Configure the ADMIN and CLUSTER service connections to be SSL
Can you configure the ADMIN and CLUSTER service connections to be SSL
rather than tcp?
I was wondering about the present or future ability to secure other
connection services with SSL. Can you now or are there future plans
to configure the ADMIN and CLUSTER service connections to be SSL
rather than tcp? I suppose I should add the PORTMAPPER to that list.
My primary interest is for an SSLCLUSTER service in the case where
two brokers are connected over a non-trusted network. It may
not be too difficult to secure all the services the same way, but
perhaps that is on the TODO list.
A related question is if there are plans to add SSL with client
authentication as a stronger authentication mechanism than 'simple'
username and password. I believe you could get the username from
the client certificate's DN and continue to use the same LDAP user
repository for access control. I think this is similar to the way
that BEA's Weblogic server does it.
Finally should it be possible to deploy the HTTP tunnel servlet to
a webserver (such as iPlanet Web Server) configured to do SSL with
client authentication as a work-around to get stronger authentication
with the current release of the product? Or am I perhaps missing some
obvious and important detail? :) I guess I would like to know it's been
done already or is at least possible before I try and do it myself.
3 scenarios involving SSL are:
1: JMS client <------- SSL -------> iMQ broker
2: iMQ admin <------- SSL -------> iMQ broker
3: iMQ broker <------- SSL -------> iMQ broker (i.e clusters)
(1) is currently supported in iMQ 2.0
(2) and (3) is not supported in iMQ 2.0. No concrete plans yet to support
it in the near future but we'll definitely consider doing it if we
hear a lot of demand for it.
]A related question is if there are plans to add SSL with client
]authentication as a stronger authentication mechanism than 'simple'
]username and password. I believe you could get the username from
]the client certificate's DN and continue to use the same LDAP user
]repository for access control. I think this is similar to the way
]that BEA's Weblogic server does it.
This is on our todo list, but due to other more pressing issues we
have not been able to address it. We will continue to keep it
on our potential list of new features.
Sorry if I sound pretty wishy-washy in my responses above, but the fact
is that the things you mentioned above had to take a backseat
to other more critical features. That and the usual time/resource
constraints caused them not to be implemented.
]Finally should it be possible to deploy the HTTP tunnel servlet to
]a webserver (such as iPlanet Web Server) configured to do SSL with
]client authentication as a work-around to get stronger authentication
]with the current release of the product? Or am I perhaps missing some
]obvious and important detail? :) I guess I would like to know it's been
]done already or is at least possible before I try and do it myself.
Yes, this should be possible (although I don't believe we've tried it here).
The client authentication here is really only between the JMS client and the
web server (not between the tunnel servlet and the iMQ broker) and should
be similar in setup to any other java application talking to iPlanet Web
Server.
Similar Messages
-
I disabled and blocked my phone when it was stolen, i have retrieved the phone and restored service. Now when i turned it on it says iphone disabled connect to itunes.. I have and no change, what do i do?
You need to restore the phone in itunes in order to use it again, You will have to put the phone into recovery mode and restore to factory settings http://support.apple.com/kb/ht1808
-
I would appreciate your help on how to configure a gmail in a way it ask for the password everytime I connect?. In the only way I can configure it I have to include the pw when configuring the account and after that it do not ask for pw so everyone that shares my iPad can oppen my mail with no pw required.
ThankThe iPad is designed to be a single user device, and there is currently no way to password protect the Mail app - even removing the account password from Settings > Mail, Contacts, Calendars will just prevent new mail being downloaded, it won't hide those that have already been downloaded. There is this work-around for the app : https://discussions.apple.com/message/13127632#13127632 . Also there might be third-party email apps that feature password protecting.
-
Cisco connect software wants to match the admin password to cisco connect password?
As much as possible i want only one SSID for my router, so i dont want to have another SSID for guest. To protect my router
settings I need to have a different admin password from those of passphrase (i.e. wifi password).
Why is it that cisco connect software wants to match the admin password to cisco connect password?
The cisco connect password is the same as the passphrase. I think its unsafe to have similar passes for both admin password
and passphrase.
Is there any way that cisco connect software would work under different admin password & passphrase?From what I can tell, the router is set up so that it broadcasts two seperate SSID's with two unique passwords. If you logon to the SSID-Guest network, you are not allowed any kind of Admin access to the router. If you attempt to use the Cisco Connect software, you'll eventually get an error saying that it could not find a network (unless there is an unconfigured router running factory defaults in range). I verified this using a Cisco Linksys E4200 and a few laptops.
So long as you utilize the guest network properly, you should be able to maintain security on your network and use Cisco Connect. Obviously this isn't ideal for most commercial use, but then again I don't know why you would want to use this software on that scale.
If you are trying to keep one SSID for the network, I think you're going to have to use the web based service and do a little manual configuration.
