Customer login problem

Customer account [email protected] has used the password reset and does get the emails but the passwords do not work. Had customer delete all cookies and files, shutdown all browsers and restart, still could not get in. Please email him when his account is fixed.
Kirsten Maier Oracle HUB

Kirsten,
We have resolved the issue for this user and contacted them separately.
OTN

Similar Messages

  • Problem with role mapping in custom login module

    Hi all,
    I have developed custom login modules. They don't use the default user store but own data tables holding the necessary user information.
    Login works fine. But there is one big problem: Only those users that exist with the same user-id in the default user store get roles assigned to it. Whicht leads to 403-errors in my web application.
    Now, this is weired because a user with id 'Susi' has completely different passwords in my custom tables and in the user store, therefore it shouldn't be possible to authenticate 'Susi' against the default user management.
    Next thing is, I don't use the default login modules at all. So why does the application validates against the user store?
    I thought a source of the  problem might be that I don't set the roles correctly. I set the roles as a principal to the subject. I have chosen the role based mapping  in the web-engine.xml and mapped all my custom roles to the server role 'guests'.
    Could anybody think of a solution to this problem ?
    Thanks,  Astrid

    Astrid,
    Sorry to go off-topic on your post...but I have a question in relation to how you deploy your login module. Do you deploy the login module with your application ? I've developed a login module that I would like to deploy by itself, I currently deploy it with the calculator example and it works fine like this, but I need to deploy it by itself. Any tips you can give would be greatly appreciated.
    I've tried to use the deploytool and deploy the module as a library...but I get a "cannot  load a login module" in the logs when authenticating a user.

  • Problems with custom login module/authscheme in Portal iViews

    Hi,
    In our portal users must login with their username and password ("ticket" login module stack) to access most of the content. For some of the iViews containing confidential data we would like to ask the users some personal questions before giving them access.
    I followed all the steps described in the [official documentation |http://help.sap.com/saphelp_nw04s/helpdata/en/8c/f03541c6afd92be10000000a1550b0/content.htm]:
    - created a custom login module
    - added it to a custom login module stack
    - added a custom authscheme in the authschemes.xml file
    - assigned the iView to this authscheme
    I also create a PortalComponent that reads the user entries and calls my login module (JSP not shown):
    public void doContent(IPortalComponentRequest request, IPortalComponentResponse response)     {          
        HttpServletRequest req = request.getServletRequest();
        HttpServletResponse resp = request.getServletResponse(false);
        ILogonAuthentication ila = UMFactory.getLogonAuthenticator();
        Subject subject = ila.logon(req, resp, "myauthscheme");
        // if authenticated what to do next??
    Now when I try to access the protected iView, I see my screen to answer the questions, I press submit and my login module is called. But, I never get redirected to the iView I'm supposed to go. So I still have two questions:
    1) Which login modules should be in the login module stack? Should I include the BasicPasswordLoginModule?
    For the moment I have:
    EvaluateTicketLoginModule (SUFFICIENT)
    MyCustomLoginModule (REQUISITE)
    CreateTicketLoginModule (OPTIONAL)
    2) How can I be redirected to the protected iView after the user is being authenticated? Is it the portal framework who is responsible to navigate there automatically? Or is it in my own code after the logon() call? In that case how can I retrieve the destination URL?
    Thanks,
    Martin

    I'm using the version 10.1.3.0.4 (SU5).
    The error is:
    06/09/28 18:09:05 WARNING: Application.setConfig Application: current-workspace-app is in failed state as initialization failedjava.lang.InstantiationException
    28/09/2006 18:09:05 com.evermind.server.Application setConfig
    WARNING: Application: current-workspace-app is in failed state as initialization failedjava.lang.InstantiationException
    2006-09-28 18:09:05.390 WARNING J2EE 0JR0013 Exception initializing deployed application: current-workspace-app. null
    My JAAS-oc4j-app content is:
    <log>
    <file path="JAAS-oc4j-app.log" xmlns=""/>
    </log>
    <jazn provider="XML" location="JAAS-jazn-data.xml">
    <property name="role.mapping.dynamic" value="true"/>
    <property name="custom.loginmodule.provider" value="true"/>
    <property name="jaas.username.simple" value="true"/>
    </jazn>
    <data-sources path="JAAS-data-sources.xml"/>
    Thanks for reply.

