Access level with no modifier

Hello
Hello
I read in Access Level in
http://java.sun.com/docs/books/tutorial/java/javaOO/accesscontrol.html
and know that I cannot access "no modifier" from a subclass. So I try
public class Exam {
String myString; //no modifier keyword
public class Exam1 extends Exam{
void setMyString(){
myString="test";
There is no compile error. It can be seen that I can access "myString" of super class Exam from subclass.
Could you please tell me why
Thanks

Because those two classes are in the same package (In your case, that means in the same folder). The access level "with no modifier" is called the default access level or "package private".

Similar Messages

Best way to handle user access levels with spring.

I'm a spring newb, and I'm not sure how to properly handle user access levels with a validation controller. There seems to be a lot of information out there about creating simple login validators but like I've said I need to create multiple levels of user access. I could throw something together but i want to do it correctly. Does anyone here have any links to resources or information they could provide?

ZimmerS1337 wrote:
SoulTech aren't you a smart ass, why post anything at all?You don't get to control what people post, any more than we can control what people ask. It's best to let stuff roll off your back.
ST wasn't exactly abusive. If you had typed "spring security" into Google, you would have gotten exactly what I recommended. So why would you say that his advice to try Google first was being a "smart @ss"? It's actually a good recommendation. Try it before you post here.
%

Can not assign custom access level with a user login

Hi,
I am using Business objects XiR3. When I am loging in with a user having full control access and then I select a folder added a principal from user sercurity and when I am trying to add custom access level it gave me error
An error occurred at the server during security batch commit: Request 0 of type 38 failed with server error : You do not have sufficient rights to make the requested security changes.
it allow me to give access to standard access levels. also when I tried to assign custom access level with administrator user, it assigns custom access level to a principal without error.
Can any body tell me what I am doing wrong?
Thanks in advance,
Rajendra

Hi Rajendra,
You have to make sure that the user group has the right 'Use access level for security assignment' assigned as granted on the access level you created. You can find this right under System / Access Level. That should do the trick!
Hope this helps...
Martijn van Foeken
Focuzz BI Services
http://www.focuzz.nl
http://nl.linkedin.com/in/martijnvanfoeken
http://twitter.com/mfoeken

How to change lookup code with Access Level as 'System'

Hi,
I need to append new lookup codes in a lookup type having access level as 'SYSTEM'. Is there any standard way to do the same or just updating the customization level column will do ? Please let me know if you have any solution for this.
Regards
Girish

You can also change the meaning on that value to something like "*** DO NOT USE***". This will make it obvious to the user that he/she should not choose it.
You can try to add a when-validate-record personalization to show error if someone selected a disabled value.
You can also try to modify the list of values associated with the field using personalizations.
If nothing else works, you can use a SQL to uncheck the enabled flag. The risks involved in this are well known.
Hope this answers your question
Sandeep Gandhi
Independent Consultant
513-325-9026

Getting the error access denied trying to modify the workbook with identifier in Disocverer Admin

Hi All,
I have exported a workbook created by business user as an .eex file logging in as discoverer admin from a Production enviornment (transactional databse) and trying to import it to a different environment called reporting environment ( non transactional databse) and getting a warning 'WFS GTP REPORT SINAPORE.eex:Access denied trying to modify the workbook with identifier 'WFS_GTP_REPORT_SINGAPORE'.
It says Files Partially Imported so clicked on Finish to complete the import.
The report has been imported under the user account but the sharing to the different responsibilities/Users has not been imported. I need to import the report with the sharing of the responsibilities/users as well.
I do not have an option login into discoverer administratore using the user account, i can only login using the administator account ( i know loging in as the business user it self will allow you to import the sharing). But our DBA's oppse this is a security threat for the users as you are logging in as the user in production environment.
Please help with this issue.

I have the same problem, and I figured out that my windows is installed in french, and every users groups are created in french also, groups like Everyone don't exists and i can't change by console.
Regards, Roberto Borges please remember to mark the replies as answers if they help and unmark them if they provide no help.

