Common domain cookie in ADFS3

Hi,
I would like to use the common domain cookie in ADFS3.
I have used the cmdlet set-adfswebconfig to define the cookie reader and the cookie writer.
Cookie writer seems to work as I'm redirected to the cookie writer URL once I'm authenticated.
However, I'm never redirected to the cookie reader URL to get the IDP identifier.
At this moment, I'm using :
One SAML IdP /Claim Provider
One SAML SP / Relying Party
I'm always using "InPrivate" session to be sure not to drag any cookie.
Has anybody used this feature?
Thanks for your help
Yannick

The common domain is a 3rd domain, different from IdP and SP. That's the worst case scenario, I mean common domain could be the same domain as IdP or SP but anyway lets take the worst case
In your example mycomp.com is the common domain. Then you need some way of identifying requests targeting a particular SP. One way to do it is to have a subdomain for each SP in the common domain - mysp.mycomp.com, anothersp.mycomp.com. Then when a user requests http://mysp.mycomp.com/whatever, based on 'mysp' portion of the request and the IdP registered/associated with 'mysp', you would know which IdP to authenticate with. This is all done via cookies as the SAML spec explains. In this case OIF would have to be deployed on mycomp.com domain and deal with cookies per spec, that's your IdP discovery

Similar Messages

Setting cross-domain cookies in Safari using iframe

Hi,
I want to load url inside iframe. It works in all browsers. Except in safari browser.
I have written code as
On designer page
<div id="containFrame" runat="server">
And on code behind
protected void Page_Load(object sender, EventArgs e)
            GenerateFrame("http://www.dotnetobject.com");
private void GenerateFrame(string urlsrc)
            string frame = "<iframe id='ifrm' style='width: 956px; height: 500px'";
            frame += " src='" + urlsrc + "' ></iframe>";
            containFrame.InnerHtml = frame;
I am using safari browser version 5.1 (7534.50).
Here in Preferences (Privacy tab) for Block Cookies have three options as
1. From third parties and Advertiser
2. Always
3. Never
If I selects option as Never then this code work successfully. But Not for 1 and 2 option.
Here my quesion is, how to handel this problem cross-domain cookies problem?
Thanks,
Bhanudas

sadly... i couldn't find other workaround than making a new subdomain of the main domain.
i have abc.com that embed def.com in an iframe. the only workaround so far is make a new subdomain def.abc.com and map that as a CNAME to def.com.
when i call the page in iframe, i call def.abc.com, which matches the same domain, thus cookies can be read or written.
this becomes a problem with you have a lot of different websites to embed, and not all site owners care to do binding of the new host on their webserver.

Should a cookie I create via my Desktop App be usable by an IE session in both localhost and AnyInternet domains?

I can confirm that the locally created cookie is usable by IE on http://localhost:portno/myapp.com
But when I open http://www.AnyInternetDomain.com/Default.aspx then IE does not see that cookie.

It seems that you want to across domain using cookie.
You cannot share cookies across domains and that's for security reasons.
http://stackoverflow.com/questions/3342140/cross-domain-cookies
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

How do you stop unauthorized cookies from appearing in Safari?

Hi ,
I'm using Safari 5.1.10 and system 10.6.8. I've gotten all the security downloads available, but I seem to having issues with unauthorized cookies appearing. These seem to appear even though I've not visited their websites, and have Safari set to accept cookies from only sites I've visited.
After going to Preferences:Privacy: remove all website data: then remove all cookies,
If I just wait a few minutes, I get 72 website cookies restored to my computer, without doing anything. These include cookies from google, alibaba, 2mdn.net, facebook, microsoft, oracle and many more. Some of these declare they are using local storage, others the catch, while others just declare themselves as cookies.
These appear in spite of the fact that I have the preferences set to block cookies from third party advertizers, set Extensions to OFF, but have Javascript enabled, and allow Java, but deny all other plug-ins.
If I unclick the allow Java button in Preferences:security, then 11 of these cookies sneek back in, but the others seem to be blocked. Those that come back include Alibaba, apple, google-analytics, "local documents on my computer", machine-seeker, wikipedia, and a few others.
If I disable JavaScript in Preferences:Security, now I get only cookies from sites I've visited, as I'm supposed to, according to the settings in my Safari preferences.
So it seems that some unscrupulous information collectors are collecting data even when the Safari settings should prohibit it. Unfortunately, some of the sites I visit ( Like Apple support communities) require that Javascript be enabled, so I don't know how to stop this.
The problem is that I've found these unwarrented cookies appear to slow down my internet connection speeds by ~ 95% ( Try removing them and disabling Javascript to see what happens) in addition to it being an invasion of my privacy. In addition, it really bothers me that some of these sites are storing local documents on my computer without permission.
As I've said, I've already installed ALL the pertinent security updates. Does anybody have any idea how to stop this from happening? I presume this is also happening on my iphone and ipad as well, but haven't checked.
I see that Safari was sued by Apple in 2012 for doing just this same thing, but they appear to be up to their old tricks, as well as many other companies.
Thanks

