C Form based on Invoice / MIRO
Dear All,
We have an issue to create C from, i.e we want to create C Form in SD based on Invoice and for MM based on MIRO.
Kindly guide me. Thanks In Advance.
S Kumar V
Hi,
You can capture C form in t. code J1ILIC01, and able to assign in J1IUN, for sales order and for the purchase order, try this and revert post if you got any doubts.
bvdv
Similar Messages
-
Rebate provision based on Invoice Varification
Hi
This is regarding rebate provision and settlement based on Invoice Varification (MIRO).
In agreement type we have selected time of update as Invoice Varification. but still system recording provision and settlement entries based on goods receipt (MIGO).
do we need to do some other configuration? please revert in detail.
Regards
DDhi
It is the standard behaiviour if you have maintained the rebates in scales.
In the Invoice it will show only the value for 1st scale only.
If you want to see how much has been accrued then goto VBO2 or VBO3 enter your agreement type.
Press Shift+F5 or from the menu select REBATE PAYMENTS and then SALES VOLUME.
Here you can see the accruals.
regards
Prashanth -
Has Access Manager yet added the ability to do "form memory" for easy SSO integration to applications performing form based authentication. This is a feature found in products such as Netegrity Siteminder and CA's stuff.
This is easier for legacy applications with closed code than trying to modify the login sequences for these applications.
ZHello Romano,
thank you for assisting so much.
Yes, the text itself is always new, but when i believe what it is saying, the content following is not new.
Or do i only mis-interpret the meaning of that text ? Does it perhaps analogously mean: "He User, the content you see was just fresh constructed and cached in the ApplicationCache and then sent to you" or .
I also found the "com.sap.portal.httpconnectivity.urlfetcherservice" and played with it, but with that i achieve cache settings for all applications used and not for only the one i would like it for.
I posted this also in category "Portal Content Development",
URL iview Cache -> How can i empty the ApplicationCache
and there are also interesting answers.
Kind regards
Andreas -
Form based login, iframes and session time out
Hi all,
I'm trying to create a site using form based login.
The site contains a page protected page, default.jsp that have a logout button/link (clicking it invalidates the session), and a navigation bar with links linking opening them in iframes inside the default.jsp page:
I have also a login.jsp page and and a error.jsp page
Everything works fine I can login, I can logout. My problem occurs when the session times out and the user tries to access protected contents in the internal frames. He then is promted for a new login. The problem is that the login,jsp page now turns up inside the jframe designatet for my contents.
I woud have liked the login page to turn up at the top level i.e. filling the entire browser window (i.e on the same level as the default.jsp page). Is this somehow possible?
Regards
Uno EngborgEasy answer: use JS to jump out iframe.
Best answer: don't use iframes, but use server side includes like jsp:include. Iframes have too much disadvangages, topping the extremely bad SEO and UX. -
Hi,
We are have a quite specific issue. The problem is most likely by design in ADFS 3.0 (running on Windows Server 2012 R2) and we are trying to find a "work-around".
Most users in the organization is using their own personal computer and everything is fine and working as expected, single sign-on (WIA) internally to Office 365 and forms based (FBA) externally (using Citrix NetScaler as reverse proxy and load
balancing with the correct rewrites to add client-ip, proxy header and URL-transformation).
The problem occurs for a few (50-100) users where they are sharing the same computer, automatically logged on to the computer using a generic AD-user (same for all of them). This AD-user they are logged on with does not have any access to Office365
and if they try to access SharePoint Online they receive an error that they can't login (from SharePoint Online, not ADFS).
We can't change this, they need to have this generic account logged on to these computers. The issue occurs when a user that has access to SharePoint Online tries to access it when logged on with a generic account.
They are not able to "switch" from the generic account in ADFS / SharePoint Online to their personal account.
The only way I've found that may work is removing IE as a WIA-capable agent and deploy a User-Agent version string specific to most users but not the generic account.
My question to you: Is there another way? Maybe when ADFS sees the generic user, it forces forms based authentication or something like that?
