPCLUSTER**
FS-10211: Failed to authenticate user PRDADM. The user must have Administrator privileges on all cluster nodes**BR0280I BRBACKUP time stamp: 2008-12-31 01.02.36
BR0279E Return code from 'FSCMD OFFLINERESOURCE PRD.WORLD /CLUSTER=SAPCLUSTER /OFFLINE=IMMEDIATE /USER=PRDADM /DOMAIN=PARLEAGRO /PWD=*********
BR0309E Shutdown of database instance PRD failed
BR0056I End of database backup: bdzpbrcw.aft 2008-12-31 01.02.36
BR0280I BRBACKUP time stamp: 2008-12-31 01.02.36
BR0054I BRBACKUP terminated with errorsHi,
Please, check if user PRDADM is assigned to the local administrators group on both nodes of the cluster. If not, please include it to this OS group. Also ensure the relevant Oracle services are running.
Cheers -
Failed to authenticate user to ACS 5.1 with LDAP as external identity storage
Hi , I have an ACS and Open-LDAP server running on my company network.
Now, I 'm setting up a new linksys WAP-54G and choose WPA2-Enterprise option with ACS as the radius server.
first thing first, I created new internal user on ACS, and trying to join the wireless network from my computer. I made it....
then, I'm moving on external entity (LDAP Server). I've set up the LDAP configuration and identity sequence, also select it on access service. but when I tried to authenticate from my computer, an error was occurred. I received :
the following error 22056 Subject not found in the applicable identity store (s)
Wonder 'bout this thing, I set up a cisco 1841 router to become AAA client. and surprisingly... it works !!!
so, is there any problem to authenticate from windows platform to ACS (pointing to LDAP) ?
any suggestion ?
thanksThis is the log when using windows 7 as authentication client (Failed) :
Steps
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
Evaluating Service Selection Policy
15004 Matched rule
15012 Selected Access Service - Default Network Access
11507 Extracted EAP-Response/Identity
12500 Prepared EAP-Request proposing EAP-TLS with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12301 Extracted EAP-Response/NAK requesting to use PEAP instead
12300 Prepared EAP-Request proposing PEAP with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12302 Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318 Successfully negotiated PEAP version 0
12800 Extracted first TLS record; TLS handshake started.
12805 Extracted TLS ClientHello message.
12806 Prepared TLS ServerHello message.
12807 Prepared TLS Certificate message.
12810 Prepared TLS ServerDone message.
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12318 Successfully negotiated PEAP version 0
12812 Extracted TLS ClientKeyExchange message.
12804 Extracted TLS Finished message.
12801 Prepared TLS ChangeCipherSpec message.
12802 Prepared TLS Finished message.
12816 TLS handshake succeeded.
12310 PEAP full handshake finished successfully
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12313 PEAP inner method started
11521 Prepared EAP-Request/Identity for inner EAP method
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11522 Extracted EAP-Response/Identity for inner EAP method
11806 Prepared EAP-Request for inner method proposing EAP-MSCHAP with challenge
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11808 Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
Evaluating Identity Policy
15006 Matched Default Rule
15013 Selected Identity Store -
22043 Current Identity Store does not support the authentication method; Skipping it.
24210 Looking up User in Internal Users IDStore - xxxxx
24216 The user is not found in the internal users identity store.
22016 Identity sequence completed iterating the IDStores
22056 Subject not found in the applicable identity store(s).
22058 The advanced option that is configured for an unknown user is used.
22061 The 'Reject' advanced option is configured in case of a failed authentication request.
11815 Inner EAP-MSCHAP authentication failed
11520 Prepared EAP-Failure for inner EAP method
22028 Authentication failed and the advanced options are ignored.
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12307 PEAP authentication failed
11504 Prepared EAP-Failure
11003 Returned RADIUS Access-Reject
This is the log when using 1841 router as authentication client (succeded) :
Steps
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
11049 Settings of RADIUS default network will be used
Evaluating Service Selection Policy
15004 Matched rule
15012 Selected Access Service - Default Network Access
Evaluating Identity Policy
15006 Matched Default Rule
15013 Selected Identity Store - LDAPyyyy
24031 Sending request to primary LDAP server
24015 Authenticating user against LDAP Server
24022 User authentication succeeded
22037 Authentication Passed
22023 Proceed to attribute retrieval
22038 Skipping the next IDStore for attribute retrieval because it is the one we authenticated against
24210 Looking up User in Internal Users IDStore - xxxxx
24216 The user is not found in the internal users identity store.
22016 Identity sequence completed iterating the IDStores
Evaluating Group Mapping Policy
Evaluating Exception Authorization Policy
15042 No rule was matched
Evaluating Authorization Policy
15006 Matched Default Rule
15016 Selected Authorization Profile - Permit Access
11002 Returned RADIUS Access-Accept
I realized that Windows is using PEAP-MSCHAPv2 while Router is using PAP-ASCII as it's protocol.
so now, why PEAP-MSCHAPv2 can't authenticate to LDAP ?
is there anything I can do to make it work ? -
Failed to authenticate - Shared Services 11.1.2.1
I've installed and configured Foundation services. When I try to login to Shared Services, I get the following error:
EPMCSS-00301: Failed to authenticate user. Invalid credentials. Enter valid credentials.
Code: 1000
Description: An error occurred processing the result from the server
Version - 11.1.2.1
Windows 2003 R2 SP2
Can anyone help with this issue? I haven't find any solutions on the forum...