  • SharePoint Foundation 2013 - FBA Custom Login Page

    Hi,
         i am trying to enable FBA in SharePoint Foundation 2013 and it works fine for default login page
         but when i try to create custom login page ( which is already working without any problems in SharePoint 2010 )  i receive an error when i try to authenticate user using the following code :
             SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, txtUserName.Text, txtPassword.Text);
         i checked the Log file and found the following entries :
            - Application error when access /_layouts/CM Custom Login Page/Login.aspx, Error=Exception of type 'System.ArgumentException' was thrown.  Parameter name: httpApplication   at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri
    context, String userName, String password)     at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object sender, EventArgs e)     at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)    
    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)  
            -  System.ArgumentException: Exception of type 'System.ArgumentException' was thrown.  Parameter name: httpApplication    at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri
    context, String userName, String password)     at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object sender, EventArgs e)     at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)    
    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
          -  Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ArgumentException: Exception of type 'System.ArgumentException'
    was thrown.  Parameter name: httpApplication     at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri context, String userName, String password)     at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object
    sender, EventArgs e)     at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
    at System.Web.UI.Page.HandleError(Exception e)     at System.Web.UI.Page.ProcessRequestMain(...
          -  ...Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)     at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)    
    at System.Web.UI.Page.ProcessRequest()     at System.Web.UI.Page.ProcessRequest(HttpContext context)     at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()    
    at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

    check first whether you are getting context or not, to me it looks like issue with Contrext.Request.UrlReferrer
    try with this code
    Uri url = new Uri(SPContext.Current.Web.Url);SPClaimsUtility.AuthenticateFormsUser(url, txtUserName.Text, txtPassword.Text);

  • Multiple custom login pages

    I have two WebApps. In central admin i set one different custom login page for each.
    now the problem: the second WebApp redirects to the login page of the first one.
    Known problem?

    Hi,
    According to your post, my understanding is that you wanted to set different login pages for different web applications.
    Please check whether you choose the zone that you want to configure and enter the Sign In Page URL correctly.
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • Help - using custom login module with embedded jdev oc4j to access ejb 3

