Adapters Authentication
Hi everyone.
I am using a Marketplace adapter to receive messages.
When i use the URL
http://<host>:<j2eePort>/MessagingSystem/receive/MPA/MML
it asks me for a username / password (http basic authentication)
Can i turn this off? Note that this is a Java Adapter with the J2ee port.
<b>Or, can i send username and password in the URL? That would be perfect.</b>
We have a Third Party System, which send us messages to the Marketplace adapter.
They don't support Basic Authentication.
I've configured the Marketplace Adapter to use HTTP transport Protocol. (The other option was to use Sonic MS).
As far as i know, we need an URL to send messages to XI:
<b>Marketplace adapter</b>
(...)/MessagingSystem/receive/MPA/MML
<b>RNIF</b>
(...)/MessagingSystem/receive/RNIFAdapter/RNIF
<b>CIDX</b>
Any of this URLs prompts for username/password.
They have other clients with the same problem, but they can send the username and password on the URL, and asked me if this was possible in the webserver behind sap XI.
Message was edited by:
Jose Neves
Similar Messages
-
Dbms authentication in OBIEE 11.1.1.7.1
Hi all,
I have a problem with configuring dbms authentication in obiee 11.1.1.7.1. I followed the document below, and made all the steps.
Using Alternative Authentication Providers - 11g Release 1 (11.1.1)
Now, my problem is none of my dbms users can login to analytics. I can login using weblogic users, but when I try to search for any of the users from analytics, I get invalid GUID error. (I refreshed GUIDs, this is not related) According to debug steps my problem should be with adapters since I can login to em console with my db users after giving privilage, but I don't know what is wrong. Error from nqserver.log is below.
[tid: 152c] An error message was received from the BI Security Service: SecurityService::populateBIUserFromUserProfileUser XXXXXX has invalid guid 41414B494E4C49
[tid: 152c] An error message was received from the BI Security Service: SecurityService::populateBIUserFromUserProfileUser XXXXXX has invalid guid 41414B494E4C49 [[
[nQSError: 43113] Message returned from OBIS.
[tid: 152c] SecurityService::populateBIUserFromUserProfileUser XXXXXX has invalid guid 47434554494E4552
[tid: 152c] [nQSError: 43126] Authentication failed: invalid user/password.
[tid: 152c] SecurityService::populateBIUserFromUserProfileUser XXXXXX has invalid guid 47434554494E4552
[tid: 152c] [nQSError: 43126] Authentication failed: invalid user/password.
What do you think the problem could be? Any help would be appreciated.
Were anyone able to configure dbms authentication with 11.1.1.7.1 or 11.1.1.7?
Regards,
SethHi Seth,
I also facing the same issue in 7.0 and 7.1,
Have you resolved this issue?
if yes, please share me the solution.
thank you in advance. -
Unable to login using OAM Custom Authentication Plugin
Hi,
I have a problem with OAM Custom Authentication Plugin, My Plugin is Activate successfully. When try to login from Access Manager SSO login page, it is unable to login. I am getting followiing message in the log file.
I am return ExecutionStatus.SUCCESS from my Java code and I have only one step where I have attached Plugin and my Steps Orchestration is
On Success -> Success
On Failure -> Failure
On Error -> Failure
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:is_resource_protected.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Processing Event is_resource_protected
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Is Resource Protected status : success
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :is_resource_protected with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_valid_session.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_valid_session with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB User Authentication Scheme
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB User Authentication Scheme.
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB User Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=default, username=string, contextValue=OAM, password=sercure_string, challenge_url=/pages/login.jsp}
Authentication Module Name: = DB Authentication module
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication module.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector: ["PluginPhaseEvent.oracle.security.am.plugin.diagnostic.PluginPhaseEvent@6d6a08fb":" Collector : OAMS/OAM/Plugin/AUTHN/Plugin_SamplePlugin/PluginLocate
Type : PHASE_EVENT
Metrics : 511
LogLevel : OFF
EnableRate : false EnablePersistence : false"], registered at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: false.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Can anyone help me regarding this issue.