ThanksJohn,
Thanks for the feedback. This is a new install, so I am entering the password that I used in the EPM configurator. Here is the full log:
<Aug 29, 2011 3:39:54 PM EDT> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
<Aug 29, 2011 3:39:54 PM EDT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
<Aug 29, 2011 3:39:55 PM EDT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 20.2-b06 from Sun Microsystems Inc.>
<Aug 29, 2011 3:39:59 PM EDT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.4.0 Fri Dec 17 20:47:33 PST 2010 1384255 >
<Aug 29, 2011 3:40:02 PM EDT> <Emergency> <Management> <BEA-141151> <The admin server could not be reached at http://localhost:7001.>
<Aug 29, 2011 3:40:02 PM EDT> <Info> <Configuration Management> <BEA-150018> <This server is being started in managed server independence mode in the absence of the admin server.>
<Aug 29, 2011 3:40:02 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Aug 29, 2011 3:40:02 PM EDT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Aug 29, 2011 3:40:02 PM EDT> <Notice> <LoggingService> <BEA-320400> <The log file E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\FoundationServices0.log will be rotated. Reopen the log file if tailing has stopped. This can happen on some platforms like Windows.>
<Aug 29, 2011 3:40:02 PM EDT> <Notice> <LoggingService> <BEA-320401> <The log file has been rotated to E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\FoundationServices0.log00004. Log messages will continue to be logged in E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\FoundationServices0.log.>
<Aug 29, 2011 3:40:02 PM EDT> <Notice> <Log Management> <BEA-170019> <The server log file E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\FoundationServices0.log is opened. All server side log events will be written to this file.>
<Aug 29, 2011 3:40:11 PM EDT> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Aug 29, 2011 3:40:14 PM EDT> <Warning> <JTA> <BEA-110503> <The migrator(the AdminServer for manual JTA migration policy, or the Singleton Master for automatic JTA migration policy) is not available. Will skip JTA TRS failback because isStrictOwnershipCheck is [false]. This may lead to potencial TLOG corruption if TRS of FoundationServices0 has been migrated to backup server and the backup server is accessing the TLOG of FoundationServices0. More safety can be achieved by setting isStrictOwnershipCheck to [true].>
<Aug 29, 2011 3:40:16 PM EDT> <Notice> <LoggingService> <BEA-320400> <The log file E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\access.log will be rotated. Reopen the log file if tailing has stopped. This can happen on some platforms like Windows.>
<Aug 29, 2011 3:40:16 PM EDT> <Notice> <LoggingService> <BEA-320401> <The log file has been rotated to E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\access.log00001. Log messages will continue to be logged in E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\access.log.>
<Aug 29, 2011 3:40:25 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STANDBY>
<Aug 29, 2011 3:40:25 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getDomainConfiguration()
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getRuntimeService()
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
return com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean
return com.bea:Name=EPMSystem,Type=Domain
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Domain location is 'E:\Oracle\Middleware\user_projects\domains\EPMSystem'
Calling getRuntimeService()
return com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Checking E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\registry_update.xml file
EPM_ORACLE_HOME: E:\Oracle\Middleware\EPMSystem11R1
Template for SHAREDSERVICES#11.1.2.0: E:\Oracle\Middleware\EPMSystem11R1\common\templates\applications\epm_sharedservices_11.1.2.1.jar
Dependencies for E:\Oracle\Middleware\EPMSystem11R1\common\templates\applications\epm_sharedservices_11.1.2.1.jar: [Oracle EPM Common, Oracle EPM HSS, Oracle EPM Misc libraries, Oracle EPM BPM UI libraries, Oracle EPM BPM UI shared webapp, Oracle EPM Struts libraries]
BPMUI shared webapp referenced from SHAREDSERVICES#11.1.2.0
Application name: SHAREDSERVICES#11.1.2.0
Application source: interop.ear
Server name: FoundationServices0
Server port: 28080
Server SSL port: 28443
Application context: interop
Registry product type: SHARED_SERVICES_PRODUCT
Registry physical web application type: SHARED_SERVICES_WEBAPP
weblogic.Name property is 'FoundationServices0', seems to be WebLogic mode
registry.isRegistryDatabaseCreated()true
Registry was initialized sucessfully
Executing pre custom update for SHAREDSERVICES#11.1.2.0
EPM_ORACLE_INSTANCE: E:\Oracle\Middleware\user_projects\epmsystem1
Physical Web App found
Web app already linked to some application server: false
The registry was not modifyed because it already containse all sturctures
Web app is already linked to the logical web app
No needs to run custom updater for SHAREDSERVICES#11.1.2.0
loggingUpdateSHAREDSERVICES.block file exist or the system is running in the Fusion mode, skipping logging.xml configuration
<Aug 29, 2011 3:40:54 PM EDT> <Warning> <Munger> <BEA-2156203> <A version attribute was not found in element web-app in the deployment descriptor in E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\tmp\servers\FoundationServices0\tmp\_WL_user\SHAREDSERVICES_11.1.2.0\oj8n6j\interop.war/WEB-INF/web.xml. A version attribute is required, but this version of the Weblogic Server will assume that the JEE5 is used. Future versions of the Weblogic Server will reject descriptors that do not specify the JEE version.>
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getDomainConfiguration()
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getRuntimeService()
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
return com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean
return com.bea:Name=EPMSystem,Type=Domain
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Domain location is 'E:\Oracle\Middleware\user_projects\domains\EPMSystem'
Calling getRuntimeService()
return com.bea:Name=RuntimeService,Type=weblogic.management.mbeanservers.runtime.RuntimeServiceMBean
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Calling getConnection()
return weblogic.management.jmx.mbeanserver.WLSMBeanServer@2bc9e4d2
Checking E:\Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\registry_update.xml file
EPM_ORACLE_HOME: E:\Oracle\Middleware\EPMSystem11R1
Template for WORKSPACE#11.1.2.0: E:\Oracle\Middleware\EPMSystem11R1\common\templates\applications\epm_workspace_11.1.2.1.jar
Dependencies for E:\Oracle\Middleware\EPMSystem11R1\common\templates\applications\epm_workspace_11.1.2.1.jar: [Oracle EPM Common, Oracle EPM BPM UI libraries, Oracle EPM BPM UI shared webapp, Oracle EPM Misc libraries, Oracle EPM LCM libraries, Oracle EPM Xerces libraries]
BPMUI shared webapp referenced from WORKSPACE#11.1.2.0
Application name: WORKSPACE#11.1.2.0
Application source: workspace.ear
Server name: FoundationServices0
Server port: 28080
Server SSL port: 28443
Application context: workspace
Registry product type: WORKSPACE
Registry physical web application type: WORKSPACE_WEBAPP
weblogic.Name property is 'FoundationServices0', seems to be WebLogic mode
registry.isRegistryDatabaseCreated()true
Registry was initialized sucessfully
Executing pre custom update for WORKSPACE#11.1.2.0
EPM_ORACLE_INSTANCE: E:\Oracle\Middleware\user_projects\epmsystem1
Physical Web App found
Web app already linked to some application server: false
The registry was not modifyed because it already containse all sturctures
Web app is already linked to the logical web app
No needs to run custom updater for WORKSPACE#11.1.2.0
loggingUpdateWORKSPACE.block file exist or the system is running in the Fusion mode, skipping logging.xml configuration