Hi,
I've investigated this phenomena of UNauthorized Cookies a bit more in the past few days and found their cause and uses goes very deep down the internet rabbit hole. While most browsers allow the user to delete cookies, or to block cookies from third parties, third parties may place cookies or "cookie equivalents" on your computer through a large variety of back doors. The most pernicious type of such cookie is euphemistically called a "Zombie Cookie" or a "supercookie".
These may reside in a number of places either in your own computer or remotely on the web. Deleting zombie cookies or supercookies is generally ineffective, because they are reinstalled in your browser, or worse, just exchange information with your browser withouth leaving a trail of cookie crumbs, the next time you get online. Some of these zombie cookies are not browser specific, so they can be accessed through all browsers on your computer.
The reason that you may never have heard of supercookies, and the reason they are so hard to find and get rid of, is that their deployment is deliberately sneaky and designed to evade detection and deletion. This means that most people who think they have cleared their computers of tracking objects have likely not. The European Union has recently taken action to make illegal the emplacement of "non-essential" cookies on your computer, but the United States, being less concerned about your personal privacy, and more concerned about making it easy for companies (and the government) to eavesdrop, has not.
The following is a list ( probably incomplete) where zombie cookies may be hiding on your computer:
Standard HTTP cookies
Storing cookies in and reading out web history
Storing cookies in HTTP ETags
Internet Explorer userData storage (starting IE9, userData is no longer supported)
HTML5 Session Storage
HTML5 Local Storage
HTML5 Global Storage
HTML5 Database Storage via SQLite
Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
Local Shared Objects
Silverlight Isolated Storage
Cookie syncing scripts that function as a cache cookie and respawn the MUID cookie[4]
If a user is not able to remove the cookie from every one of these data stores then the cookie will be recreated to all of these stores on the next visit to the site that uses that particular cookie, or in some cases, just the next visit to the internet, even though you may have barred 3rd party cookies from being emplaced in your browser. Every company has their own implementation of zombie cookies and most are kept proprietary, although an open-source implementation of zombie cookies, called Evercookie,[5] is available and commonly used.
One such common type of supercookie is called Local shared objects (LSOs), or more commonly Flash cookies (due to their similarities with HTTP cookies), are pieces of data that websites which use Adobe Flash may store on a user's computer. Local shared objects are used by all versions of Adobe Flash Player and version 6 and above of Macromedia's now-obsolete Flash Player.[1]
It is possible to see who is using Flash cookies on your computer, (and remove them) by going to the adobe website storage settings panel : (http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_man ager07.html). This takes you to a settings manager figure. This Settings Manager figure that you see on this page is not an image; it is the actual Settings Manager for your computer. Click the tabs to see different panels, and click the options in the panels to change your Adobe Flash Player settings.
So far, I have not been able to find a method of removing or inhibiting zombie cookies that use HTML5 local or global storage locations. Some browsers may provide such power, but Apple Safari apparently does not.
For more information on supercookies see:
https://www.bestvpn.com/blog/8177/super-cookies-flash-cookies/
There are some ways to reduce your load of unwanted cookies and local storage type cookies using extensions such as AdBlock or Disconnect, But I've tried some of these and it doesn't seem to stop very many of them, even though the Disconnect extension is said to block over 2000 of these types of cookies.
For those who are trying to ride under the radar by using some of these extensions or software blockers, be aware that use of these may actually make you more visible because of browser fingerprinting. Whenever you visit a website your browser sends data to the server hosting that site. This data includes basic information, including the browser name, operating system, and exact version number of the browser. This information is known as passive browser fingerprint because it happens automatically. However websites when blocked, can also easily install other types of scripts that ask for additional information, such as a list of all installed fonts and plugins, supported data types (so-called MIME types), screen resolution, system colors and much more. Because this information has to be solicited from your browser, it is known as active fingerprinting. Taken altogether, the various fingerprint attributes can be almost instantly (it takes just a few milliseconds to run algorithms that compare millions of fingerprints) combined to create a unique fingerprint that can be used to very accurately identify an individual user, no matter if cookies have been deleted or IP address changed between website visits.
For an article on browser fingerprinting, See : https://www.bestvpn.com/blog/8159/browsers-fingerprint-reduce/
The bottom line is that if you use the internet, your browser history is being tracked by a myriad of companies and government agents, and it is likely not possible to stop this. For those who work in science, industry or government and are working on sensitive topics or novel product development that another company or government may find interesting, there appears to be many ways to recreate what you are working on by studying your browser history, or installing worms to view exactly what you are writing or reading. It came as somewhat of a shock to me to see just how pervasive internet spying has become, and it's not just malicious or destrustive agents who are doing so. Google didn't become a $350 billion company by simply bringing nice toys to us to play with. The real value of the internet comes from the trade and sale of secretly obtained personal information from you and I and everyone else, and its sale to all who will pay for it.