    Hi All (Frank ??),
    I'm just wondering if anyone has successfully been able to leverage a custom login module in combination
    with a client that connects to a local EJB 3 stateless session bean through Jdeveloper 10.1.3.2's embedded oc4j.
    I have spent 2+ days trying to get this to work - and i think I resound now to the fact im going to
    have to deploy to oc4j standalone instead.
    I got close.. but finally was trumped with the following error from the client trying to access the ejb:-
    javax.naming.NoPermissionException: Not allowed to look up XXXXXX, check the namespace-access tag
    setting in orion-application.xml for details.
    Using the various guides available, I had no problem getting the custom login module working
    with a local servlet running from JDev's embedded oc4j.. however with ejb - no such luck.
    I have a roles table (possible values Member, Admin) - that maps to sr_Member and sr_Admin
    respectively in various config files.
    I'm using EJB 3 annotations for protecting methods .. for example
    @RolesAllowed("sr_Member")
    Steps that I had to do so far :-
    In <jdevhome>\jdev\system\oracle.jwee.10.1.3.40.66\embedded-oc4j\config\system-jazn-data.xml1) Add custom login module
        <application>
          <name>current-workspace-app</name>
          <login-modules>
            <login-module>
              <class>kr.security.KnowRushLoginModule</class>
              <control-flag>required</control-flag>
              <options>
                <option>
                  <name>dataSource</name>
                  <value>jdbc/DB_XE_KNOWRUSHDS</value>
                </option>
                <option>
                  <name>user.table</name>
                  <value>users</value>
                </option>
                <option>
                  <name>user.pk.column</name>
                  <value>id</value>
                </option>
                <option>
                  <name>user.name.column</name>
                  <value>email_address</value>
                </option>
                <option>
                  <name>user.password.column</name>
                  <value>password</value>
                </option>
                <option>
                  <name>role.table</name>
                  <value>roles</value>
                </option>
                <option>
                  <name>role.to.user.fk.column</name>
                  <value>user_id</value>
                </option>
                <option>
                  <name>role.name.column</name>
                  <value>name</value>
                </option>
              </options>
            </login-module>
          </login-modules>
        </application>2) Grant login rmi permission to roles associated with custom login module (also in system-jazn-data.xml)
      <grant>
        <grantee>
          <principals>
            <principal>
              <realm-name>jazn.com</realm-name>
              <type>role</type>
              <class>kr.security.principals.KRRolePrincipal</class>
              <name>Admin</name>
            </principal>
          </principals>
        </grantee>
        <permissions>
          <permission>
            <class>com.evermind.server.rmi.RMIPermission</class>
            <name>login</name>
          </permission>
        </permissions>
      </grant>
      <grant>
        <grantee>
          <principals>
            <principal>
              <realm-name>jazn.com</realm-name>
              <type>role</type>
              <class>kr.security.principals.KRRolePrincipal</class>
              <name>Member</name>
            </principal>
          </principals>
        </grantee>
        <permissions>
          <permission>
            <class>com.evermind.server.rmi.RMIPermission</class>
            <name>login</name>
          </permission>
        </permissions>
      </grant>3) I've tried creating various oracle and j2ee deployment descriptors (even though ejb-jar.xml and orion-ejb-jar.xml get created automatically when running the session bean in jdev).
    My ejb-jar.xml contains :-
    <?xml version="1.0" encoding="utf-8"?>
    <ejb-jar xmlns ....
      <assembly-descriptor>
        <security-role>
          <role-name>sr_Admin</role-name>