Best regards,
SimonI'd go with your original workaround using the user-agent and publishing a GPO for your normal users that elects to use a user-agent string associated with Integrated Windows Auth.. for the generic accounts, I'd look at using a loopback policy that overwrites
that user agent setting, so that forms logon is preferred for that subset of users. I don't think the Netscaler here is useful in this capacity as it's a front-end proxy and you need to evaluate the AuthZ rules on the AD FS server after the request has been
proxied. The error pages in Windows Server 2012 R2 are canned as the previous poster mentioned and difficult to customize (Javascript only)...
http://blog.auth360.net -
AR aging basing on Invoice date
Currently client gets AR aging based on Due Date. For audit purpose they need AR Aging based on Invoice Date. During SAP implementation they were instructed to use document date as invoice date and generate a dump from FBL5N and do the aging. However this does not work for balancing items as the document date changes to the date on which the partial clearing of that item was done. This is not acceptable to auditors.
Please help.
Any useful answer will be rewarded with points.Hi
Please try to use the field Baseline date for this purpose as this field will not be disturbed even when we do partial clearing of invoices.
Reward points if found useful.
Regards,
K Lakshmanan -
Help with exporting forms based data to Excel 2007
I have a user who is attempting to export forms based data to Microsoft Excel 2007 and when he attempts this he receives a message stating that Windows does not recognise this file type (tsv). I am not too familiar with Office 2007 so I am unable to direct this users as to how to correct this issue.
Is someone able to give me the navigation path to help me to assist this user? thanksDid you verify the file type from Windows Explorer?
1) Right click on My Computer > Explore
2) Go to Tools > Folder Options
3) Click on File Types tab
4) Check if TSV file is defined there or not. If it is not there, click on New and add the File Extension -
Calling a report from a form based on procedure
I created a form based on a procedure.
It is a entry form where the user is selecting or enters data then on submit I must display the report based on selected data.
I know I can simply create a report with all bind variable and do the job.
My question is what is the syntax to call the report from the procedure for the selected parameters values.
Thanks
LawrenceIf you want to display other HTML page after successful submission, you need to use
either go or call method.
I created a form on SCOTT.EMP and a report on SCOTT.EMP and the report accept a parameter for
the deptno. Here is my on successfull submission code:
declare
l_dept number;
l_url varchar2(2000);
begin
l_dept := p_session.get_value_as_number('DEFAULT', 'A_DEPTNO', 1);
l_url := 'scott.rpt_mask_1.show?p_arg_names=emp.deptno&p_arg_values='| |l_dept;
go(l_url);
end;
null -
Web App Security Fallback (client-cert then form-based)
Can you setup a web application to fall back to form-based login if the
client-cert (i.e. identity assertion token) is not available. I think this
would be very valuable because once you've configured the web app to use the
"client-cert" authentication, you can't access the web app directly (i.e.
browser->weblogic server). You will always need to go through the perimeter
authenticator so the token gets sent.Solution found:
The trick is to return "401" in response if ticket is not valid (do nothing else). This will end the negotiate between client and server
In your web.xml, forward your 401 code to login page:
<error-page>
<error-code>401</error-code>
<location>/form_login_page.html</location>
</error-page>
There might be a more straightforward way to do this (have all the page management within servlet), but I did not have time to investigate it further. This one at least works -
Issue with form based Authentication in three tier sharepoint 2013 environment.
Hi,
We are facing issue with form based Authentication in three tier environment.
We are able to add users to the database and in SharePoint.
But we are not able to login with created users.
In single tier everything working fine
Please help , Its urgent ... Thanks in advance.
Regards,
Hari
Regards, Hariif the environments match, then it sounds like a kerberos double-hop issue
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs -
ADF forms based on BPM human tasks - Invoking webservices/view objects.
Hi All,
Is anyone aware of whether the following is a valid implementation that has been carried out before.
1. ADF forms based on BPM 11G human tasks.
2.The ADF forms invoke webservices via Webservice data controls. It is pertinent to note that the webservice bring back complex data types. We've tried writing a few forms, resulting in data benig brought back, but not being able to print them to the screen.