**********Getting connection from hub connection pool..Testing JNDI connection....
<Aug 29, 2011 3:41:25 PM EDT> <Notice> <Cluster> <BEA-000197> <Listening for announcements from cluster using unicast cluster messaging>
<Aug 29, 2011 3:41:25 PM EDT> <Notice> <Cluster> <BEA-000133> <Waiting to synchronize with other running members of FoundationServices.>
<Aug 29, 2011 3:41:30 PM EDT> <Warning> <Log Management> <BEA-170011> <The LogBroadcaster on this server failed to broadcast log messages to the admin server. The Admin server may not be running. Message broadcasts to the admin server will be disabled.>
<Aug 29, 2011 3:41:55 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to ADMIN>
<Aug 29, 2011 3:41:55 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RESUMING>
<Aug 29, 2011 3:42:00 PM EDT> <Notice> <Cluster> <BEA-000162> <Starting "async" replication service with remote cluster address "null">
<Aug 29, 2011 3:42:00 PM EDT> <Notice> <Security> <BEA-090171> <Loading the identity certificate and private key stored under the alias DemoIdentity from the jks keystore file E:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\DemoIdentity.jks.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file E:\Oracle\MIDDLE~1\WLSERV~1.3\server\lib\DemoTrust.jks.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090169> <Loading trusted certificates from the jks keystore file C:\Program Files\Java\jdk1.6.0_27\jre\lib\security\cacerts.>
<Aug 29, 2011 3:42:01 PM EDT> <Alert> <Security> <BEA-090152> <Demo trusted CA certificate is being used in production mode: [
Version: V3
Subject: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: Sun RSA public key, 512 bits
modulus: 9550192877869244258838480703390456015046425375252278279190673063544122510925482179963329236052146047356415957587628011282484772458983977898996276815440753
public exponent: 65537
Validity: [From: Thu Mar 21 15:12:27 EST 2002,
To: Tue Mar 22 16:12:27 EDT 2022]
Issuer: CN=CACERT, OU=FOR TESTING ONLY, O=MyOrganization, L=MyTown, ST=MyState, C=US
SerialNumber: [ 33f10648 fcde0deb 4199921f d64537f4]
Certificate Extensions: 1
[1]: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Algorithm: [MD5withRSA]
Signature:
0000: 9D 26 4C 29 C8 91 C3 A7 06 C3 24 6F AE B4 F8 82 .&L)......$o....
0010: 80 4D AA CB 7C 79 46 84 81 C4 66 95 F4 1E D8 C4 .M...yF...f.....
0020: E9 B7 D9 7C E2 23 33 A4 B7 21 E0 AA 54 2B 4A FF .....#3..!..T+J.
0030: CB 21 20 88 81 21 DB AC 90 54 D8 7D 79 63 23 3C .! ..!...T..yc#<
] The system is vulnerable to security attacks, since it trusts certificates signed by the demo trusted CA.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=Entrust Root Certification Authority - G2,OU=(c) 2009 Entrust\, Inc. - for authorized use only,OU=See www.entrust.net/legal-terms,O=Entrust\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=thawte Primary Root CA - G3,OU=(c) 2008 thawte\, Inc. - For authorized use only,OU=Certification Services Division,O=thawte\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 3,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=T-TeleSec GlobalRoot Class 2,OU=T-Systems Trust Center,O=T-Systems Enterprise Services GmbH,C=DE". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GlobalSign,O=GlobalSign,OU=GlobalSign Root CA - R3". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "OU=Security Communication RootCA2,O=SECOM Trust Systems CO.\,LTD.,C=JP". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=VeriSign Universal Root Certification Authority,OU=(c) 2008 VeriSign\, Inc. - For authorized use only,OU=VeriSign Trust Network,O=VeriSign\, Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=KEYNECTIS ROOT CA,OU=ROOT,O=KEYNECTIS,C=FR". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Security> <BEA-090898> <Ignoring the trusted CA certificate "CN=GeoTrust Primary Certification Authority - G3,OU=(c) 2008 GeoTrust Inc. - For authorized use only,O=GeoTrust Inc.,C=US". The loading of the trusted certificate list raised a certificate parsing exception PKIX: Unsupported OID in the AlgorithmIdentifier object: 1.2.840.113549.1.1.11.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure" is now listening on 172.16.2.177:28443 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 172.16.2.177:28080 for protocols iiop, t3, CLUSTER-BROADCAST, ldap, snmp, http.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Server> <BEA-002613> <Channel "Default[1]" is now listening on 127.0.0.1:28080 for protocols iiop, t3, CLUSTER-BROADCAST, ldap, snmp, http.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <Server> <BEA-002613> <Channel "DefaultSecure[1]" is now listening on 127.0.0.1:28443 for protocols iiops, t3s, CLUSTER-BROADCAST-SECURE, ldaps, https.>
<Aug 29, 2011 3:42:01 PM EDT> <Notice> <WebLogicServer> <BEA-000358> <Started WebLogic Independent Managed Server "FoundationServices0" for domain "EPMSystem" running in Production Mode>
<Aug 29, 2011 3:42:01 PM EDT> <Warning> <JMX> <BEA-149510> <Unable to establish JMX Connectivity with the Adminstration Server AdminServer at <JMXServiceURL:null>.>
<Aug 29, 2011 3:42:05 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING>
<Aug 29, 2011 3:42:05 PM EDT> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>
Thanks!