        </security-role>
        <security-role>
          <role-name>sr_Member</role-name>
        </security-role>
      </assembly-descriptor>
    </ejb-jar>Note- i'm not specifying the enterprise-beans stuff, as JDev seems to populate this automatically.
    My orion-ejb-jar.xml contains ...
    <?xml version="1.0" encoding="utf-8"?>
    <orion-ejb-jar ...
      <assembly-descriptor>
        <security-role-mapping name="sr_Admin">
          <group name="Admin"></group>
        </security-role-mapping>
        <security-role-mapping name="sr_Member">
          <group name="Member"></group>
        </security-role-mapping>
        <default-method-access>
          <security-role-mapping name="sr_Member" impliesAll="true">
          </security-role-mapping>
        </default-method-access>
      </assembly-descriptor>My orion-application.xml contains ...
    <?xml version="1.0" encoding="utf-8"?>
    <orion-application xmlns ...
      <security-role-mapping name="sr_Admin">
        <group name="Admin"></group>
      </security-role-mapping>
      <security-role-mapping name="sr_Member">
        <group name="Member"></group>
      </security-role-mapping>
      <jazn provider="XML">
        <property name="role.mapping.dynamic" value="true"></property>
        <property name="custom.loginmodule.provider" value="true"></property>
      </jazn>
      <namespace-access>
        <read-access>
          <namespace-resource root="">
            <security-role-mapping name="sr_Admin">
              <group name="Admin"/>
              <group name="Member"/>
            </security-role-mapping>
          </namespace-resource>
        </read-access>
        <write-access>
          <namespace-resource root="">
            <security-role-mapping name="sr_Admin">
              <group name="Admin"/>
              <group name="Member"/>
            </security-role-mapping>
          </namespace-resource>
        </write-access>
      </namespace-access>
    </orion-application>My essentially auto-generated EJB 3 client does the following :-
          Hashtable env = new Hashtable();
          env.put(Context.SECURITY_PRINCIPAL, "matt.shannon");
          env.put(Context.SECURITY_CREDENTIALS, "welcome1");
          final Context context = new InitialContext(env);
          KRFacade kRFacade = (KRFacade)context.lookup("KRFacade");
    ...And throws the error
    20/04/2007 00:55:37 oracle.j2ee.rmi.RMIMessages
    EXCEPTION_ORIGINATES_FROM_THE_REMOTE_SERVER
    WARNING: Exception returned by remote server: {0}
    javax.naming.NoPermissionException: Not allowed to look
    up KRFacade, check the namespace-access tag setting in
    orion-application.xml for details
         at
    com.evermind.server.rmi.RMIClientConnection.handleLookupRe
    sponse(RMIClientConnection.java:819)
         at
    com.evermind.server.rmi.RMIClientConnection.handleOrmiComm
    andResponse(RMIClientConnection.java:283)
    ....I can see from the console that the user was successfully authenticated :-
    20/04/2007 00:55:37 kr.security.KnowRushLoginModule validate
    WARNING: [KnowRushLoginModule] User matt.shannon authenticated
    And that user is granted both the Admin, and Member roles.
    The test servlet using basic authentication correctly detects the user and roles perfectly...
      public void doGet(HttpServletRequest request,
                        HttpServletResponse response)
        throws ServletException, IOException
        LOGGER.log(Level.INFO,LOGPREFIX +"doGet called");
        response.setContentType(CONTENT_TYPE);
        PrintWriter out = response.getWriter();
        out.println("<html>");
        out.println("<head><title>ExampleServlet</title></head>");
        out.println("<body>");
        out.println("<p>The servlet has received a GET. This is the reply.</p>");
        out.println("<br> getRemoteUser = " + request.getRemoteUser());
        out.println("<br> getUserPrincipal = " + request.getUserPrincipal());
        out.println("<br> isUserInRole('sr_Admin') = "+request.isUserInRole("sr_Admin"));
        out.println("<br> isUserInRole('sr_Memeber') = "+request.isUserInRole("sr_Member"));Anyone got any ideas what could be going wrong?
    cheers
    Matt.
    Message was edited by:
    mshannon