3. The ADF forms also use View Object based on sql to bring back tables of data. If view objects are embedded within the forms, the applciation gives rise to a null pointer exception.
Considering the form will be invoked via a BPM worklist entry, is there a setting or configuration we should consider before hand. Is this feasible, is there knowledge of this being done commercially.
Any examples or information regarding the same will be immensely helpful.
Thanks and Regards,
Preethi.
NB : I have posted this in the BPM forum as well as I feel it is relevant to both BPM and ADF.Hi Joonas.
Plese let me explain me better for your understanding
A big summary for what I meant it's the following:
1- In the procces you made, when you add the HT activity, you have to implement it, this means declare the input(s) parameters you want. This implementation create the .task file.
2- Create an application, and projects as HT you have. Each poject are based on the .task file, and automatically create a Data Control (for each project based on a .task) with all you need.
This w'll be an empty application, so you can customize it all you want. The task selected should have all the parameters previously defined. Those parameters can change if you want.
2- Create a page(s) in the task flow for the task implementation. You can even split the the payload of the task in differents pages, create your custom pages and any logic you need.
3- An important aspect is how to match these application with the HT implemented in the process. It's possible, it's a configuration en the Enterprise Manager.
4- Deploy your application
All these are explain in the book I mentioned
Th book you can find it here:
https://blogs.oracle.com/soacommunity/entry/oracle_soa_suite_11g_handbook_1
Regards Dariel.
PS: Please, let me know if you need more details. -
Populating the Lookup values in AD Child Form based logged in user
HI,
Below is the Lookup code(AD Groups) format.
Codekey , Decodekey
IT-Development , IT-Development
IT-Testing , IT-Testing
IT-Production , IT-Production
HR-system , HR-system
HR-Finance , HR-Finance
My requirement is I need to filter the data being presented in the lookup according to the logged in user in ad child form,
If i am logged in as xelsysadm the lookup presents all groups.
If i am logged in as IT administroter the lookup presents only the IT Related groups(EX:IT-Development,IT-Testing....).
If i am logged in as HR administroter the lookup presents only the HR Related groups(EX:HR-System,HR-Finance...).
like this we have contains so many administrators.
We are desiding the administrators based on user form field.
The Field contains the value like HR-Related,IT-Information Technology.....
How can i achive this?
Thanks in advance.
Edited by: 790561 on 4/12/2011 17:48
Edited by: 790561 on 5/12/2011 12:02Hi Rajiv,
Thank you for quick reply,
When i am login as IT administrator and i provisioned user to AD it showing the IT Related groups in ad child form based on your Suggestion.
If i logout and login as a HR administrator and i edit the child process form of the same user still its showing IT Related Groups only.If I revoke and provision user to ad again with HR administrator this time its showing HR Related groups in AD Child form.
I think based on the requester its showing the values.
But i want to filter groups based on logged in user.
EX:If i login as IT administrator and provision the user to AD in Child form its showing the IT Related groups only its correct.
If I logout and login as HR administrator and i edit the same user AD Child form its showing the IT related groups only its not correct.this time it shows only HR Related.
Any solution....
Thanks in advance. -
How to create a Form based on a dynamic table?
Hello,
The Select statement below creates a table based on a string (string is a value of an item):
select * from table (pkg_util.fn_get_table (:P18_VALUE))I need to create a region on a page with a Form based on this table.
I was able to create a Report, but not a Form.
I need to create a Form, which would return updated string to the page item.