Brent -
Failed to authenticate & Unable to synchronize login time
Hi,
My OSX clients are bound to OSX Server.
Most clients are 10.8, some are 10.9.
Server is 10.10, recently migrated from 10.6.8.
Most clients can log in to the user accounts in good order.
However I have a couple of clients that cannot log in (they both happen to be 10.9 clients).
The login box just shakes when credentials for any network user are enetered.
When this happens the systme.log on client shows:
Oct 30 09:33:24 imac1252 SecurityAgent[166]: User info context values set for userxyz
Oct 30 09:33:25 imac1252 authorizationhost[182]: Failed to authenticate user <xyz> (error: 9).
The system.log on 10.10 server shows:
DSUpdateLoginStatus: Unable to synchronize login time for userxyz: 77009
I have checked the time and time zones on server and client and they are identical.
Does anyone have any guidance, please?
Thanks,
b.I spent some hours with Apple Support on this.
Apple Support logged into my server, had me do some testing from different clients with them watching, detroyed & rebuilt OD database, tested with a brand new fresh OD database, uploaded some files for analysis, etc.
The problem is...
Looking back 8 years or so, my mobile user accunts were created on server 10.6 (or maybe even 10.4 can't remember that far back )
OSX server (back then) did not require or even have have a certiftcate for these accounts.
Jumping forward to today...
Server 4 on 10.10 requires a certificate for 10.9 clients (and above). But my my OD database (created years ago) does not have a certificate for the accounts to use, and they would not know anything about it even if I created one.
So, support tell me the only option to get things working again is to destroy and rebuild the OD database. I can keep Users, Groups etc, by exporting, but I will need to recreate all passwords.
I will do that in due course.
In the meantime my workaround is to have 10.9 users disconnect from network at the time they enter their login password. They can reconnect as soon as they hit 'return'.
b. -
JBO-33021: Failed authenticate user null
I am trying to set security on the application module Using jDeveloper 10.1.2 and oracle db 9.2.
Currently testing from the embedded oc4j and a standalone oc4j.
Created an application module to a db table and named it AppModule.
The application module successfully tested using the projects default Business Component Name.
The application module also tested successfully using the Business Component Name "AppModuleLocal".
I then set the jbo.security.enforce application module property to "Auth".
The application module is re-tested using the Business Component Name "AppModuleLocal".
A dialog window prompts for user and password.
Then login using the default admin/welcomr and the below error is generated:
JBO-30003: The application pool (Cuma.model.cumaStateModuleLocal) failed to checkout an application module due to the following exception:oracle.jbo.JboException: JBO-29000: Unexpected exception caught: oracle.jbo.JboException, msg=JBO-33021: Failed authenticate user null
what does mean?
help!!repost
-
JBO-33021: Failed authenticate user null HELP!!
I am trying to set security on the application module Using jDeveloper 10.1.2 and oracle db 9.2.
Currently testing from the embedded oc4j and a standalone oc4j.
Created an application module to a db table and named it AppModule.
The application module successfully tested using the projects default Business Component Name.
The application module also tested successfully using the Business Component Name "AppModuleLocal".
I then set the jbo.security.enforce application module property to "Auth".
The application module is re-tested using the Business Component Name "AppModuleLocal".
A dialog window prompts for user and password.
Then login using the default admin/welcomr and the below error is generated:
JBO-30003: The application pool (Cuma.model.cumaStateModuleLocal) failed to checkout an application module due to the following exception:oracle.jbo.JboException: JBO-29000: Unexpected exception caught: oracle.jbo.JboException, msg=JBO-33021: Failed authenticate user null
what does mean?repost
-
Not able to start Managed server using nohup command and failed to authenticate weblogic user
Hi,
I stopped weblogic Admin server, managed server and opmnctl. and restarted Admin server successfully but I'm able to start managed start without nohup command. if I use nohup command then it's not able to get authenticate and faild to start managed server. I created boot.property file with weblogic user name and password still not working. is there anyother way to suppy login credentials for managed server?
how can I supply login credentials in below command?