    Thanks for the response. I checked out your blog and tried your suggestions. I'm sure it works well in standalone OC4J, but i was still unable to get it to function correctly from JDeveloper embedded.
    Did you ever get the code working directly from JDeveloper?
    Your custom code essentially seems to be the equivalent of a grant within system-jazn-data.xml.
    For example, the following grant to a custom jaas role (JAAS_ADMIN) that gets added by my custom login module gives them rmi login access :-
         <grant>
              <grantee>
                   <principals>
                        <principal>
                             <realm-name>jazn.com</realm-name>
                             <type>role</type>
                             <class>kr.security.principals.KRRolePrincipal</class>
                             <name>JAAS_Admin</name>
                        </principal>
                   </principals>
              </grantee>
              <permissions>
                   <permission>
                        <class>com.evermind.server.rmi.RMIPermission</class>
                        <name>login</name>
                   </permission>
              </permissions>
         </grant>If I add the following to orion-application.xml
      <!-- Granting login permission to users accessing this EJB. -->
      <namespace-access>
        <read-access>
          <namespace-resource root="">
            <security-role-mapping>
              <group name="JAAS_Admin"></group>
            </security-role-mapping>
          </namespace-resource>
        </read-access>Running a standalone client against the embedded jdev oc4j server gives the namespace-access error.
    I tried out your code by essentially creating a static reference to a singleton class that does the role lookup/provisioning with rmi login grant :-
    From custom login module :-
      private static KRSecurityHelper singleton = new KRSecurityHelper();
      protected Principal[] m_Principals;
        Vector v = new Vector();
          v.add(singleton.getCustomRmiConnectRole());
          // set principals in LoginModule
          m_Principals=(Principal[]) v.toArray(new Principal[v.size()]);
    Singleton class :-
    package kr.security;
    import com.evermind.server.rmi.RMIPermission;
    import java.util.logging.Level;
    import java.util.logging.Logger;
    import oracle.security.jazn.JAZNConfig;
    import oracle.security.jazn.policy.Grantee;
    import oracle.security.jazn.realm.Realm;
    import oracle.security.jazn.realm.RealmManager;
    import oracle.security.jazn.realm.RealmRole;
    import oracle.security.jazn.realm.RoleManager;
    import oracle.security.jazn.policy.JAZNPolicy;
    import oracle.security.jazn.JAZNException;
    public class KRSecurityHelper
      private static final Logger LOGGER = Logger.getLogger("kr.security");
      private static final String LOGPREFIX = "[KRSecurityHelper] ";
      public static String CUSTOM_RMI_CONNECT_ROLE = "remote_connect";
      private RealmRole m_Role = null;
      public KRSecurityHelper()
        LOGGER.log(Level.FINEST,LOGPREFIX +"calling JAZNConfig.getJAZNConfig");
        JAZNConfig jc = JAZNConfig.getJAZNConfig();
        LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getRealmManager");
        RealmManager realmMgr = jc.getRealmManager();
        try
          // Get the default realm .. e.g. jazn.com
          LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getGetDefaultRealm");
          Realm r = realmMgr.getRealm(jc.getDefaultRealm());
          LOGGER.log(Level.INFO,LOGPREFIX +"default realm: "+r.getName());
          // Access the role manager for the remote connection role
          LOGGER.log(Level.FINEST,
            LOGPREFIX +"calling default_realm.getRoleManager");
          RoleManager roleMgr = r.getRoleManager();
          LOGGER.log(Level.INFO,LOGPREFIX +"looking up custom role '"
            CUSTOM_RMI_CONNECT_ROLE "'");
          RealmRole rmiConnectRole = roleMgr.getRole(CUSTOM_RMI_CONNECT_ROLE);
          if (rmiConnectRole == null)
            LOGGER.log(Level.INFO,LOGPREFIX +"role does not exist, create it...");
            rmiConnectRole = roleMgr.createRole(CUSTOM_RMI_CONNECT_ROLE);
            LOGGER.log(Level.FINEST,LOGPREFIX +"constructing new grantee");
            Grantee gtee = new Grantee(rmiConnectRole);
            LOGGER.log(Level.FINEST,LOGPREFIX +"constructing login rmi permission");
            RMIPermission login = new RMIPermission("login");
            LOGGER.log(Level.FINEST,
              LOGPREFIX +"constructing subject.propagation rmi permission");
            RMIPermission subjectprop = new RMIPermission("subject.propagation");
            // make policy changes
            LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getPolicy");
            JAZNPolicy policy = jc.getPolicy();
            if (policy != null)
              LOGGER.log(Level.INFO, LOGPREFIX
                + "add to policy grant for RMI 'login' permission to "
                + CUSTOM_RMI_CONNECT_ROLE);
              policy.grant(gtee, login);
              LOGGER.log(Level.INFO, LOGPREFIX
                + "add to policy grant for RMI 'subject.propagation' permission to "
                + CUSTOM_RMI_CONNECT_ROLE);
              policy.grant(gtee, subjectprop);
              // m_Role = rmiConnectRole;
              m_Role = roleMgr.getRole(CUSTOM_RMI_CONNECT_ROLE);
              LOGGER.log(Level.INFO, LOGPREFIX
                + m_Role.getName() + ":" + m_Role.getFullName() + ":" + m_Role.getFullName());
            else
              LOGGER.log(Level.WARNING,LOGPREFIX +"Cannot find jazn policy!");
          else
            LOGGER.log(Level.INFO,LOGPREFIX +"custom role already exists");
            m_Role = rmiConnectRole;
        catch (JAZNException e)
          LOGGER.log(Level.WARNING,
            LOGPREFIX +"Cannot configure JAZN for remote connections");
      public RealmRole getCustomRmiConnectRole()
        return m_Role;
    }Using the code approach and switching application.xml across so that namespace access is for the group remote_connect, I get the following error from my bean :-
    INFO: Login permission not granted for current-workspace-app (test.user)
    Thus, the login permission that I'm adding through the custom remote_connect role does not seem to work. Even if it did, i'm pretty sure I would still get that namespace error.
    This has been such a frustrating process. All the custom login module samples using embedded JDeveloper show simple j2ee servlet protection based on settings in web.xml.
    There are no samples showing jdeveloper embedded oc4j using ejb with custom login modules.
    Hopefully the oc4j jdev gurus like Frank can write a paper that demonstrates this.
    Matt.