TLDR: Seta different password for the guest network and never give out the primary network password. Guests don't have admin access, even while using Cisco Connect so long as they are connected to the -Guest SSID. -
I have tried to update my iOS 7.3.0 and I keep getting a msg saying bit connected to the Internet and I am connected by WiFi plus my phone has Internet connected also, I have repeatedly clicked on retry, still get message bit connected to Internet
Try this support document http://support.apple.com/kb/TS3694 and look at this section.
Unable to contact the iOS software update server gs.apple.com
Error 1004, 1013, 1638, 3194: These errors may be the result of the connection to gs.apple.com being redirected or blocked. Follow these steps to resolve these errors:
Install the latest version of iTunes.
Check security software. Ensure that communication to gs.apple.com is allowed. Follow this article for assistance with security software. iTunes for Windows: Troubleshooting security software issues.
Check the hosts file. The restore will fail if there is an active entry to redirect gs.apple.com. Follow iTunes: Advanced iTunes Store troubleshooting to edit the hosts file or revert to a default hosts file. See section "Blocked by configuration: (Mac OS X/Windows) > Rebuild network information".
Try to restore from another known-good computer and network.
If the errors persist on another computer, the device may need service. -
i tried to activate my iphone. i inserted the my sim card into the iphone and when i connect my iphone to my pc to activate it itunes did not recognize it. please help me.
are you sure thet the sim card is the sim card from the right service provider ? When and where did you bought it ?
-
PI post processing - configure the role of Integration service fails
I am running post processing template, and it keeps failing. So I have a couple questions:
Can I rerun the PI template multiple times until the entire process completes successfully? Must every process complete successfully? I have 100% but it is red....
The process errors out on configure the role of Integration service - error max no of 100 conversation exceeded. SXMB_SET_ROLE_TO_IS AbapConfigurationWriter FAILED.
Any help would be greatly appreciated.
Thanks
MikieHi,
>>>><i>Can I rerun the PI template multiple times until the entire process completes successfully? Must every process complete successfully? I have 100% but it is red....</i>
If one template fails and if you re run the template it wont be successful. If you have 100% but if it is red dont worry it is a success.
The failing of templates can be due to, if you not configured SLD first then it might give you such problems. First execute all the templates under NWA and try executing all the PI templates.
The last method would be that you need do that configuration manually using XI installation guide, it surely works.
Regards,
Ramesh P -
JMS system module between Admin and Cluster
Hi,
In my application, I have JMS servers,queues and Uniform distributed Queue to be assigned to Cluster and some other queues to be assigned to Admin server.
Can I have assign resources for both Cluster and Admin servers in single JMS system module and assign its target to both Cluster and Admin? or Should I create seperate JMS system module for admin and Cluster? Which is best and efficient way? PLease clarify.
Thanks in advance.Hi,
Can I have assign resources for both Cluster and Admin servers in single JMS system module and assign its target to both Cluster and Admin?Yes
Should I create seperate JMS system module for admin and Cluster? Which is best and efficient way?This depends on how much you are going to stress the queue, and your box. This is, you should try to have a queue persistent store that somehow matches what the box can handle. Also keep in mind that local queues tent to be more efficient than remote queues, at the cost of adding cycles to the box where you have your app installed.
Regards,
LG -
How do I find out the admin and password?
I need this ASAP so I can download some music onto my ipod touch. How are you supposed to know what the admin and password are?
the admin and password for what?
If for Apple ID see:
Frequently Asked Questions About Apple ID
If you forgot your screen-lock passcode
Connect the iOS device to your computer and restore via iTunes. Place the iOS device in Recovery Mode if necessary to allow the restore.
If recovery mode does not work try DFU mode.
How to put iPod touch / iPhone into DFU mode « Karthik's scribblings
For how to restore:
iTunes: Restoring iOS software
To restore from backup see:
iOS: How to back up
If you restore from iCloud backup the apps will be automatically downloaded. If you restore from iTunes backup the apps and music have to be in the iTunes library since synced media like apps and music are not included in the backup of the iOS device that iTunes makes.
You can redownload iTunes purchases by:
Downloading past purchases from the App Store, iBookstore, and iTunes Store -
How to configure the sort and port of a SOAP address dynamically
Hi All,
In the wsdl we have the SOAP Address defined but in practice we would like to configure the host and the port. As the server on which the service resides may/will change.
For example:
http://usciq74.wdf.sap.corp:50077/sap/bc/srt/rfc/sap/CPM_PLANNING_HISTORY?sap-client=003
We would like to configure the proxy to point to say:
http://<host>:<port>//sap/bc/srt/rfc/sap/CPM_PLANNING_HISTORY?sap-client=003
What we see in the Proxy Code is:
port.setSOAPAddress(new com.sap.flex.ws.runtime.SOAPAddress("http://usciq74.wdf.sap.corp:50077/sap/bc/srt/rfc/sap/CPM_PLANNING_HISTORY?sap-client=003"));
How could this be achieved.