How can I solve this please?Hello Gentlemen,
I have created a Tabular Form, based on APEX_ITEM API, as you suggested, here is the code below:
SELECT apex_item.checkbox (30,
CATALOG_ID,
'onclick="highlight_row(this,' || ROWNUM || ')"',
NULL,
'f30_' || LPAD (ROWNUM, 4, '0')
) delete_checkbox,
CATALOG_ID,
apex_item.hidden (31, CATALOG_ID)
|| apex_item.text (32,
LANG,
80,
100,
'style="width:100px"',
'f32_' || LPAD (ROWNUM, 4, '0')
|| apex_item.hidden (33, wwv_flow_item.md5 (LANG, DESCRIPTION)) LANG,
apex_item.text (34,
DESCRIPTION,
80,
100,
'style="width:255px"',
'f34_' || LPAD (ROWNUM, 4, '0')
) DESCRIPTION
FROM V_SYSTEM_CATALOGS_PR
UNION ALL
SELECT apex_item.checkbox
(30,
TO_NUMBER(9900 + LEVEL),
'onclick="highlight_row(this,' || ROWNUM || ')"',
NULL,
'f30_' || TO_NUMBER (9900 + LEVEL)
) delete_checkbox,
NULL,
apex_item.hidden (31, NULL)
|| apex_item.text (32,
NULL,
80,
100,
'style="width:100px"',
'f32_' || TO_NUMBER (9900 + LEVEL)
|| apex_item.hidden (33, NULL) LANG,
apex_item.text
(34,
NULL,
80,
100,
'style="width:255px" ' ,
'f34_'
|| TO_NUMBER (9900 + LEVEL)
) DESCRIPTION
FROM DUAL
WHERE :P180_TEMP = 'ADD_ROWS1'
CONNECT BY LEVEL <= 1however, the update process doe not work on that form:
DECLARE
lc_string VARCHAR2(4000);
BEGIN
FOR i IN 1..APEX_APPLICATION.G_f*30*.COUNT
LOOP
lc_string := lc_string|| '[' ||APEX_APPLICATION.G_f*32*(i) || '|' || APEX_APPLICATION.G_f*34*(i) || ']';
END LOOP;
--Database processing using the concatenated string here
END;Can you please see what's wrong with the code?
Also, I tried to set a temp. item with the value, to see if the process returns something, like that:
DECLARE
lc_string VARCHAR2(4000);
BEGIN
FOR i IN 1..APEX_APPLICATION.G_f*30*.COUNT
LOOP
lc_string := lc_string|| '[' ||APEX_APPLICATION.G_f*32*(i) || '|' || APEX_APPLICATION.G_f*34*(i) || ']';
END LOOP;
:p18_temp := lc_string;
END;and it did not work.
Also, it is the second Tabular Form on this page. The first one is created using wizard, and it works perfect, with the same update process:
DECLARE
lc_string VARCHAR2(4000);
BEGIN
FOR i IN 1..APEX_APPLICATION.G_f*01*.COUNT
LOOP
lc_string := lc_string|| '[' ||APEX_APPLICATION.G_f*03*(i) || '|' || APEX_APPLICATION.G_f*04*(i) || ']';
END LOOP;
--Database processing using the concatenated string here
END;Also, both forms are opening in a modal pop-up dialog window.
I use a Dialog Region plug-in for that.
May be this is causing a problem?
But still, the first form works fine!? -
Using container managed form-based security in JSF
h1. Using container managed, form-based security in a JSF web app.
A Practical Solution
h2. {color:#993300}*But first, some background on the problem*{color}
The Form components available in JSF will not let you specify the target action, everything is a post-back. When using container security, however, you have to specifically submit to the magic action j_security_check to trigger authentication. This means that the only way to do this in a JSF page is to use an HTML form tag enclosed in verbatim tags. This has the side effect that the post is not handled by JSF at all meaning you can't take advantage of normal JSF functionality such as validators, plus you have a horrible chimera of a page containing both markup and components. This screws up things like skinning. ([credit to Duncan Mills in this 2 years old article|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form&more=1&c=1&tb=1&pb=1]).