  • How to get the Trusted Identity Login Page with the needed parameters to make custom login screen instead of sharepoint Login Page?

    hi guys
    i have configured trusted identity provider for my public facing internet portal, but i dont want to use the login screen
    since i have about 10 site collection which will use this authentication.
    is there a class or property that gives me the url ready with the parameters like "wa" and "wtrealm" and the redirect url based on the place the user click the link from.

    You can create your own login page and specify the URL for it in the authentication provider settings of a Web Application or Zone.  So the easiest way to do what you want would be to extend your existing Web Application to a new Zone, change the login
    Page url to point to use your custom zone, and tell users to use the url of that zone to login with the custom provider you have built.
    If you want a single zone then you will need to modify a copy of the login page you display above and have it redirect to a custom login page for your identity provider if the pick the correct entry in the dropdown.
    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

  • Custom Login screen - Yammer app webpart not working

    Hi Team,
    I have created windows login  website and configured Yammer . it is working fine.
    But I have created another website with custom login screen and If i check Yammer Feed app webpart nothing is opening.for few browsers got exception like "401 : unauthorized access".
    I have placed custom log in page in "_layouts" folder.
    I am new to sharepoint 2013 and Yammer. kindly let me know in details what is the problem and root cause and solution.
    Otjherwise is there any chance to create a custom webpart using Yammer API ? If so where I can find it ? what are the root Dll's and root classes to implement it.
    Regards,
    Rajesh

    Hi,
    According to your description, my understanding is that when you access the Yammer Feed app, it occur "401:unauthorized access" .
    If this error occurs in few browsers, it could be related to browser settings.  The Yammer Feed app requires the user has third party cookies enabled in their browsers.
    Here are some similar threads about the solution for this issue:
    http://stackoverflow.com/questions/23248749/yammer-embed-feed-works-in-ie-and-firefox-but-not-in-chrome-gives-401-unauthori
    http://stackoverflow.com/questions/27383175/http-401-error-for-every-yammer-rest-api-call-for-a-given-network
    About how to use Yammer API to create custom web part, here are some detailed articles for your reference:
    https://samlman.wordpress.com/2015/03/02/using-the-yammer-api-in-a-net-client-application/
    http://pythonhosted.org/yampy/api.html
    https://github.com/yammer/yam
    Thanks
    Best Regards
    Jerry Guo
    TechNet Community Support

  • Custom login.asp

    Hi all,
    I have made a copy of the Login.asp file in C:\Program Files\Microsoft Forefront Unified Access Gateway\von\InternalSite\CustomUpdate.  I have also configured the trunk to use 'CustomUpdate/Login.asp' and activated the configuration.  The
    changes that I made to the file are not applying.  The problem I am running into is that the Login Page for my OWA sites are displaying username, 'authentication group(AD)' password, 'authentication group2(RSA)' password.  I'm trying to change the
    'authentication group(AD)' password to just say 'password' and the 'authentciaton group2(RSA)' to say 'passcode'.
    Any suggestions or reasons why the changes within the custom login.asp are not being applied when I make changes to it?

