Caching for Web Portal Authenticated clients

Similar Messages

• Caching a web page in client machine's Temp file

  Hi Friends,
  I'm struck up with one issue in caching the web page in client machine's temporary internet files. I have designed a secured web application. I used
  <%
  response.setHeader("Cache-Control","no-cache");
  response.setHeader("Pragma","no-cache");
  response.setDateHeader ("Expires", 0);
  %>
  for not storing the web page in client machine. Now only some of the pages that doesn't needs the security needs to be cached in the client machines temporary internet files.
  For that i used the code as
  <%
  response.setHeader("Cache-Control","public");
  response.setHeader("Pragma","public");
  response.setDateHeader ("Expires", 0);
  %>
  Still i'm unable to store. Please help me solve this. Thanks in Advance. Quick help would be greatly appreciated.
  Thanks and regards,
  Prakash

  Hi Rob_Jones-
  I would recommend reading this Support article, as it troubleshoots issues with opening/downloading files:
  [[Managing file types]]
  Hope that helps.

• Issue with "Drill" & navigation for Web Intelligence Rich client

  Hello,
  I  have created a document by using a local Excel file in Web Intelligence Rich client tool.
  1.Now I want to use "Drill" option to my document...can you please help me in this respect as I am not getting the "Analysis pane" & other standard options(for Drill) that we get for a document created from a Universe?
  2.I have 4 reports in this document. I want to  navigate from the first report to any other reports in the same document by clicking a button or link in the first report.Any idea how to do it?
  Thank you in advance for your help.
  Regards,
  Soumya

  1. have you created any hierarchy in the universe ? after creating required hierarchy, in the webi report you need to enable drill mode.
  2. you can use opendocument url with sReportName parameter. Please check this doc for details: http://help.sap.com/businessobject/product_guides/boexir3/en/xi3-1_url_reporting_opendocument_en.pdf
  But for this you need to export the report to InfoView.

• PAM for web application authentication

  Hi,
  I am new to PAM. Is it possible to set up PAM to authenticate users listed in a database table?
  Thanks,

  There may be PAM modules for that, or you could even write one.
  This forum probably won't have much input on the topic, since it focuses on Sun's directory server.

• ISE web portal problem

  Dear Friends,
  I configured my 5508(in sso) and i made authentication through 802.1x on our software ISE,  i spent time to enable WEB portal authentication for guest users(guest wlan), so many guides for web portal authentication, my ACL on WLC shows hits for DNS traffic, when i connect to my GUEST wlan, i see ISE URL portal in my CLIENT security information, but nothing happens, when i use my browser to connect somewhere it doesnt redirect me to ISE, please show me the last guide or something about it
  thank you

  Hi Kamarn,
  please check with this document:
  Central Web Authentication (CWA) for guests with ISE
  https://supportforums.cisco.com/docs/DOC-26442
  Identity Services Engine Guest Portal Local Web Authentication Configuration Example
  http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080c13287.shtml
  Hope this helps.
  Regards
  Dont forget to rate helpful posts

• Require LOV's should be displayed on single page for Webi Rich Client -R3.0

  Hi all,
  Is there any way to display the list of values in a single page when we apply a quick report level filter in Web intelligence Rich client report.
  Behavior:
  When we have large list of values for an object then the list of values are displayed in pages......
  We can avoid the pages in Webi by making changes to the 'List of value batch size' from 1000 to 10000.
  Is there any setting for displaying  the list of values for Web Intelligence rich client ?
  Please advise....

  Hi,
  I  have checked the view source code. It is having correct details
  for eg..
  SAP Integrated ITS, WebAS: C11, workprocess: 0
  All rights reserved.
  Creation time:  Thu Dec 03 11:10:16 2009
  Charset:        utf-8
  Template:       bbpstart/99/bbpglobal_800.html  -->
    <!-- No session management -->
  I  published the Template again for BBPGLOBAL.
  Only page cannot be displayed is coming.
  There is some link missing between the SRM server and the ITS.
  Can you figure out what it is ? We are stuck
  Regards
  G.Ganesh Kumar

• Web Intelligence Rich Client

  HI guys,
  I am new to BO...just wanted to know that is there any place I can download web intelligence rich client which can work as standlone for trial period.Just want to get the feel of what this application is all about?