nohup ./startManagedWebLogic.sh bi_server1 t3://machine:7001 > bis1_startup.log &
Appreciate you for your help
Thanks
Jay./app/obiee_11g/Oracle_BI1/jdk/bin/java -server -Xms256m -Xmx1024m -XX:MaxPermSize=512m -XX:-UseSSE42Intrinsics -Dweblogic.Name=bi_server1 -Djava.security.policy=/app/obiee_11g/wlserver_10.3/server/lib/weblogic.policy -Dweblogic.ProductionModeEnabled=true -Dweblogic.security.SSL.trustedCAKeyStore=/app/obiee_11g/wlserver_10.3/server/lib/cacerts -da -Dplatform.home=/app/obiee_11g/wlserver_10.3 -Dwls.home=/app/obiee_11g/wlserver_10.3/server -Dweblogic.home=/app/obiee_11g/wlserver_10.3/server -Dcommon.components.home=/app/obiee_11g/oracle_common -Djrf.version=11.1.1 -Dorg.apache.commons.logging.Log=org.apache.commons.logging.impl.Jdk14Logger -Ddomain.home=/app/obiee_11g/user_projects/domains/bifoundation_domain -Djrockit.optfile=/app/obiee_11g/oracle_common/modules/oracle.jrf_11.1.1/jrocket_optfile.txt -Doracle.server.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/servers/bi_server1 -Doracle.domain.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig -Digf.arisidbeans.carmlloc=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/carml -Digf.arisidstack.home=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/arisidprovider -Doracle.security.jps.config=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig/jps-config.xml -Doracle.deployed.app.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/servers/bi_server1/tmp/_WL_user -Doracle.deployed.app.ext=/- -Dweblogic.alternateTypesDirectory=/app/obiee_11g/oracle_common/modules/oracle.ossoiap_11.1.1,/app/obiee_11g/oracle_common/modules/oracle.oamprovider_11.1.1 -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.jdbc.remoteEnabled=false -Dbi.oracle.home=/app/obiee_11g/Oracle_BI1 -DEPM_ORACLE_HOME=/app/obiee_11g/Oracle_BI1 -Dweblogic.MaxMessageSize=50000000 -DEPM_ORACLE_HOME=/app/obiee_11g/Oracle_BI1 -DHYPERION_HOME=/app/obiee_11g/Oracle_BI1 -DEPM_ORACLE_INSTANCE=novalue -Dhyperion.home=/app/obiee_11g/Oracle_BI1 -DEPM_REG_PROPERTIES_PATH=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/fmwconfig -Depm.useApplicationContextId=false -Doracle.biee.search.bisearchproperties=/app/obiee_11g/Oracle_BI1/bifoundation/jee/BISearchConfig.properties -Dweblogic.management.clearTextCredentialAccessEnabled=true -Doracle.notification.filewatching.interval=2000 -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.security.SSL.enableJSSE=true -Dfile.encoding=utf-8 -Doracle.ecsf.security.service=oracle.biee.search.security.BISearchSecurityService -Doracle.ecsf.configuration.class=oracle.biee.search.services.BISearchServiceConfiguration -Dxdo.server.config.dir=/app/obiee_11g/user_projects/domains/bifoundation_domain/config/bipublisher -DXDO_FONT_DIR=/app/obiee_11g/Oracle_BI1/common/fonts -Drtd.instanceName=RTD_bi_server1 -Dem.oracle.home=/app/obiee_11g/oracle_common -Djava.awt.headless=true -Dweblogic.management.discover=false -Dweblogic.management.server=01scqabi01.natusmed.natus.com:7001 -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=false -Dweblogic.ext.dirs=/app/obiee_11g/patch_wls1035/profiles/default/sysext_manifest_classpath weblogic.Server
<Nov 17, 2013 12:24:00 AM PST> <Info> <Security> <BEA-090905> <Disabling CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true>
<Nov 17, 2013 12:24:00 AM PST> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>
<Nov 17, 2013 12:24:01 AM PST> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with Java HotSpot(TM) 64-Bit Server VM Version 20.10-b01 from Sun Microsystems Inc.>
<Nov 17, 2013 12:24:07 AM PST> <Info> <Security> <BEA-090065> <Getting boot identity from user.>
Enter username to boot WebLogic server:Error: Failed to get value from Standard Input
Enter password to boot WebLogic server:
<Nov 17, 2013 12:24:07 AM PST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.5.0 Fri Apr 1 20:20:06 PDT 2011 1398638 >
<Nov 17, 2013 12:24:09 AM PST> <Error> <Configuration Management> <BEA-150021> <The admin server failed to authenticate the identity of the user starting the managed server. The reason for the error is .>
<Nov 17, 2013 12:24:09 AM PST> <Emergency> <Management> <BEA-141151> <The admin server could not be reached at http://01scqabi01.natusmed.natus.com:7001.>
<Nov 17, 2013 12:24:09 AM PST> <Info> <Configuration Management> <BEA-150018> <This server is being started in managed server independence mode in the absence of the admin server.>
<Nov 17, 2013 12:24:09 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Nov 17, 2013 12:24:09 AM PST> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Nov 17, 2013 12:24:09 AM PST> <Notice> <Log Management> <BEA-170019> <The server log file /app/obiee_11g/user_projects/domains/bifoundation_domain/servers/bi_server1/logs/bi_server1.log is opened. All server side log events will be written to this file.>
<Nov 17, 2013 12:24:19 AM PST> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
<Nov 17, 2013 12:24:20 AM PST> <Critical> <Security> <BEA-090403> <Authentication for user denied>
<Nov 17, 2013 12:24:20 AM PST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
weblogic.security.SecurityInitializationException: Authentication for user denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Truncated. see log file for complete stacktrace
>
<Nov 17, 2013 12:24:20 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Nov 17, 2013 12:24:20 AM PST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Nov 17, 2013 12:24:20 AM PST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN> -
Hi,
when I want to start managed server :
<Sep 5, 2014 4:56:12 PM GST> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
weblogic.security.SecurityInitializationException: Authentication for user denied
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
Truncated. see log file for complete stacktrace
>
<Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
<Sep 5, 2014 4:56:12 PM GST> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
<Sep 5, 2014 4:56:12 PM GST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>
ThanksNever mind, the correct command is:
wls:/nm/IDMDomain> pr=makePropertiesObject("username=weblogic;password=weblogic0");
wls:/nm/IDMDomain> nmStart('AdminServer',props=pr);
It would be interesting however to have a list of all names of environmental variables that we can possibly set.
