Session and Access Restriction

Hi:
I have this problem with access restriction. I was trying to build a "secure" site with sessions where users are able to login and access secure webpages upon successful login. And these webpages are not available as soon as the user session expires or terminated. However, from time to time, these web pages are still accessible after logging out by pressing "back" button on the browser or book-marking these pages.
I noticed that Hotmail and old Yahoo mail system have the same problem as the one that I have just described.
I am not using https or virtual host or anythind like that, because I didn't have the resource. It is supposed to be a Basic Authentication (login/password) scheme.
Could any one light me some fresh ideas?
Thanks
Tian Lei Xia ":)

To avoid the bookmarking problem, set a session attribute with the login details.
Once they login:
if(request.getParameter("username")!=null)
     session.setAttribute("username","personA");
if(session.getAttribute("username")==null)
     //don't display the page
else
     //show them the pageThis is a very basic technique and there are other ways of doing this. As for logging out then the session should just be invalidated.
An alternative would be to use the security features of the web deployment descriptor and get the web container to handle the sessions for you (See servlet API specs 2.3 for more details).
Good luck,
Anthony

Similar Messages

How to restrict multiple ess session and access?

Hi experts,
how to restrict multiple session for ess user? and multi access for same ess user?
our problem is when user login to ess (doing session, for example leave request) and at the same time their manager is accessing travel approval task for that user, the approval process getting error. (we use travel workflow to approve travel request)
how to overcome this situation?
thanks.

but there is no information on ESS screen for user being lock.
how to show the information on ess screen?
thanks

Shared drives and access restrictions.

Hi, everyone.
I have set the hard drives in two of my computers as shared drives so that I can access their contents from a few different computers in my small network. I usually access these files with a MacBook Pro connected wirelessly through an airport extreme base.
How can I assign restrictions to this access so that others don't have access to the drives' contents ? Is it possible to restrict access to certain computer names and/or IP addresses ? What is the best way to handle this ?
Thanks in advance for your answers.

Whether or not you can access devices on your cabled network via the Airport Base Station is not dependent on whether or not wireless security is configured on that base station. Instead, it requires disabling the router built into the Base Station. See the article ABS as a wireless access point

Enable mac address filtering vs. Access restriction

What is the difference between enabling MAC address filtering and access restriction on my wireless router? I am curious if one is better than the other. Do they do the same thing?

"MAC address filtering" will permit (or deny) a computer to login to your wireless network, based on it's MAC address. For example, a person would input the MAC addresses of the three wireless computers they own, and permit only these three computers to access their wireless network. This setting would therefore prevent computers with other MAC addresses from connecting to your wireless network. This setting effects only wireless connections.
"Access restriction" is primarily used to restrict or deny Internet access to a computer that is already connected to your network. For example, you might want to permit your son's game computer to access the Internet only on Saturday and Sunday. This setting can effect both wired and wireless connections.
Be aware that either of these settings can be circumvented by those who are computer saavy. For example, a MAC address can be faked. So an intruder could gain access to your network this way, or your child could bypass the restrictions you placed on him.
If you want to keep intruders from accessing your wireless network, rather than using MAC address filtering, you should use WPA, or preferably WPA2 encryption, and a strong password.
Message Edited by toomanydonuts on 07-28-2007 12:36 AM

WRT54G2 and WRT54G locks-up (freezes) when blocking web sites using Access Restrictions

I am convinced that a few Linksys routers such as WRT54G2 and WRT54G have a major issue when blocking web sites using Access Restrictions (Internet Access Policy). After a few hours of internet access by 15 wired users the Linksys locks-up and blocks all internet web access. The only solution is to restart the power on the router.
We are currently using a Linksys WRT54G2 v1 (firmware 1.0.04). We upgraded the WRT54G2 v1 firmware to the latest 1.0.04 version which did not resolve the issue. NOTE: We were previosuly using a a Linksys WRT54G v1.1 (firmware 4.21.1) until the power supply blew a week after we started blocking web sites using Access Restrictions (Internet Access Policy).
Basically, we have a T1 internet connection and a hub connected to the Linksys router. We are trying to block several web sites such as facebook, myspace, etc. for 15 wired users. We do not use wireless connections.
This is the 2nd time it happened with 2 different models.
Please help ASAP.
Thank you,
Lance
(Mod note: Edited post. Some parts off topic.. Thanks!)