Thanks
Tamim KhanHi,
Little update about authentication plugin, please see the log file below, Result of Authentication Scheme Execution:true, now but, still the cookie is LOGGEDOUTCONTINUE and still I am unable to login.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB Authentication Scheme
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB Authentication Scheme.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=external, username=string, contextValue=/oam, password=sercure_string, challenge_url=http://192.168.1.220:14100/ssologin/ssologin.jsp}
Authentication Module Name: = DB Authentication Module
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication Module.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Set 1st Responce
Set 2nd Responce
Set 3rd Responce
Setting cookie
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: true.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Can anyone help me please.
Thanks
Tamim Khan -
Https for SOAP and HTTP Receiver adapters in PI 7.1
Hi,
We need HTTPS Transport protocol is required to send the message to receiver systems.
Currently we are using below procedures for https:
1) HTTP with SSL (= HTTPS) without client authentication
2) HTTP with SSL (= HTTPS) with client authentication
But client donu2019t want this procedure.
Here my question is How to enable the https Transport protocol in SOAP and HTTP Receiver adapters.>>Here my question is How to enable the https Transport protocol in SOAP and HTTP Receiver adapters.
What I see is your client wants PI to send communication via HTTPS transport protocol. That means you have to apply for trusted certificate and import that certificate root node in Netweaver keystore.
Then change the transport protocol from http to https in soap and http receiver communication channel and communicate to client via certificate authentication.
Plenty of documents available in sdn about https certificate authentication. Please go through those links.
check this thread.. might be helpful
Client Certificate for PI authentication when Web Dispatcher terminates SSL -
Workspace Credential Conflict between Logged-in User and the Authenticated User
Hi there,
I am running LiveCycle ES Update1 SP2 with Process Management component on WIN/JBoss/SQL Server 2005.
I have been encountering user credential conflicts from time to time, but it has not been consistent and the problem manifested in various ways, such as:
- problem when logging in with error "An error occurred retrieving tasks." on the login screen
- user logs in successfully but is showing somebody else queue(s) with his/her own queue with no task in there
- fails to claim task from group queue.
The stacktrace from the server.log file I collected from a production system shows the exception below.
Has anybody else encountered the similar problem?
It looks to me that it doesn't log out cleanly and some kind of caching is done on the authenticated session and is not cleaned up properly on user logout.
2009-07-10 15:05:13,955 ERROR [com.adobe.workspace.AssemblerUtility] ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
2009-07-10 15:05:13,955 INFO [STDOUT] [LCDS] [ERROR] Exception when invoking service 'remoting-service': flex.messaging.MessageException: ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
incomingMessage: Flex Message (flex.messaging.messages.RemotingMessage)
operation = submitWithData
clientId = F3D2CDD0-330F-F00B-C710-5AF3F7CB4138
destination = task-actions
messageId = 7E385A6B-E4E6-3A81-CD6A-630DF4FAE5BB
timestamp = 1247202313955
timeToLive = 0
body = null
hdr(DSEndpoint) = workspace-polling-amf
hdr(DSId) = F3C38977-171B-7BED-3B16-F3A5FE419479
Exception: flex.messaging.MessageException: ALC-WKS-005-008: Security exception: the user specified in the fill parameters (oid=F0FA390C-AECC-BB19-F0D7-6CA13D6CBF83) did not match the authenticated user (oid=F25892EE-80CE-8C24-E40D-881F631AA8BE).