Using a cookie from one application web site to another application

Hi,
I have a big application written in ASP/CF. In this
application, I added a link to my small application in CF. Both
apps are on the same server but separate websites. I liked to use
the user admin functionality that is available in the big
application into my small apps. What I need is the cookie userid
from the big application so that I can use it. How do I go about
that? Can you please provide a sample code?
Thanks in advance.

meeyaw wrote:
> Hi,
>
> I have a big application written in ASP/CF. In this
application, I added a
> link to my small application in CF. Both apps are on the
same server but
> separate websites. I liked to use the user admin
functionality that is
> available in the big application into my small apps.
What I need is the cookie
> userid from the big application so that I can use it.
How do I go about that?
> Can you please provide a sample code?
>
> Thanks in advance.
>
Cookies, by definition, are web site specific. You can set
them to be
shared across sub-domains, but you can not have one domain
read another
domains cookies. To do what you want one of the applications
will have
to pass the desired value to the other in some manner of your
choosing.

Opening an Excel 2003 file in Office 2010 Universal Data Connection error when opening the file from a domain.

Hi.
One of my users are having problem with old accounting files in Excel 2003 when opening Excel 2010.
The user experience that linked information is not being updated properly.
And suspects that it something do with Universal Data Connection .
How can an Excel 2003 spread sheet be converted to Excel 2010 spread sheet and still contain active links?
When the user is opening and converting the file as mention in your suggestion, on the common share on a common domain, the links "breaks".
we are not using SharePoint on our domain.
But when doing it on a local machine, the links does not "breaks".
Looking forward to get solved to this problem.
Thank you in advance.
Rgds

it sounds link, the links changed from relative paths to absolute path. You need to use absolute path in original file.
KR