  Hello
  I do have the key to log in into SAP Service Market. However i can't find download link for Web Intelligence Rich Client.
  Can you please update the link or provide some indication how to find it?
  Many thanks for any help.
  Cheers
  Mario

• Web Intelligence Rich Client Loading time

  Hi all,
  Need some help.
  Anyone know what's the specification requirement to use the BO XI R3.1 Client Tools example for Web Intelligence Rich Client. I have an issue from client saying that their Web Intelligence Rich Client loading too slow before they can reach the login page (not connecting to the BO Environment, just opening the Webi Rich Client program used approximately 50 seconds before they can reach the login page as they told us). Is it because of the specification issue or it's actually others factor that causing this "trouble"?
  Thanks for the advise!
  Regards,
  Steve

  Hello Steve,
  I recommend to post this query to the [BusinessObjects Enterprise Administration|BI Platform; forum.
  This forum is dedicated to topics related to administration and configuration of BusinessObjects Enterprise, BusinessObjects Edge, and Crystal Reports Server.
  It is monitored by qualified technicians and you will get a faster response there.
  Also, all BOE Administration queries remain in one place and thus can be easily searched in one place.
  Best regards,
  Falk

• "Auth type not supported by External DB" error for web-auth SSIDs

  Hello
  We're having a problem with web-authentication on our 4404/WisM controllers since we moved to software rev 5.x (currently running 5.1.151.0).
  With software rev 4.x our web-auth SSIDs would send the authentication requests to a Cisco ACS4.0 which would then authenticate the users against MS Active directory.
  Now (with rev 5.x) the same SSIDs cannot authenticate users against AD, the error in the ACS is:
  Auth type not supported by External DB
  Found the following Cisco Doc regarding the problem: Cisco Secure ACS and Windows AD EAP/802.1x port authentication fails with the Auth type not supported by External DB error message - Case Number K24308566. Done a packet capture on ACS to see authentications coming in and the ones that fail with above error are using CHAP - from the Cisco documentation, MS AD doesn't support CHAP.
  Any ideas on how I can get the web-auth working again with software rev 5.x ?
  Thanks
  Andy

  my apologies - theres a setting under Controller - General for Web Radius Authentication. changed this from CHAP to PAP and its now working ok.

• Web based authentication for wired client, Crendentials submission failure.

  Hi,
  I am trying to set up the functionnality "cisco web based authentication" for the wired clients.
  The problem i encountered is that my switch doesnt forward the client's password to the ACS.
  When the user validate his credentials on the login page only the login seems to be forwarded.
  The result of the command "show ip admission cache" always show the client in the init state.(i use the default cisco web login page).
  the connection between aaa servers and the switch is working.
  You will find in attachements the running-config and the debug file.
  Thanks for your help, any ideas are welcome :) (its t os version c3750e-ipbasek9-mz.150-2.SE7).

  Well i took a look on your documents but i didnt find anything that helped me ;S.
  I'm still stucked on the same step.

• X.509 Web Service Authentication for ABAP AS Web Service Interaction

  We are trying to use X.509 web service authentication with SAP Web AS ABAP between 2 different SAP installations. Company 1 is trying to consume a web service set up by Company 2.
  Company 1 has installed Company 2's public key, generated the client proxy using Company 2's WSDL and created a corresponding lpconfig entry.
  Then company 2 has set up the profile parameter ICM/HTTPS/verify_client to accept certificates and imported Company 1's SLL client certificate and mapped the user in USREXTID.  Note that Company 1 uses self-signed certificates, so it does not have a root certificate, which is what the documentation says should be imported into the PSE instead of the SSL client certificate.
  When Company 1 tries the web service call, it receives a request to authenticate the web service from Company 2. (basic authentication logon screen, even though the web service configuration is set to X.509 Client Certificate.
  Should this work or is there a problem because Company 1 uses self-signed certificates or is there something else we are missing?

