Creating Form Based Authentication

Hi,
When i am creating Form Based Authentication then i am giving in the action field of the login and the scheme as "webgate.dll" but when i am using it then i am getting 403 error for any user.
Can anybody help me

There is a metalink note on how to configure form based auth. Pretty straightforward.
COREid 7.0.4: SettingUp Authentication Scheme in a NutShell
Doc ID: Note:401944.1

Similar Messages

Forms based authentication in sharepoint 2013 using custom membership provider

I am developing FBA for SP2013 using custom membership provider using the following link
http://benredl.wordpress.com/2012/10/03/creating-forms-based-authentication-and-user-profiles-in-sharepoint-2013-using-custom-membership-and-role-providers-and-a-custom-user-profile-synchronization-utility/
the feature i am trying to develop is that the user is created using a homegrown asp.net application which uses sql server
and then When that user goes to SP2013 he should be able to login with the username and password created using the homegrown asp.net application
my questions are following
If I follow the article in the link should i be taking the assembly(dll) and deploying it to GAC or will VS2013 automatically do it
Do I have to implement FindUserByEmail and FindUserByName methods ?
if the connectionstring for an asp.net application is in the web.config file where would the connection for the sqlserver go if this application is for SharePoint
TIA

Hi TIA,
try this it contains the code for you and it is ready
http://sharepoint2013fba.codeplex.com/
Kind Regards, John Naguib Technical Consultant/Architect MCITP, MCPD, MCTS, MCT, TOGAF 9 Foundation

Issue with form based Authentication in three tier sharepoint 2013 environment.

Hi,
We are facing issue with form based Authentication in three tier environment.
We are able to add users to the database and in SharePoint.
But we are not able to login with created users.
In single tier everything working fine
Please help , Its urgent ... Thanks in advance.
Regards,
Hari
Regards, Hari

if the environments match, then it sounds like a kerberos double-hop issue
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

Faces context not found (Form based authentication)

<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/jsp/WorkingZone.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/Login/login.jsp</form-login-page>
<form-error-page>/Login/error.jsp</form-error-page>
</form-login-config>
</login-config>
when i tried to login with valid user the the url shows
http://localhost:8080/FormAuth/jsp/WorkingZone.jsp
how to append faces context automatically.
I am not finding for this faces context.
Plz suggest me a solution soon.
Thanks
Raghavendra Pattar

The FacesContext is created by FacesServlet which is
definied in the web.xml with an url-pattern.
If you just follow the url-pattern of this
FacesServlet, usually /faces/ or *.faces, or *.jsf,
then the FacesContext will be created.Hi balu,
this is the web.xml that i am using
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<context-param>
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
    <param-value>server</param-value>
</context-param>
<context-param>
    <param-name>javax.faces.CONFIG_FILES</param-name>
    <param-value>/WEB-INF/navigation.xml,/WEB-INF/managed-beans.xml</param-value>
</context-param>
<context-param>
    <param-name>com.sun.faces.validateXml</param-name>
    <param-value>true</param-value>
</context-param>
<context-param>
    <param-name>com.sun.faces.verifyObjects</param-name>
    <param-value>false</param-value>
</context-param>
<filter>
    <filter-name>UploadFilter</filter-name>
    <filter-class>com.sun.rave.web.ui.util.UploadFilter</filter-class>
    <init-param>
      <description>
          The maximum allowed upload size in bytes. If this is set
          to a negative value, there is no maximum. The default
          value is 1000000.
        </description>
      <param-name>maxSize</param-name>
      <param-value>1000000</param-value>
    </init-param>
    <init-param>
      <description>
          The size (in bytes) of an uploaded file which, if it is
          exceeded, will cause the file to be written directly to
          disk instead of stored in memory. Files smaller than or
          equal to this size will be stored in memory. The default
          value is 4096.
        </description>
      <param-name>sizeThreshold</param-name>
      <param-value>4096</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>UploadFilter</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet>
    <servlet-name>ThemeServlet</servlet-name>
    <servlet-class>com.sun.rave.web.ui.theme.ThemeServlet</servlet-class>
</servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
    <servlet-name>ThemeServlet</servlet-name>
    <url-pattern>/theme/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
    <welcome-file></welcome-file>
     </welcome-file-list>
<jsp-config>
    <jsp-property-group>
      <url-pattern>*.jspf</url-pattern>
      <is-xml>true</is-xml>
    </jsp-property-group>
</jsp-config>
<security-constraint>
    <display-name>Example Security Constraint</display-name>
    <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <url-pattern>/secure/*</url-pattern>
        <http-method>GET</http-method>
      <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>manager</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>Example Form-Based Authentication Area</realm-name>
    <form-login-config>
      <form-login-page>/Login/login.jsp</form-login-page>
      <form-error-page>/Login/error.jsp</form-error-page>
    </form-login-config>
</login-config>

