Authenticating URL in LDAP

Similar Messages

• How to read Authentication URL in HTTP System

  Hi,
  I have created HTTP System and have given authentication URL  . I need to read  authentication URL from the iview i created using <System.somenameforauthurl> property . Please let me know the System property name for authntication URL. I don't want to use app integrator since my iview only recognizes HTTP system. Thanks in advance.
  Regards
  Vasudevan Gopalan

  You will need to find the system by its alias, using http://help.sap.com/javadocs/NW04S/SPS09/ep/com/sap/portal/pcm/system/package-summary.html
  Then you can find the appropriate attribute.

• Authentication : accessing an LDAP via an external web service ?

  Hi,
  I know it is possible to use an external web service to authenticate a user on a portal.
  But I would like to know it is possible for a user to :
  - open hiw browser and navigate to the Enterprise Portal
  - the portal is asking a user and password
  - then the portal call a web service giving the user/password
  - the web service (enternal and already existing) check the authentication through the LDAP
  - the web service reply OK/NOK to the portal with a SAP USER ID (or another information)
  - the portal if authentication ok send a logon ticket to the user
  I didn't find any clear information telling it is possible.
  So if someone can help on this matter ...
  Many thanks.
  Naguy C.
  Edited by: NAGUY CAILLAVET on Feb 13, 2009 2:28 PM

  Hello,
  First, thank you Sandor for your answer.
  I understand that it is possible to create a BPEL process that exposes multiple operations/messages. This would be exactly what I need: a single process (web service) that will expose many operations. Could anyone, please, point me to such an example?
  So far I thought that there is possible to have only one operation exposed with a BPEL process, what is delimited between the receive/reply blocks (in the synchronous case).
  Regards,
  Marinel

• LDAP Authentication Scheme - Multiple LDAP Servers?

  How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.

  How to set up ldap authentication so that multiple ldap servers are available? Scenario: ldap service is replicated through several servers, but does not sit behind a common dns/reverse proxy connection, so applications would list each ldap server and attempt to contact each in order if one or more ldap servers is unreachable.

• Not authenticated from external ldap in a cluster

  I am having trouble getting authenticated from an Iplanet LDAP, when the weblogic is configured in a Cluster.
  -I can authenticate with Embedded LDAP domain wide
  -I can authenticate on the external LDAP if I send the request to Admin server
  Here is my cluster configuration (all with Weblogic 7.0 SP4)
  *Admin Server Port: 9209
  *Cluster server 1 : 7209
  *Cluster server 2 : 8209
  *Proxy server     : 9090 (configured with HttpClusteredServlet)
  http://myserver.com:9090/j_security_check fails
  http://myserver.com:9209/j_security_check works
  Please let me know what is wrong?

  "Bob" <[email protected]> wrote in message
  news:3f9fd466$[email protected]..
  I am having trouble getting authenticated from an Iplanet LDAP, when theweblogic is configured in a Cluster.
  -I can authenticate with Embedded LDAP domain wide
  -I can authenticate on the external LDAP if I send the request to Adminserver
  Here is my cluster configuration (all with Weblogic 7.0 SP4)
  *Admin Server Port: 9209
  *Cluster server 1 : 7209
  *Cluster server 2 : 8209
  *Proxy server     : 9090 (configured with HttpClusteredServlet)
  http://myserver.com:9090/j_security_check fails
  http://myserver.com:9209/j_security_check works
  Please let me know what is wrong?Are you sure that the ldap authentication is actually occuring? I would
  define the
  DebugSecurityAtn="true" attribute on the ServerDebug mbean for the cluster
  server members and then look at the log and the ldap_trace.log files to see
  what is happening with LDAP.

• Cisco ACS 5.2 authentication against multiple LDAP servers

  Hi Folks,
  I have a wireless network that uses ACS 5.2 to handle authentication.   The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment.    The authentication flow looks like this:
   - User tries to associate to WLAN
   - Authentication request is sent to ACS
   - Service selection rule chooses an access-policy (wireless_access_policy)
   - wireless_access_policy is configured to use my_ldap as identity source.
  A sister company is about to move into our offices, and will need access to the same WLAN.    Users in the sister company are members of a separate AD domain (sister_company_ldap).    I would like to modify the wireless_access_policy so that when it receives an authentication request it will query both my_ldap and sister_company_ldap, and return a passed authentication if either attempt is successful.     Is this possible?

  Assuming you're already authenticating using your AD binding and AD1 as your identity source, you can add a further LDAP server as another identity source and add this to your identity store sequence in your access policy to authenticate against both.
  You can also add multiple LDAP servers and add them both to the identity store sequence (if you're not using AD1).

• Authentication against both LDAP and BI repository

  I have a lot of user who are authenticated against LDAP. I need add few users who aren't exist in LDAP. I can create user in BI repository and if this user is in an Administrator group he is able to log in. But if this user isn't in an Administrator group he get error "Succesfull execution of intitializtion block LDAP is required". Is there any way how to authenticate users agains both LDAP and BI repository?