Cheers. -
Java API Failed to authenticate the user session with LDAP
I have created a Java class that uses the MDM Java Api's it works fine on our Development environment where the MDM server uses its own built in authentication, but when I moved it to our QA environment where MDM use LDAP for authentication its failed with a 'Failed to authenticate the user session'. Has anyone seen this before?
hi Dan,
The java class which u have created that suppose to works fine on MDM server because to execute that program there are no requirement of such protocols, the problem u will face while exporting those program to an client machine
LDAP(Lightweight Directory Access protocol) connector communicates with the SAP system using RFC and with the directory server using these standard communication protocol.
so try to select the protocol such that it should help in making connection between the server,direcotryserver and the client machine through which u can execute u r java class using java Api's.
i hope this will give u an idea to through ur problem.
regards,
swapnil -
Job scheduling failed because the user has no permission to access this rep
Hi. I've OBIP 10.1.3.4.1.
When I launch a print with the scheduler I see this error:
oracle.apps.xdo.servlet.scheduler.ProcessingException: Job scheduling failed because the user has no permission to access this report. [REPORT_URL]=[folderreport/report/report.xdo], [USERNAME]=[administrator]
at oracle.apps.xdo.servlet.ui.scheduler.SchedulerServlet.scheduleJob(SchedulerServlet.java:1140)
at oracle.apps.xdo.servlet.ui.scheduler.SchedulerServlet.doPost(SchedulerServlet.java:295)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.apps.xdo.servlet.security.SecurityFilter.doFilter(SecurityFilter.java:100)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
In this env. I've a LDAP Security Model and all the report and all the users work.Please check whether you have assigned below responsibility to the user trying to schedule report.
XMLP_SCHEDULER -
Errors while consuming secured portlet on anonymous user
Hello,
I'm trying to configure security end-to-end Portlet as in this link http://fusionsecurity.blogspot.com/2010/09/hands-on-wsrp-security-in-oracle-fusion_04.html.
I got WSRP security with authenticated users, but when I try to consume the portlet on anonymous users (unauthenticated), I receive the error below:
Caused By: javax.xml.rpc.soap.SOAPFaultException: FailedAuthentication : The security token cannot be authenticated.
at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:669)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:475)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:149)
at oracle.portlet.wsrp.v2.soap.runtime.WSRP_v2_Markup_Binding_SOAP_Stub.initCookie(WSRP_v2_Markup_Binding_SOAP_Stub.java:343)
at oracle.portlet.wsrp.v2.WSRP_v2_Markup_PortTypeJaxbToSoap.initCookie(WSRP_v2_Markup_PortTypeJaxbToSoap.java:671)
at oracle.portlet.wsrp.v2.ServerToWSRPv2.initCookie(ServerToWSRPv2.java:22225)
at oracle.portlet.client.connection.wsrp.ActivityServerWrapper.initCookie(ActivityServerWrapper.java:1125)
at oracle.portlet.client.techimpl.wsrp.WSRPInitCookiePipe.execute(WSRPInitCookiePipe.java:130)
… more
We have the following usecase:
1) Created an ADF application with one JSP page and converted to portlet.
2) Created a consumer application (Webcenter Portal Framework Application).
3) In the consumer app, created a WSRP connection for this portlet (to register the producer).
- In the "Configure Security Attributes" in the WSRP portlet producer wizard, we have selected the following:
- Token Profile: WSS 1.0 SAML Token with Message Protection
- Configuration: Default
- Default user: anonymous
4) Drag and drop the portlet on the consumer page and run.
Would anyone tell me how do I set the permission for an anonymous user?
Thanks.Hi Bijesh,
Yes, I have tried not specifying a default user and I got the error below:
<Feb 3, 2015 2:53:48 PM BRST> <Notice> <Stdout> <BEA-000000> <<Feb 3, 2015 2:53:48 PM BRST> <Error> <oracle.wsm.resources.security> <WSM-00008> <Web service authentication failed.
javax.security.auth.login.LoginException: wsrp:minimal
at oracle.security.jps.internal.jaas.module.saml.JpsAbstractSAMLLoginModule.login(JpsAbstractSAMLLoginModule.java:127)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
at oracle.wsm.security.jps.JpsManager.authenticate(JpsManager.java:184)
at oracle.wsm.security.jps.JpsManager.samlAuthenticate(JpsManager.java:325)
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User wsrp:minimal javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User wsrp:minimal denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
I’ve set ADF Security for my Portlet Application following the steps below:
Create an Enterprise Role ‘Participante’. (The authenticated user has this group 'Participante' in LDAP)
Create an Application Role ‘participante-role’ and map to the enterprise role ‘Participante’.
Assign ‘participante-role’ to Web Page or Task Flow in Resources Grants.
Those steps work well when I am using Task Flows. If I use Portlets based on Page instead of Task Flow, the security does not work.
I have already tested the second option (create a guest user). The problem here is that the user has the authenticated-role associated to it.
Thanks for help. -
Cisco WLC 2504 and ways to authenticate users
Hi All,
What is the ways to make user authenticate to WLC 2504 and what is the best and simple way and what is the differences btw each method _i mean for example need radius server or something else to be exist_ ?
and any one can give me case study for this issue
System consist of Cisco 2504 and Cisco LAP 1140
ThanksTo implement radius based authentication is the best practice for the small & enterprise environment.
Information About RADIUS
Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol that provides centralized security for users attempting to gain management access to a network. It serves as a backend database similar to local and TACACS+ and provides authentication and accounting services:
•Authentication—The process of verifying users when they attempt to log into the controller.