Error while using unpack.sh command to configure domain

Hi all,
I have to create one common domain for two different boxes.
BOX A has -->weblogic,SOA
BOX B has -->weblogic,OSB
I have configured the Domain in BOX A for SOA first and extended OSB using IP address of BOX B .
Then i pack th domain using pack command .
Then i copied the .jar file to BOX B
Then while i try to unpack this domain i am stuck with this error
The Command i used
"bash-3.2$ ./unpack.sh -domain=/u02/app/Oracle/Middleware/user_projects/domains/soad_domain -template=/u02/user_templates/POCDomain.jar
<< read template from "/u02/user_templates/POCDomain.jar"
fail: read template from "/u02/user_templates/POCDomain.jar"CFGFWK-60550: Script execution aborted. The script may contain an error.
Required component home not found for component 'oracle.rules' version '11.1.1.5.0' "
I have cross checked the domain paths of both the boxes it is exactly the same.
The weblogic server installed is also of same versions.
The unpack.log file has the following error
2012-05-23 14:54:45,349 DEBUG [runScript] com.oracle.cie.oui.impl.FMWHomeInventoryImpl - Trying to find a match for oracle.rules:11.1.1.5.0 using default minimum matching positions.
2012-05-23 14:54:45,349 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Trying to find a match for oracle.rules:11.1.1.5.0 in /u02/app/Oracle/Middleware/coherence_3.6 using 2 minimum matching positions.
2012-05-23 14:54:45,349 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Found no match.
2012-05-23 14:54:45,350 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Trying to find a match for oracle.rules:11.1.1.5.0 in /u02/app/Oracle/Middleware/wlserver_10.3 using 2 minimum matching positions.
2012-05-23 14:54:45,350 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Found no match.
2012-05-23 14:54:45,350 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Trying to find a match for oracle.rules:11.1.1.5.0 in /u02/app/Oracle/Middleware/Oracle_OSB1 using 3 minimum matching positions.
2012-05-23 14:54:45,354 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Found no match.
2012-05-23 14:54:45,354 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Trying to find a match for oracle.rules:11.1.1.5.0 in /u02/app/Oracle/Middleware/oracle_common using 3 minimum matching positions.
2012-05-23 14:54:45,354 DEBUG [runScript] com.oracle.cie.oui.impl.ProductHomeInventoryImpl - Found no match.
2012-05-23 14:54:45,354 DEBUG [runScript] com.oracle.cie.oui.impl.FMWHomeInventoryImpl - Final match(es): []
2012-05-23 14:54:45,355 ERROR [runScript] com.oracle.cie.domain.DomainTemplate - Required component home not found for component 'oracle.rules' version '11.1.1.5.0'
2012-05-23 14:54:45,355 INFO [runScript] com.oracle.cie.domain.script.ScriptExecutor - fail: read template from "/u02/user_templates/POCDomain.jar"
2012-05-23 14:54:45,355 ERROR [runScript] com.oracle.cie.domain.script.ScriptExecutor - read template from "/u02/user_templates/POCDomain.jar"
com.oracle.cie.domain.ConfigRuntimeException: Required component home not found for component 'oracle.rules' version '11.1.1.5.0'
     at com.oracle.cie.domain.DomainTemplate.<init>(DomainTemplate.java:256)
     at com.oracle.cie.domain.DomainTemplate.<init>(DomainTemplate.java:182)
     at com.oracle.cie.domain.WLSTemplateBuilder.parseTemplate(WLSTemplateBuilder.java:575)
     at com.oracle.cie.domain.WLSTemplateBuilder.parseDomainTemplate(WLSTemplateBuilder.java:485)
     at com.oracle.cie.domain.WLSTemplateBuilder.buildDomainTemplate(WLSTemplateBuilder.java:1369)
     at com.oracle.cie.domain.script.ScriptExecutor.readTemplate(ScriptExecutor.java:429)
     at com.oracle.cie.domain.script.ScriptParserClassic$StateMachine.processRead(ScriptParserClassic.java:520)
     at com.oracle.cie.domain.script.ScriptParserClassic$StateMachine.execute(ScriptParserClassic.java:426)
     at com.oracle.cie.domain.script.ScriptParserClassic.parseAndRun(ScriptParserClassic.java:148)
     at com.oracle.cie.domain.script.ScriptParserClassic.doExecute(ScriptParserClassic.java:110)
     at com.oracle.cie.domain.script.ScriptParser.execute(ScriptParser.java:72)
     at com.oracle.cie.domain.script.ScriptParser.execute(ScriptParser.java:35)
     at com.oracle.cie.wizard.domain.helpers.Executor.runSilentScript(Executor.java:68)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.oracle.cie.wizard.domain.silent.tasks.RunScriptTask.runScriptWithExecutor(RunScriptTask.java:551)
     at com.oracle.cie.wizard.domain.silent.tasks.RunScriptTask.execute(RunScriptTask.java:335)
     at com.oracle.cie.wizard.silent.tasks.AbstractSilentTask.run(AbstractSilentTask.java:28)
     at java.lang.Thread.run(Thread.java:662)
2012-05-23 14:54:45,357 ERROR [runScript] com.oracle.cie.wizard.domain.silent.tasks.RunScriptTask - There was an error executing the script: /u02/app/Oracle/Middleware/wlserver_10.3/common/lib/tmpUnpack.cws
com.oracle.cie.domain.script.ScriptException: com.oracle.cie.domain.ConfigRuntimeException: Required component home not found for component 'oracle.rules' version '11.1.1.5.0'
     at com.oracle.cie.domain.script.ScriptExecutor.readTemplate(ScriptExecutor.java:465)
     at com.oracle.cie.domain.script.ScriptParserClassic$StateMachine.processRead(ScriptParserClassic.java:520)
     at com.oracle.cie.domain.script.ScriptParserClassic$StateMachine.execute(ScriptParserClassic.java:426)
     at com.oracle.cie.domain.script.ScriptParserClassic.parseAndRun(ScriptParserClassic.java:148)
     at com.oracle.cie.domain.script.ScriptParserClassic.doExecute(ScriptParserClassic.java:110)
     at com.oracle.cie.domain.script.ScriptParser.execute(ScriptParser.java:72)
     at com.oracle.cie.domain.script.ScriptParser.execute(ScriptParser.java:35)
     at com.oracle.cie.wizard.domain.helpers.Executor.runSilentScript(Executor.java:68)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:597)
     at com.oracle.cie.wizard.domain.silent.tasks.RunScriptTask.runScriptWithExecutor(RunScriptTask.java:551)
     at com.oracle.cie.wizard.domain.silent.tasks.RunScriptTask.execute(RunScriptTask.java:335)
     at com.oracle.cie.wizard.silent.tasks.AbstractSilentTask.run(AbstractSilentTask.java:28)
     at java.lang.Thread.run(Thread.java:662)
Caused by: com.oracle.cie.domain.ConfigRuntimeException: Required component home not found for component 'oracle.rules' version '11.1.1.5.0'
     at com.oracle.cie.domain.DomainTemplate.<init>(DomainTemplate.java:256)
     at com.oracle.cie.domain.DomainTemplate.<init>(DomainTemplate.java:182)
     at com.oracle.cie.domain.WLSTemplateBuilder.parseTemplate(WLSTemplateBuilder.java:575)
     at com.oracle.cie.domain.WLSTemplateBuilder.parseDomainTemplate(WLSTemplateBuilder.java:485)
     at com.oracle.cie.domain.WLSTemplateBuilder.buildDomainTemplate(WLSTemplateBuilder.java:1369)
     at com.oracle.cie.domain.script.ScriptExecutor.readTemplate(ScriptExecutor.java:429)
     ... 15 more
2012-05-23 14:54:45,358 DEBUG [WizardController] com.oracle.cie.wizard.WizardController - Terminating.
Please share something if any one came across the same error.
Waiting for your kind replies
Thank You
Anand.U