Problem with user access level

David,
I have so far succesfully implementend your tutorial on users registering and having to validate their emailaddress (both part I and II).
Part I: http://cookbooks.adobe.com/post_Registration_system_that_requires_the_user_to_vali-16646.h tml
Part II: http://cookbooks.adobe.com/post_Registration_system_that_requires_the_user_to_vali-16649.h tml
When creating a login form however, I don't get it to work based on the access level verified = y. The database is set up exactly as you described in the above tutorials.
This is the HTML for the log in form (index.php):
<form ACTION="<?php echo $loginFormAction; ?>" method="POST" id="logon">
<label for="user">Username</label>
<input type="text" id="user" name="username" />
<br />
<label for="pass">Password</label>
<input type="password" id="pass" name="password" />
<br />
<label for="done"> </label>
<input type="submit" value="Log On" />
</form>
Below the code that is found above the <html> tag in the index.php file:
<?php require_once('../Connections/conn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "verified";
$MM_redirectLoginSuccess = "overview.php";
$MM_redirectLoginFailed = "index.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn, $conn);
$LoginRS__query=sprintf("SELECT username, password, verified FROM users WHERE username=%s AND password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $conn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
    $loginStrGroup = mysql_result($LoginRS,0,'verified');
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    header("Location: " . $MM_redirectLoginSuccess );
else {
    header("Location: ". $MM_redirectLoginFailed );
?>
On the overview.php page, I applied the restrict access to page behaviour, which results in the following code:
<?php require_once('../Connections/conn.php'); ?>
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "y";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;
// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
    // Parse the strings into arrays.
    $arrUsers = Explode(",", $strUsers);
    $arrGroups = Explode(",", $strGroups);
    if (in_array($UserName, $arrUsers)) {
      $isValid = true;
    // Or, you may restrict access to only certain users based on their username.
    if (in_array($UserGroup, $arrGroups)) {
      $isValid = true;
    if (($strUsers == "") && false) {
      $isValid = true;
return $isValid;
$MM_restrictGoTo = "index.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?>
Any idea/thoughts on what I'm not adding to the page in order to work?

David,
Thank you for that insight, I figured it would be something like that and when I woke up this morning, it all made sense. I changed somthing from the tutorial (part I) you wrote and now it works fine.
I had trouble with the validation link in the email that is sent automatically. In your tutorial, section "generating and sending the validation email", you write:
$message .= urlencode($_POST['username']);
$message .= '&t=';
$message .= urlencode($token);
When using the code like this, it wouldn't set the verified column to y. However, when I changed the middle $message to
$message .= '&t=';
it updated the verified column to y. The URL that displayed from the original code displayed the & sign as & in the URL itself.
Next to that, whenever I try to add something to the e-mail, the validation link becomes not clickable anymore.
As the login problem concerns, encrypting indeed did the trick.
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=sha1($_POST['password']);
Putting the $_POST['password'] between brackets, adding sha1 in front of it. It works just fine now.
Hopefully no further problems on this anymore! Thanks a lot for your insights!
EDIT: I can't mark this thread as answered anymore?

Problem with Restrict Access to Page with access level using ASP

I'm using Dreamweaver CS3 with ASP-VBScript and an Access
database. The pages were created from scratch for this project,
using those tools all the way through.
I've created a login page, an admin homepage, and add, edit,
and list records pages for three tables. The login page uses the
Server Behavior "Log in User", all other pages use the Server
Behavior "Restrict Access to Page". All of these are based on an
Access Level.
Login seems to work correctly, and redirects to the admin
homepage. From the admin homepage, I can open any other page as
expected, and they initially display correctly. On the add and edit
pages, however,
submitting the form often results in getting logged out, but
not always.
Once this happens, I can log back in, but other problems will
sometimes occur during that second login session. Sometimes,
logouts will occur on pages that worked fine during the first login
session. Sometimes, another session variable that I've setup
manually will change when it shouldn't...as if there were two
values stored for my session variable, and reloading the page
changes to the other value.
This
post seems closest to my experience, but it doesn't look like
there was really an answer beyond "I had to fight with it for a bit
to get it to work":
I suspected that there is some problem with session settings
on the server. We have an almost identical tool on the same server
that was developed with an older version of DW that works more
reliably; it sometimes has problems with the initial login, but
never has a problem after that.
Has anyone experienced problems like this? Any suggestions
for what to check? I'm really pulling my hair out since it's so
unreliable...the kind of problem that goes away when you try to
show someone and comes back when they leave.