<security-role>
    <role-name>manager</role-name>
</security-role>
</web-app>1)My requirement is Login page should be the first page
If enter the valid user and password
then i will get directory structure
when i click the secured JSF page inside secure
i got this URL
http://localhost/secure/WorkingZone.jsp
obiviously /faces is missing
and i am getting faces context not found.
If u need further clarification i will send u..
Plz reply me...

Form Based Authentication in SharePoint 2013: Getting The remote server returned an error: (500) Internal Server Error

Hi
I configured forms based authentication mode in Sharepoint 2013 site. When i tried to log in with windows authentication prompt it throws the following error
The remote server returned an error: (500) Internal Server Error
[WebException: The remote server returned an error: (500) Internal Server Error.] System.Net.HttpWebRequest.GetResponse() +8548300 System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +111 [ProtocolException:
The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+msbin1). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first
1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
How to fix this issue?
Regards,
Siva

Did you create a new web application or modify an existing web application?
I would start by checking the ULS logs, maybe there is an incorrect setting within one of the web.config files, or SQL permissions.
Also, as suggested above, check application pools are running.
This blog post is a great guide for setting up FBA, check it through to make sure you haven't missed any steps:
http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx

Big problem :anything is accepted by form-based authentication on Jboss

Hi there
I'm new to form-based authentication. I've been stuck on this problem for one and a half day. I set up the form-based authentication(with JDBC realm) on JBoss 3.2/Tomcat 5.0. When I visit the protected area, it did ask me for password. But it accepts whatever I input and forwards the desired page, even when I input nothing and just click on submit, it allows me to go through. No error message at all. I am in desperate need for help.
Here is my configuration. The web.xml is like this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>LoginTest</display-name>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Manager security role</description>
<role-name>manager</role-name>
</security-role>
</web-app>
I also add the following JDBC realm definition into the server.xml which is under jboss/server/default/deploy/jbossweb-tomcat50.sar
<Realm
className="org.apache.catalina.realm.JDBCRealm" debug="1"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://myipdadress:3306/field_bak"
connectionName="plankton"
connectionPassword="plankton"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name"
/>
The JDBC realm is enclosed by the <engine> element. I checked the server log file, when the jboss server is started, it does load the mysql driver correctly and connect to mysql database fine. If I changed the IP of the mysql server to a non-existing one, then when I start jboss server, the server boot process will complain about connection to mysql faiure.
I guess maybe the server doesn't do the authentication by connecting to mysql and verify it when I submit the log in form. It seems the JDBC realm authentication is bypassed. I notice that even I get rid of the JDBC realm definition from the server.xml file, and test the web application. It behaves exactly the same way. It asks me for password but anything will go through even nothing.
Can anybody help me about this? I'm really stuck on this.
Thanks a lot!

By the way, I did create database"field_bak" and the tables for the JDBC realm verification.
I also created the users and the roles.
But it seems like Tomcat container doesn't do the JDBC realm authentication.

FORM based Authentication issue on Sun ONE AS7

I am trying to use FORM based authentication for a web module I created, and can not get it to work. I have registered the roles through the admin console of the server, and adjusted the web.xml. When I try to use BASIC authentication, I get a 'Authentication refused for []' message before I even log in, and another one after I do. When I use FORM authentication, the URL points to my login.jsp page (no matter what I put in the path, which is what is supposed to happen), however my default servlet (hello.java) is actually run, and the login.jsp page never comes up. I created my jsps and servlet in the mounted [ejb]_WebModule. Please let me know if something seems incorrect here, or if you can think of something I should check...I can't find anything out there to help me.
Here is my web.xml:
<web-app>
<display-name>DiningGuideManager_TestApp</display-name>
<servlet>
<servlet-name>front</servlet-name>
<servlet-class>data.DiningGuideManager_WebModule.hello</servlet-class>
</servlet>
<servlet>
<servlet-name>myPage</servlet-name>
<jsp-file>/myPage.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>front</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Security</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Me</role-name>
<role-name>EveryoneElse</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>Me</role-name>
</security-role>
<security-role>
<role-name>EveryoneElse</role-name>
</security-role>
<ejb-ref>
<ejb-ref-name>ejb/TestedEJB</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>data.DiningGuideManagerHome</home>
<remote>data.DiningGuideManager</remote>
<ejb-link>DiningGuideManager</ejb-link>
</ejb-ref>
</web-app>
for FORM authentication I have this:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Thanks,
Michelle

Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/test/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/test/secure/loginpage.jsp</form-login-page>
<form-error-page>/test/secure/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
"Authentication Mechanism FORM".
Hope that makes more sense.
I've tried restarting tomcat but it makes no difference.

