BASIC authentication and web client problems

Similar Messages

• Setting OF LD_LIBRARY_PATH AND WEB CACHE PROBLEM [SHOWING PREVIOUS PAGE ]

  Dear Members,
  I would request for help regarding setting of LD_LIBRARY_PATH in Oracle 11G Application server and web cache problem when any single text file edit and save the result should not be changed . it shows previous page result.
  *1. Where to set LD_LIBRARY_PATH in Oracle11g Application Server (10.3.0) ? [  like in 9ias we set in opmn.xml . ] Where is opmn.xml file in oracle11g or which files contained LD_LIBRARY_PATH?*
  *2. When we created program generated report it shows correct result after some changes in file and generate again it shows first means previous page result as it is not take changes in that file. Even we tried out side made one .text file and open edit and save. It's given same result. So What is the problem regarding it?*
  It is the matter of  Browser Cache or WEB Cache. Where is the settings of it?
  *3. How to connect database (oracle11g Release 2) through OCI driver?*
  Regards
  Vipul Patel

  If you're compiling it yourself, you should set the library path then. If not, you can try something like this:
  env DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:/path/to/add-on-libraries orca ...
  but I'm not sure it will work.

• Problem with Basic Authentication in Web Server 7.0u8

  I am using a web application which has inbuilt form based authentication. After entering correct username and password, i get logged in, but then immediatly i see a basic authentication dialog popup. I am seeing this behavior in Sun Web server 7.0u8 as well as Sun Web server 7.0u3.
  Any idea what could be the reason behind this? Other app servers like Weblogic , JBoss, Websphere do not show this behavior.

  This is the content of the default.acl file. This is the only .acl file that is there in https-<instance_name> directory.
  # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
  # Use is subject to license terms.
  version 3.0;
  acl "default";
  authenticate (user, group) {
  prompt = "Sun Java System Web Server";
  allow (read, execute, info) user = "anyone";
  allow (list, write, delete) user = "all";
  acl "es-internal";
  allow (read, execute, info) user = "anyone";
  deny (list, write, delete) user = "anyone";

• Basic authen and web.xml help

  I'm having a few problems getting BASIC authentication working with 2 user groups. I want to restrict /admin/ to administrators and /profile/ to users and administrators:
    <security-constraint>
            <web-resource-collection>
                 <web-resource-name>My App</web-resource-name>
                 <url-pattern>/admin/*</url-pattern>
            </web-resource-collection>
            <auth-constraint>
                 <description>
                                              List of Administrators
                 </description>
                 <role-name>admin</role-name>
            </auth-constraint>
       </security-constraint>
    <security-constraint>
  <web-resource-collection>
                 <web-resource-name>My App</web-resource-name>
                 <url-pattern>/profile/*</url-pattern>
            </web-resource-collection>
            <auth-constraint>
                 <description>
                      List of members
                 </description>
                 <role-name>member</role-name>
            </auth-constraint>
    </security-constraint>
    <login-config>
            <auth-method>BASIC</auth-method>
            <realm-name>Restricted Area</realm-name>
       </login-config>
    <security-role>
            <description>list of members</description>
            <role-name>member</role-name>
    </security-role>
    <security-role>
            <description>list of administrators</description>
            <role-name>admin</role-name>
       </security-role>
       The problem is: I login with an admin account (inside the /admin/ dir) but i cant login into /profile/ with neither a user or administrator account. Any ideas?

  i'm guessing it can't be done?

• Basic Authentication SSO, Web proxy, Rewriter issue

  I have iPS 3.0 SP4.
  I have configured the Gateway to do single signon for HTTP Basic Authentication. My external application also requires a web proxy to connect, so I added the proxy to the "DNS Domain and Subdomains" list. My "Rewrite all URLs Enabled" is not checked.
  I added a link to the external application in the Bookmark channel. When I click on the link, a new browser window is launched, SSO happened (verified from iwtGateway log), but the contents kept going back to the Portal Desktop instead of the external aplication.
  I found out that the external application is using the URL location information of the browser to extract the protocol, host and port info to construct the target page using JavaScript. By the Gateway rewriting the URL, the JavaScript is incorrectly using the Gateway host and port, instead of the application host and port.
  How do I setup the Gateway to do Basic Auth SSO, use a web proxy to fetch the content, but do NOT do URL rewriting? Our users have access to the application directly, so we do not need to run the app behind the Gateway. But I need to use the Gateway to to the SSO. Also, since the "DNS Domain and Subdomains" list is used for both proxy definition and rewriting, how do I make them mutually exclusive - i.e. want to use web proxy but do not want rewriting?
  Can you also suggest other ways of doing Basic Authentication SSO without using the Gateway? I have seen some discussions on using the Authenticator class and a separate Servlet. Please post me an example.
  Thanks.

