Authentication Proxy

Similar Messages

• How to use Axis to access a web service through Authentication  proxy

  Using axis access internat web service is success,but access a web service through Authentication proxy is failure.But other java classes connect through a proxy to the internet which works very well:
  please help me ,thank you!!!
  import org.apache.axis.client.Call;
  import org.apache.axis.client.Service;
  import javax.xml.namespace.QName;
  //this is my access webservice faliure   codes
  public class TestClient
     public static void main(String [] args) {
         try {
              System.getProperties().setProperty("http.proxySet", "true");
              System.getProperties().setProperty("http.proxyHost","proxy.com");
              System.getProperties().setProperty("http.proxyPort", "8080");
              System.getProperties().setProperty("http.proxyUser", "username");
              System.getProperties().setProperty("http.proxyPassword","password");
             String endpoint =
                      "http://nagoya.apache.org:5049/axis/services/echo";
             Service  service = new Service();
             Call     call    = (Call) service.createCall();
             call.setTargetEndpointAddress( new java.net.URL(endpoint) );
             call.setOperationName(new QName("http://soapinterop.org/", "echoString") );
             String ret = (String) call.invoke( new Object[] { "Hello!" } );
             System.out.println("Sent 'Hello!', got '" + ret + "'");
         } catch (Exception e) {
             System.err.println(e.toString());
     }I get an "(407)Proxy authorization required" error?

  I am also looking for a solution. Does any one know how to do through code instead of jvm settings?
  Thanks in advance!

• Error authenticating proxy while running agent job

  I am trying to schedule a SSIS2014 package via SQL Server Agent job. Both SSIS and SSMS are running on my local machine in the same domain. I am running SSMS with the same user
  Domain\Admin which is the creator of the SSIS package. SSMS 32-Bit and SSIS 32-Bit are running on Windows 7 64-Bit machine. I can run the package within SSIS without problems.
  When I use a proxy account to run the job step, the following message occurs:
  Unable to start execution of step 1 (reason: Error authenticating proxy `Domain\Admin`, system error: Logon failure: unknown user name or bad password.). The step failed.
  The proxy account uses the credentials identity Domain\Admin. Since the password fields for credential properties in SSMS cannot be left blank, I typed any password although my corresponding windows account has no password. So as mentioned above
  it's the same user account that created the SSIS package since Domain\Admin is stated in the CreatorName property of the SSIS package.
  With this proxy, I tried to run SSIS jobs using the package ProtectionLevel's
  EncryptSensitiveWithUserKey and EncryptSensitiveWithPassword. Running the package manually within SSDT without problems, but from SSMS agent job the same error message appears. I tried the package sources "File System" and, after
  importing the package to MSDB, "SQL Server" and "SSIS Package Store". But exactly the same error message appears with each method.
  Task manager shows that SSMS is running in administrator mode. Using Windows Component Services I added DCOM permissions for
  Domain\Admin to start and activate "Microsoft SQL Server Integration Services 12.0" from local. But the same error message appears. So in my opinion it's a problem with SSMS user account permissions (???) but unfortunately I don't know
  what exactly to do here. I tried the following:
  In the system database MSDB (full path: Databases / System Databases / MSDB / Security / Logins) I assigned all available role memberships (Including db_ssisoperator, db_ssisltduser, db_ssisadmin) to
  Domain\Admin.
  In server security (full path: Security / Logins) I assigned all available server roles. In the tab User Mapping, I assigned the MSDB database.
  Still the same error message appears when I try to run the job. Does anybody have some ideas what I can try?

  If you use the Agent then set the package protection to "Rely on server".
  Then Domain/Admin is probably not an actual proxy but the account the Agent is running under, in this or even any case follow http://www.mssqltips.com/sqlservertip/2163/running-a-ssis-package-from-sql-server-agent-using-a-proxy-account/ to create the
  proper proxy for the packages.
  Arthur My Blog

• Cut-Through Proxy / Authentication Proxy on Cisco ASA using ISE as AAA Server for allocating SGTs

  Hi,
  We are trying to setup ASA to do cut-through authentication proxy, and use ISE as RADIUS. We can successfully authenticate the user from Radius on the ASA, while he opens a web-page, but then it displays the error: authorization denied.
  What we want:
  ISE to allocate a security group tag to the user session when he logs in, that tag would carried within out cisco network infrastrucutre to define the access
  policy for that user.
  Can someone please help me with a sort of step by step thing for ISE configuration to allocate SGTs/SGACL for the user session after authentication is completed.
  Thanks
  Lovleen

  Please refer to below step by step config guide for security group access policies
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_sga_pol.html