Also, you have already upgrade/re-flash the firmware of your Linksys Router you need to reset and reconfigure your router from scratch. Press and hold the reset button for 30 seconds...Release the reset button...Unplug the power cable from your router, wait for 30 seconds and re-connect the power cable...Now re-configure your router...

WRTU54G-TM Slow Setup Page and HTML Error on Access Restrictions Page

I have a WRTU54G-TM Wireless Router. It has v1.00.21 firmware and I have done a reset with no solution. Everything seems to work, except the setup pages load very, very, very slow. Also in Internet explorer I get an HTML error on the access restrictions page. Resets don't help. The router did not have this issue until about a month ago that I recall. I can see on the access restrictions page the gray shading is all lined up except at the bottom on the page, like ther is some sort of issue in the html within the router.
One more problem, after I reset the router the saved config file I made would not change the default settings back, I had an older saved config file also, it would not work either.
Is this an issue with this firmware version? Any one else see this?
Message Edited by johnsonle9 on 01-24-2010 01:24 PM
Message Edited by johnsonle9 on 01-24-2010 01:24 PM

Are you getting the same problem with another computer...?
Try using different computer and check if you are getting the same problem or not...If yes then,I would suggest you to re-flash/upgrade the router's firmware,reset the router and re-configure it from scratch..Do not use the save config file.

Access restriction in IM52 based on company code and investment reason

Hi,
How can we have access restriction in IM52 based on company code and investment reason?
thanks
Randeep

hi
please check the authorization object for the transaction
company code you can

How to configure CLI/DNIS based access restriction in 5.3 ?

Hi,
does anybody have an idea how the setting
define CLI/DNIS-based access restrictions which is defined in ACS v. 4.2
can be configured in acs 5.3 ?
in v. 4 for every user in a group with 40 members a different CLI is defined for each. How can I configure that in version 5.3 ?
any help as always much appreciated!

The equivalebt to NAR functionality can be found at:
Policy Elements > Session Conditions > Network Conditions > End Station Filters
Can then define an object with a set of CLI values
These objects can then be used in policy conditions. So can create a condition with a set of CLI values and then match in authorization policy for values that are included in this set and set authorizations accoridngly
Not sure if this is your use case but hopefully may be a start

UWC/CE 6.3 and Access Manager 7.1 SSO sometimes fails (seems like a bug)

