ADF Security Log Out issue

Similar Messages

• ADF Security using sqlauthenticator issue unable to login

  Hi,
  AM using jdev 11.1.2.3
  I followed these blogs to configure adf security using sql authenticator
  http://biemond.blogspot.in/2008/12/using-database-tables-as-authentication.html
  http://hazem-adf-tips.blogspot.in/2012/06/adf-security-database-authentication.html
  am unable to login.. I can able to see the users and roles in WL admin console. When i am giving the user credentials it is redirecting to error page saying unauthorized .
  plz can anybody help me out from this issue.
  Thanks,
  Nitesh

  HI Timo,
  I have created application roles admin and user. Unable to create enterprise role with same name. When i am trying to map application role with enterprise role it is not displaying in mapping window..
  The following log message
  Removing existing role admin
  creating new role admin.
  with this it is recreating the new role and role id gets change when ever i m restarting my server and deploying the application..
  Thanks,
  Nitesh

• Auto log out issue

  Since upgrading to Maverick, my iMac has started to log out after about 15-20 minutes of inactivity. The energy settings are 1hr computer sleep and 10min display sleep.  And I have tried both unchecking the auto log out in “Advanced” Security & Privacy, and checking the box and setting it to 360min. Also tried deleting a couple of the Library/Preferences files that have been suggested before.
  The computer first goes to screen saver at 10min, it can be awakened to the desktop, but if you leave it inactive for 15-20 min it will first go to the screen saver, then log out after another 5-10 min to the login screen. The apps that were open will re-open when you log back in.
  iMac 2.66 Core 2 Duo(early 2008), 4 GB SDRAM(early 2008), OS X 10.9.1

  I would like to add to this issue, just noticed that even though the screen saver is now set to 15 min, the display goes to screen saver at ~5 min. The clock in the upper right corner shows the correct time.

• Log out issue in Employee Self service

  We are encountering an error when people click on log out in self service page
  Once all the steps are done such as adding a dependent and making elections, a confirmation page comes up with the summary of benefits info. At this point, there is a "Log Out" button alongside with "Back", "Printable Page" and "Return to Overview". All the other buttons work fine but if we click on Log out, instead of logging out, it displays a "page cannot be displayed error". Strange thing is if we click on 'Back' it goes to Benefits summary page and allows us to navigate as if the session is active.
  Can anyone advise?
  Verified the Oracle system requirements and everything passed. Tested this on Windows 7 with IE8 configuration and as well as with XP but still the same error.
  P.S. This Log out is different from the button which appears on top right hand corner of the page which appears alongside Help button.
  Thanks!

  Hi Shaik,
  I guess if you have the latest notes (Personas client + kernel notes), then session should be killed once you either navigate away from personas or close your browser.
  I just tested on IE and chrome, seems working for me. If issue continues, please raise a message so that dev team can look into it.
  And of course, you can change the timeout parameters based on the message what Steve has posted above. But in your case, session should be killed immediately.
  I would recommend you to verify your installation based on blog below before opening a message:
  SAP Screen Personas - How to configure the system (troubleshooting FAQ)
  Regards,
  Sushant

• Logging out issues

  I'm having a issue where whenever my users log out, they
  really don't logout. Their login is cached and until they delete
  all of their browser items, they are still logged in. What type of
  code do I need to use to have them actually log out when my logout
  script runs, and not make them have to clear everything in their
  browser?
  Thanks,
  Jordon

  I'm wondering if maybe my application script has anything to
  do with it.
  <CFAPPLICATION NAME="xxxx"
  CLIENTMANAGEMENT="Yes"
  SESSIONMANAGEMENT="Yes"
  SESSIONTIMEOUT=#CreateTimeSpan(1,0,0,0)#
  APPLICATIONTIMEOUT=#CreateTimeSpan(1,0,0,0)#>
  <!--- Set these variables when site goes live --->
  <cfset dsn = "xxxx">
  <cfset dsn2 = "837">
  <cfset adminemail = "xxxx">
  <cfparam name="application.pidkey" default="tnfp08rt">
  <cfif not isDefined("session.rollCount")>
  <cfset session.rollCount = 1>
  <cfset application.lastUser =
  iif(isDefined("application.currentUser"),
  "application.currentUser", DE("Nobody"))>
  <cfset application.currentUser =
  iif(isDefined("client.clientName"), "client.clientName", DE("guest
  from #CGI.REMOTE_ADDR#"))>
  <!--- Test for cookies --->
  <cfcookie name="isOn" value="testing">
  <cfset session.addToken = client.URLToken>
  <cfelse>
  <!--- Check to see if cookies are on. If no, make a query
  string variable with the CFID and CFTOKEN. --->
  <cfset session.addToken = iif(not
  isDefined("cookie.isOn"), DE("#client.URLToken#"), DE(""))>
  </cfif>
  <!---
  <CFHEADER NAME="Expires" VALUE="01 Jan 2000 00:00:01
  GMT">
  <CFHEADER NAME="Pragma" VALUE="no-cache">
  <CFHEADER NAME="cache-control" VALUE="no-cache, no-store,
  must-revalidate">

• Log out issues

  I'm having problems logging out of any account that isn't the admin.
  All Apps and the finder quit but the desktop remains. the power button dialog window appears but sleep, restart, shut down & log out commands are ignored.
  Help?