Error in form based authentication

Hi all,
i want 2 implement form based authentication to a dummy resource in iis.
first i created authentication as
Challenge Method Form
Challenge Parameter passthrough: no
creds: usernamevar passwordvar
action: /access/oblix/apps/webgate/bin/webgate.dll
form: /public/login.html
SSL Required No
Challenge Redirect
Enabled Yes
and configured a policy domain for a dummy resource test.html with form authentication schema. i kept that in a folder 'access' which was placed in iis. i mentioned the action attribute to '/access/test.html' in login.html through which i want to do authentication.
but when i am accessing http://*...*/test.html
i am getting http 404 error.
can anyone help me.
Thank you

Hi,
thanks for ur response. i make some changes to my configuration which was given in previous post. now i configured as follows:
i kept my test.html and login.html in the iis root folder. and i defined my policy as follows:
Name : form (policy name)
Enabled : Yes
Resource Resource Type :http
URL Prefix : /test.html
Description
Authorization Rules Name ---- Form authorization
Description ---
Enabled --- Yes
Allow takes precedence ----Yes
Allow Access Role---- Any one
Default Rules
Authentication Rule
name of the authentication: policy form authentication
Authentication Scheme : Form authentication -----------------which was created in Access system console
Authorization Expression
Expression : Form authorization
Duplicate Actions: No policy defined for this Authorization Expression. The Access System level default policy for dealing with duplicate action headers will be employed.
Audit Rule
There is no Audit Rule defined.
Policy Name : form policy
Description :
Resource Type: http
Resource Operation(s) : POST
GET
Resource : all
Authentication Rule
policy auth. rule
Authentication Scheme Form authentication
Authorization Expression
There is no Authorization Expression defined.
Audit Rule
There is no Audit Rule defined.
Delegated Access Admins Delegate Rights
People Administrator
Grant Rights
There are no Delegated Access Admins with this right.
Basic Rights
There are no Delegated Access Admins with this right.
and i also created login.html with a method 'post' and pointed out the action to '/access/oblix/apps/webgate/bin/webgate.dll' . i placed it in IIS root folder.
now my auth. schema is as follows.
form: /login.html action:/access/oblix/apps/webgate/bin/webgate.dll passthrough: no creds: usernamevar passwordvar (which are names of fields in login.html)
and the plugin mapping is as follows:
credential_mapping:obMappingBase="cn=users,dc=orademo,dc=com", obMappingFilter="(&(&(objectclass=User)(sAMAccountName=%usernamevar%) )(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)) )"
validate_password: obCredentialPassword="passwordvar"
so when i am accessing http://<hostname>/test.html
it is giving popup window like basic auth. schema. i am not getting my login page. and in that even i am logging as admin . it is saying unauthorized user.
please help me how to configure it.
Edited by: new2idm on Feb 17, 2010 9:19 PM
Edited by: new2idm on Feb 17, 2010 9:19 PM

Form based authentication -- control URGENT PLS.

I am following Form based authentication. I have a login page. I have specified the security constraints in the web.xml.
I would like to know after the execution of login where will the controller go to?? will it go the controller servlet, followed by an action class??
For any typical event (such as create customer)---the following has been the flow:
controller servlet--> createAction-->createUserBD (business delegate) --> customerManagerEJB --> customerDAO;
Now in case of login..
After the execution of login (authentication is by form based authentication ) where will the controll go to?
My requirement is to store the logged in userID details in Stateful Session bean. how will the flow look like?