Users must enter a valid username and password in order for the controller to authenticate users to the RADIUS server. If multiple databases are configured, you can specify the sequence in which the backend database must be tired.
•Accounting—The process of recording user actions and changes.
Whenever a user successfully executes an action, the RADIUS accounting server logs the changed attributes, the user ID of the person who made the change, the remote host where the user is logged in, the date and time when the command was executed, the authorization level of the user, and a description of the action performed and the values provided. If the RADIUS accounting server becomes unreachable, users are able to continue their sessions uninterrupted.
RADIUS uses User Datagram Protocol (UDP) for its transport. It maintains a database and listens on UDP port 1812 for incoming authentication requests and UDP port 1813 for incoming accounting requests. The controller, which requires access control, acts as the client and requests AAA services from the server. The traffic between the controller and the server is encrypted by an algorithm defined in the protocol and a shared secret key configured on both devices.
You can configure multiple RADIUS accounting and authentication servers.For example, you may want to have one central RADIUS authentication server but several RADIUS accounting servers in different regions. If you configure multiple servers of the same type and the first one fails or becomes unreachable, the controller automatically tries the second one, then the third one if necessary, and so on.
For more Information : http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_security_sol.html#wp2149947 -
Authenticate Users from a different domain
Hello,
I have three domains; Domain A, Domain B & Domain C
Domain A does not trust Domain B
Domain C trusts both A and B
Users login to Domain A
SharePoint 2013 Enterprise lives in Domain C
Users wanting to access SharePoint must authenticate to SharePoint with their Domin B accounts.
Crazy... I know
I have setup people picker to work with Domain B, Thank you Trevor (
http://social.technet.microsoft.com/Forums/sharepoint/en-US/9f805e2d-1b39-4e1d-b5ae-c5d7b83ca690/authenticate-users-from-a-trusted-domain?forum=sharepointadminprevious)
My next issue is that I am now testing the initial login into the SharePoint 2013 server from a standard user (who logs into Domain A in the beginning of the day)
I have added myself (Bob) to the owners group in root site collection. owner = Domain_B\Bob
When I browse to my new site using IE 9 I'm presented with a not so helpful page that says, "Sorry, this site hasn't been shared with you." Thats it.. no chance to login as a different person. Obviously SharePoint sees me as Domain_A\Bob
and is letting me know that I have no access.
What I would like to happen is for SharePoint to prompt me with the standard claims NTLM login screen so that I may login to SharePoint with my Domain_B\Bob account. Is there a way to set this up without forms authentication?
Oddly enough, using Firefox I am prompted for login credentials, but typing in Domain_B\Bob does not work. If I do enter the farm service account setup in Domain_C, I am able to enter SharePoint with my farm service account credentials.
Thanks for your help,
-BobThe output of the stsadm -o getproperty -pn peoplepicker-searchadforests -urlhttp://sharePoint-dev.mydomain.com was successfully completed.
capturing the LOG files as I'm trying to log in using by Domain B account I see the following: (listed below)
------------Event viewer:------------------------
Failure Reason: The User has not been granted the requested logon type at this machine.
> This leads me to believe that I need to add DomainB\domain users to the "access this computer from the network" policy
What do you think?
Thanks,
-Bob
----------------------------ULS LOG FILE---------------------------------------------------
12/30/2013 12:49:05.08 w3wp.exe (0x1C38) 0x1E78 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-b893-d0f1-8d12-0081758a591c
12/30/2013 12:49:05.08 w3wp.exe (0x1C38) 0x1E78 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=4.11972750726699 3570659c-b893-d0f1-8d12-0081758a591c
12/30/2013 12:49:05.60 w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 20ffe309-e6af-4c9f-a54a-a0073faf5519
12/30/2013 12:49:05.60* w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 20ffe309-e6af-4c9f-a54a-a0073faf5519
12/30/2013 12:49:05.61 w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 56bd1860-a63f-43b0-b0e1-b5997cfb380b
12/30/2013 12:49:05.61* w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 56bd1860-a63f-43b0-b0e1-b5997cfb380b
12/30/2013 12:49:05.86 w3wp.exe (0x1C38) 0x1DBC SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Parent No
12/30/2013 12:49:05.86 w3wp.exe (0x1C38) 0x1DBC SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-88c4-d0f1-8d12-08b6d636f658
12/30/2013 12:49:05.86 w3wp.exe (0x1C38) 0x1DBC SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=1.3153208019455 3570659c-88c4-d0f1-8d12-08b6d636f658
12/30/2013 12:49:05.86 w3wp.exe (0x1C38) 0x2258 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Parent No
12/30/2013 12:49:05.86 w3wp.exe (0x1C38) 0x2258 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-b8c4-d0f1-8d12-06face9fae6d
12/30/2013 12:49:05.87 w3wp.exe (0x1C38) 0x2258 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=4.21303545562355 3570659c-b8c4-d0f1-8d12-06face9fae6d
12/30/2013 12:49:06.61 w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 7e316c4f-aa4d-483a-bebf-3cd76e7fc693
12/30/2013 12:49:06.61* w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 7e316c4f-aa4d-483a-bebf-3cd76e7fc693
12/30/2013 12:49:06.61 w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 3998a340-44a6-4836-a3c8-33b8061159b5
12/30/2013 12:49:06.61* w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 3998a340-44a6-4836-a3c8-33b8061159b5
12/30/2013 12:49:06.74 w3wp.exe (0x1C38) 0x1418 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Parent No
12/30/2013 12:49:06.74 w3wp.exe (0x1C38) 0x1418 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-c8fb-d0f1-8d12-0856ed2e7a06
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x1418 SharePoint Foundation Authentication Authorization agb9s Medium Non-OAuth request. IsAuthenticated=False, UserIdentityName=, ClaimsCount=0 3570659c-c8fb-d0f1-8d12-0856ed2e7a06
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x1418 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=2.68225430885769 3570659c-c8fb-d0f1-8d12-0856ed2e7a06
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x19BC SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Parent No
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x19BC SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-38fc-d0f1-8d12-005530b4e738
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x19BC SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=1.02066044706799 3570659c-38fc-d0f1-8d12-005530b4e738
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x1BD4 SharePoint Foundation Monitoring nasq Medium Entering monitored scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Parent No
12/30/2013 12:49:06.75 w3wp.exe (0x1C38) 0x1BD4 SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (GET:http://fermipoint-dev.fnal.gov:80/) 3570659c-78fc-d0f1-8d12-0dc88dd1e7bb
12/30/2013 12:49:06.76 w3wp.exe (0x1C38) 0x1BD4 SharePoint Foundation Monitoring b4ly Medium Leaving Monitored Scope (Request (GET:http://fermipoint-dev.fnal.gov:80/)). Execution Time=4.1344640170748 3570659c-78fc-d0f1-8d12-0dc88dd1e7bb
12/30/2013 12:49:06.80 OWSTIMER.EXE (0x07C8) 0x1490 SharePoint Foundation Health abire Medium Failed to Sql Query data XEvent collector on fv-sp13tst. The error is Object reference not set to an instance of an object.