  Hi,
  why dont you create a group in ldap and add the correspondng users to that group.
  You can configure the LDAP server with that group and try...
  Hope it works...
  Regards
  Venkat

• Authentication Paramaters in LDAP/AD

  Hi Everybody, I have limited information about AD and LDAP. I am going to install one application in my server, and I need to setup some parameters from our LDAP or AD server.
  In our company , my user has limited access to "Active Directory Users and Computers".
  how can I find our AD is OU-Container or CN-Container base ? 
  For example: if my company full domain name is "AA.bb.com", how can I fill bellow authentication parameters?
  CN= admin_user, CN= Users, DC=, DC=
  or
  CN= Admin_user, O= ? , DC= , DC=
  More appreciated for your response.
  Marjan

  You can either use dsquery or Powershell cmdlet like
  Get-ADUser.
  Richard has a great Wiki article to explain LDAP filter syntaxes: http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
  For Get-ADUser, you can refer to this MS article and the shared examples: http://technet.microsoft.com/en-us/library/ee617241.aspx
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• JAAS Authentication Authorization 2 ldaps

  Hi,
  First, Sorry for my poor English. I have a problem with authentication and authorization in jboss portal. I need configure login-config.xml file with 2 login module(ldaps). The first ldap set the authentication and the second ldap set the authorization(roles). I have all user replicated in the two ldaps. Has anyone ever configured this?
  Thanks
  Regards
  Edited by: 872339 on 20-ene-2012 2:57

  Not a Kerberos/GSS question. Not an Oracle Java question. A JBoss question. Try a JBoss forum. Locking.

• Authentication against a LDAP

  All,
  We have a requirement where in we want to validate a user against the LDAP of our organisation.
  We wil like to build a simple JSP page.
  Questions that come to my mind is
  1> Can we create a Portal application that wil not ask for a Portal authentication and directly point to the JSP stored in a web application or a portal application?
  2> How complex is it to validate a user gainst an LDAP?
  3> After successful validation we will like the aplication to trigger an RFC is this possible?
  Thanks and Regards
  Pradeep Bhojak

  Pradeep,
  you have to create your own LogonModule to achieve your requirements (not only a jsp page). But on the other hand, why don't you configure your Portal UME to the LDAP anyway?
  kr, achim

• Wifi authentication: RADIUS or LDAP?

  I'm planning on installing an Aruba 2400 WLAN switch in our Netware 6
  network, for purposes of providing wireless network connectivity. The
  Aruba supports authentication via RADIUS or LDAP. Both are available to
  me (LDAP in NW6, RADIUS in BMgr 3.7, which we have). Which should I use?
  I know zilch about either one... Will either one allow my users to log
  in just once? TIA - JR

  Thanks very much for your response. I've been doing a lot of reading in
  this forum and learning a lot. I still want to pursue the original
  question, however, because in talking to an Aruba rep, I get the idea
  that it (the software in the Aruba 2400) can authenticate (802.1x)
  directly with LDAP on the NW server. If so, I could bypass the need to
  have a separate RADIUS server. Does that sound possible, or am I off
  track? Also, do you have any basis for choosing between the Funk or
  Aegis clients? Thanks again for your help! - JR
  Jim Michael wrote:
  > The only authentication mechanism that makes sense for wireless is to
  > use 802.1x, which implies a Radius server. The AP talks to the Radius
  > server, which in turn authenticates against your database (can be local,
  > LDAP, SQL, whatever). On the client side you will need an 802.1x
  > "supplicant" (client). While Windows XP ships with one, it is not very
  > useable in NetWare environments as you can't authenticate to the
  > wireless network *prior* to logging into eDirectory. To to that, you
  > need a third-party supplicant such as Funk's Odyssey or the Aegis client.
  >
  > On the server side, you will not be able to use the BM Radius server. It
  > does not have the necessary access methods such as EAP-TTLS, PEAP, etc
  > necessary for wireless authentication, and never will. You will have to
  > go with either the open source freeRADIUS product, or a commercial
  > Radius server such as Radiator, Stell Belted Radius, etc.
  >

• OpenLdap with ldap backend... / Authentication against another ldap

  Hey everybody,
  i'm trying to setup my OD that i can redirect the authentication of the user to a second ldap...
  The second ldap-server is ssl secured. I had a solution under debian. and so i'm looking for the moduleload and modulpath or olcModuleLoad olcModulePath for Mac OS X 10.5.
  But i can't find a place where i can activate modules.. i even can't find the modules... (In a default config file i found this):
  16 # Load dynamic backend modules:
  17 # modulepath /usr/libexec/openldap
  18 # moduleload back_bdb.la
  19 # moduleload back_ldap.la
  20 # moduleload back_ldbm.la
  21 # moduleload back_passwd.la
  22 # moduleload back_shell.la
  (in /etc/openldap/slapd.conf.default)
  but the modules doesn't exist...
  Can anyone help me how i can activate the ldap-backend in the mac osx 10.5?
  my debian config looks like this: (/etc/ldap/slapd.conf)
  30 moduleload back_ldap
  150 database ldap
  151 suffix MYSEARCHSUFFIX
  152 uri ldaps://server:port
  153 rebind-as-user yes
  What I mean/what i want to know is how to load the modules in openldap and where can i find them?
  I hope you can understand what i mean.... My english isn't the best
  Thanks for help
  greetings