PREAMBULA: I started writing this post thinking that our AM SSO setup was at fault in some step. As I was gathering data, checking the doc-links and config files and finally sniffed the servers for HTTP dialogs, I grew pretty sure there's a bug in UWC/CE, AM SDK or Web Server Policy Agent, whatever implements the AM SSO session checking.
In short, as written below, our "sunmail" server can POST a broken cookie to AM server, if the cookie originally contained a "plus" character. The "plus" is replaced by a "space", invalidating the session check. As we know, "+" is often used in URLs to "escape" the space character. Perhaps some URL cleanup routine backfired here. I have double-checked, it is not the reverse proxy on "psam" breaking things. It is "sunmail" (UWC/CE or Policy Agent, don't know for certain) supplying the broken request. On the few occasions when the AM cookie contains no "plus" characters, the SSO works like a charm (also checked by a sniffer). Whenever there is a "plus", it breaks.
Is there some known bug or workaround that matches this description?
Nevertheless, for completeness' sake I kept the description of our setup. Maybe it's at fault after all :)
We have an installation of JCS5 with the latest patches as of early July 2008. And as the subject implies, we have problems with AM SSO in UWC/CE web-interface. I have reported them before, then they seemed fixed (not occuring for several tests in a row), but as time has shown, something wrong is still there.
So I'll try to go into deeper detail now, as we've may have overlooked some nuance... Then again, as my sniffer research below shows, this may be an engine bug and these setup details are irrelevant.
Our setup is split into several Solaris 10 full-root zones hosted on several servers, some of the components are enroute to HA (perhaps we made some mistakes on this part of the way?)
So, we have the following software stack:
1) two MMR Directory Servers (DSEE 6.3 = DSEE 6.2 from JCS5 + 125278-07__DSEE_6.3__x86x64 + 125277-07__DSEE_6.3__x86_sol9 patches) working in zones on two different servers. Except for one time when a manually forced ZFS rollback corrupted one of the server instances, no problems here.
2) two zones with Directory Proxy Servers (6.3, exact versions as above) running at port 389 provide the clients with an illusion that they have a stable Directory Server, even if one of the actual servers is currently rebooting ;)
These DPS zones are hosted on two different servers as well and are primarily used by LDAP clients (JCS components) running in other zones on the same respective servers.
3) A zone with Sun Web Server 7.0U1 and Access Manager 7.1 (+ 126357-01__AM71_x86 patch) and Delegated Admin 6.4-4.01 (from JCS5 + 121582-18__COMMCLI64__x86 patch).
At the moment there is one such zone (named "cos-psam-01.domain.ru" in the logs below), but we expect(-ed) it to become two similar zones as per AM HA setup.
Zones listed in (1-3) use private IP numbers, they belong in our internal DMZ.
Zones listed in (4-5) below use public (routed) IP numbers, they belong in our external DMZ.
4) A zone with Sun Web Server 7.0U1 used primarily as a reverse-proxy server (optionally with a load-balancer libpassthrough.so plugin) successfully used for other hosted projects. One of its configurations now passes connections from an externally routed IP address published as "psam.domain.ru" to "cos-psam-01.domain.ru", per AM HA setup, so HTTP clients believe they work with an Access Manager instance. This zone has a backend interface with a private IP address to communicate with the actual AM instance.
In AM configuration (both LDAP and file-based) we have configured a site ID with the publicly known name and mentioned both names (psam and cos-psam-01) in organization's realm/dns aliases.
5) A zone with the rest of the Sun Java Communications Suite 5, as in Messaging Server 6.3 (6.3-6.03 64-bit: ci-5.0-1.03_solx86_x64__Messaging_Server_6.3-2 + patch 126480-09__MSG63__x86-64), UWC/CE 6.3 (from JCS5 + 122794-17__UWC63-4.01_core__x86), Instant Messaging 7.2 (from JCS5 + 118790-29__IM72__x86-1 + 118787-28__IM72__x86-2), Calendar Server 6.3 (from JCS5 + 121658-28__iCS63__x86). The web-components (UWC/CE, IM, /httpbind) are deployed in a Sun Web Server 7.0U1 as well.
This zone is named "sunmail.domain.ru" and has a routed IP address for direct external access to its servicess.
The AM SDK part is also patched (126357-01__AM71_x86); it points to the load-balancer name ("psam.domain.ru") as an actual AM server.
# imsimta version
Sun Java(tm) System Messaging Server 6.3-6.03 (built Mar 14 2008; 64bit)
libimta.so 6.3-6.03 (built 17:15:08, Mar 14 2008; 64bit)
SunOS sunmail 5.10 Generic_127112-07 i86pc i386 i86pc