• Profiling Problem & Web Authentication Proxy

  Dear All,
  I am facing problem with profiling of workstation over wireless network as ISE is marking these workstations as 'Unknown'. Whereas if I connect same workstation using wired connection then it gets profiled in the right category.
  Profiling for wireless network was working fine initially but as soon as I pointed AAA towards ISE in the employee SSID then ISE started marking any new workstation as 'Unknown'. Before enabling AAA in the WLAN (SSID) the profiling was working fine using 'Radius NAC' setting in advanced tab of the same SSID. Becasue of the unknown category, workstation gets authorization rejection as per the authorization policy.
  I have another query reagrding enabling 'web authentication proxy' on Cisco WLC. I have guest wireless setup using dedicated anchor controller and ISE is providing the guest sponsor and guest portal services. So when a guest user comes in and if the user already has some proxy configured in the browser then url redirection for guest portal doesn't work and guest user must remove the proxy.
  So this requires someone to enagage with guest user but the client want this process to be automatic. I have gone through following document,
  http://www.cisco.com/en/US/products/ps10315/products_configuration_example09186a0080b8a909.shtml
  but I am not sure if this solution will also work if the guest portal service is through ISE instead of WLC itself ??
  Thanks & Regards,
  Mujeeb

  Not a problem the reason your profiling is failing for wireless users is that the profiling information for dhcp isnt hitting the ise nodes. For the wired devices are you using the dhcp probe to profile the users? If so, then your issue is with the dhcp proxy setting on the controller. Even through you have the ip helper statement on the svi, essentially your controller is proxying the dhcp broadcasts from the client straight to the dhcp server, so even you enable the ip helper statements on the svi for the ISE nodes it will not work.
  You are correct for the guests, typically if a guest has enabled proxy settings before they should know that they should probably disable this setting when the connect to a new network.
  Also I can not remember but arent the proxy settings configured under the network settings tab? Meaning the only time you would experience this issue is if the ssid you are broadcasting is the same as the ssid they have connected to previously?
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• Authentication proxy with Apps !!!!

  How can the iPhone doesn't support authentication proxy access for 3rd party apps ??? does anyone know how to get over that ?

  @luvlabs - As much as one wouldn't think that the iPhone is the problem (or in my case, the iPad), I actually think it is.
  It appears that iOS does not have support for system-wide proxy settings. That is why I experience certain applications that ask for proxy settings, which have been coded into the application, and some applications just fail completely to access the internet under proxy authenticated networks, because developers have not included a system to ask for proxy settings for the respective application.
  I have a thread over in the iPad forums, which I hope will grab some answers. Feel free to keep an eye on it should someone provide an official answer to this issue:
  http://discussions.apple.com/thread.jspa?threadID=2807623&tstart=0
  MrP.

• Ipad Mini doesn't load authentication proxy login

  Hi Guys,
  Im new using ipad mini. I am working in a private firm and the internet use system here is to login in the authentication proxy login page.
  I already have my proxy login account and I can login successfuly from my laptop. But when I try to use my Ipad Mini to access the net, Safari loads, and I can see the login page is loading but is like skipping the page and finally says "Safari cannot open the page becasue the network connection was lost".
  Thank you in advance.

  Do you happen to have Private Browsing Mode enabled in Safari on the iPad mini?  If so, you might try turning that off, then try to log in to the proxy again.
  Other things to try:
  What is Settings > Safari > Block Cookies set to?  It defaults to "From third-parties and advertisers", but try setting it to "Never" to see if that makes a difference when logging in.  (Do not leave it set at "Always" or that will make most web sites stop working that require cookies to function.)
  Does the authentication proxy use a pop-up window on your laptop's web browser?  If so, and if Settings > Safari > Block Pop-ups is ON, then you may need to turn that setting OFF to allow Safari to log in to the proxy.
  If you enable Private Browsing Mode on Safari on your laptop (I'm assuming you have a Mac), can you still log in successfully to the proxy?
  Does Google Chrome on the iPad mini let you log in to the proxy successfully?  (Chrome uses a different network stack on iOS.)

• How to set expiry time for cached Subjects of authenticated proxy service.