  Yes, I have already tried the option you suggested. I had previously created a JSP channel that has a link invoking my servlet. This servlet, reads the user profile from an external LDAP and sends the Authorization header on a URLConnection object, just like you described it.
  However, I cannot just simply render the returned content on the InputStream of the URLConnection. The browser/client is actually connected to the servlet - so presenting the images and links directly will be relative to the servlet machine, not the external app. So the images and links do not work.
  If I do a request.sendRedirect(...), the external application will ask for the auth header again. The browser has not captured the auth header that was sent earlier by the servlet.
  How do you tell the browser to keep the auth header for all subsequent request? Is the Gateway SSO approach telling the browser to keep sending the auth header, or is the Gateway programmatically adding the auth header for each request?

• Basic Authentication for Web Services

  I have build Web Service according to the weblogic 6.1 examples
  successfully deploying the .ear file etc.
  Now I want to add security to the WebService uri.
  I have added a <web-resource-collection> tag to the web.xml file, but
  what should I put for the <url-pattern> ?
  Am I obliged to 'manually' add <servlet> tags to the web.xml file in
  order to add a security constraint to a WebService deployed thru a
  .ear ?
  Taking WebLogic's own statelessSession.Weather example, what is the
  minimum I need to add to the web.xml file to have basic authentication
  on the weatheruri ?
  Thanks,
  Adam

  Ok, now I'm confused.  Is this a Flex app (runs in the browser) or an AIR app?  This makes a difference because in the browser, Flash Player/Flex uses the browser's http mechanism for transport, while AIR implements it directly.  The original posted indicated some difference between Firefox and IE, which led me to believe it was a Flex browser app.  Difference between these two would make me think something was wrong with the server response, and the two browsers were passing it (the problem) back to Flash Player differently.
  Mark

• Basic Authentication with Web Service

  Hello,
  I am running S1AS7 on window XP. I have deployed the sample/jaxrpc/simple with basic authentication enabled. I have also changed to Client.java to set the USERNAME and PASSWORD (ie: stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "j2ee");
  Once I have deployed the war file and run the client, I got access denied exception.
  I have checked the s1as7 log and here is the details:
  FINE: Logging in user [j2ee] into realm: file using JAAS module: fileRealm
  FINEST: Login module initialized: class com.iplanet.ias.security.auth.login.File
  LoginModule
  FINEST: File login succeeded for: j2ee
  FINEST: JAAS login complete.
  FINEST: JAAS authentication committed.
  FINE: Password login succeeded for : j2ee
  FINE: Set security context as user: j2ee
  FINE: Authenticator[jaxrpc-simple]: Authenticated 'j2ee' with type 'BASIC'
  FINE: SingleSignOn[server1]: Registering sso id '193F1461E0D9B982E6B4055C0134076
  9' for user 'j2ee' with auth type 'BASIC'
  FINE: Authenticator[jaxrpc-simple]: Calling accessControl()
  FINEST: PRINCIPAL : j2ee hasRole?: staffmember
  FINEST: PRINCIPAL TABLE: {}
  FINE: Authenticator[jaxrpc-simple]: Failed accessControl() test
  Please notice that the authentication worked, but the PRINCIPAL TABLE is null!!!! If I run the basic authentication sample, i can see from the log the PRINCIPAL TABLE is (...staff=[staffmember], j2ee=[staffmember],.....)
  so somehow the app server treats the two sample differently with the same user id (j2ee/password)
  any comments?
  thanks..