In this solution, I will use a pure JSF page as the login page that the end user interacts with. This page will simply gather the input for the username and password and pass that on to a plain old jsp proxy to do the actual submit. This will avoid the whole problem of having to use verbatim tags or a mixture of JSF and JSP in the user view.
h2. {color:#993300}*Step 1: Configure the Security Realm in the Web App Container*{color}
What is a container? A container is basically a security framework that is implemented directly by whatever app server you are running, in my case Glassfish v2ur2 that comes with Netbeans 6.1. Your container can have multiple security realms. Each realm manages a definition of the security "*principles*" that are defined to interact with your application. A security principle is basically just a user of the system that is defined by three fields:
- Username
- Group
- Password
The security realm can be set up to authenticate using a simple file, or through JDBC, or LDAP, and more. In my case, I am using a "file" based realm. The users are statically defined directly through the app server interface. Here's how to do it (on Glassfish):
1. Start up your app server and log into the admin interface (http://localhost:4848)
2. Drill down into Configuration > Security > Realms.
3. Here you will see the default realms defined on the server. Drill down into the file realm.
4. There is no need to change any of the default settings. Click the Manage Users button.
5. Create a new user by entering username/password.
Note: If you enter a group name then you will be able to define permissions based on group in your app, which is much more usefull in a real app.
I entered a group named "Users" since my app will only have one set of permissions and all users should be authenticated and treated the same.
That way I will be able to set permissions to resources for the "Users" group that will apply to all users that have this group assigned.
TIP: After you get everything working, you can hook it all up to JDBC instead of "file" so that you can manage your users in a database.
h2. {color:#993300}*Step 2: Create the project*{color}
Since I'm a newbie to JSF, I am using Netbeans 6.1 so that I can play around with all of the fancy Visual Web JavaServer Faces components and the visual designer.
1. Start by creating a new Visual Web JSF project.
2. Next, create a new subfolder under your web root called "secure". This is the folder that we will define a Security Constraint for in a later step, so that any user trying to access any page in this folder will be redirected to a login page to sign in, if they haven't already.
h2. {color:#993300}*Step 3: Create the JSF and JSP files*{color}
In my very simple project I have 3 pages set up. Create the following files using the default templates in Netbeans 6.1:
1. login.jsp (A Visual Web JSF file)
2. loginproxy.jspx (A plain JSPX file)
3. secure/securepage.jsp (A Visual Web JSF file... Note that it is in the sub-folder named secure)
Code follows for each of the files:
h3. {color:#ff6600}*First we need to add a navigation rule to faces-config.xml:*{color}
<navigation-rule>
<from-view-id>/login.jsp</from-view-id>
<navigation-case>
<from-outcome>loginproxy</from-outcome>
<to-view-id>/loginproxy.jspx</to-view-id>
</navigation-case>
</navigation-rule>
NOTE: This navigation rule simply forwards the request to loginproxy.jspx whenever the user clicks the submit button. The button1_action() method below returns the "loginproxy" case to make this happen.
h3. {color:#ff6600}*login.jsp -- A very simple Visual Web JSF file with two input fields and a button:*{color}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page"
xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:textField binding="#{login.username}"
id="username" style="position: absolute; left: 216px; top:
96px"/>
<webuijsf:passwordField binding="#{login.password}" id="password"
style="left: 216px; top: 144px; position: absolute"/>
<webuijsf:button actionExpression="#{login.button1_action}"
id="button1" style="position: absolute; left: 216px; top:
216px" text="GO"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>h3. *login.java -- implent the
button1_action() method in the login.java backing bean*
public String button1_action() {
setValue("#{requestScope.username}",
(String)username.getValue());
setValue("#{requestScope.password}", (String)password.getValue());
return "loginproxy";