  How to set expiry time for cached Subjects of authenticated proxy service in message level authentication.
  Because of this, password change does not effect immediatly in proxy invocation.
  I'm using Weblogic 10.3 and OSB3.0

  Hi,
  You can activate Time-Dependent Publishing Service on your XML form and once the Lifetime of Documents is over then the document is not visible to users.
  http://help.sap.com/saphelp_nw2004s/helpdata/en/c1/c87d3cf8ff3934e10000000a11405a/frameset.htm
  It is only invisible but not deleted!
  So to delete all expired XML Forms you should run Scheduler Tasks for Time-Dependent Publishing:
  <b>TimeBasePublishingUnpublish</b>
  http://help.sap.com/saphelp_nw2004s/helpdata/en/3a/bc37b5789dee4eaa8005bff84f14cf/frameset.htm
  You can also create your own Scheduler Task which deletes/archieves all expired XML Forms.
  Greetings,
  Praveen Gudapati
  [Points are welcome for helpful answers]

• IOS 4.3 - Authenticated Proxy + Wireless issues

  Okay, I can see a lot of similar titled posts, but none quite have the same issues as we are facing here, so I decided to create a post of my own.
  What we have is an 802.1X (AD/RADIUS) wireless network configured (on the iDevices) as a "WPA2 Enterprise" network and using a self-signed certificate. Once configured we also specify an authenticated proxy for the connection. Now, we've supported iDevices here for quite some time without too many issues (aside from the other occassional issue with updated phones, etc). We have everything on our network from "iPhone OS 3.1.2" through iPads with "iOS 4.3" and have been very successful in supporting these devices in the past... until v4.3.
  With the new update, we have devices that worked perfectly before (and have been correctly configured) now asking for a username and password when browsing in Safari. We have devices that, on entering the correct information, give us messages such as "Incorrect username or password" or "Unable to join the network <name>". The same devices worked perfectly with iOS 4.2.1 installed. We've tried;
  a) Forgetting the networks and setting them up again.
  b) Changing the user's password and setting things up again.
  c) Resetting network connections and trying again.
  d) Resetting the entire phone and trying again.
  But to no avail. If you can get wireless configured without either of the above errors messages, it will simply fail to work with the proxy server and cause issues in Safari, etc.
  This is emmensly frustrating. We've had to put out a notice to all users to NOT update to v4.3 until this is resolved... which is not cool.
  Interestingly, we also had a 3G rock up to the helpdesk today. It had iOS 4.2.1 installed (the latest availaqble for that odel, apparently) and it was exhibiting the same sort of behaviour (and is the only non-4.3 device to do so).
  Any thoughts. Do we just need to wait until iOS 4.3.1 to get this fixed (like last time)?

  So, I updated a couple of iPads and a few more iPhones yesterday and today. Around 50% success rate - which is weird. Tried the hard-off, reset network, forget network type stuff again, and no joy. Here's an intersting thing though;
  a) We can now tap on the SSID and it figures out that it's an enterprise network. Saves chosing the options after tapping the "Other" setting. This also appears to improve the success of accepting the certificate as well. Neat. This didn't used to work.
  b) Although the setup looks good, and Exchange just works... we were STILL getting an authentication box in Safari and things were not working correctly. As a test we entered credentials (using email address format - which also appears more successful) and it didn't appear to fix anything, or so we thought. on entering the auth details in Safari, the page that requested it stayed 75% loaded and didn't looks to be working. On closing that window and trying others like "Apple", etc, it appears to work.
  I have done this on all the devices that failed and so far so good. So, forget your current network, set up the new enterprise wireless by tapping on the SSID (don't configure using "Other"), enter credentials as email addresses, and authenticate in Safari when you are asked the first time. Reload the page and test.
  While this shouldn't make any difference (and is similar to what we tested in v4.3.0), it appears to work for us at the moment.

• WLAN Authenticated Proxy, Nokia 5630

  Hello,
  I am using Nokia 5630 which has wireless feature.
  I have defined a wireless access point. In advanced settings of this wap, we can define a proxyort which let us use internet on on an access point which is behind a proxy server.
  BUT , we can not define a proxy username and password at all. In many places especially in university, accessing to internet needs a proxy username and password.In other words, there is an authenticated proxy instead of open proxy server.
  Please add this feature to advanced settings so that we would be able to define a proxy username and password in it.
  Best Regards

  I would suggest to backup all your important data like contacts, messages etc and goto Nokia Care for software reinstall or update.
  Hope this helps you.
  -------------------If this post helped you, click on accept as solution.------------------
  -----------------------------Appreciate by clicking on white star.----------------------------

• Safari crashes when logging into websites behind authenticated proxy

  Hi,
  After the most recent automatic updates, Safari has now taken to crashing whenever I try to login to sites like gmail or hotmail. This only occurs at my home where I access the internet through an authenticated proxy (Unix-based using Squid) but at college I have no problems logging in. Since the crash reporter also can't get past the authenticated proxy I can't submit the report that way. So,
  (a) does anyone else have this problem? (There is at least one other person using a new macbook on the same network as me, and he's having this problem)
  (b) if no one has a solution, can I submit the crash report some other way so that Apple can fix this?
  Thanks,
  Russell
  PS. I tried Authoxy the other morning but couldn't get it to work. It wasn't authenticating and so couldn't access the internet. But I have a simple pac file that works fine for Safari. Of course, iTunes and similar programs are a dead loss. So a more general improvement in my proxy situation would also be appreciated.