  Hello,
  I am running S1AS7 on window XP. I have deployed the
  sample/jaxrpc/simple with basic authentication
  enabled. I have also changed to Client.java to set
  the USERNAME and PASSWORD (ie:
  stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY
  "j2ee");
  Once I have deployed the war file and run the client,
  I got access denied exception.
  I have checked the s1as7 log and here is the
  details:
  FINE: Logging in user [j2ee] into realm: file using
  JAAS module: fileRealm
  FINEST: Login module initialized: class
  com.iplanet.ias.security.auth.login.File
  LoginModule
  FINEST: File login succeeded for: j2ee
  FINEST: JAAS login complete.
  FINEST: JAAS authentication committed.
  FINE: Password login succeeded for : j2ee
  FINE: Set security context as user: j2ee
  FINE: Authenticator[jaxrpc-simple]: Authenticated
  'j2ee' with type 'BASIC'
  FINE: SingleSignOn[server1]: Registering sso id
  '193F1461E0D9B982E6B4055C0134076
  9' for user 'j2ee' with auth type 'BASIC'
  FINE: Authenticator[jaxrpc-simple]: Calling
  accessControl()
  FINEST: PRINCIPAL : j2ee hasRole?: staffmember
  FINEST: PRINCIPAL TABLE: {}
  FINE: Authenticator[jaxrpc-simple]: Failed
  accessControl() test
  Please notice that the authentication worked, but the
  PRINCIPAL TABLE is null!!!! If I run the basic
  authentication sample, i can see from the log the
  PRINCIPAL TABLE is (...staff=[staffmember],
  j2ee=[staffmember],.....)
  so somehow the app server treats the two sample
  differently with the same user id (j2ee/password)
  any comments?
  thanks..
  One more thing, here is my web.xml file:
  <web-app>
  <display-name>Hello World Application</display-name>
  <description>A web application containing a simple JAX-RPC endpoint</description>
  <session-config>
  <session-timeout>60</session-timeout>
  </session-config>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>basic secuity test</web-resource-name>
  <url-pattern>/*</url-pattern>
  <http-method>POST</http-method>
       <http-method>GET</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>staffmember</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>basic-file</realm-name>
  </login-config>
  </web-app>

• Analyzer HTML Web client problem

  <p>Has anyone ever encountered this error before with the AnalyzerHTML web client:</p><p> </p><p>org.apache.xerces.util.NamespaceSupport.reset(Lorg/apache/xerces/util/SymbolTable<img src="i/expressions/face-icon-small-wink.gif" border="0">V</p><p> </p><p>Basically this line shows up in the browser screen whenever Itry to open a report. I suspect that I'm missing something in myPATH or CLASSPATH variables, but I can't seem to figure out what itis. I'm going to call Hyperion this afternoon, but I figured that Iwould try the forum first to see what you folks have to say.</p><p> </p><p>For the record, I'm using the following:</p><p>Hyperion Analyzer 7.2.5.1</p><p>Oracle 9i</p><p>Tomcat 4.1</p>

  As you can see below,
  ant reported �dukesbank-war\src\conf\persistence.xml�
  missing
  Could someone please explain why (and whether that is
  the reason for my problems).
  This seems significant (though I am an absolute
  beginner in J2EE and may be wrong). Would it be
  possible that the file
  �dukesbank-war\src\conf\persistence.xml� mistakenly
  was not included in the zipped source code file?You can ignore that warning message. It's part of the BluePrints build system, which checks to see if you have persistence.xml in your WAR so it can package it. The persistence unit is in in the EJB JAR for Duke's Bank:
  javaeetutorial5/examples/dukesbank/dukesbank-ejb/src/conf/persistence.xml
  First of all the manual says the url is
  http://localhost:1189/dukesbank/main.faces
  but the url that works is
  http://localhost:1189/dukesbank-war/main.faces
  Is that just a small inaccuracy in the manual, or
  there is more to it? Actually, in "Running the Web Client" the page is:
  http://localhost:8080/bank/main.faces
  So in your case it should be:
  http://localhost:1189/bank/main.faces
  Try that URL instead, and see if you get the same error.
  -ian

• Basic Authentication and Signout

  Hi All
   I am trying to isolate a problem where signout doesn;t display signout page in browser and again logs in user to site in browser.
  I have Basic authentication enabled and  default domain is set.
  when I use WIndows auth NTLMS signout page works fine.