  >
  Connie Begovich wrote:
  > We are trying to use X.509 web service authentication with SAP Web AS ABAP between 2 different SAP installations. Company 1 is trying to consume a web service set up by Company 2.
  >
  > Company 1 has installed Company 2's public key, generated the client proxy using Company 2's WSDL and created a corresponding lpconfig entry.
  >
  > Then company 2 has set up the profile parameter ICM/HTTPS/verify_client to accept certificates and imported Company 1's SLL client certificate and mapped the user in USREXTID.  Note that Company 1 uses self-signed certificates, so it does not have a root certificate, which is what the documentation says should be imported into the PSE instead of the SSL client certificate.
  >
  > When Company 1 tries the web service call, it receives a request to authenticate the web service from Company 2. (basic authentication logon screen, even though the web service configuration is set to X.509 Client Certificate.
  >
  > Should this work or is there a problem because Company 1 uses self-signed certificates or is there something else we are missing?
  I think that the problem is in Service Authentication (in transaction sicf). You have to consume web-service, transmitting user-password for access.

• Implementing cache for dropdown values in Web Dynpro Iview

  Hi All,
           I am currently in the processing of enhancing a web dynpro application which contains among other things around 15 drop down boxes. The values in these drop down boxes are coming from oracle database and these values change occasionally.
          To optimize the response time, I have implemented simple caching machanism using static  variable in plain java class. The objective is to retrieve the values for the first time from oracle db and use the same datastructure for subsequent calls. Though I have found that the number of calls to the database reduced significantly I am facing some problem understanding and implementing the cache refresh behaviour.
        I want to implement a cache refresh machanism for every 12 hours.
      Solutions tried.
                 Creating a thread to refresh the cache for every 12 hours.
                 Creating a timer for refreshing the cache for every 12 hours.
      Problems encountered :
      1.  Is it appropriate to use threads in a web dynpro app?
      2.  What I have observed is that  the thread (I have created a daemon thread) is alive even after I have deployed a new copy of the code.  When I deploy a new code is it not supposed to remove all copies from the memory?
         If using a daemon thread is appropriate, What is the web dynpro
            framework's class loading behavior when a new copy of code is deployed?
           Does it completely unload existing classes (there by killing the daemon thread
                 created in previous deployment)?
     3. Assuming that we have found suitable solution for thread issues, what would  happen when the application is deployed on a cluster? Can we send a message to
          all the nodes in the cluster?
  I would like to understand what other developers has done in these kind of situations. Your experience and insight will be valuable and help me decide to implement caching or not in  the first place.   
  Thanks in advance.
  Regards
  Pallayya Batchu

  Pallayya,
  <i>1. Is it appropriate to use threads in a web dynpro app?</i>
  Not recommended as with any J2EE application
  <i>2. What I have observed is that the thread (I have created a daemon thread) is alive even after I have deployed a new copy of the code. When I deploy a new code is it not supposed to remove all copies from the memory?</i>
  Re-deployment doesn't mean stopping all user spawned threads. It just causes unloading of classes if there are no hard references from anything but deployed application. In your case, there are probably references from Thread/Runnable so your previous version is not unloaded on redeployment.
  <i>3. Assuming that we have found suitable solution for thread issues, what would happen when the application is deployed on a cluster? Can we send a message to all the nodes in the cluster?</i>
  Probably you can, probably you cannot. Even if you can it would be complex.
  My advise -- abandon threads altogether, use real cache instead:
  package com.yourcompany.yourapp.utils;
  import java.util.HashMap;
  import java.util.Map;
  public class ValueHelpCache {
    private static class Entry {
      long lastLoadTime;
      Map  payload;
      Entry(final Map payload) {
        this.payload = payload;
        this.lastLoadTime = System.currentTimeMillis();
    final private Map _entries = new HashMap();
    private ValueHelpCache() {}
    synchronized public Map getValueHelp(final String valuyeHelpKey) {
       Entry entry = (Entry)_entries.get(valuyeHelpKey);
       if ( entry == null) {
         entry = new Entry( loadValueHelpFromDatabase(valuyeHelpKey) );
         _entries.put(valuyeHelpKey, entry);
       } else {
         final long now = System.currentTimeMillis();
         if ( now - entry.lastLoadTime > ENTRY_TTL ) {
           entry.payload = loadValueHelpFromDatabase(valuyeHelpKey);
           entry.lastLoadTime = now;
      return entry.payload;
    private Map loadValueHelpFromDatabase(final String valuyeHelpKey) {
      /* @TODO implement loading values from database */
      return null;
    public static ValueHelpCache getInstance() { return INSTANCE; }
    final public static long ENTRY_TTL = 12 * 60 * 60 * 1000;
    final private static ValueHelpCache INSTANCE = new ValueHelpCache();
  This way client code tracks itself what entries are stale and need to be reloaded. No threads at all and no problems in cluster. You may alter time tracking mechanism to reload at given time of day, say at 12AM and 12PM -- just use java.util.Calendar and change code accordingly.
  Valery Silaev
  SaM Solutions
  http://www.sam-solutions.net