Yes, for extending Domain i have installed OSB in BOX A but while configuring the OSB domain i have given the IP of BOX B and then packed that domain.
Thanks
Anand.U

Few questions about apex + epg and cookie blocked by IE6

Hi,
I would like to ask a few questions about apex and epg.
I have already installed and configured apex 3.2 on oracle 10g (on my localhost - computer name 'chen_rong', ip address -192.168.88.175 ), and enable anonymous access xdb http server.
now,
1. I can access 'http://chen_rong' , 'http://localhost' , 'http://192.168.88.175' without input username / password for realm 'XDB' in IE6;
2. I can access 'http://localhost/apex/apex_admin' , 'http://192.168.88.175/apex/apex_admin' , and I can be redirected into apex administation page after input admin/<my apex admin password> for realm 'APEX' in IE6;
3. I can access 'http://chen_rong/apex/apex_admin' in IE6, but after input admin/password , I can not be redirected into administation page, because the cookie was blocked by IE6.
then, the first question is :
Q1: What is the difference among 'http://chen_rong' , 'http://localhost' , 'http://192.168.88.175' ? I have already include site 'chen_rong' into my trusted stes! why the cookie was blocked by IE6. I have already tried firefox and google browser, both of them were ok for 'chen_rong', no cookie blocked from site 'chen_rong'!
and,
1. I have tried to use the script in attachment to test http authentication and also want to catch the cookie by utl_http .
2. please review the script for me.
3. I did:
SQL> exec show_url('http://localhost/apex/apex_admin/','ADMIN','Passw0rd');
HTTP response status code: 401
HTTP response reason phrase: Unauthorized
Please supplied the required Basic authentication username/password for realm XDB for the Web page.
Web page http://localhost/apex/apex_admin/ is protected.
MS-Author-Via: DAV
DAV: 1,2,<http://www.oracle.com/xdb/webdav/props>
Server: Oracle XML DB/Oracle Database
WWW-Authenticate: Basic realm="XDB"
Date: Tue, 04 Aug 2009 02:25:15 GMT
Content-Type: text/html; charset=GBK
Content-Length: 147
======================================
PL/SQL procedure successfully completed
4. I also did :
SQL> exec show_url('http://localhost/apex/apex_admin/','ANONYMOUS','ANONYMOUS');
HTTP response status code: 500
HTTP response reason phrase: Internal Server Error
Check if the Web site is up.
PL/SQL procedure successfully completed
SQL> exec show_url('http://localhost/apex/apex_admin/','SYSTEM','apexsite');
HTTP response status code: 401
HTTP response reason phrase: Unauthorized
Please supplied the required Basic authentication username/password for realm APEX for the Web page.
Web page http://localhost/apex/apex_admin/ is protected.
Content-Type: text/html
Content-Length: 147
WWW-Authenticate: Basic realm="APEX"
======================================
PL/SQL procedure successfully completed
my second questions is :
Q2: After I entered into realm 'XDB', I still need went into realm'APEX'. how could I change the script show_url to accomplish these two tasks and successfully get the cookie from site.
the show_url script is as following:
CREATE OR REPLACE PROCEDURE show_url
(url IN VARCHAR2,
username IN VARCHAR2 DEFAULT NULL,
password IN VARCHAR2 DEFAULT NULL)
AS
req UTL_HTTP.REQ;
resp UTL_HTTP.RESP;
name VARCHAR2(256);
value VARCHAR2(1024);
data VARCHAR2(255);
my_scheme VARCHAR2(256);
my_realm VARCHAR2(256);
my_proxy BOOLEAN;
cookies UTL_HTTP.COOKIE_TABLE;
secure VARCHAR2(1);
BEGIN
-- When going through a firewall, pass requests through this host.
-- Specify sites inside the firewall that don't need the proxy host.
-- UTL_HTTP.SET_PROXY('proxy.example.com', 'corp.example.com');