  Did you close the browser in between log out/log in to destroy the cookie?
  Trevor Seward, MCC
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• J2ME and web client Communication

  Hi,
  I get the following error when I run a MIDlet which connects to a Web Client
  ( which has developed by Eclipse Struts and deployed on Jboss )
  java.io.IOException: cannot find status code in response:
  at com.sun.midp.io.j2me.http.Protocol.readResponseMessage(+113)
  at com.sun.midp.io.j2me.http.Protocol.finishRequestGetResponseHeader(+39)
  at com.sun.midp.io.j2me.http.Protocol.sendRequest(+50)
  at com.sun.midp.io.j2me.http.Protocol.sendRequest(+6)
  at com.sun.midp.io.j2me.http.Protocol.getResponseMessage(+8)
  at Mobileapp.sendLoginGet(+90)
  at Mobileapp.run(+33)
  I am able to send the HTTP GET request but somehow I do not get the response.
  Could anyone help me.
  Jayaraj

  Hi Jayraj,
  Ive been working with the J2ME HTTP connection and might be able to help.
  Will be able to help you if you can send me the code snippet which is causing the error.
  Also, do you get this error when using the emulator or a phone?

• Setting Basic Authentication for Web Service in WLS 6.1

  Hi,
  I am trying to set-up a Basic Username/Password authentication for a Web Service
  that is hosted in WLS 6.1.
  How do I go about doing that? Also once I get the username and password, how do
  I pass that info
  to the SOAP servlet to do the authentication? Can you give me some pointers on
  this?
  Thanks
  Madhu

  How do you want to do it? Through use of client.jar for the service or
  directly? Here is how I do it directly:
  String auth = "guest", pwd = "guest";
  URL url = new URL("http://localhost:7001");
  URL cmdURL = new URL(url.toString()+"/systemtest/TestWebService");
  HttpURLConnection conn = (HttpURLConnection) cmdURL.openConnection();
  String encAuth =
  new BASE64Encoder().encode((auth + ":" + pwd).getBytes());
  // BASE64Encode distributes long strings on multiple
  // lines; we don't like that, no siree
  int it = 0;
  while ((it = encAuth.indexOf('\n')) != -1
  || (it = encAuth.indexOf('\r')) != -1) {
  encAuth = encAuth.substring(0, it) +
  encAuth.substring(it + 1);
  conn.setRequestProperty("Authorization", "Basic " + encAuth);
  conn.setRequestProperty("Content-Type", "text/xml");
  conn.setRequestProperty("SOAPAction", cmdURL.toString());
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  OutputStream oStr = conn.getOutputStream();
  String cmd =
  "<?xml version=\"1.0\" ?>\n"
  + "<soap:Envelope xmlns:soap=\"http://schemas.xmls"
       + "oap.org/soap/envelope/\"><soap:Body>"
  + "<ping><arg0>false</arg0></ping>"
  + "</soap:Body></soap:Envelope>";
  oStr.write(cmd.getBytes());
  oStr.close();
  InputStream iStr = conn.getInputStream();
  byte[] buffer = new byte[1024];
  while (true) {
  int size = iStr.read(buffer);
  if (size == -1)
  break;
  System.out.println(new String(buffer, 0, size));
  ThorAAge

• Cisco ASA 5505 and DHCP Client Problems

  Hi, i have a problem. I've connected my ASA appliance to an ADSL modem, and i dont get an DHCP address on the outside interface (e0/0). I use the asa-722-19.bin firmware.
  I turned on the debugging for the DHCP client and could see that the ASA device was sending out broadcasts but a reply never came. Instead I connected the device to my internal network where the ASA got an address instantly.
  I read somewhere that if I was to use ?ip address dhcp client-id fastethernet 0″, then I got an address from the ISP.
  I tried looking for a similar command on the ASA5505 but I couldn?t find anything. I did however find a page on the Cisco site confirming my suspicions. It said some ISP?s require the client-id field of the DHCPDISCOVER request to be filled.
  I've also read that this issue has beed fixed since a few weeks, now they have released version 7.2(2).22 where you can define ?dhcp-client client-id interface outside? in global configuration mode. Im running 7.2(2).19 and i cannot find any command like that in my appaiance. How do i fix my problem ? Or how do i get about recieving the 7.2(2).22 firmware update.
  Regards !
  Leif