at com.adobe.workspace.AssemblerUtility.createMessageException(AssemblerUtility.java:369)
at com.adobe.workspace.AssemblerUtility.checkParameters(AssemblerUtility.java:561)
at com.adobe.workspace.tasks.TaskActions.callSubmitService(TaskActions.java:788)
at com.adobe.workspace.tasks.TaskActions.submitWithData(TaskActions.java:773)
at sun.reflect.GeneratedMethodAccessor941.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at flex.messaging.services.remoting.adapters.JavaAdapter.invoke(JavaAdapter.java:421)
at flex.messaging.services.RemotingService.serviceMessage(RemotingService.java:183)
at flex.messaging.MessageBroker.routeMessageToService(MessageBroker.java:1495)
at flex.messaging.endpoints.AbstractEndpoint.serviceMessage(AbstractEndpoint.java:882)
at flex.messaging.endpoints.amf.MessageBrokerFilter.invoke(MessageBrokerFilter.java:121)
at flex.messaging.endpoints.amf.LegacyFilter.invoke(LegacyFilter.java:158)
at flex.messaging.endpoints.amf.SessionFilter.invoke(SessionFilter.java:44)
at flex.messaging.endpoints.amf.BatchProcessFilter.invoke(BatchProcessFilter.java:67)
at flex.messaging.endpoints.amf.SerializationFilter.invoke(SerializationFilter.java:146)
at flex.messaging.endpoints.BaseHTTPEndpoint.service(BaseHTTPEndpoint.java:278)
at flex.messaging.MessageBrokerServlet.service(MessageBrokerServlet.java:315)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at com.adobe.workspace.events.RemoteEventClientLifeCycle.doFilter(RemoteEventClientLifeCycle .java:138)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:81)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.jboss.web.tomcat.security.CustomPrincipalValve.invoke(CustomPrincipalValve.java:39)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja va:159)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:59)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11P rotocol.java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
at java.lang.Thread.run(Thread.java:595)
KendyI am having the same server issue and i cant get hold of SP3 to fix it. can anyone tell me how to fix this problem or provided a link where i can get SP3 from? Ive spent most of the day on the phone to Adobe Support and they have been unable to provide me with a link to the service pack.
-
Need some Guide regarding Configuration of Sender Mail Adapters....
Hellow All Members,
Can anybody refer me to some blogs other than SAP's own help which talks about use and configuration of sender mail adapters...
Thanks in Advance,
SugataHi Sugata,
These links i guess should help you understand clearly as to how to configure your sender mail adapter.
<a href="http://help.sap.com/saphelp_nw04/helpdata/en/23/c093409c663228e10000000a1550b0/frameset.htm">Configuring the Sender Mail Adapter</a>
<a href="/people/prasad.ulagappan2/blog/2005/06/07/mail-adapter-scenarios-150-sap-exchange-infrastructure Adapter scenarios SAP Exchange Infrastructure</a>
<a href="/people/michal.krawczyk2/blog/2005/03/07/mail-adapter-xi--how-to-implement-dynamic-mail-address Adapter (XI) - how to implement dynamic mail address</a>
Also refer these links:
http://www.microsoft.com/exchange/evaluation/compare/ClientCompare.mspx
http://www.microsoft.com/exchange/evaluation/whatis.mspx
http://www.trincoll.edu/depts/cc/documentation/email/IMAP_vs_POP/default.htm
http://www.imap.org/papers/imap.vs.pop.brief.html
Also please go through these notes:
<b>804102</b>
xi 3.0 mail adapter with pop3 user authentication problem
<b>810238</b>
XI 3.0 Mail Adapter for POP3 may not report some errors
Just an additional info <b>"sender mail adapter is to convert e-mails to XI messages"</b>
Regards,
abhy -
Server does not support PLAIN or LOGIN authentication
I try to send mail via XI Mail adapter. My settings are below
Transport protocol : SMTP
Message protocol : XIPAYLOAD
url : smtp://10.44...
Authentication Method : Plain
User : ...
Password...
From :
To : ....
But i give this error "server does not support PLAIN or LOGIN authentication"..
I think I use SSL or something else, but I dont know how to do by using Mail adapter..
Or Why do i get this error ?
ThanksHello Tuncer,
In your case, you need to first enable SSL on your PI server, which requires some effort. Here are the links for SSL configuration for AS ABAP and AS Java:
http://help.sap.com/saphelp_nw70/helpdata/en/0d/a22640632cec01e10000000a155106/content.htm
http://help.sap.com/saphelp_nw70/helpdata/en/56/a12640632cec01e10000000a155106/content.htm
After that, you need to exchange client certificates between your PI and mail server so that the two systems will accept each other's logon tickets. Only after that you can use your mail adapter with SSL. All adapters that run on the adapter engine use Java AS's authentication mechanisms, so SSL should be enabled for your AS Java, you cannot enable it only for the mail adapter.