If the access is through a web invocation, control will go to whichever portion of the web app triggered
the security constraint. The ejb has no knowledge of the authentication. If you want to provide the
login details to the ejb you'll have to explicitly pass them from the web tier.
--ken

Updating password for Form Based authentication database using code

Hi,
We have created FBA(Form Based authentication) for SP2010. We are storing all the usernames and Passwords in FBA database. If any user changes their password needs to be save in FBA Database with latest password.
can any one suggest me how to do this one.....
Thanks....

https://msdn.microsoft.com/en-us/library/system.web.security.membershipprovider.changepassword(v=vs.110).aspx
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

Session expired message in form based authentication

Hi, i m using JAAS form based authentication on jboss for our application and we want session expired message to show in the login form when it loads for authentication after session expired.
do any one have any idea how to achive this as the application will never be able to detect that the session expired as it will always have a valid session available becoz ,When an HTTP session expires and the client makes a request to any secured resource, the JAAS subject will not be found for authorization. At this point, the security framework creates a new HTTP session, stores the target URL value in the session, and then redirects the user to the login page. After a successful login process, the user is forwarded back to the target page,
but our Web applications may need to capture these session expiration events and show some custom message to the user.
HTTP session listener doesn't work here as HTTP session listener does not allow you to create a new session.
Thanks in advance

ObSSOCookie does have session time data. Access Manager SDK can parse the cookie and can access it's own settings for max and idle session time.
Trick is, once the user is logged out, the cookie is destroyed. I suspect there is no real practical way to do this.
I have pondered the idea that you could use AJAX to communicate with a service that uses the SDK to return data about current session state - "You have 40 seconds left to get your form filled out, buddy! 39, 38, 37..."
Oh to have that much free time... ;)
Mark

Performing form based authentication with entities

Hey everyone,
Im in a major dilemma.Im trying to perform form-based authentication using entities.I have created the entity class from the database,and I used a SLSB to access the bean method via JNDI(when I tried using dependency injection,there was an exception).I also cannot use hibernate as a persistent provider.I used toplink since it is the default in netbeans 5.5.1 and it did not raise any issues.But then,I noticed that toplink is most compatible with the oracle application server,and I use sun java system application server 9.1.I have not been able to successfully perform the authentication.
here's the code:note,there are still bugs as ive been going back and forth trying to find a solution and also because Ive been working with preexisting code.
model:
SLSB
* userValidationBean.java
* Created on 26 March 2008, 18:25
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import javax.ejb.Stateless;
import javax.ejb.Remote;
import java.util.List;
import javax.persistence.PersistenceContext;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import Entities.UserTable;
import javax.transaction.UserTransaction;
import javax.annotation.Resource;
//the reason for the many comments is that im still debugging and there are still some bugs.Ive also been trying to go back and forth just
//to get a solution.
//the other accompanying classes had preexisting code i wrote earlier.
* @author Ayo
@Stateless
@Remote(userValidationRemote.class)
public class userValidationBean implements Entities.userValidationRemote {
@PersistenceContext private EntityManager manager;
@Resource private javax.transaction.UserTransaction tran;
/** Creates a new instance of userValidationBean */
public userValidationBean() {
//"SELECT u.username,u.password FROM UserTable u WHERE u.username =?1 and u.password=?2"
public boolean checkUser()
try
tran.begin();
UserTable user=new UserTable();
Query query=manager.createQuery("select u.username,u.password from u.user_table where u.username=:username and u.password=:password");
/*query.set("username",user.getUsername());
query.setParameter("password",user.getPassword());*/
query.setParameter("username",user.getUsername());
query.setParameter("password",user.getPassword());
userValidationBean ubean=(userValidationBean)query.getSingleResult();
boolean result=ubean==null?true:false;
tran.commit();
catch(Exception e)
System.out.println("Error:"+e);
// boolean result=ubean==null?true:false;
return result;
remote interface
package Entities;
import javax.ejb.Remote;
import Entities.UserTable;
* This is the business interface for userValidation enterprise bean.
@Remote
public interface userValidationRemote {
public boolean checkUser();
controller:servlet
* userCheck.java
* Created on 15 March 2008, 22:41
package servlets;
import Entities.UserTable;
import Entities.userValidationBean;
import javax.annotation.*;
import Entities.userValidationRemote;
import java.io.*;
import java.net.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.ejb.*;