-- Ask UTL_HTTP not to raise an exception for 4xx and 5xx status codes,
-- rather than just returning the text of the error page.
UTL_HTTP.SET_RESPONSE_ERROR_CHECK(FALSE);
-- Begin retrieving this Web page.
req := UTL_HTTP.BEGIN_REQUEST(url);
-- Identify yourself.
-- Some sites serve special pages for particular browsers.
UTL_HTTP.SET_HEADER(req, 'User-Agent', 'Mozilla/4.0');
-- Specify user ID and password for pages that require them.
IF (username IS NOT NULL) THEN
UTL_HTTP.SET_AUTHENTICATION(req, username, password, 'Basic', false);
END IF;
-- Start receiving the HTML text.
resp := UTL_HTTP.GET_RESPONSE(req);
-- Show status codes and reason phrase of response.
DBMS_OUTPUT.PUT_LINE('HTTP response status code: ' || resp.status_code);
DBMS_OUTPUT.PUT_LINE
('HTTP response reason phrase: ' || resp.reason_phrase);
-- Look for client-side error and report it.
IF (resp.status_code >= 400) AND (resp.status_code <= 499) THEN
-- Detect whether page is password protected
-- and you didn't supply the right authorization.
IF (resp.status_code = UTL_HTTP.HTTP_UNAUTHORIZED) THEN
UTL_HTTP.GET_AUTHENTICATION(resp, my_scheme, my_realm, my_proxy);
IF (my_proxy) THEN
DBMS_OUTPUT.PUT_LINE('Web proxy server is protected.');
DBMS_OUTPUT.PUT('Please supply the required ' || my_scheme ||
' authentication username/password for realm ' || my_realm ||
' for the proxy server.');
ELSE
DBMS_OUTPUT.PUT_LINE('Please supplied the required ' || my_scheme ||
' authentication username/password for realm ' || my_realm ||
' for the Web page.');
DBMS_OUTPUT.PUT_LINE('Web page ' || url || ' is protected.');
END IF;
ELSE
DBMS_OUTPUT.PUT_LINE('Check the URL.');
END IF;
-- UTL_HTTP.END_RESPONSE(resp);
-- RETURN;
-- Look for server-side error and report it.
ELSIF (resp.status_code >= 500) AND (resp.status_code <= 599) THEN
DBMS_OUTPUT.PUT_LINE('Check if the Web site is up.');
UTL_HTTP.END_RESPONSE(resp);
RETURN;
END IF;
-- HTTP header lines contain information about cookies, character sets,
-- and other data that client and server can use to customize each
-- session.
FOR i IN 1..UTL_HTTP.GET_HEADER_COUNT(resp) LOOP
UTL_HTTP.GET_HEADER(resp, i, name, value);
DBMS_OUTPUT.PUT_LINE(name || ': ' || value);
END LOOP;
-- Read lines until none are left and an exception is raised.
--LOOP
-- UTL_HTTP.READ_LINE(resp, value);
-- DBMS_OUTPUT.PUT_LINE(value);
--END LOOP;
UTL_HTTP.GET_COOKIES(cookies);
dbms_output.put_line('======================================');
FOR i in 1..cookies.count LOOP
IF (cookies(i).secure) THEN
secure := 'Y';
ELSE
secure := 'N';
END IF;
-- INSERT INTO my_cookies
-- VALUES (my_session_id, cookies(i).name, cookies(i).value,
-- cookies(i).domain,
-- cookies(i).expire, cookies(i).path, secure, cookies(i).version);
dbms_output.put_line('site:'||url);
dbms_output.put_line('cookies:');
dbms_output.put_line('name:'||cookies(i).name);
dbms_output.put_line('value:'||cookies(i).value);
dbms_output.put_line('domain:'||cookies(i).domain);
dbms_output.put_line('expire:'||cookies(i).expire);
dbms_output.put_line('path:'||cookies(i).path);
dbms_output.put_line('secure:'||secure);
dbms_output.put_line('version:'||cookies(i).version);
END LOOP;
UTL_HTTP.END_RESPONSE(resp);
EXCEPTION
WHEN UTL_HTTP.END_OF_BODY THEN
UTL_HTTP.END_RESPONSE(resp);
END;
/

I use oracle database enterprise edtion 10.2.0.3. I have already figured out the epg on 10.2.0.3 to support apex 3.2.
And as I described above, the apex site works fine for ip address , and localhost. but the cookie will be blocked by IE6, if I want to access the site by 'http://computername:port/apex/apex_admin'. This problem does not occured in firefox and google browser. Could someone give me answer?