  Hi Russ
  Welcome to Apple Discussions
  Have a look here.

• Proxy Autoconfiguration File, Authenticated Proxy and iTunes iPad/iPod updates

  Hi All,
  Please can someone advise if there is anything that can be done to get iPad/ Ipod updates working using iTunes and an authenticating proxy server?
  Scenario is as follows:
  1. Proxy settings in IE is configured using a proxy autoconfiguration file (PAC file).
  2. The URLS *.apple.com is allowed to bypass authentication on the Proxy server.
  3. Itunes is used to update the devices from a PC running windows as OS.
  When Itunes is opened, the connection to the Itunes store works 100%. The iOS downloads using iTunes is also successfull.
  Issue:
  As soon as the downloaded iOS is being extracted and communicated to the devices, iTunes fails with an error code of 3004..
  It seems like the PC is trying to make direct connections out instead of using the proxy settings in the PAC file.
  Any advice / ideas to get this working?
  Regards

  HI,
  From the Safari Menu Bar, click Safari / Empty Cache. When you are done with that...
  From the Safari Menu Bar, click Safari / Reset Safari. Select the top 5 buttons and click Reset.
  If you have Safari 3rd party plugins, they may not be compatible with 10.6. Go here for trouble shooting.
  If you use GlimmerBlocker by chance, that could be the culprit. Check out this thread.
  http://discussions.apple.com/thread.jspa?messageID=10589731
  http://support.apple.com/kb/TS1594
  Same with any Input Managers. Move any files in the /Library/InputManagers folder to the Trash
  If you are running Safari in 64 bit mode, try running in 32-bit mode instead. Right or control click the Safari icon in the Applications folder, then click: Get Info In the Get Info window click the black disclosure triangle next to General so it faces down. Select 32 bit mode. Also, (in that same window) make sure Safari is NOT running in Rosetta.
  Go to ~/Library/Cookies and move the Cookies.plist file to the Trash.
  Try Open DNS - Free / Basic
  If Safari still can't open web pages, go to the Menu Bar, click Safari/Preferences. Make note of all the preferences under each tab. Quit Safari. Now go to ~/Library/Preferences and move this file com.apple.safari.plist to the Desktop. Relaunch Safari. If Safari loads web pages then that .plist file needs to be moved to the Trash.
  Carolyn

• Telnet Authentication Proxy

  Hi,
  For telnet ip authentication proxy, is it true that the router only sends username and password to Radius servers? Not the ip source address of the initiated host. So how does source ip of initiated host get added to the downloaded acl from the Radius server? The router adds it?
  Thanks.

  The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.
  Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.
  Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected.
  http://www.cisco.com/en/US/products/products_security_advisory09186a00805117cb.shtml

• Custmizing Authentication Proxy

  We want to use auth-proxy on a Cisco 836 with IOS 12T3 in order to provide WLAN access as if in an airport lounge or a hotel. The login page sent to the browser is to be customized with regard to look and feel. I've been able to do that with "ip auth-proxy banner file flash://login.html" and "ip adminission auth-proxy banner file flash://login.html", but the actual FORM is created on the fly by the router with a hidden time form element. Can you give us details on how the HTML form can be customized with the regard to the individual fields on the form?

  I have read that guide before, but it says it that auth proxy works with vpn and that
  If a VPN client initiates an HTTP connection, the authentication proxy first checks for prior client authentication. If the client is authenticated, authorized traffic is permitted. If the client is not authenticated, the HTTP request triggers the authentication proxy, and the user is prompted for a username and password.
  If the user authentication is successful, the authentication proxy retrieves the user profile from the AAA server. The source address in the user profile entries is replaced with the IP address of the authenticated VPN client from the decrypted packet.
  The only way I could make an impact with auth proxy on the vpn behaviour was when I configured a split-tunnel rule for the vpnclient which points only sends traffic to a non-existent internal network via the vpntunnel. Only then would auth-proxy insert additional rules that allow access to more destinations.
  As VPN without split-tunnel already allows access to all destinations I don't see how
  auth-proxy can make a difference
  Doro

• Hello... what is authenticating proxy credentials to install a software that I bought to install???

  hello... what is authenticating proxy credentials to install a software that I bought to install???

  Hi jo lia-lu,
  Are you connected to a managed network conected to internet proxy?
  Either the proxy server doesn’t require authentication, or the proxy relies upon the NTLM/Kerberos authentication schemes which permit users’ Windows logon credentials to be automatically used to respond to challenges from the proxy server.
  Please contact your IT personnel for help in getting the access credentials for the authenticating proxy.
  Regards,
  Rave