  Sun Java System Web Server 7.0 was tested with Sun's Directory Server and MSAD. For MSAD, you need to add extra settings refer blog "Using Web Server 7 with Microsoft Active Directory"
  http://blogs.sun.com/jyrivirkki/entry/using_web_server_7_with
  Can you run the server with log level "finest" and see errro logs also see whether Web Server is trying to connect to your directory server and try to find out what the problem is.

• Authenticating URL gives IllegalArgumentException

  Hi,
  I am trying to connect to an URL by authenticating it.
  URL l_url = new URL(artemisServiceURL);
  URLConnection urlConnection = l_url.openConnection();
  String val = “<ARTEMIS_USER>:<ARTEMIS_PASSWORD>”;
  byte[] base = val.getBytes();
  String authorizationString = "Basic " + Base64.encode(base);
  authorizationString = authorizationString.replaceAll(“\\r|\\n”, “”);
  urlConnection.setRequestProperty ("Authorization", authorizationString);
  InputStream inputStream = l_url.openStream();
  But I get following error: -
  java.lang.IllegalArgumentException: Illegal character(s) in message header value: Basic QTIxMjE5NTpOMWdIdE1AcjM=
  To resolve this, I tried following: -
  - I googled about this error and it appears that it is some known bug in Base64 encoding that inserts '\n' character.
  Hence, I tried to replace all newline chars in authentication string but still it results in same error.
  - Also I tried type casting URL connection with HttpUrlConnection. But it also results in 400 : Bad request
  Please help.
  Thanks and regards,
  Amey

  Unfortunately, the Authenticator doesnt seem to have any effect?
  I am getting this in InputStream: -
       <html><head><title>Apache Tomcat/5.5.20 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;backgroun-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 401 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>This request requires HTTP authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/5.5.20</h3></body></html>
  Here is the code I used: -
  Authenticator.setDefault (new MyAuthenticator ());
  URL url = new URL (artemisServiceURL);
  InputStream content = (InputStream)url.getContent();
  if(content == null){
       messageManager.reportWarning("content = null");     
  }else{
  BufferedReader in = new BufferedReader (new InputStreamReader (content));
  String line;
  while ((line = in.readLine()) != null) {
  //code to print lines to log
  class MyAuthenticator extends Authenticator { 
       protected PasswordAuthentication getPasswordAuthentication() {
       return new PasswordAuthentication(ARTEMIS_USER, ARTEMIS_PASSWORD.toCharArray());
  What is going wrong now?

• Linux authentication against OID ldap

  Hi,
  How to use OID as an authentication server for linux users. So when a users logs on the linux machine get's his information from the OID /ldap server?
  What are the step to do this?
  Regards

  This link should help:
  http://www.oracle.com/technology/products/oid/pdf/unix_pam_oid_wp.pdf

• WLAN Controller Displays Interface IP in Web Authentication URL Instead of FQDN

  Hi,
  Can someone offer any help with the issue below please?
  I have a guest wlan configured on a Cisco 2106 WLAN controller. Guest users are redirected to a Web Authenticaion page when they try to access the internet through a web browser, and can only proceed by succesfully authenticating with the controller.
  The problem I have is that the guest users are presented with an SSL certficate error before they hit the web authentication page. I have installed an SSL certificate from Verisign on the controller, and have configured an FQDN for the interface that is used for the guest wlan. However, the certificate error still persists because when the user is re-redirected to the web auth page, the URL in the address bar is presented as the IP address of the interface instead of the FQDN, For example, when a user is redirected, the address bar in their web browser displays; https://1.1.1.5/ instead of https://guestwifi.domain.com/ The SSL certificate that is installed on the controller is securing the FQDN of the interface.
  I'm not sure if i'm missing something here, but i'm struggling to find how to get the FQDN to display instead of the IP.
  Thanks,
  Paul

  I'm not following what you mean when you sayd "FQDN for the interface that is used for the guest wlan"......
  I assume you configured the Virtual Interface  to have the dns entry as guestwifi.domain.com but clients are still being redirected to the virtual IP itself and not the dns name? 
  The only reason I can think of for that happening was if the WLC had not been rebooted since applying the DNS name to the Virtual Interface (it takes a reboot to modify client redirect stuff, the same goes for http vs https).
  so guestwifi.domain.com should have a DNS entry resolving to 1.1.1.5, that entry should be on your virtual interface, and upon reboot you should always redirect to guestwifi.domain.com unless you manually type https://1.1.1.5 in the browser.