import javax.naming.*;
import javax.persistence.*;
* @author Ayo
* @version
public class userCheck extends HttpServlet {
//@EJB userValidationRemote userRemote;
boolean checkUser;
String username,password;
/** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*con=null;
ps=null;
rs=null;
s=null;
*/response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
username=request.getParameter("username");
password=request.getParameter("password");
if(username==""||password=="")
//RequestDispatcher de=request.getRequestDispatcher("admin_error.jsp");
//de.forward(request,response);
//showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Context ctx=new InitialContext();
userValidationRemote userRemote=(userValidationRemote)ctx.lookup("Entities.userValidationRemote");
checkUser= userRemote.checkUser();
//checkUser= userRemote.checkUser();
//return;
//checkUser(UserTable user);
catch(Exception e)
out.println("Error:"+e);
//userValidation.checkUser(UserTable user);
if(checkUser==true)
RequestDispatcher d=request.getRequestDispatcher("blah.jsp");
d.forward(request,response);
else if(checkUser==false)
// RequestDispatcher d=request.getRequestDispatcher("admin_error.jsp");
//d.forward(request,response);
showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
//call bean(stateless or stateful)which access method on entity that validates.
// checkUser(request,response);
/* TODO output your page here
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet userCheck</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Servlet userCheck at " + request.getContextPath () + "</h1>");
out.println("</body>");
out.println("</html>");
//out.close();
/* public synchronized void checkUser(HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
if(username==""&&password=="")
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select username,password from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
user=rs.getString(1);
pass=rs.getString(2);
//check user type,wether super admin,user or the other subadmins or a regular user.
checkType(request,response);
else
//redirect to admin error page,then close the connection.
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
con.close();
catch(Exception e)
private synchronized void checkType(HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select user_type,user_id,access_level from user_table where username=? and password=?");
ps.setString(1,user);
ps.setString(2,pass);
rs=ps.executeQuery();
if(rs.next())
user_type=rs.getString(1);
user_id=""+rs.getInt(2);
access_level=rs.getString(3);
if(user_type.equals("super")&&(access_level.equals("all")))
//create admin user session,add to the username and the user_id.
//redirect to super admin page,with access rights to create
//health admin,insurance admin and HMO admin.
//pretty cool stuff!
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_user_page.jsp");
dispatcher.forward(request,response);
//session.setAttribute(user_id);
//remember to create a hidden field if you need to pass this information
//to another page and retrieve the super admin id to track his activities.
else if(user_type.equals("health administrator")&&(access_level.equals("Health")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher des=request.getRequestDispatcher("health_admin_user_page.jsp");
des.forward(request,response);
//check for other user types,health admin,hmo admin and insurance admin.
else if(user_type.equals("hmo administrator")&&(access_level.equals("HMO")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher d=request.getRequestDispatcher("hmo_admin_user_page.jsp");
d.forward(request,response);
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else if(user_type.equals("insurance administrator")&&(access_level.equals("insurance")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher de=request.getRequestDispatcher("insurance_admin_user_page.jsp");
de.forward(request,response);
else if(user_type.equals("user")&&(access_level.equals("health")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from health_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from health staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
//redirect to user page.
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else if(user_type.equals("user")&&(access_level.equals("HMO")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from hmo_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from HMO staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else if(user_type.equals("user")&&(access_level.equals("insurance")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from insurance_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from insurance staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else
//invalid login details.After all else fails.
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
private void showError(String errorMsg,HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
request.setAttribute("error_msg",errorMsg);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_error.jsp");
dispatcher.forward(request,response);
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/** Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Returns a short description of the servlet.
public String getServletInfo() {
return "Short description";
// </editor-fold>
view
<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
<style type="text/css">