  Hi again! I thought I should share the solution that worked for me. I use software version 7.2(2) on this device. ASDM 5.2(2). In ASDM open configuration / Interfaces. Click in outside (my case 0/0) and press Edit. Then open the tab Advanced and set the correct Active Mac address. Fore some reason its empty by default and the ISP/modem don't like that. You will find the correct MAC address under the help menu / "About ASA". Im sure there is some another way to do this but this is a simple "how-to" that works with Swedens biggest ISP and their standard DSL modem.
  When I used a Linksys DSL modem in bridge mode without the MAC address set I got an inside IP adress (192.168.x.x) from the modem to the ASA. After setting the MAC address I just had to do a renew and got the outside address right away. /Bjorn
  (future users searchwords: no ip from isp, ASA 5505 and cable modem).

• RMI Server and RMI Client Problem

  First, Hi!
  I have create my RMI Server and a RMI Servlet client.
  I can run the server and servlet first time and it works fine.
  Then, I stop rmiregistry and server.
  Then, I start rmiregistry and server for a second time but my RMI Servlet client gets a
  java.rmi.ConnectException: Connection refused to host: xxx.xxx.xxx.xxx; nested exception is: java.net.ConnectException: Connection refused
  If I copy the class again where the servlets resides, it works again. But I have to keep doing that. I have to keep copying the class file to the servlet directory every 2nd time I try to run it for it to work.
  Anyone know what am I doing wrong?

  First, Hi!
  I have create my RMI Server and a RMI Servlet client.
  I can run the server and servlet first time and it
  works fine.
  Then, I stop rmiregistry and server.
  Then, I start rmiregistry and server for a second time
  but my RMI Servlet client gets a
  java.rmi.ConnectException: Connection refused to host:
  xxx.xxx.xxx.xxx; nested exception is:
  java.net.ConnectException: Connection refused
  If I copy the class again where the servlets resides,which class file ? u mean RMIServer's class files ??
  I have faced the same problem too. In my case if i just restart my Tomcat webserver the error goes and the servlet is very well able to connect back to the RMI Server
  it works again. But I have to keep doing that. I have
  to keep copying the class file to the servlet
  directory every 2nd time I try to run it for it to
  work.
  Anyone know what am I doing wrong?

• BEA and Web Services problem

  Hi
  I'm new to java and trying to educate myself in this field and therefor I have this question.
  I'm trying to develope a web service to bea. I successfully managed to deploy bea's web service example called Trader(EJB version). Available at webservices.zip that I downloaded from this site(src\examples\webservices\complex\statelessSession).
  But now I'm facing a problem that I can't figure out how to read data from HttpRequest- is this possible at all with EJB? For example I would like to get username from header? Or usually X509 certificate is added to request and how can i deal with it?
  Currently I'm able to read only data specified in the procedure defined in the interface. For example:
  public String doIt(String val,String val2)
  Any help would be appreciated :)
  Thanks in advance :)
  Edited by justcraizy at 04/03/2007 7:34 AM

  You should be able to get the username from the context?
  private SessionContext sessionCtx = null;
  public void setSessionContext(SessionContext sctx) {
  this.sessionCtx = sctx;
  public void someMethod() {
  String username = sessionCtx.getCallerPrincipal().getName();
  -Jesus

• RFID and web services problem

  Hi,
  I must send event from oracle edge sensor server to a queue throught a web services.
  I have implementing a session stateless ejb and I have exposed it with a web services (in the code there is a method processEvent(long, long, string, string...).
  If the web services is rpc-literal the queue work fine but if the web services is document-literal it doesn't work....
  Can you help me?

  Hi,
  I have solved my problem...with wsconsole I have generated a rpc/encoded web services. It work fine with C#.Net, EJB and Oracle Sensor Edge Server...
  WOW !!!
  Bye Bye
  Mauro