• Client Excluded ReasonCode on WLC for Web Auth

  Hi.
  I wonder if you can point me at a table that defines the Reason Code(s) for Client Exclusion Failure? See the example event log entry below from a Guest Controller for Web Authentication failure (that was resolved - Internet router down) but I was wondering if the Reason Codes would be useful in troubleshooting. Many thanks in advance.
  Tue Aug 28 10:45:31 2007 Client Excluded: MACAddress:00:16:6f:b3:20:0a Base Radio MAC :00:00:00:00:00:00 Slot: 0 Reason:Web Authentication failed 3 times. ReasonCode: 4

  I haven't tried it recently. But I'm afraid of this one :
  CSCsy88149 Chained certificate can not have Wildcard * character in hostname
  Even if bought at verisign or any root CA, your cert has a good chance of being chained since they very often use an intermediate CA. I know wildcard certs are supported but this bug seems to say that it doesn't work for chained.
  again, I didn't verify it mysefl

• WLC OID (snmp) for authenticated clients

  I know the OID for associated users 1.3.6.1.4.1.14179.2.1.1.1.38.
  But is there one for Authenticated clients? I am looking for the numbers similar to the one I can get from the report tools in WCS.
  I think the number of authenticated clients is a better number than using the associated client count when talking about guest WLAN's.
  Best regards,
  Steffen Lindemann

  Hi,
  yes there is. I have created a table with solarwinds for this but they represent or provide information in diffrent way.
  The table consist of
  >WLAN Profile
  1.3.6.1.4.1.9.9.599.1.3.1.1.3
  This object specifies the WLAN Profile name
  this 802.11 wireless client is connected to.
  >Client Status
  1.3.6.1.4.1.9.9.599.1.3.1.1.2
  The object that represents the current status of the client.
  >MobileStationUserName
  1.3.6.1.4.1.14179.2.1.4.1.3
  User Name , if any , of the Mobile Station. This would
  be non empty in case of Web Authentication and IPSec.
  >Client Protocol
  1.3.6.1.4.1.9.9.599.1.3.1.1.6
  The 802.11 protocol type of the client.
  'dot11a' - The client is using 802.11a standard
  to connect to the access point (AP)
  >MobileStationIpAddress
  1.3.6.1.4.1.14179.2.1.4.1.2
  Ip address
  Well the Clinet status would be represted in num value:
  Client status:
  4 = associated
  6 = Probing
  8 = Disconnected
  Protocol:
  1 = 802.11a
  2 = 802.11b
  3 = 802.11g
  Hope this helps

• Guest Parameter for Web Authentication

  Hi Forum,
  Just to find out a little more detail in regards to the guest account created for web authentication using Ambassador account.
  1) If the authenticated guest did not perform a proper logout, what action will the WLC take?
  2) As such, is there any timeout involved?
  Where can i tune the timeout?
  Rdgs,
  Kelvin

  Hi I just wanted to add what I have found regarding WCS and the guest feature.
  -There are two ways to configure a "local net user". The first is a static guest ID that has the "guest" flag off. This means that the client's session will not timeout. The second is to specify the "guest" user checkbox and give it a timeout value in seconds.
  This should let you control how long a user is logged in.
  From the WLC login, go to SECURITY --> LOCAL NET USERS --> then click on NEW. From there you can specify a user ID and also set that optional guest user box. If you click on the Guest User box then you will see a timeout field.
  With my guest account set to not be a guest user (no timeout value), I have noticed the following.
  1. If a guest gets disconnected, usually they will reassociate and still be able to log in.
  2. If a guest has problems, I usually tell them to disable their wireless card, close all browser windows, and then reassociate to the network.
  The steps above have worked well for my setup...