While setting up this server set we tried to use AM SSO as the user login method, but it works unreliably.
"Unreliably" means that while most of the time entering a correct uid and password in Access Manager login page ("http://psam.domain.ru/amserver/UI/Login") does redirect a user back to "http://sunmail.domain.ru/uwc/auth" along with a new cookie, and the user is redirected again to his or her mailbox, sometimes the user receives the UWC/CE login page. Entering the same uid and password here does log him in, but it breaks the whole point of SSO and only increases the end-user routine required to log in :\
We have also seen the "missing mail tab" problem - if the users point the browser to any hostname different from "sunmail.domain.ru" (i.e. www.mail.domain.ru which is equivalent in DNS), they have only the Address book, Calendar and Options tabs; no webmail. So far this is resolved by Policy Agent forcing The One name of the server.
Here's the configuration we did specifically for AM SSO:
1) in AMConfig.properties of "sunmail" and "cos-psam-01" we set up
com.iplanet.am.cookie.encode=false
am.encryption.pwd=<the same value>
all hostname-related parameters point to "psam.domain.ru"
2) in AMConfig.properties of "cos-psam-01" a number of FQDN equivalence entries are added (so it does not redirect to a server hostname unknown to visitors):
com.sun.identity.server.fqdnMap[publicname-or-ip]=psam.domain.ru
com.sun.identity.server.fqdnMap[cos-psam-01.domain.ru]=cos-psam-01.domain.ru
3) in "msg.conf" on "sunmail" (entries added via configutil):
local.webmail.sso.amcookiename = iPlanetDirectoryPro
local.webmail.sso.amnamingurl = http://psam.domain.ru:80/amserver/namingservice
local.webmail.sso.singlesignoff = yes
local.webmail.sso.uwcenabled = 1
service.http.ipsecurity = no
(perhaps some more options are required? Looking for confirmation about: local.webmail.sso.uwclogouturl local.webmail.sso.uwccontexturi local.webmail.sso.uwchome service.http.allowadminproxy )
4) Configured Web Policy Agent for Sun Web Server, so that users without an AM session are required to get one. Set up per [http://msg.wikidoc.info/index.php/AM_redirection_using_Policy_Agent], except that com.sun.am.policy.agents.config.notenforced_list points to the many names our server can go known by.
5) Updated the logout URL in /opt/SUNWuwc/webmail/main.js:
--- main.js.orig        Sat Jan 26 07:52:09 2008
+++ main.js     Mon Jul 21 01:06:29 2008
@@ -667,7 +667,8 @@
function cleanup() {
   if(laurel)
-      top.window.location = getUWCHost() + "/base/UWCMain?op=logout"
+//      top.window.location = getUWCHost() + "/base/UWCMain?op=logout"
+      top.window.location = "http://sunmail.domain.ru:80/base/UWCMain?op=logout"
   else
       exec('logout', '', 'exit()')
@@ -1707,7 +1708,8 @@
   if(lg) {
         url = document.location.href
         url = url.substr(0,url.indexOf('webmail'))
-        uwcurl = url + 'base/UWCMain?op=logout'
+//      uwcurl = url + 'base/UWCMain?op=logout'
+        uwcurl = "http://sunmail.domain.ru:80/base/UWCMain?op=logout"
   exit()
}6) Calendar SSO - per docs...
According to ngrep sniffing,
1) the browser goes to "http://sunmail.domain.ru/uwc/auth" without any cookies
2) receives a redirect and goes to "http://psam.domain.ru/amserver/UI/Login?gotoOnFail=http://sunmail.domain.ru:80/uwc&goto=http%3A%2F%2Fsunmail.domain.ru%3A80%2Fuwc%2Fauth"; sends no cookies either.
3) The first response from the "psam" server (as redirected from "cos-psam-01") sets a few cookies while rendering the login page:
Set-cookie: JSESSIONID=7EF8F2810D2071CA03CFEAE9972735B2; Path=/
Set-cookie: AMAuthCookie=AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#; Domain=.domain.ru; Path=/
Set-cookie: amlbcookie=02; Domain=.domain.ru; Path=/
4) The browser requests the login page resources (javascripts, images, etc) using these cookies, as in this header line:
Cookie: JSESSIONID=7EF8F2810D2071CA03CFEAE9972735B2; AMAuthCookie=AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#; amlbcookie=02
5) The browser POSTs the login request to "/amserver/UI/Login" and receives a redirection to http://sunmail.domain.ru:80/uwc/auth
Set-cookie: iPlanetDirectoryPro=AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#; Domain=.domain.ru; Path=/
Set-cookie: AMAuthCookie=LOGOUT; Domain=.domain.ru; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
6) The browser requests "http://sunmail.domain.ru/uwc/auth" using the newly set cookie (looks like the old one to me though):
Cookie: amlbcookie=02; iPlanetDirectoryPro=AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#