I recommend trying this scenario with another mail server that doesn't require SSL first with plain authentication. Then you can go for SSL, but you will probably need an experienced basis guy to help you for the configuration.
Hope this helps,
Regards / selamlar
Gökhan -
I have some Aironet 350 PCI cards fitted to some Compaq P4 desktop computers running WinXP Pro. These computers are part of a Domain and log in automatically using a few registry changes. This is the problem.
When the machines log in the Wireless adapters have not finished their authentication and have not received a new IP address, but the machine still logs in. I need to make the machine wait for the Aironet card to finish it's authentication or start the authentication process earlier. Has anyone got any ideas.
Many thanks for your time.
MikeI have tested this with APs config'd with Network-EAP and Open-Require EAP. In this scenario Max Assoc does not prevent attempted associations by non-LEAP-enabled clients, which are locally authenticated (associated but unauthenticated) and claim one of the allocated associations. This can effectively block legitimate client associations/authentications. I think that local MAC filtering is the only override, and/or disabling Open authentication (forcing LEAP). Using the ACS, you can create or map External DB Users to ACS Groups and limit their access to certain NAS (AP) entries.
-
Hi forum,
There is several days that I try to authenticate my web application against active directory using LDAPLoginModule.
Before I have tried to deploy it on embedded OC4J of Jdev 10.1.3. But it didn't works (see this thread --> JAAS - LDAPLoginModule [jdev 10.1.3]
I was not sure that embedded OC4J server supports LDAPLoginModule, so I have tried to deploy it on OAS. But it still doesn't work :(
I'm specified the access to the ldap server in the deployment descriptor (orion-application.xml) and I see it in the EM.
I provide the correct user name and password for login, but still get an authentication failure for invalid credentials and the logs files dont shows anything about connexion to ldap server.
I have enabled jazn logs with the "-Djazn.debug.log.enable=true" java option in the $OracleAS\j2ee\oc4j_opmn.xml file but it changes anything (is it true to add this option here ?)
I would like also try my ldap connection with ldapbind tool but it doesn't exist in the $OracleAS\Bin folder.
I have also some errors/warnings in logs files:
Note: Some input files use unchecked or unsafe operations.
Note: Recompile with -Xlint:unchecked for details.
WARNING: Code-source C:\product\10.1.3\OracleAS_\j2ee\home\applications\HRapp\webapp1\WEB-INF\lib\dc-adapters.jar (from WEB-INF/lib/ directory in C:\product\10.1.3\OracleAS_\j2ee\home\applications\HRapp\webapp1\WEB-INF\lib) has the same filename but is not identical to /C:/product/10.1.3/OracleAS_1/BC4J/jlib/dc-adapters.jar (from <code-source> in /C:/product/10.1.3/OracleAS_1/j2ee/home/config/server.xml). If it contains different versions of the same classes, it will be masked as the latter is already visible in the search path of loader HRapp.web.webapp1:0.0.0.
GRAVE: CoreRemoteMBeanServer.fetchMBeanServerEjbRemote oc4jadmin is not allowed to call this EJB method, check your security settings (method-permission in ejb-jar.xml and security-role-mapping in orion-application.xml). for URL: ormi://ORD224.ch
.btg.local:12401/defaultoracle.oc4j.rmi.OracleRemoteException: oc4jadmin is not allowed to call this EJB method, check your security..
I have to map the logical roles with the ldapmodule roles to resolve this error ?
Thanks for your help.I have logs from LDAPLoginModule only if an option property is not right:
WARNING IllegalArugumentException: LDAPLoginModule option property [oracle.security.jaas.ldap.provider.type] is not defined!
If only values of options are not ok. eg oracle.security.jaas.ldap.provider.url = xyz, logs doesn't show that OC4J could'nt connect to the ldap server.