}h3. {color:#ff6600}*loginproxy.jspx -- a login proxy that the user never sees. The onload="document.forms[0].submit()" automatically submits the form as soon as it is rendered in the browser.*{color}
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
version="2.0">
<jsp:output omit-xml-declaration="true" doctype-root-element="HTML"
doctype-system="http://www.w3.org/TR/html4/loose.dtd"
doctype-public="-W3CDTD HTML 4.01 Transitional//EN"/>
<jsp:directive.page contentType="text/html"
pageEncoding="UTF-8"/>
<html>
<head> <meta
http-equiv="Content-Type" content="text/html;
charset=UTF-8"/>
<title>Logging in...</title>
</head>
<body
onload="document.forms[0].submit()">
<form
action="j_security_check" method="POST">
<input type="hidden" name="j_username"
value="${requestScope.username}" />
<input type="hidden" name="j_password"
value="${requestScope.password}" />
</form>
</body>
</html>
</jsp:root>
{code}
h3. {color:#ff6600}*secure/securepage.jsp -- A simple JSF{color}
target page, placed in the secure folder to test access*
{code}
<?xml version="1.0" encoding="UTF-8"?>
<jsp:root version="2.1"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:jsp="http://java.sun.com/JSP/Page" xmlns:webuijsf="http://www.sun.com/webui/webuijsf">
<jsp:directive.page
contentType="text/html;charset=UTF-8"
pageEncoding="UTF-8"/>
<f:view>
<webuijsf:page
id="page1">
<webuijsf:html id="html1">
<webuijsf:head id="head1">
<webuijsf:link id="link1"
url="/resources/stylesheet.css"/>
</webuijsf:head>
<webuijsf:body id="body1" style="-rave-layout: grid">
<webuijsf:form id="form1">
<webuijsf:staticText id="staticText1" style="position:
absolute; left: 168px; top: 144px" text="A Secure Page"/>
</webuijsf:form>
</webuijsf:body>
</webuijsf:html>
</webuijsf:page>
</f:view>
</jsp:root>
{code}
h2. {color:#993300}*_Step 4: Configure Declarative Security_*{color}
This type of security is called +declarative+ because it is not configured programatically. It is configured by declaring all of the relevant parameters in the configuration files: *web.xml* and *sun-web.xml*. Once you have it configured, the container (application server and java framework) already have the implementation to make everything work for you.
*web.xml will be used to define:*
- Type of security - We will be using "form based". The loginpage.jsp we created will be set as both the login and error page.
- Security Roles - The security role defined here will be mapped (in sun-web.xml) to users or groups.
- Security Constraints - A security constraint defines the resource(s) that is being secured, and which Roles are able to authenticate to them.
*sun-web.xml will be used to define:*
- This is where you map a Role to the Users or Groups that are allowed to use it.
+I know this is confusing the first time, but basically it works like this:+
*Security Constraint for a URL* -> mapped to -> *Role* -> mapped to -> *Users & Groups*
h3. {color:#ff6600}*web.xml -- here's the relevant section:*{color}
{code}
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>SecurePages</web-resource-name>
<description/>
<url-pattern>/faces/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name/>
<form-login-config>
<form-login-page>/faces/login.jsp</form-login-page>
<form-error-page>/faces/login.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>User</role-name>
</security-role>
{code}
h3. {color:#ff6600}*sun-web.xml -- here's the relevant section:*{color}
{code}
<security-role-mapping>
<role-name>User</role-name>
<group-name>Users</group-name>
</security-role-mapping>
{code}
h3. {color:#ff6600}*Almost done!!!*{color}
h2. {color:#993300}*_Step 5: A couple of minor "Gotcha's"_ *{color}
h3. {color:#ff6600}*_Gotcha #1_*{color}
You need to configure the "welcome page" in web.xml to point to faces/secure/securepage.jsp ... Note that there is *_no_* leading / ... If you put a / in there it will barf all over itself .
h3. {color:#ff6600}*_Gotcha #2_*{color}
Note that we set the <form-login-page> in web.xml to /faces/login.jsp ... Note the leading / ... This time, you NEED the leading slash, or the server will gag.
*DONE!!!*
h2. {color:#993300}*_Here's how it works:_*{color}
1. The user requests the a page from your context (http://localhost/MyLogin/)
2. The servlet forwards the request to the welcome page: faces/secure/securepage.jsp
3. faces/secure/securepage.jsp has a security constraint defined, so the servlet checks to see if the user is authenticated for the session.
4. Of course the user is not authenticated since this is the first request, so the servlet forwards the request to the login page we configured in web.xml (/faces/login.jsp).