7) The "sunmail" web-server checks the AM session validity with the same "psam.domain.ru". It sends a series of POSTs to /amserver/namingservice:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSet vers="1.0" svcid="com.iplanet.am.naming" reqid="685">
<Request><![CDATA[
<NamingRequest vers="1.0" reqid="324" sessid="AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#">
<GetNamingProfile>
</GetNamingProfile>
</NamingRequest>]]>
</Request>
</RequestSet>(receives a large XML list of different Access Manager configuration parameters and URLs)
...then a double-request to /amserver/sessionservice:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSet vers="1.0" svcid="Session" reqid="686">
<Request><![CDATA[
<SessionRequest vers="1.0" reqid="678">
<GetSession reset="true">
<SessionID>AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#</SessionID>
</GetSession>
</SessionRequest>]]>
</Request>
<Request><![CDATA[
<SessionRequest vers="1.0" reqid="679">
<AddSessionListener>
<URL>http://sunmail.domain.ru:80/UpdateAgentCacheServlet?shortcircuit=false</URL>
<SessionID>AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1+xTqH7C3I=@AAJTSQACMDI=#</SessionID>
</AddSessionListener>
</SessionRequest>]]>
</Request>
</RequestSet>As a result it receives an XML with a lot of user-specific information (the username, LDAP DN, preferred locale, auth module used, etc.)
!!!*** Now, the problem part ***!!!
8) And then "sunmail" POSTs a broken cookie to "psam" (note the space in mid-text, where the "plus" sign was previously). As we know, "+" is often used in URLs to "escape" the space character. Perhaps some URL cleanup routine backfired here.
I have double-checked, it is not the reverse proxy on "psam" breaking things. It is "sunmail" (UWC/CE or Policy Agent, don't know for certain) supplying the broken request. I looked over the large XML responses to the two previous requests, whenever they mention the session cookie value, the "plus" is there.
For the most detail I can provide, I'll even paste the whole HTTP packet:
POST /amserver/sessionservice HTTP/1.1
Proxy-agent: Sun-Java-System-Web-Server/7.0
Cookie: iPlanetDirectoryPro=AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1 xTqH7C3I=@AAJTSQACMDI=#;amlbcookie=null
Content-type: text/xml;charset=UTF-8
Content-length: 336
Cache-control: no-cache
Pragma: no-cache
User-agent: Java/1.5.0_09
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Host: cos-psam-01.domain.ru
Client-ip: 194.xxx.xxx.xxx
Via: 1.1 https-weblb.domain.ru
Connection: keep-alive
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSet vers="1.0" svcid="session" reqid="258">
<Request><![CDATA[<SessionRequest vers="1.0" reqid="254">
<GetSession reset="true">
<SessionID>AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1 xTqH7C3I=@AAJTSQACMDI=#</SessionID>
</GetSession>
</SessionRequest>]]></Request>
</RequestSet> The server's error response is apparent:
HTTP/1.1 200 OK
Server: Sun-Java-System-Web-Server/7.0
Date: Thu, 31 Jul 2008 05:49:50 GMT
Content-type: text/html
Transfer-encoding: chunked
19b
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ResponseSet vers="1.0" svcid="session" reqid="258">
<Response><![CDATA[<SessionResponse vers="1.0" reqid="254">
<GetSession>
<Exception>AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1 xTqH7C3I=@AAJTSQACMDI=# Invalid session ID
AQIC5wM2LY4SfcwuT2ASCrsfO78nXdceEHXeH1 xTqH7C3I=@AAJTSQACMDI=#</Exception>
</GetSession>
</SessionResponse>]]></Response>
</ResponseSet>On the few occasions when the AM cookie contains no "plus" characters, the SSO works like a charm (also checked by a sniffer). Whenever there is a "plus", it breaks.
For reference, here's a working final request-response (one with a good cookie, as received by the load-balancer web-server). Request looks a bit different:
POST /amserver/sessionservice HTTP/1.1
Cookie: iPlanetDirectoryPro=AQIC5wM2LY4Sfcy/5sEzVmuq9z1ggdHOkBDgVFAwfhqvn4U=@AAJTSQACMDI=#;amlbcookie=null
Content-Type: text/xml;charset=UTF-8
Content-Length: 379
Cache-Control: no-cache
Pragma: no-cache
User-Agent: Java/1.5.0_09
Host: psam.domain.ru
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Connection: keep-alive
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RequestSet vers="1.0" svcid="session" reqid="281">
<Request><![CDATA[<SessionRequest vers="1.0" reqid="277">
<SetProperty>
<SessionID>AQIC5wM2LY4Sfcy/5sEzVmuq9z1ggdHOkBDgVFAwfhqvn4U=@AAJTSQACMDI=#</SessionID>
<Property name="uwcstatus" value="active"></Property>
</SetProperty>
</SessionRequest>]]></Request>
</RequestSet> ...and the response is OK:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ResponseSet vers="1.0" svcid="session" reqid="281">
<Response><![CDATA[<SessionResponse vers="1.0" reqid="277">
<SetProperty>
<OK></OK>
</SetProperty>
</SessionResponse>]]></Response>
</ResponseSet>