In this case, logs show only: NOTIFICATION User with name stone does not exist.
what it means ? The module install is it ok ? or not ? -
802.1x Wireless Authentication with 10.8.4 Build 12E3067
Hello All,
Work in a school and we use 802.1x authentication for Wi-Fi and access to our server and Staff wireless VLAN. We use a login window profile that authenticates with our Active Directory.
Previous and working set up was MBA (Mid 2012) 5,1. Running OS 10.8.4 build 12E55. This OS was downloaded from Mac App Store. Bound to domain and using authorization certificates for our active directory controllers. Created Wi-Fi 802.1x authentication profile with Profile Manager on 10.8 server. No issue. Units authenticate with server at user login, join Wi-Fi and mounts home folder.
New and not working set up is MBA (Mid 2013) 6,2 running OS 10.8.4 build 12E3067. This unit will not run build 12E55, boots to prohibitory sign. Unit is set up with same certificates and 802.1x profile. When first booting up the Wi-Fi signal appears to be attached to the network, unlike previous setup when unit will Wi-Fi indicator will appear disconnected until user logs in. 90% of the time new units will not authenticate. States unable to connect to server and then loads into mobile user account. Will not attached to Wi-Fi. There are instances when it does authenticate properly. However logging out and then back in will cause the failure.
Also note, I have made an image of the 6,2 MBA with build 12E3067 and installed in on MBA 5,1. Same Failure happens. This leads me to believe the issue lies in OS 10.8.4 build 12E3067.
Troubleshooting:
-I have taken OS build 12E3067 on MBA 6,2 (failing to authenticate) and removed Wi-Fi profile. Unit authenticates over Ethernet with no issue. Add profile back and issue surfaces.
-Created new profile using profile manager and issue continues. Verified proper certificates are being used. Would the previous profile
-Restarted domain controllers. Issue continues.
Any thoughts or questions would be appreciated.did you find any resolution to this? our mba- mid 2013 deployment is having a very similar problem. We've gone through loads of troubleshooting and have yet to come to a resolution. all our mid 2012 mba's are working fine they're 10.7.5/10.8.4 mixed. console logs don't show much, i'll try the wireless diags tomorrow. our other 10.8.4 build appears fine on other models of machines. i've read posts about deleteing the adapters, deleting the system config plists and changing the mtu size, these steps do not work for us.
we don't have as high a failure rate with our deployment, but 25%-30% of our clients randomly drop connectivity and are unable to reconnect (fluttering wi-fi wave). when you slect the wifi symbol in the menu bar other wireless networks do not show, the 'looking for networks' fly wheel continues to spin. ocasionaly on login the yellow jelly bean will appear then disappear before finally timeing out without logging the user in (depsite having mobile accounts enabled). mostly the problem manifests itself when waking from sleep - the wifi symbol flutters endlessly without connecting. deleting the 8021x profile and readding it will reenable connectivity. we've tried new profiels, but to the same end. i know our certs and systems are fine because previous mac os x builds work fine as do our windows clients.
any input would be much appreciated. -
802.1x wlan authentication wont work with Access Connections
Hi - hope someone can help. I have a WLAN configured to use 802.1x authentication using PEAP, passwords and an internal CA.
I can conect and authenticate a wireless client using the inbuilt windows wireless client; i am unable to connect when i configure Access Connections on the same computer with the same wireless settings. This is really annoying.....
The version of access connections is 5.21 running on windows XP SP3. Laptop is T61.
The connection fails as Access connections seems to think that there is no certificate installed on the client; there is and of course this would not have worked with the windows wireless client.
error message is:
The identity of the server was rejected. Verify that the correct server name has been specified in the 'Validate Server Certificate' section of the profile.
Any suggestions appreciated.