Problem with NFSv4 Domain name

Hi,
I am creating zones for the first time.
I am having problem with the NFSv4 domain name prompt.
I followed the instructions described in
http://opensolaris.org/os/community/zones/faq/#cfg_sysidcfg
After the installation of the zone, on zonepath/root/etc, I created a sysidcfg file and did
touch *.*NFS4inst_state.domain
Booted the zone and logged in to the zone console.
The sysidcfg worked as expected but the NFSv4 prompt didn't go away:
─ NFSv4 Domain Name ────────────────────────────────────────────────────────────
NFS version 4 uses a domain name that is automatically derived from the
system's naming services. The derived domain name is sufficient for most
configurations. In a few cases, mounts that cross domain boundaries might
cause files to appear to be owned by "nobody" due to the lack of a common
domain name.
The current NFSv4 default domain is: "xx.xx.xx"
      NFSv4 Domain Configuration
      ──────────────────────────────────────────────
      [X] Use the NFSv4 domain derived by the system
      [ ] Specify a different NFSv4 domain
────────────────────────────────────────────────────────────────────────────────
    F2_Continue    F6_HelpWhat is missing?
I am running
$ more /etc/release
                       Solaris 10 11/06 s10s_u3wos_10 SPARC
           Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
                        Use is subject to license terms.
                           Assembled 14 November 2006
$Thanks in advance

Hi
Can you please confirm that there is no “Create A records” option under “More Actions” ?

Short root-domain names

Not long ago I posted a problem about login-failures with an IE browser.
We discovered that this happens only when one installs a portal (even 6.1 version) in a domain which has only two or less characters in it's name, ie "aa.nl". Adding a sub-domain ("portals.aa.nl") or changing the domain-name ( "aaa.nl") solves this problem.
Netscape browers are not effected in any way. The problem has something to do with the iPlanet domain cookie being blocked / missed by the browser during a LDAP login attempt.
The problem has been reported to SUN support. We have yet to find a proper solution to this problem.

Hi Amber,
The only way of doing it is having the section "domain_realm" in your krb5.ini:
[domain_realm]
child2.domain.com = CHILD2.DOMAIN.COM
and so on, but Java is case sensitive and you should include all the possible combination that your users type.
As Praveen suggested, if you set up SSO, users won't need to type anything and they will log to InfoView transparently.
Regards,
Julian

2 Separate RDS 2012 R2 Deployments in Same Domain ?

We have a current RDS 2012 R2 deployment. We are changing hosting vendors and want to completely redo the entire deployment (rather than try to migrated the VMs). What is the best way to go about this?
We do want to continue to use the GPO and user files will be migrated. How can we have the prod and dev RDS environments coexisting on the same domain?
Just to clarify, we do not want to use any of the existing infrastructure because it is all going to go away. Thank you!

Hi,
Thank you for posting in Windows Server Forum.
I thinks that good way to start for new environment without any mixing up. Yes, everything can be setup under same domain. For common domain environment,
You can buy one single wildcard certificate with domain name which can be used for all roles. As in domain joined environment, we can use to have them both RDS server use the same RD Gateway. For this we need to enter the same FQDN of working RDG into the Deployment
properties of the second deployment.
There are several other points which need to check, you can refer following article for depth understanding and configuration.
1.Step by Step Windows 2012 R2 Remote Desktop Services – Part 2
2. How To Work with RD Gateway in Windows Server 2012
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support

Applet: problem with cookie encoding for jar request (Firefox - Iplanet)

I have an applet working with a JAR file. When the JVM sends the request to the webserver for the JAR file, it adds to the request the existing domain cookies. However, one of these cookie is encoded, and on Firefox with Iplanet (webserver), it prevents the jar from being downloaded (server returns error 400).
Below the HTTP request (as given by Charles HTTP Proxy) for Firefox and Chrome. We can see that some characters differ for the aria_user_profile cookie.
Not working - FF
GET /LocalPrinting.jar HTTP/1.1
content-type: application/x-java-archive
User-Agent: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_21
Host: nceetvdev58-11.nce.XXXX.net
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Cookie: aria_user_profile={DS?!,!C!"ÍÔaÃæK?9eä|IC¦?!A:i?!?!7æâ!A7!*EÄ!,B¥È!8*0dà!4????ræÐq!6¦M!??"Z²!-!7s
Working - chrome
GET /LocalPrinting.jar HTTP/1.1
accept-encoding: pack200-gzip, gzip
content-type: application/x-java-archive
User-Agent: Mozilla/4.0 (Windows XP 5.1) Java/1.6.0_21
Host: nceetvdev58-11.nce.XXXX.net
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Cookie: aria_user_profile={DÀ?SÆ?!,!C!"ÍÔaÃæK?9eä|IC¦?!A:iÌ¤!?!7æâ!A7!*EÄ!,B¥È!8*0dà!4Ñ????ræÐq!6¦M!??"Z²!-!7sfÍ?-ÏT¤(çf!E
Is there a solution to this, by setting an encoding on the applet tag for instance?