There have been a few reports of the same behaviour with other customers - specifically with the handling of the encoding of "+" characters to " ". It relates to how cookie encoding/decoding is performed (as you have already observed).
The solution for these customers was the following:
=> AM server/client side:
Ensure that com.iplanet.am.cookie.encode=false in AMConfig.properties and AMAgent.properties on all systems.
=> AM client (UWC) side:
- Set <property name="encodeCookies" value="false"/> in /var/opt/SUNWuwc/WEB-INF/sun-web.xml. This will prevent UWC from trying to urldecode the cookie it receives and therefore stops it turning the + into a space e.g.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Sun ONE Application Server 7.0 Servlet 2.3//EN' 'file:///net/wajra.india.sun.com/export/share/dtd/sun-web-app_2_3-1.dtd'>
<sun-web-app>
   <property name="encodeCookies" value="false"/>
   <session-config>
      <session-manager/>
   </session-config>
   <jsp-config/>
<property name="allowLinking" value="true" />
</sun-web-app>Regards,
Shane.

Office 2013 and RMS restrict permission

Hi,
I want to restrict Access/modify/view access to documents for some users, and I'm able to do this with Word 2010, but not with Word 2013.
When I try to restrict access using "restrict Editing" under file information I got the this error:
"We were not able to find the information Rights Management Template. Please contact your administrator."
Then I use Rights Protected Folder and things worked fine with me as shown below.
And my question is how to use RMS with Office 2013 without the plugin?
Note: Templates are shown in Office 2013 normally and it is updated

Hi AmirMahouk,
Protecting Word 2013 file with RMS templates/manuall permissions is performed in very similar way to Word 2010:
Document cannot be empty (blank)
Go to File > Info > Protect Document > Restrict Access > Restricted Access.
Select "restrict permission to this document"
Provide emails of the users you want to protect documet for in Read or in Change fields. You can choose additional options clicking "More Options" button.
Did my post help you or make you laugh? Don't forget to click the Helpful vote :) If I answered your question please mark my post as an Answer.

Access restrictions timing off by 1 hour

I don't know if anyone else is experiencing this problem. I have set access restrictions on my WRT610N router and they execute an hour earlier than set.
I checked the time zone settings, the system clock and all seem correct. I have a rule that is supposed to turn off access to the Internet at 11:55pm. However, the rule gets executed at 10:55pm.
This was happening on my first WRT610N which was also dropping network connections. So, I returned that unit and got a replacement.
The new unit does not drop connections but has the same timing problem. The only solution I have found is to change the time zone to the next one that is 1 hour behind my time zone.
Please let me know if anyone else has experienced this same situation.

My ISP is on the same town as I am. The information they are supplying appears to be correct as my WRT54G uses the same information and its rules execute properly.
I think there is a problem with the WRT610N. My solution is temporary I hope that Linksys will fix this problem.