</style>
</head>
<body>
<table width="564" border="0" align="center">
<tr>
<td width="558" bgcolor="#CCCCCC" class="style1"><div align="center">
<p> </p>
<h1 class="style7">Welcome to HealthPort</h1>
<p>HealthPort Login</p>
<p><span class="style8">Today's date is:<%= new java.util.Date() %></span></p>
<form id="form1" name="form1" method="post" action="userCheck">
<p align="right" class="style3">Username
<label></label>
<input type="text" name="username" id="username" />
</p>
<p align="right" class="style3">Password
<input type="password" name="password" id="password" />
</p>
<p align="right" class="style3">
<span class="style6">
<label></label>
<label></label>
</span>
<span class="style5">
<label></label>
</span>
<label>
<input type="submit" name="button" id="button" value="Login" />
</label>
</p>
<div align="right">
</div></form>
<div align="right"><div align="left"><p align="right"> </p>
</div></div></div></td>
</tr>
<tr>
<td bgcolor="#CCCCCC" class="style1"> </td>
</tr>
</table>
</body>
</html>
so,that's about it.I'd appreciate it.I know this is a lot.I'm grateful
Ayo.

Hi.Im still having issues trying to perform form based authenticatin with entities.I tried this method but im getting errors on the marked lines.
controller servlet
* userCheck.java
* Created on 15 March 2008, 22:41
package servlets;
import Entities.UserTable;
import Entities.userValidationBean;
import javax.annotation.*;
import Entities.userValidationRemote;
import java.io.*;
import java.net.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.ejb.*;
import javax.naming.*;
import javax.persistence.*;
* @author Ayo
* @version
public class userCheck extends HttpServlet {
//@EJB userValidationRemote userRemote;
boolean checkUser;
String username,password;
/** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*con=null;
ps=null;
rs=null;
s=null;
*/response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
username=request.getParameter("username");
password=request.getParameter("password");
if(username==""||password=="")
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Context ctx=new InitialContext();
userValidationRemote userRemote=(userValidationRemote)ctx.lookup("Entities.userValidationRemote");
(error on this line-saying ')' expected and no matter if i add ) there is still erro)userRemote.authenticate(String p_user,String p_password);
catch(Exception e)
out.println("Error:"+e);
if(checkUser==true)
RequestDispatcher d=request.getRequestDispatcher("blah.jsp");
d.forward(request,response);
else if(checkUser==false)
showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
private void showError(String errorMsg,HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
request.setAttribute("error_msg",errorMsg);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_error.jsp");
dispatcher.forward(request,response);
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/** Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Returns a short description of the servlet.
public String getServletInfo() {
return "Short description";
// </editor-fold>
view
<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
<style type="text/css">