Please help.Hi Sumit,
Thanks for the quick response. However, I do not want to change the host and the port in the wsdl. I want it to be so, that it will pick the host and port dynamically(as you have mentioned). However, in out case, the web service has the SOAP address hardcoded as <b>http://usciq74.wdf.sap.corp:50077</b>.
We would want to write something as http://host:port and then let it pick the host and port dynamically. How is that possible.
Best Regards,
Debashree. -
I have been trying to share file between my Mac Book Air and PC Laptop.Sometimes my Mac sees the PC and tries to connect but every time the connection fails. It says server may not exisit or network problem. I have apparently no network problem. Thanks for any help you may provide
hi,
somewhere on the windows machineshould be something like "network setup wizard". exactly where it is and what it is called i cannot remember off the top of my head, windows help is actually slightly useful here, it should have a link to it.
all the options checked on the mac are only what services the mac is offering to other machines, they have nothing to do with the services it can access (mostly...).
oh yeah, to actually connect to the pc after you have turned its sharing on, use the finder, or, when it does not show the pc (this happens on and off, possibly a refresh problem apple...) choose go --> connect to server and enter smb://<pc's name or ip>
to find the ip, the easiest way i think is
start --> run --> cmd ->> ipconfig
Andrew
Message was edited by: Andrew Dicker -
i have an iphone 4, i connect it to my laptop using the usb and then when connecting to itunes it says my phone is not up to date with itunes yet i cannot find an update 11.1 for my phones itunes? someone please help me.. kind regards
Itunes 11.1 is for your computer, not your iphone
It is required in order to sync with ios 7. -
Problem - grayed out apple id in app store
I have signed in to my account, I am the admin and my apple id is correct shown in itunes, and other apps except the appstore.
In Appstore, it shows another email id and it is disabled.
Problem
1. I do not know why another email id is visible in my account (we have separate accounts on this laptop , all admins)
2. Why wouldn't it allow me to change the login name and let me get on with my updates!!
Options already looked
1. phone - asked me to go to support blah blah .apple.com
2. internet - i'm here.
3. Applet id - manage on line- all is well there. no need to change anything.
4. other apps with apple id involved - checked and works fine.Do you recognize the ID?
-
I'm not sure how to post a message. I hope this might interest someone. The situation; 3 floors,I am having trouble with an an Airport Extreme, 802.11n on the top floor and a Mac Pro 3.1 on the bottom floor. Not always but often it has trouble seeing the Airport and making a connection. I have an older Airport Express, would it help to install it? would it work best if it was installed in the same room? should it be installed half way in between? Get another Extreme? The Mac Book Pro on the middle floor can see 11 networks in the neighbourhood if that might be causing a problem or would if I installed the Express. Thank for your consideration.
Thanks for your time ... I appologize for the font and colour, I compossed the question in pages and failed to notice the font colour as grey ... there are a variety of computers of various ages so I think it is using a setting that allows both 5G and 2.4 ... the connection to the Airport is thru a cable modem and cable does run throuhout the house ... maybe those hard wires would be a place to look at ... do you think that putting the 'Express' on the second floor might help ... thanks again ...
-
How to configure the runtime and consolidation for a track in CMS.
How to configure the runtime and consolidation for a track in CMS.
I can see the track exists in CMS but the same doesnt pull up in the NWDS in the development configuration perspective.
I compared the given track with the one which gets pulled up in NWDS. Theres something called runtime system and consolidation which isnt defined for the track which is invisible.
Please advise , what are these required for. And how can we configure the same.The runtime systems are defined for a track to setup the Transport path for any code changes....the Consolidation system is usually defined as a Virtual system for the track and used for comparison and fixing any broken or Dirty DC's ....that means it's not used as a Runtime System for Deployment as compared to DEV,QAT and PROD used for Deployment...
Hope it helps..
Regards,
Shikhil
Maybe you are looking for
-
[JS][CS3] Simple dialog box problem
Hi I am wanting to make my script do 1 of 2 things depending on the result of a dialog box. I cannot seem to register the users response. Here is the code: var myDialog = new Window('dialog', 'Confirm Changes'); myDialog.frameLocation = [600,400];
-
Wanted to run a background job in diff app server
i wanted to run a job in diff app server... how can i do it. sap guru
-
The latest iTunes and importing home videos?
The earlier itunes had an import option under file, but the one I just recently downloaded does not. I want to import a video file (and it is in a format itunes would recognize), but I cannot.
-
JDBC thin driver, failUTF8Conv
I browse through JDBC some records from an Oracle 8.1.7 DB with NLS_CHARACTER=EL8ISO8859P7 and greek data. Some records (columns are type varchar2) are displayed ok, but at some other certain records, an exception occurs and I get: "JBO-27022: Failed
-
How to use Javamail for accessing additional mailboxes -IMAP, Exchange 2010
hi, I want to access a shared mailbox (NOT FOLDER) via Javamail API (1.4.5) using IMAP(s) with plain logon. The mailserver is a Exchange Server 2010. User: user1 ([email protected]) pwd: xxxx shared mailbox: [email protected] Properties: mail.imaps