Office 2010 & 2007 - Excel and Access File Locking Out On the Network With Multiple Users

This is also posted in the Office 2010 - IT Pro General Discussions, but was suggested to repost here, since a definitive answer was not found.
Hi,
An issue that's happening is that Excel and Access files are locking on the network. We're currently using Office 2007 and 2010.
Here are some different scenarios that are happening:
When opening the file it is locked out by “User X” which is the person that has the file locked out and no one else can open the file.
When opening the file it is locked out by “User Y” which is NOT the actual person, but is locked out by “User X” and no one else can access the file.
When opening the file it is locked out by “…another user” which is generic and no one else can access the file.
The two more common events are incident 1 and 2 with 3 happening the less common.
This message will continue until the sessions are closed through computer management on the file server.
The file server is running Windows Server 2003.
This does happen on both Windows XP and Windows 7 clients.
This does happen for users using Office 2007 and Office 2010.
There are two sets of Office 2010 Users when it comes to patches. Everyone has the most current patches with Office 2010 SP2 while anyone that has Microsoft Project 2010 is using all the current update before Office 2010 SP2.
All users that are using Office 2007 have all the current patches and service packs.
Another variable is that we have users that will leave a file open on the network for 3+ days and after a while it will lock the file out.
Also we have Shadow Copy that runs daily on the system which I'm not for sure if that impacts anything if a file is opening during that time.
Any ideas on how to mitigate the lock out issues would be appreciated.
Thanks,
Binary Process
Edit November 12, 2013: This issue can occur if and if not another person actually has the file open. If the person doesn't have the file open then there is a hung connection which needs to be disconnected by going to the Computer Management of the File
server.

Hi Binary,
I know that the description of the hotfix does not relate to the issue. The purpose is to install it for upgrading SMB related file.
A similar issue I encountered before:
http://social.technet.microsoft.com/Forums/windowsserver/en-US/b7fcc59b-52d9-4a02-863a-1a529bcb8cb1/temp-doc-etc-files-dont-close-after-a-file-closes-this-causes-locked-files?forum=winserverfiles
It is resolved by upgrading SMB files so maybe it will help on your case.
Another hotfix which may related:
http://support.microsoft.com/kb/983458
If you have any feedback on our support, please send to [email protected]

Web session and authentification session pb with wl6.0

Hi,
I am evaluating weblogic 6.0 on windows 2000.
I have a little web application, with some URL (html, servlet...), I want to protect.
So I defined a <security-constraint> element in my web.xml
file, and I binded the logical roles with real participant in
weblogic.xml
It works very well at startup. I launch a browser, request a protected URL and the
authentification window popup. I enter valid info and I can access my URL.
Perfect.
Now I want to give the possibility to my user to terminate a session, to disconmect,
so I had a button, (disconnect) which invoque a servlet which get the current session
and invalidate it.
I checked, the session is destroyed and a new one is defined (new ID, new counter...),
but my user are still connected. It means that if I want to acces a protected URL,
I still can do it.
more strange. In both a secured and unsecured page I print the User Principal. When
I connect, the two pages print the same and right value.
But if I disconnect, the unsecured page print null(no connection for this session)
and the secured page print the principal I used to connect in the previous message.
I know this message is a little bit long, but I tried to give the cleares context.
Has anyone ancountered that kind of problem? Is there a solution.
I pass the test with netscape 4.76, netscape 6.01, Internet Explorer 5.50. I got
the same behavior each time...
Thanks
Nicolas