Hello,
I was thinking that all I would need would be the username, although username and paswsword would be more secure. There are about 50 users and no groups or levels. They are all equal ... same level.
The website is private and there is a general content area for all users and then there will be private areas for each user where proprietary documents will be held. I need to be able to ensure that user 'A' can only see the user 'A' pages, user 'B' can only see user 'B', etc.
I don't really understand what the Dreamweaver script is doing, but the overview sounded like it was the right tool to accomplish what I'm trying to do.
Any assistance greatly appreciated.
thanks.

Access level modifier Internal

hi,
as3 has 2 new access level modifiers "Internal and
"Protected" can anyone tell me the use of this and how it varies
from "Public" and "Private " modifiers?
Thank You

Internal: Specifies that a class, variable, constant or
function is available to any caller within the same package.
Protected: Specifies that a variable, constant, method, or
namespace is available only to the class that defines it and to any
subclasses of that class.
You will find this information in the online Language
Reference:
http://livedocs.macromedia.com/flex/2/langref/index.html
and then under 'Language Elements' -> Statements, keywords and
directives

Problems with Serv.Behav. Restrict Access Level

Hi,
I hope you can help - can't find an answer to this one. Been
going nuts on this! Thank you very much for anything help you can
provide.
1) Using DW 8.0, PHP 4.4.7, MySQL 4.1.22
2) Set up log in page, everything works if the LogIn Server
Behavior is set to "Restrict Access" to only Username &
Password. If set to Username, Password & Access Level get a
MySQL error page:
"You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to
use near 'Privileges FROM tbl_users WHERE Username=%s AND
Password=%s' at line 1"
3) Here's the code:
<?php require_once('Connections/conn_MemberList.php');
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType,
$theDefinedValue = "", $theNotDefinedValue = "")
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue)
: $theValue;
$theValue = function_exists("mysql_real_escape_string") ?
mysql_real_escape_string($theValue) :
mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) .
"'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" :
"NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
return $theValue;
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
if (isset($_POST['textfield'])) {
$loginUsername=$_POST['textfield'];
$password=$_POST['textfield2'];
$MM_fldUserAuthorization = "Privileges";
$MM_redirectLoginSuccess = "MemberList.php";
$MM_redirectLoginFailed = "MemberDeny.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_conn_MemberList, $conn_MemberList);
$LoginRS__query=sprintf("SELECT Username, Password,
Privileges FROM tbl_users WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"),
GetSQLValueString($password, "text"));
$LoginRS = mysql_query($LoginRS__query, $conn_MemberList) or
die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'Privileges');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
header("Location: " . $MM_redirectLoginSuccess );
else {
header("Location: ". $MM_redirectLoginFailed );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="
http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">

</style>
</head>
<body>
<p> </p>
<form id="LogOn" name="LogOn" method="POST"
action="<?php echo $loginFormAction; ?>">
<table width="100%" border="0" cellspacing="2"
cellpadding="2">
<tr>
<th scope="col"><div align="right"><span
class="style3">User:</span></div></th>
<th scope="col"><label>
<div align="left">
<input type="text" name="textfield" />
</div>
</label></th>
</tr>
<tr>
<td><div align="right"><span
class="style3">Password:</span></div></td>
<td><label>
<div align="left">
<input type="text" name="textfield2" />
</div>
</label></td>
</tr>
<tr>
<td> </td>
<td><label>
<input type="submit" name="Submit" value="Submit" />
</label></td>
</tr>
</table>
</form>
<p> </p>
</body>
</html>
Thank you

I tried this and get the same error message.
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
listener.ora:
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = spruce)(PORT = 1521))
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(SID_NAME = alpacwobf)
(ORACLE_HOME = C:\oracle\ora92)
(PROGRAM = hsodbc)
tnsnames.ora
alpacwobf.3LOG.COM =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = SPRUCE)(PORT = 1521))
(CONNECT_DATA =
(SID_NAME = alpacwobf)
(HS=ok)
initalpacwobf.ora:
HS_FDS_CONNECT_INFO = AlpacWOBF
HS_FDS_TRACE_LEVEL = 4
HS_FDS_TRACE_FILE_NAME = alpacwobf.log
ODBC setting is ok. odbc name is alpacwobf, db is access 2000.
restart the listener.
tnsping alpacwobf is ok.
database link creating is ok.
but when query,I got error.
alpac > create database link alpacwobf using 'alpacwobf';
Database link created.
alpac > select count(*) from test@alpacwobf;
select count(*) from test@alpacwobf
ERROR at line 1:
ORA-28545: error diagnosed by Net8 when connecting to an agent
NCRO: Failed to make RSLV connection
ORA-02063: preceding 2 lines from ALPACWOBF
Any help will be appreciated.
Thanks a lot.
Richard