Thanks.did you find any resolution to this? our mba- mid 2013 deployment is having a very similar problem. We've gone through loads of troubleshooting and have yet to come to a resolution. all our mid 2012 mba's are working fine they're 10.7.5/10.8.4 mixed. console logs don't show much, i'll try the wireless diags tomorrow. our other 10.8.4 build appears fine on other models of machines. i've read posts about deleteing the adapters, deleting the system config plists and changing the mtu size, these steps do not work for us.
we don't have as high a failure rate with our deployment, but 25%-30% of our clients randomly drop connectivity and are unable to reconnect (fluttering wi-fi wave). when you slect the wifi symbol in the menu bar other wireless networks do not show, the 'looking for networks' fly wheel continues to spin. ocasionaly on login the yellow jelly bean will appear then disappear before finally timeing out without logging the user in (depsite having mobile accounts enabled). mostly the problem manifests itself when waking from sleep - the wifi symbol flutters endlessly without connecting. deleting the 8021x profile and readding it will reenable connectivity. we've tried new profiels, but to the same end. i know our certs and systems are fine because previous mac os x builds work fine as do our windows clients.
any input would be much appreciated. -
802.1x wireless authentication using NPS - SSO sign on to Office 365 using ADFS
Hi Spiceys,I'm researching for a potential client and would like to know if the following is possible:They have an existing wireless network with a working 802.1x implementation using NPS as RADIUS. They are very keen to move to Office 365 and use SSO and my understanding is that they'll need to spin up a working ADFS implementation to arrange this. We want to use Microsoft tech to tie it all in, so 3rd party SSO apps I don't want to investigate.If a wireless client is authenticated with NPS, and we have a working ADFS implementation are they able to access Office 365 resources without signing in twice? I'd imagine that the NPS auth would give them the necessary DC token, but if they access O365 resources and get redirected to the ADFS website and use Windows integrated login, will it 'just work' ? They are looking at using the full...
This topic first appeared in the Spiceworks Communitydid you find any resolution to this? our mba- mid 2013 deployment is having a very similar problem. We've gone through loads of troubleshooting and have yet to come to a resolution. all our mid 2012 mba's are working fine they're 10.7.5/10.8.4 mixed. console logs don't show much, i'll try the wireless diags tomorrow. our other 10.8.4 build appears fine on other models of machines. i've read posts about deleteing the adapters, deleting the system config plists and changing the mtu size, these steps do not work for us.
we don't have as high a failure rate with our deployment, but 25%-30% of our clients randomly drop connectivity and are unable to reconnect (fluttering wi-fi wave). when you slect the wifi symbol in the menu bar other wireless networks do not show, the 'looking for networks' fly wheel continues to spin. ocasionaly on login the yellow jelly bean will appear then disappear before finally timeing out without logging the user in (depsite having mobile accounts enabled). mostly the problem manifests itself when waking from sleep - the wifi symbol flutters endlessly without connecting. deleting the 8021x profile and readding it will reenable connectivity. we've tried new profiels, but to the same end. i know our certs and systems are fine because previous mac os x builds work fine as do our windows clients.
any input would be much appreciated. -
User IDs in adapters - XI Proxy, RFC
Hi mates,
I've created receiver adapters of type XI and RFC for an SAP R/3 business system. In these adapter parameters, what is the <b>ideal</b> user ID that needs to be specified? Should it be a service user id or dialog user id? What should be the optimal authorizations for it.
At the moment, I've specified my own user id and the adapters are working successfully. But, I foresee an issue with this method as I would be required to change the password at regular intervals.
What are the best practices regd the user ids in adapters? Please share your experiences.
I appreciate your inputs.
thx in adv
praveenHi Praveen,
I would suggest the use of a user of type "Communications" and have SAP_ALL assigned....
a user of type "Service" still has dialgo access whihc i donot think you would want...
pls see the types of users and their help...
User Type
Dialog 'A'
A normal dialog user is used by one person only for all types of logon.
During a dialog logon, the system checks for expired and initial passwords and provides an option to change the password.
Multiple dialog logons are checked and logged if necessary.
System 'B'
You use a user of type System for communication without dialog within one system (for RFC or CPIC service users) or for background processing within one system.
Dialog logon is not possible.
A user of this type is excluded from the general settings for password validity. Only the user administrator can change the password using transaction SU01 (Goto -> Change Password).
Communication 'C'
You use a user of type Communication for communication without dialog between systems (for RFC or CPIC service users for various applications, for example, ALE, Workflow, TMS, CUA).
Dialog logon is not possible.