  The issues seems to be connected to 'fast user switching' since everything works perfect when it's off.

• OS5 Security: Log out required to refresh?

  Question:
  Using OS5.0 SP2, when I make a change to a user's profile, must that user log out and back in for that update to become effective?
  If this is the case, what happens if the update is being applied is more restrictive...and, the user never logs out? Does he continue reaping the benefits of the (older) less restrictive profile until he decides to restart?
  Is there any way to force an update or user to restart? I read somewhere the updating the template version number forces an update, but I'm not sure if that is true.

  Yes, the security profile is only read at login.  If you change it while they are are logged into the application , it would not take effect till their next login.  The template version only forces an update of the locally cached templates but it too only causes the update to happen at login.  No, there isn't a way to force the client (e.g. Excel) to close down based on a security update.

• LOG OUT Issue In personas

  Hi,
  I have created persona's screen for ME22n. If user logged in and  made some changes to PO, then the user close the browser directly without log out.
  in this scenario the PO is still in locked by the user. is there any way in peronas I can make the user log out once the window is closed.
  Thanks,
  Shaik Shadulla.

  Hi Shaik,
  I guess if you have the latest notes (Personas client + kernel notes), then session should be killed once you either navigate away from personas or close your browser.
  I just tested on IE and chrome, seems working for me. If issue continues, please raise a message so that dev team can look into it.
  And of course, you can change the timeout parameters based on the message what Steve has posted above. But in your case, session should be killed immediately.
  I would recommend you to verify your installation based on blog below before opening a message:
  SAP Screen Personas - How to configure the system (troubleshooting FAQ)
  Regards,
  Sushant

• How do I log out imessage if I didn't use my personal mac, how do I log out imessage if I didn't use my personal mac

  how do I log out imessage and facetime if I did not use my own personal MacBook.

  you could try to login to icloud.com and in settings Advanced Data & Security log out of all browsers. Or you could just 'phone' your 'friend' and tell them to log out?

• Automatic Log-out while iTunes is playing

  For a long time neither I nor Apple technical representatives were able to figure out why my system would automatically log out after some time when its only activity was playing something in iTunes.
  Finally I figured out that playing something in iTunes disables automatic sleep settings, but it does not disable automatic log-out in System Preferences > Security > "Log out after _ minutes of inactivity". In order to prevent automatic log-out, you have to disable this setting.
  I wonder if this is an oversight in the iTunes program, because other programs (e.g. Pages, Numbers) cancel this automatic log-out if there is an unsaved document open. Having something playing in iTunes really should do this as well.

  Thanks so much for posting this solution. Was driving me nuts. Using Airtunes to provide party music was consistently getting embarrassing just as we were sitting down to dinner and I had to excuse myself to get up to log-in on the computer again.... ridiculous... can't thank you enough for pointing to the solution.

• FaceBook APP.... logging out problems... kicks me out

  I have tried everything ..I think. Is anyone out there have Facebook log out issues when you are trying to look at notifications or upload a picture or just about anything else? I've synched this thing and restarted and deleted and reloaded but still having issues after all that. I have the Iphone 3GS...any HELP is appreciated

  Oh, well, I didn't know that. I figures since I can log in everywhere else with no issue except my phone, that it was a phone issue. My bad!
  So, where can I ask to get an answer to my question?