</style>
</head>
<body>
<table width="564" border="0" align="center">
<tr>
<td width="558" bgcolor="#9DACBF" class="style1"><div align="center">
<p> </p>
<h1 class="style7">Welcome to HealthPort</h1>
<p>HealthPort Login</p>
<p><span class="style8">Today's date is:<%= new java.util.Date() %></span></p>
<form id="form1" name="form1" method="post" action="userCheck">
<p align="right" class="style3">Username
<label></label>
<input type="text" name="username" id="username" />
</p>
<p align="right" class="style3">Password
<input type="password" name="password" id="password" />
</p>
<p align="right" class="style3">
<span class="style6">
<label></label>
<label></label>
</span>
<span class="style5">
<label></label>
</span>
<label>
<input type="submit" name="button" id="button" value="Login" />
</label>
</p>
<div align="right">
</div></form>
<div align="right"><div align="left"><p align="right"> </p>
</div></div></div></td>
</tr>
<tr>
<td bgcolor="#CCCCCC" class="style1"> </td>
</tr>
</table>
</body>
</html>
SLSB (implements userValidationRemote)
* userValidationBean.java
* Created on 26 March 2008, 18:25
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import javax.ejb.Stateless;
import javax.ejb.Remote;
import javax.persistence.PersistenceContext;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import Entities.UserTable;
import javax.annotation.*;
//import javax.transaction.UserTransaction;
* @author Ayo
@Stateless(mappedName="ejb/facade/userValidationBean")
@Remote(userValidationRemote.class)
(error on this line saying can't find class TransactionManagement)@TransactionManagement(value=TransactionManagementType.CONTAINER)
public class userValidationBean implements Entities.userValidationRemote {
@PersistenceContext(unitName="HealthInsuranceApp-ejbPU") private EntityManager manager;
/** Creates a new instance of userValidationBean */
public userValidationBean() {
//"SELECT u.username,u.password FROM UserTable u WHERE u.username =?1 and u.password=?2"
public boolean authenticate(String p_user,String p_password)
UserTable m_user=manager.find(UserTable.class,p_user);
if(m_user!=null)
return m_user.getPassword().equals(p_password);
return false;
Entity
* UserTable.java
* Created on 29 March 2008, 13:24
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import java.io.Serializable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
* Entity class UserTable
* @author Ayo
@Entity(name="qs_UserPwd")
@Table(name = "user_table")
public class UserTable implements Serializable {
@Id
@Column(name = "user_id", nullable = false)
private Integer userId;
@Column(name = "username")
private String username;
@Column(name = "password")
private String password;
@Column(name = "user_type")
private String userType;
@Column(name = "access_level")
private String accessLevel;
@Column(name = "staff_id")
private Integer staffId;
@Column(name = "staff_type", nullable = false)
private String staffType;
@Column(name = "time_created")
private String timeCreated;
@Column(name = "time_modified")
private String timeModified;
@Column(name = "time_logged_in")
private String timeLoggedIn;
@Column(name = "time_logged_out")
private String timeLoggedOut;
@Column(name = "created_by")
private String createdBy;
/** Creates a new instance of UserTable */
public UserTable() {
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
public UserTable(Integer userId) {
this.userId = userId;
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
* @param staffType the staffType of the UserTable
public UserTable(Integer userId, String staffType) {
this.userId = userId;
this.staffType = staffType;
public UserTable(String p_user,String p_password)
setUsername(p_user);
setPassword(p_password);
* Gets the userId of this UserTable.
* @return the userId
public Integer getUserId() {
return this.userId;
* Sets the userId of this UserTable to the specified value.
* @param userId the new userId
public void setUserId(Integer userId) {
this.userId = userId;
* Gets the username of this UserTable.
* @return the username
public String getUsername() {
return this.username;
* Sets the username of this UserTable to the specified value.
* @param username the new username
public void setUsername(String p_user) {
p_user = username;
* Gets the password of this UserTable.
* @return the password
public String getPassword() {
return this.password;
* Sets the password of this UserTable to the specified value.
* @param password the new password
public void setPassword(String p_password) {
p_password=password;
* Gets the userType of this UserTable.
* @return the userType
public String getUserType() {
return this.userType;
* Sets the userType of this UserTable to the specified value.
* @param userType the new userType
public void setUserType(String userType) {
this.userType = userType;
* Gets the accessLevel of this UserTable.
* @return the accessLevel
public String getAccessLevel() {
return this.accessLevel;
* Sets the accessLevel of this UserTable to the specified value.
* @param accessLevel the new accessLevel
public void setAccessLevel(String accessLevel) {
this.accessLevel = accessLevel;
* Gets the staffId of this UserTable.
* @return the staffId
public Integer getStaffId() {
return this.staffId;
* Sets the staffId of this UserTable to the specified value.
* @param staffId the new staffId
public void setStaffId(Integer staffId) {
this.staffId = staffId;
* Gets the staffType of this UserTable.
* @return the staffType
public String getStaffType() {
return this.staffType;
* Sets the staffType of this UserTable to the specified value.
* @param staffType the new staffType
public void setStaffType(String staffType) {
this.staffType = staffType;
* Gets the timeCreated of this UserTable.
* @return the timeCreated
public String getTimeCreated() {
return this.timeCreated;
* Sets the timeCreated of this UserTable to the specified value.
* @param timeCreated the new timeCreated
public void setTimeCreated(String timeCreated) {
this.timeCreated = timeCreated;
* Gets the timeModified of this UserTable.
* @return the timeModified
public String getTimeModified() {
return this.timeModified;
* Sets the timeModified of this UserTable to the specified value.
* @param timeModified the new timeModified
public void setTimeModified(String timeModified) {
this.timeModified = timeModified;
* Gets the timeLoggedIn of this UserTable.
* @return the timeLoggedIn
public String getTimeLoggedIn() {
return this.timeLoggedIn;
* Sets the timeLoggedIn of this UserTable to the specified value.
* @param timeLoggedIn the new timeLoggedIn
public void setTimeLoggedIn(String timeLoggedIn) {
this.timeLoggedIn = timeLoggedIn;
* Gets the timeLoggedOut of this UserTable.
* @return the timeLoggedOut
public String getTimeLoggedOut() {
return this.timeLoggedOut;
* Sets the timeLoggedOut of this UserTable to the specified value.
* @param timeLoggedOut the new timeLoggedOut
public void setTimeLoggedOut(String timeLoggedOut) {
this.timeLoggedOut = timeLoggedOut;
* Gets the createdBy of this UserTable.
* @return the createdBy
public String getCreatedBy() {
return this.createdBy;
* Sets the createdBy of this UserTable to the specified value.
* @param createdBy the new createdBy
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
* Returns a hash code value for the object. This implementation computes
* a hash code value based on the id fields in this object.
* @return a hash code value for this object.
@Override
public int hashCode() {
int hash = 0;
hash += (this.userId != null ? this.userId.hashCode() : 0);
return hash;
* Determines whether another object is equal to this UserTable. The result is
* <code>true</code> if and only if the argument is not null and is a UserTable object that
* has the same id field values as this object.
* @param object the reference object with which to compare
* @return <code>true</code> if this object is the same as the argument;
* <code>false</code> otherwise.
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof UserTable)) {
return false;
UserTable other = (UserTable)object;
if (this.userId != other.userId && (this.userId == null || !this.userId.equals(other.userId))) return false;
return true;
* Returns a string representation of the object. This implementation constructs
* that representation based on the id fields.
* @return a string representation of the object.
@Override
public String toString() {
return "Entities.UserTable[userId=" + userId + "]";
please what do I do? or is there a better way? seems like my appserver(sun java system app server 9.1)doesnt support dependency injection as
there's always an exception in the server log when i try it.i use the default transaction provider toplink because use of any of the others raises an exception and my application index page never shows. please i need help? I want to be able to succesfully perform this authentication as its the only way i can move to the next level
Ayo.