JB.Hurteaux wrote:
Ok, sorry about that. I was planning on reporting the answers from one site to another though (if any :-))I'd generally prefer seeing a second post (or edited post) cross-linking the two.
Does not seem I can edit this one ..No. As soon as I replied to it (the only option to put the link) the original post become not editable. That is to protect the text in the thread - so later replies make sense(1).
That is one thing that is very different between stack overflow and these forums, obviously.
..(your answer will do),.. It gives the message.
..I updated the stackoverflow one.Cool.
1) E.G. If you'd edited the original post to add a link, or mention you were about to cross-post to stack overflow for reasons X/Y/Z, it'd make me look a complete buffoon, wouldn't it? ;-)

BUG: ColdFusion does not handle conflicting cookies correctly

(I have reported this as a bug - I'm posting it here to hopefully save people from having to go through the same process)
If I've got a CF instance on test1.k9.edu, and my cookie jar has CFID/CFToken cookies for both 'test1.k9.edu' and '.k9.edu', CF behaves badly in two ways:
1) A CFDump of COOKIE shows two entries for each of the CFID and CFToken cookies
2) the values are identical, and match the first one set - NOT the most specific - 'test1.k9.edu' should always take precedence, but the CF behavior is that it only takes precedence if the browser got it before the '.k9.edu' value (browser in this case is FireFox 20.0.1)
The net result is... that if I browse to foo.k9.edu and it sets CFID/CFToken cookies at the domain level... and then go to 'test1.k9.edu' which does not set domain cookies... I will not be able to maintain a session (assuming that 'test1' has the latest security fixes) at test1.k9.edu until I scrub my cookies - each request will take the '.k9.edu' values, reject them because they didn't originate locally... and issue new cookies (which will be ignored by the next request... and so on)
This problem is not limited to CFID/CFToken cookies, although this is where the problem is most urgent, as it could be exploited to create a domain-wide denial of service (by effectively blocking session use for all CF instances in the domain)
The test case is very simple (change the domain in this example as appropriate for your installation)
[for this example, all requests go to test1.k9.edu - adjust to match your domain]
first request - run this:
<cfcookie name="test1a" value="domain(domain cookie sent first first)" domain=".k9.edu">
<cfcookie name="test1b" value="no-domain(non-domain cookie sent first)">
second request - run this:
<cfcookie name="test1a" value="no-domain(domain cookie sent first first)">
<cfcookie name="test1b" value="domain(non-domain cookie sent first)" domain=".k9.edu">
third request - run this:
<cfdump var=#cookie#>
===============
My tests were all done with FireFox 20.0.1 with ColdFusion 10 (stand-alone), updater 10 applied. My web server is Apache 2.2. The same problem is seen with CF9.0.2.
The same tests run with Railo 3.3.4 (Tomcat 7) produced correct results (value seen in CFDump results is reliably from the most-specific cookie)

I feel your pain, more so as you are trying to assist in making a product better. I would fire off an email to the top dog, Steve Jobs. As well, Apple should make a habit of trolling the forums here as they are where the real work of fixing and educating Apple customers takes place. I am amazed by the assistance I have had here and try to assist where I can while avoiding anything to make matters worse. Those Top Users just to my right deserve praise and an Apple goodie every now and then. There ought to be a hall of fame too.
< Edited by Host >

Define multiple cookie paths in web-j2ee-engine.xml

Hello,
Is it possible to define more than one path JSESSIONID cookie is sent to? Something like
<web-j2ee-engine>
<cookie-config>
<cookie>
<type>SESSION</type>
<path>/irj;/login</path>
<domain>siemens.de</domain>
</cookie>
</cookie-config>
</web-j2ee-engine>
I want the cookie to be sent to /irj and /login, but not to /b2b.
Another solution could possibly be to change the name of the JSESSIONID cookie. Is that possible?
Thanks for you help,
Elmar

Hi Rüdiger,
I'm not really sure but this could work:
Regards,
Pascal

New neutral domain name, 2 unique different smtp UPN logins?

Here is what I am trying to accomplish:
Merge 2 existing companies into one new Forest with a neutral name mgmt.local
Migrate both company users to their own OU within the new Domain
Have the user log in with their existing smtp address for domains we own e.g., [email protected] or [email protected]
The reason for the UPN is political or rather a branding issue. So in other words we do not want to have a common domain name that both brands see.
The new domain is not created yet so I thought it was a good time to make sure I verify the plan.

Hello,
there is no problems running multiple UPN suffixes together in one domain. That way you could use the described login options.
http://support.microsoft.com/kb/243629/en-us
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter:

Common domain cookie in ADFS3

Similar Messages

Maybe you are looking for