Remote access VPN with ASA 5510 using DHCP server

Hi,
Can someone please share your knowledge to help me find why I am not able to receive an IP address on remote access VPN connection while I can get an IP address on local DHCP pool?
I am trying to setup remote access VPN with ASA 5510. It works with local dhcp pool but doesn't seem to work when I tried using an existing DHCP server. It is being tested in an internal network as follows:
ASA Version 8.2(5)
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.6.0.12 255.255.254.0
ip local pool testpool 10.6.240.150-10.6.240.159 mask 255.255.248.0 !(worked with this)
route inside 0.0.0.0 0.0.0.0 10.6.0.1 1
crypto ipsec transform-set FirstSet esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn1 1 set transform-set FirstSet
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface inside
crypto isakmp enable inside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
vpn-addr-assign aaa
vpn-addr-assign dhcp
group-policy testgroup internal
group-policy testgroup attributes
dhcp-network-scope 10.6.192.1
ipsec-udp enable
ipsec-udp-port 10000
username testlay password *********** encrypted
tunnel-group testgroup type remote-access
tunnel-group testgroup general-attributes
default-group-policy testgroup
dhcp-server 10.6.20.3
tunnel-group testgroup ipsec-attributes
pre-shared-key *****
I got following output when I test connect to ASA with Cisco VPN client 5.0
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDO
4024 bytesR copied in 3.41 0 secs (1341 by(tes/sec)13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 853
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ISA_KE payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received xauth V6 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received DPD VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Fragmentation VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, IKE Peer included IKE fragmentation capability flags: Main Mode:        True Aggressive Mode: False
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received NAT-Traversal ver 02 VID
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, Connection landed on tunnel_group testgroup
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing IKE SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, IKE SA Proposal # 1, Transform # 9 acceptable Matches global IKE entry # 1
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ISAKMP SA payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ke payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing nonce payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Generating keys for Responder...
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing ID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Cisco Unity VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing xauth V6 VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing dpd vid payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Traversal VID ver 02 payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing Fragmentation VID + extended capabilities payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Send Altiga/Cisco VPN3000/Cisco ASA GW VID
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 440
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Computing hash for ISAKMP
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing NAT-Discovery payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, computing NAT Discovery hash
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, processing VID payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Received Cisco Unity client VID
Jan 16 15:39:21 [IKEv1]: Group = testgroup, I
[OK]
kens-mgmt-012# P = 10.15.200.108, Automatic NAT Detection Status:     Remote end is NOT behind a NAT device     This   end is NOT behind a NAT device
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:21 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:21 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=d4ca48e4) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 87
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, IP = 10.15.200.108, Processing MODE_CFG Reply attributes.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary DNS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: primary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: secondary WINS = cleared
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: IP Compression = disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Split Tunneling Policy = Disabled
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Setting = no-modify
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKEGetUserAttributes: Browser Proxy Bypass Local = disable
Jan 16 15:39:26 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, User (testlay) authenticated.
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 64
Jan 16 15:39:26 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=6b1b471) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 60
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:26 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg ACK attributes
Jan 16 15:39:27 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=49ae1bb8) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 182
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, process_attr(): Enter!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Processing cfg Request attributes
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for IPV4 net mask!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DNS server address!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for WINS server address!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Received unsupported transaction mode attribute: 5
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Banner!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Save PW setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Default Domain Name!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split Tunnel List!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Split DNS!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for PFS setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Browser Proxy Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for backup ip-sec peer list!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Client Smartcard Removal Disconnect Setting!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for Application Version!
Jan 16 15:39:27 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Client Type: WinNT Client Application Version: 5.0.07.0440
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for FWTYPE!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for DHCP hostname for DDNS is: DEC20128!
Jan 16 15:39:27 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, MODE_CFG: Received request for UDP Port!
Jan 16 15:39:32 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:37 [IKEv1]: IP = 10.15.200.108, IKE_DECODE RECEIVED Message (msgid=b04e830f) with payloads : HDR + HASH (8) + NOTIFY (11) + NONE (0) total length : 84
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing hash payload
Jan 16 15:39:37 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, processing notify payload
Jan 16 15:39:37 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Duplicate Phase 2 packet detected. No last packet to retransmit.
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE received response of type [] to a request from the IP address utility
Jan 16 15:39:39 [IKEv1]: Group = testgroup, Username = testlay, IP = 10.15.200.108, Cannot obtain an IP address for remote peer
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE TM V6 FSM error history (struct &0xd8030048) <state>, <event>: TM_DONE, EV_ERROR-->TM_BLD_REPLY, EV_IP_FAIL-->TM_BLD_REPLY, NullEvent-->TM_BLD_REPLY, EV_GET_IP-->TM_BLD_REPLY, EV_NEED_IP-->TM_WAIT_REQ, EV_PROC_MSG-->TM_WAIT_REQ, EV_HASH_OK-->TM_WAIT_REQ, NullEvent
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE AM Responder FSM error history (struct &0xd82b6740) <state>, <event>: AM_DONE, EV_ERROR-->AM_TM_INIT_MODECFG_V6H, EV_TM_FAIL-->AM_TM_INIT_MODECFG_V6H, NullEvent-->AM_TM_INIT_MODECFG, EV_WAIT-->AM_TM_INIT_XAUTH_V6H, EV_CHECK_QM_MSG-->AM_TM_INIT_XAUTH_V6H, EV_TM_XAUTH_OK-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, IKE SA AM:bd3a9a4b terminating: flags 0x0945c001, refcnt 0, tuncnt 0
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, sending delete/delete with reason message
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing blank hash payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing IKE delete payload
Jan 16 15:39:39 [IKEv1 DEBUG]: Group = testgroup, Username = testlay, IP = 10.15.200.108, constructing qm hash payload
Jan 16 15:39:39 [IKEv1]: IP = 10.15.200.108, IKE_DECODE SENDING Message (msgid=9de30522) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80
Regards,
Lay