• Issue with logging out in adf security

  I have three pages. Login, error and welcome.
  The first page visible during runtime is login.
  I have username, password fields and login button in it.
  the action of login button is mapped to this :
  public String doLogin() {
          byte[] pw = getSPassword().getBytes();
          FacesContext ctx = FacesContext.getCurrentInstance();
          HttpServletRequest request =
              (HttpServletRequest)ctx.getExternalContext().getRequest();
          CallbackHandler handler =
              new SimpleCallbackHandler(getSUserName(), pw);
          try {
              Subject mySubject = Authentication.login(handler);
              ServletAuthentication.runAs(mySubject, request);
              ServletAuthentication.generateNewSessionID(request);
              String loginUrl =
                  "/adfAuthentication?success_url=/faces" + "/Welcome.jspx";
              HttpServletResponse response =
                  (HttpServletResponse)ctx.getExternalContext().getResponse();
              sendForward(request, response, loginUrl);
          } catch (FailedLoginException fle) {
              FacesMessage msg =
                  new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect Username or Password",
                                   "An incorrect Username or Password" +
                                   " was specified");
              ctx.addMessage(null, msg);
          } catch (LoginException le) {
              reportUnexpectedLoginError("LoginException", le);
          return null;
      }This takes me to welcome page.
  I have a golink control in this page.
  The destination of golink is:
  "#{securityContext.authenticated ? "/adfAuthentication?logout=true&end_url=/faces/Error.jspx"
  : "/adfAuthentication?success_url=/faces/Login.jspx"} "
  (I dont know what this el means. i believe it sets logout to false)
  It takes me to error page.
  I believe I should be logged out now. But when I press back in browser it takes me back to welcome page.
  I put an af:output text with value security.authenticated and it shows true.
  So created a servlet
  public class LogoutServlet extends HttpServlet {
      public void init(ServletConfig config) throws ServletException {
          super.init(config);
      public void doGet(HttpServletRequest request,
                        HttpServletResponse response) throws ServletException,
                                                             IOException {
          request.getSession(true).invalidate();       
          response.sendRedirect("faces/Error.jspx");
      public void doPost(HttpServletRequest request,
                         HttpServletResponse response) throws ServletException,
                                                              IOException {
          doGet(request, response);
  }registerd it in web.xml as url pattern logout.
  Set the destination of golink as logout.
  But still the same results.
  Where did i go wrong?
  the role of welcome.jspx is authenticated-role
  Edited by: josetuttu on Jul 7, 2011 2:17 AM

  Hi , your problem is arising when user presses the back button of the browser , web browser shows the page from its cache. If you want that
  on pressing the back button users should not view the previous pages you must stop web browser from caching the page to its local memory.
  It can be done by adding the following code in the jsp:root tag of jsf (.jspx) page.
    <jsp:scriptlet>
    // Set to expire far in the past.
        response.setDateHeader("Expires", 0);
    // Set standard HTTP/1.1 no-cache headers.
       response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
    // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
       response.addHeader("Cache-Control", "post-check=0, pre-check=0");
    // Set standard HTTP/1.0 no-cache header.
       response.setHeader("Pragma", "no-cache");
  </jsp:scriptlet>Now when ever page is loaded the web browser will never cache the local copy of web pages and hence users will not be allowed to view previous pages when clicking back button
  on browser .
  Hope this helps.

• Repeated logging out of secure site when trying to navigate around the site

  When signed into a particular secure web site summary page a click to redirect to a subsidiary page causes log out with error message on the site not to use back button - which I'm not.

  Many site issues can be caused by corrupt cookies or cache.
  * Clear the Cache
  Firefox/Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  and
  * Remove Cookies
  '''''Warning ! ! '' This will log you out of all sites you're logged in to.'''
  Press the '''Alt''' or '''F10''' key to bring up the tool bar.
  Followed by;
  Windows; '''Tools > Options'''
  Linux; '''Edit > Preferences'''
  Mac; ''application name'' '''> Preferences'''
  Then '''Privacy.'''
  Under '''History''', select Firefox will '''Use Custom Settings'''.
  There is a button on the right side called '''Show Cookies'''.
  If there is still a problem,
  '''[https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode Start Firefox in Safe Mode]''' {web link}
  While you are in safe mode;
  Press the '''Alt''' or '''F10''' key to bring up the tool bar.
  Followed by;
  Windows; '''Tools > Options'''
  Linux; '''Edit > Preferences'''
  Mac; ''application name'' '''> Preferences'''
  Then '''Advanced > General.'''
  Look for and turn off '''Use Hardware Acceleration'''.
  Poke around safe web sites. Are there any problems?. Then restart.

• I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

  I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

  Hi
  Secure Zone login feature will only work if you host your website with Business catalyst.
  Please take a look to this as an alternative
  Password Protect Pages Widget for Adobe Muse
  Also, check this thread,
  Re: Can I create a login/password protection in Muse for a HTML5 page or two?

• Issue in ADF security

  Hi All,
  Jdev version: 11.1.1.3.0
  I have configured form based ADF security for my ADF application. Also I have created Application roles and associated roles also.
  In ADF application i have Home.jspx. Once i run the Home.jspx it should open a login.html . But in my case once i run Home.jspx it opens directly Home.jspx
  and displays the content.
  If i run login.html it opens a Login.html, and once i provide user credential and click on Login Button I am getting below error.
  Error 403--Forbidden
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  10.4.4 403 Forbidden
  The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
  Please anybody help me out to achieve this??
  Thanks,
  Santosh M E

  Hi,
  which option did you choose for the authorization? Grant to all objects? If so then all your pages are granted to the test role, which means they are granted to anonymous
  Frank