12/30/2013 12:49:07.05 w3wp.exe (0x1C38) 0x1BF4 SharePoint Portal Server Runtime 8gp7 Medium Topology cache updated. (AppDomain: /LM/W3SVC/1720071765/ROOT-1-130328985568168782) 3570659c-6845-d0f1-8d12-00249d79cf0d
12/30/2013 12:49:07.61 w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... f94dd497-6681-4b0b-b19b-255d6073d82f
12/30/2013 12:49:07.61* w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). f94dd497-6681-4b0b-b19b-255d6073d82f
12/30/2013 12:49:07.61 w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 6ef43b9d-67d2-4717-9026-aaafbc95af2d
12/30/2013 12:49:07.61* w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 6ef43b9d-67d2-4717-9026-aaafbc95af2d
12/30/2013 12:49:08.61 w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 3341568a-938d-4660-b9c8-94be1b566486
12/30/2013 12:49:08.61* w3wp.exe (0x1C38) 0x203C SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 3341568a-938d-4660-b9c8-94be1b566486
12/30/2013 12:49:08.61 w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable Error encountered in background cache check Microsoft.SharePoint.SPEndpointAddressNotFoundException: There are no addresses available
for this application. at Microsoft.SharePoint.SPRoundRobinServiceLoadBalancer.BeginOperation() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.<>c__DisplayClass2f.<RunOnChannel>b__2d()
at Microsoft.Office.Server.Security.SecurityContext.RunAsProcess(CodeToRunElevated secureCode) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.RunOnChannel(CodeToRun codeToRun, Double operationTimeoutFactor)
at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.ReadApplicationSettings(Guid rawPartitionId) at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.get_ServiceApplicationSettin... 164404b3-76ab-47cb-8fb4-a27f30d2498c
12/30/2013 12:49:08.61* w3wp.exe (0x0F18) 0x2544 SharePoint Server Taxonomy ca3r Monitorable ...gs() at Microsoft.SharePoint.Taxonomy.MetadataWebServiceApplicationProxy.TimeToCheckForUpdates()
at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.CheckForChanges(Boolean enforceUpdate) at Microsoft.SharePoint.Taxonomy.Internal.TaxonomyCache.<LoopForChanges>b__0(). 164404b3-76ab-47cb-8fb4-a27f30d2498c -
How to use CSACS 3.3 to authenticate users from multiple windows domain?
Can Cisco Secure ACS 3.3 be used to authenticate users from another Windows domain that is not a child nor a trusted domain???
hello, here is my scenario:
ACS 3.3 was installed on a member server on domain1. I need to authenticate and ultimately populate the users into ACS from another domain. The service already works perfect on just domain1, but now I need to authenticate users from another domain.
And adding those domains as trusted domains in domain1 is not an option.
Is Generic LDAP my only other option? Any config guides that you guys know with regard to doing this?
Any input is much appreciated.Hi Betcy,
I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
You can find more details on following SAP note:
#[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
I hope it helps.
Kind regards,
Lisandro Magnus
Maybe you are looking for
-
Can't see .swf files in CS3
i've read quite a few postings on this topic but none of the fixes seem to work. after upgrading to CS3 from CS2, all of my embeded .swf files have disappeared from the web. to be clear, i have the .js files and folders all on the remote site, the .s
-
Payment Batch Not Working..
Hi all, out of 802 payments which have equal Due Date, Pay Group, Payment Method ( at header and payment schedule level) bank ( all bank related information) every thing match in this 802 invoices. where in 800 got paid and 2 were left out. can you p
-
PR and RFQ usage upto the target quantity
Hi, How to restrict the PR and RFQ up to the target quantity as a reference. The PR and RFQ should not be available, after the target quantity as a reference. Thanks in advance Vikram
-
Multiple indexes on a table with various combinations
Hi Experts, This post is similar to my previous one on indexing. am just trying to understand proper indexing strategy. Assuming that i have to use following queries frequently. select Col1, Col2, Col3 from tab where col4='some value' select Col1, Co
-
Can't find image display in the IMAQ Vision control palette
Hi I am trying to display an image on the front panel. But i cannot find the image display vi .. according to the manual, it is available from the IMAQ Vision control palette. I have the academic version of LabVIEW 7 express. Does my version have the