For RADIUS you need a aaa-server-definition:
aaa-server NPS-RADIUS protocol radius
aaa-server NPS-RADIUS (inside) host 10.10.18.12
key *****
authentication-port 1812
accounting-port 1813
and tell your tunnel-group to ask that server:
tunnel-group VPN general-attributes
authentication-server-group NPS-RADIUS LOCAL
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Need access levels to access database

hi ,
i am doing project with jsp in ms-access database. this webapplication should be accessible to 10 people. all should be view the data but levels should be there.how can i get the access levels to the database like reading access to some 2 people. writing and modifying access to some 5 people.inserting can be done by other 2 people . please give the solution for this. i have netbeans4.1 ide , and tomcat bundled server.
so, kindly give the jsp code and msaccess solution.
thanks .

I am not informed if the ms-access DB supports SQL-92. In that case you should be able to define the users and set the rules using GRANT sql command. So it is more or less an off topic entry here for a java forum.
Else if you try to implement the authoization business logic out of your DB domain in java (or C or whatever), it is no more coupled with the DB and most likely that is not what you are supposed to deliver.

Custom Access Level issue in XI 3.1

Hi,
I am using BOXI 3.1 with fp 1.5, this configuration is migrated from XI3.0.
Earlier we have access level such that user can modify the webi report in folders but they can't overwrite the report, they can save the report in their personal folder but not in same folder or any folder under public folder.
After migration users can't see the modify option at all, and if i gave then edit object rights then they can see the modify option but they can overwrite at the same time.
Is there any other rights which i need to provide.
Thanks for the help/suggestion.

Hi Marianne,
I have given the same rights in general rights section, i have denied to add objects to folder but i have give the copy objects rights due to which they can copy the report to their personal folder due to that they got overwritting the report rights.
Thanks.