If you use a Form to authenticate then the browser is unaware of the
username and password. The PetStore demonstrates how it's done in
..\samples\petStore\source\com\bea\estore\util\WLSecurityAdapter.java
"Nicolas GANDRIAU" <[email protected]> wrote in message
news:[email protected]...
>
Hi John,
thank you for your answer. It confirmed my first guess, that the
browser keep the secret info and send them back to the server.
The server does not make any attachment with the current session.
But you talk about a "ServletAuthentication" example which presents theway to bind
the login info in the session. I have not found this servlet, in weblogic6.0 distribution
or J2EE API.
Can you give me the exact reference of this servlet.
Thank you for your help.
Nicolas
"John Lindwall" <[email protected]> wrote:
Nicolas,
It is my understanding that the authentication information for this
scenario
(ie HTTP BASIC authentication) is not contained in the session -- it is
maintained by the browser and resent with every request. That is why
invalidating the session makes no difference. If you have a HTTPsnooping
utility you will see the "Authorization" information (albeit encodedusing
BASE64) present in the requests from your browser to the server.
FYI: I've noticed that by using the ServletAuthentication class tomanually
perform authentication, it DOES in fact store the authentication info in
the
session. There is a "done()" method in this class which removes thisinfo
from the session (ie performs a logout).
If this link reproduces properly, check it out -- it's a good simple
explanation of what's going on:
http://www.support.lotus.com/sims2.nsf/852561c1006719a98525614100588964/877
a
0ac029a78f8a8525645f0069a34d?OpenDocument
For tons of detail on BASIC authentication see
ftp://ftp.isi.edu/in-notes/rfc2617.txt
John
Nicolas GANDRIAU <[email protected]> wrote in message
news:[email protected]...
Hi,
I am evaluating weblogic 6.0 on windows 2000.
I have a little web application, with some URL (html, servlet...), I
want
to protect.
So I defined a <security-constraint> element in my web.xml
file, and I binded the logical roles with real participant in
weblogic.xml
It works very well at startup. I launch a browser, request a protectedURL
and the
authentification window popup. I enter valid info and I can access myURL.
Perfect.
Now I want to give the possibility to my user to terminate a session,to
disconmect,
so I had a button, (disconnect) which invoque a servlet which get thecurrent session
and invalidate it.
I checked, the session is destroyed and a new one is defined (new ID,new
counter...),
but my user are still connected. It means that if I want to acces aprotected URL,
I still can do it.
more strange. In both a secured and unsecured page I print the UserPrincipal. When
I connect, the two pages print the same and right value.
But if I disconnect, the unsecured page print null(no connection for
this
session)
and the secured page print the principal I used to connect in the
previous
message.
I know this message is a little bit long, but I tried to give the
cleares
context.
Has anyone ancountered that kind of problem? Is there a solution.
I pass the test with netscape 4.76, netscape 6.01, Internet Explorer
5.50.
I got
the same behavior each time...
Thanks
Nicolas

Safari 5.1.7 resumes last session and freezes immediately

Hello,
Upon the start of Safari, it resumes the last session and immediately freezes, showing the spinning rainbow and failing to load pages. None of the toolbar options can be accessed. I can only force quit. Restarting the computed accomplishes nothing.
I am running Mac OS 10.7.4 with Safari 5.1.7
Thanks.

Open System Preferences > General
Deselect: Restore windows when quitting and re-opening apps
Now restart your Mac, launch Safari.
From the Safari menu bar top of your screen, click Safari > Empty Cache
See if that made a difference...

Session and JSession ID

After a session has been invalidated using Session.invalidate() method, the next time a user logs in to the application within the same browser session and the servlet (as JSP) attempts to access a session variable; the session variable is no longer available. After printing the session id, JSession ID is appended to the session id which results in lost session after another page is loaded. Once again, this only happens after the session has been invalidated as mentioned before.


Hi Anand,
          Invalidating a session effectively destroys all
          variables bound to the session.
          Regards,
          Slava Imeshev
          "Anand" <[email protected]> wrote in message
          news:[email protected]..
          > After a session has been invalidated using Session.invalidate() method,
          the next time a user logs in to the application within the same browser
          session and the servlet (as JSP) attempts to access a session variable; the
          session variable is no longer available. After printing the session id,
          JSession ID is appended to the session id which results in lost session
          after another page is loaded. Once again, this only happens after the
          session has been invalidated as mentioned before.

Session and Access Restriction

Similar Messages

Maybe you are looking for