Service 'S'
A user of the type Service is a dialog user that is available to an anonymous, larger group of users. Generally, this type of user should only be assigned very restricted authorizations.
For example, service users are used for anonymous system access via an ITS service. Once an individual has been authenticated, a session that started anonymously using a service user can be continued as a personal session using a dialog user.
During logon, the system does not check for expired and initial passwords. Only the user administrator can change the password.
Multiple logon is allowed.
Reference 'L'
Like the service user, a reference user is a general user, not assigned to a particular person. You cannot log on using a reference user. The reference user is only used to assign additional authorization. Reference users are implemented to equip Internet users with identical authorizations.
On the Roles tab, you can specify a reference user for additional rights for dialog users. Generally, the application controls the allocation of reference users. You can allocate the name of the reference user using variables. The variables should begin with "$". You assign variables to reference users in transaction SU_REFUSERVARIABLE.
This assignment applies to all systems in a CUA landscape. If the assigned reference user does not exist in one of the CUA child systems, the assignment is ignored.
Thanks,
Renjith. -
What are the security things we can consider with each adapter...
can some one elaborate.....Hi,
Advantages and desadvantages of each adapter
we cant really sketch the pros and cons of the adapters rather we need to know why and for which application we need to use the adapter. For example File adapters can only be used for file processing and if u want to invoke a file request from a webservice it is not posible.....likewise we can point it down.
u can refer this link to understand the adapter attributes,
http://help.sap.com/saphelp_nw70/helpdata/en/ae/d03341771b4c0de10000000a1550b0/content.htm
also to check the pros and cons of the adapter from ur POV refer to the labove below to know which adapter supports sync and async commnunication . adapters with QoS BE supports sync commnunicaion others not
Question: How do I use the security mechanisms of my JMS provider (such as encryption and client authentication)?
Answer: For the most part, you cannot use them at present. JMS does not specify an API for controlling and calling security functions, and therefore JMS cannot control them. In theory, it is possible for the JMS administered objects to be preconfigured with security attributes and created in an LDAP directory that the JMS adapter accesses using JNDI. For the most part, however, this solution is incomplete. It requires additional data (such as the client or server certificate) to be transferred frequently when the QueueConnectionFactory or the queue is created, using methods that are specific to the provider (because they are not specified by JMS, see above). In general, a normal JMS adapter does not recognize these methods.
Please reward points if it helps
Thanks
Vikranth -
Hi All,
I have exposed my outbound interface as a webservice sucessfully
But the problem is I need to provide a User Id to contact XI SOAP adapter. I dont require any authentication for this webservice client. How can I disable the authentication check for this particular webservice.
I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?
Regards,
Jai ShankarJai,
><i>How can I disable the authentication check for this particular webservice.</i>
Check this thread. But this will turn of Authentication for all SOAP Sender Adapters.
User Names and Passwords in SOAP adapter
><i>I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?</i>
Its either for all SOAP adapters or for none . there is no middle ground.
Better way is to use Access Control List.
Regards
Bhavesh
Maybe you are looking for
-
Need to Add and Remove Columns of ADF Read Only table from Backing bean
I have a scenario where I am trying to Populate TransientVO which is shown has a ADF Read Only Table in page. I have couple of Check Boxes Based on their selection I am trying to render and hide certain Columns. But the Issue which I am facing is onl
-
Auto Update configuration values in PO
Hi all,, For Configurable material we have characteristics values. In PO, we have nth number of Material item and each item have different characteristics values. User has to manually maintained characteristics values at each item level. Can't it be
-
Re: Can't purchase online
Did you ever get a solution to this problem? I have the same issue and have done the same as you to fix it and still getting the white screen.
-
Any suggestions - my iPhoto Album won't upload, it gets about 10% into the 'upload' stage as just crashes. It is quite a large album - 50 pages could this be the problem, and if so what is the approximate limit for an Album
-
Material availability check error
Hi, all my stuff is make to order production.So sales order generates requiremets and i cinvert it in to production order. My problem is the configuration is in such a way that i can not release a production order untill all the components are availa