Multiple Access Levels per User

In a site I'm building, I need the ability to allow an administrator to intuitively assign different access levels to different users. There may ultimately be roughly 25 different pages to which a user may be granted access. One user may have access to section/page levels 1, 4, 5, 7 and 21. Another user may get access to 2, 3, 4, 17, 19 and 24, etc. While this is possible under the existing ADDT user login system by creating a separate access value that includes only the permissible pages (access level 1 could get to page 1, 4, 5, 7 and 21; access level 2 could only get to pages 2, 3, 4, 17, 19 and 24) it becomes impractical for the administrator since the developer (me) would have to come up with an access value and corresponding permissible pages for every possible combination. Every time a new combination was needed, my client would have to contact me to add that access integer and modify all the corresponding sections/pages that the user could access.
The ideal solution IMHO in this scenario would be for the administrator to simply be able to select or deselect a checkbox at will for each page to which the user is granted access (this is actually the scenario to which another of my feature request post refers:
http://www.adobeforums.com/webx/.59b75119
In searching the old InterAKT forums, I came across a post in which this exact scenario was requested. The user and Ionut came up with a solution which I was able to modify to enable the system I describe above. Rather than repeating the solution, here is a link to that post:
http://www.interaktonline.com/Products/Dreamweaver-Extensions/MXUserLogin/Product-Forum/De tails/110205/Access+level+based+on+pages.html
While it appears this solution will work for me, it took me quite a while to find it, and even longer to understand it.
So, that's my feature request: The ability for an administrator to easily assign any combination of pages to which a user is granted access, preferably with a set of checkboxes.
Thanks!

This is functioning now. With 9.0 you simply use a forward slash between device IDs.
[device ID #1]/[device ID #2]
Put this information in the "Mobile Device ID" field on the user form.
It also has been verified with 8.82 PL15-16, but I don't know how far back it goes.

APEX Pages - User Access List with NTLM

Hi,
I'm building several APEX Applications, and using NTLM as its Authentication Scheme. With this, the users won't have to type any user and password. And their user name stated in top right screen.
I'd like to build another application to administer users of all created APEX Applications. So I'd like to build 3 tables:
1. users (hold user name, and user data)
2. pages (hold APEX Applications pages)
3. access_list (hold combined data of users and pages and access flag)
The last table will give me an SQL that can be used to create page level Authorization Scheme.
The problem is:
I cannot find a way to get a list of user ids to pre-populated the table users. Is there a way that an administrator user use an LOV of all NTLM user instead of typing domain\user to this application? OR is there a better and elegant way to create User Access List with NTLM.
Your helps will really help me, and thanks in advance.
Regards,
Aulia

This is kind of a followup to Scott's post. Instead of using your own tables to map user accounts to permissions etc, why not simply use LDAP to query the NT domain global catalog?
You can tell what users are members of particular AD groups and control access to functions based on AD group membership. Then you would only need one table that maps Apex functionality to AD groups.
That's what we do. Our account management people add users to different security groups and they get access to our apex app based on those groups. The type of access is controlled by the group to which they belong.
If you try to capture a list of all users, you'll be constantly trying to keep your list of users in sync with your AD/NTLM accounts.
Or I guess you could simply use LDAP queries inside the database to get a list of ALL your users in a nightly batch. Wouldn't help for people added in the middle of the day, but maybe that doesn't happen often in your company.
I have posted code on using Active Directory LDAP with dbms_ldap inside the database. Shouldn't be too much trouble to modify that code to scan your directory for users every night. Search for "dbms_ldap" in this forum.

TFS - Access Level - page not found when trying to add user

When I'm trying to modify some group under Limited Access Level I cannot do that because of the following error:
Page not found.
wrapErrorCallback/</<@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:175:37
endRequest@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:114:17
wrapErrorCallback/<@server/tfs/_static/tfs/12/_scripts/TFS/debug/Presentation/Scripts/TFS/TFS.Core.Ajax.js:141:1
jQuery.Callbacks/fire@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:984:10
jQuery.Callbacks/self.fireWith@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:1094:7
done@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:7815:1
.send/callback@server/tfs/_static/3rdParty/_scripts/jquery-1.8.3.js:8528:8
Any ideas why it happens?
Environment: Windows Server 2012 with latest updates, TFS 2013.4, user which is used for TFS is a member of local administrators group.

Hi Rybak,
Thanks for your reply.
Try to clean the Cache for TFS 2013 manually(delete the content of the folder only, not the cache folder itself):
Clean the Cache folder on Server machine. The folder path is:
C:\Program Files\Microsoft Team Foundation Server 12.0\Application Tier\Web Services\_tfs_data.
After cleaned, on Server machine, click Start and select
Run… to open the dialog box, then input iisreset.exe and click OK, wait it run completely.
If clean Cache cannot resolve this issue, please try to repair your TFS 2013 Update 4 Server, then check the result.
Additionally, you can run TFS 2013 Power Tools BPA to scan the installation of your TFS Server.
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

Access level with no modifier

Similar Messages

Maybe you are looking for