FORM based authentication

Hi,
I'm using Oracle JDeveloper 9.0.3 with the embedded oc4j. I have configured for simple FORM based authentication by storing username/password in the principals.xml file.
I am presented with the login form correctly when I try to access a protected resource, but my username/password is always rejected (I'm redirected to the error page after trying to log-in). Can someone pls help??
The relevant portions of the contents of the deployment descriptor files that I'm using:
principals.xml
<principals>
<groups>
<group name="securegroup">
<description>secureusers</description>
</group>
</groups>
<users>
<user username="testuser" password="test">
<description>test user </description>
<group-membership group="securegroup" />
</user>
</users>
</principals>
web.xml
<web-app>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>

<url-pattern>*</url-pattern>

</web-resource-collection>
<auth-constraint>

<role-name>role1</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>login.jsp</form-login-page>
<form-error-page>error.jsp</form-error-page>
</form-login-config>
</login-config>

<security-role>
<role-name>role1</role-name>
</security-role>
</web-app>
orion-application.xml
<orion-application>
<security-role-mapping name="role1">
<group name="securegroup" />
</security-role-mapping>
</orion-application>
application.xml (stored in my D:\JDeveloper\jdev\MyProj\MyProject\WEB-INF\src\META-INF folder)
<?xml version = '1.0' encoding = 'windows-1252'?>
<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.2//EN" "http://java.sun.com/j2ee/dtds/application_1_2.dtd">
<application>
<security-role-mapping name="role1">
<group name="securegroup" />
</security-role-mapping>
</application>

REPOST
<br><br>
Keywords: form-login, principals.xml, embedded OC4J, authentication
<p>
Please see http://forums.oracle.com/forums/message.jsp?id=1266989
<p>
The provided link does not work.<br><br>
In the application.xml of the OC4j config folder I have comemnted out the: <br> <jazn provider="XML" location="./jazn-data.xml"/>
and added my roles mappings from web.xml :<br>
     <security-role-mapping name="OES_admin">
          <group name="administrators"/>
     </security-role-mapping>
<p>
plus in proncipals.xml have created an entry for my test user:<p>
          <user username="testusr" password="test">
               <description>Just me</description>
               <group-membership group="users" />
               <group-membership group="guests" />
               <group-membership group="administrators" />
          </user>
<p>
And still cannot run Form-authentication from inside jdeveloper .... authentication runs fine when the app is deployed to Tomcat5
<p>
Help Please, I'm using jdev 10.1.2.0
Message was edited by:
omar71

Forms Based Authentication in Project Server 2013

Hi,
I have created a PWA web app with SQL Forms Based Authentication. I am able to login and able to see the Project Center page.
But the Project Center Web Part is not getting displayed. Also facing the same issue while
Enterprise Custom Fields and Look up page,
the page is blank
When user tries to edit user in Manage Users page under Security, that page is also blank
Projects ribbon doesn't show up
User not able to create projects
Kindly provide some pointers for the same.
Thanks & regards,
Divyang Agrawal

Hi Kirtesh,
Thanks for the response.
The issue here is not related to hardware, but it is regarding the user not having appropriate rights to do the above mentioned operations.
Are there few more steps that are required for the FBA, where a user needs to be given access rights explicitly.
The users I have used for now have been added to administrator's group and have full rights on the system.
Also, when I try to create a Project in the instance using the CSOM code and passing the user's credentials who is a part of Administrator Group., it gives me a 403 forbidden exception.
Kindly provide some inputs for the same.
Regards,
Divyang Agrawal

Reset Password In Form Based Authentication "OIM - OAM Integration" SSO

Hi All
I want to give Password Reset Option in the Form Based Authentication page for OIM-OAM SSO Application, could you please help me in that??
my SSO is working with OIM 9.1.0.2BP06 with OAM 10.1.4.2.0, and i have created Simple Form in html, for the Authnetication, Now i want Password Reset Button on Form, and will have to reset through LDAP
TA

Provide the OIM links for registration and forgot password.
If your OAM has a user store(LDAP) where OIM is provisioning, your changes will be reflected in OAM
Hope this helps,
Sagar

Creating Form Based Authentication

Similar Messages

Maybe you are looking for