5. The user enters username and password and clicks a button to submit.
6. The button's action method stores away the username and password in the request scope.
7. The button returns "loginproxy" navigation case which tells the navigation handler to forward the request to loginproxy.jspx
8. loginproxy.jspx renders a blank page to the user which has hidden username and password fields.
9. The hidden username and password fields grab the username and password variables from the request scope.
10. The loginproxy page is automatically submitted with the magic action "j_security_check"
11. j_security_check notifies the container that authentication needs to be intercepted and handled.
12. The container authenticates the user credentials.
13. If the credentials fail, the container forwards the request to the login.jsp page.
14. If the credentials pass, the container forwards the request to *+the last protected resource that was attempted.+*
+Note the last point! I don't know how, but no matter how many times you fail authentication, the container remembers the last page that triggered authentication and once you finally succeed the container forwards your request there!!!!+
+The user is now at the secure welcome page.+
If you have read this far, I thank you for your time, and I seriously question your ability to ration your time pragmatically.
Kerry RandolphIf you want login security on your web app, this is one way to do it. (the easiest way i have seen).
This method allows you to create a custom login form and error page using JSF.
The container handles the actual authentication and protection of the resources based on what you declare in web.xml and sun-web.xml.
This example uses a statically defined user/password, stored in a file, but you can also configure JDBC realm in Glassfish, so that that users can register for access and your program can store the username/passwrod in a database.
I'm new to programming, so none of this may be a good practice, or may not be secure at all.
I really don't know what I'm doing, but I'm learning, and this has been the easiest way that I have found to add authentication to a web app, without having to write the login modules yourself.
Another benefit, and I think this is key ***You don't have to include any extra code in the pages that you want to protect*** The container manages this for you, based on the constraints you declare in web.xml.
So basically you set it up to protect certain folders, then when any user tries to access pages in that folder, they are required to authenticate.
--Kerry -
How to trigger and change password for AD user after form based login
Hello,
We are authenticating against Active Directory with Weblogic 10.3 using FORM based security. Everything is working. I need to now change a password for an authenticated user. For example, I have set a user to have their password expire on next logon from the AD side. The user logs in but somehow I need to trap some info from Active Directory (or an LDAP conversation) to figure out if I need to force the user to change password.
Do I need to start looking at custom code with LDAP Java SDK's or can I use a canned MBean from Weblogic Server.
I am looking at http://www.mozilla.org/directory/ for LDAP.
Can I set/reset an AD user's password with an MBean like the following link?
http://download.oracle.com/docs/cd/E13222_01/wls/docs92/javadocs/index.html?weblogic/management/security/authentication/UserPasswordEditorMBean.html
If anyone has any experience with this or can point me in the right direction let me know.
If anyone else is interested please add to the tread and I'll be sure to keep the found solution(s) updated here.
Thanks...........
JJ EverettHello JJ
Please see document ID 403484.1 in http://metalink.oracle.com. This may help to understand what you are aiming to do. Cheers
-- Nathan
Maybe you are looking for
-
(pardon my english, not from English country) So, i've been having real big issues with my skype for over a year now. Story: I have used skype (ver. 6.16 i think) on my computer (HP pavilion G6, Windows 7 Home Premium) for a very long time, suddenly
-
I have gone into Lightroom and I get a message " Develop Module is Disabled" "Please renew your membership to reactivate Develop module" why is this happening?
-
Start Routine - Do not load data that doesnt exist in ODS
Hello Gurus! I am loading between two cubes. I only want to load products that exist in a seperate ods. Can someone help me out with the code for this? NB I am using 3.5
-
Adobe Muse won't open. It just says it's not responding. I have a big project on this software....I need help!
-
Processing table Dispatcher is not running
Hi All, I am trying Web Dynpro Flights tutorial. When I start the J2E sever through SAP Management Console the status of the J2EE Server and SDM is running but the status of Dispatcher is always Stopped. I also tried restarting the servers by right