    Hi,
    From your description, I know you want to customize login page with widows authentication.
    To custom login page with widows authentication, you should configure your web application web.config file to authenticate current user credential against Active Directory.
    You can custom your login page by refer to these similar cases:
    https://social.technet.microsoft.com/Forums/en-US/88aef0ed-423f-4404-8b4b-d5649c651e03/how-to-create-a-custom-login-page-for-windows-authentication-in-sharepoint-2013?forum=sharepointdevelopment
    https://social.technet.microsoft.com/Forums/en-US/b796c93a-f5c1-442b-ba13-9a9a2d3bfdae/custom-login-page-with-windows-authentication?forum=sharepointdevelopment
    Best Regards
    Vincent Han
    TechNet Community Support

  • Web Center app with ADF Security - login problem

    I have a custome Oracle Web Center app.
    I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
    When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
    and i get
    Error 403--Forbidden
    I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
    This works fine if i use a Login link with
    destination="#{'/adfAuthentication?login=true&amp;end_url=/faces/postLogin.jspx'} "
    which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
    Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
    Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
    P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
    Edited by: new_to_webcenter on 18-Jan-2011 05:25

    Thanks for your response Frank.
    The web.xml has
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>adfAuthentication</web-resource-name>
    <url-pattern>/adfAuthentication</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>valid-users</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.html</form-login-page>
    <form-error-page>/error.html</form-error-page>
    </form-login-config>
    </login-config>
    When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
    "/faces/postLogin.jspx"
    this then adds into web.xml
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <init-param>
    <param-name>success_url</param-name>
    <param-value>/faces/postLogin.jspx</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
    </servlet>
    So the sequence which works is:
    Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
    I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
    So should the form be posting to j_security_check directly or to the adfAuthentication ?

  • J2EE 6.40 Custom Login Module - how to config

    hello all,
    i am using WAS J2EE 6.40 Sneak Preview edition. Read all i can find about custom login module, in the forum and the online help. still confused. pls help.
    here is the background info:
    - i am writing a web app. the EAR file contains 5 ejbs, 1 war and bunch of java classes in jars.
    - access to my web app is protected through url pattern (in web.xml), i've defined the same named security role in web.xml and on j2ee engine.
    - my login module does the user name and password checking. both are stored in database through some other means.
    - login is FORM based
    following the discussion in another thread on the topic, i did the following:
    #1 develop my login module code. packaged it in a jar, then sda file. deploy the sda as a llibrary to the engine.
    #2 add my login module to the security store through the security provider service.
    #3 configure my web app to use the custom login module in web-j2ee-engine.xml
    #4 deploy my web app through the ear file
    at this point, in the visual administrator, i can see the library, the custom login module (added to the UME User Store), and also my web app has authentication set to use the custom login module (under policy configurations tab).
    now i try to login to my web app. it correctly complains when i enter non-existent user or wrong password and brings me to the login failed jsp page. but when i enter both correctly (as stored in my database), i get http 403 error code. i know it is 403 because i set that error code to a special jsp page in web.xml.
    question is why? now i create a user on the j2ee engine with the same name as in my user database. then i can login ok. i am confident that my login module is called since i see the println lines in j2ee engine server logs.
    ??? so i must be missing something obvious. is it because my web app is protected through security-role? i even tried removing all such roles, but still same problem.
    ??? or do i completely mis-understand how custom login modules are supposed to work. i thought it means i can authenticate users any way i want without having to use the j2ee engine's user mgmt. pls tell me if i am totally wrong.
    ??? or maybe my login module code is missing some key stmts. how should it tell the j2ee engine that a user is authenticated? in the login() method, it returns true if user name/passwd match. in the commit() method, it adds the principal to the subject. i don't what else is required.
    does anyone have a working scenario using custom login modules?
    thanks very much for your inputs and thoughts.
    wentao

    Hi Astrid,
    I guess I have the same understanding of JAAS as you. I want to deploy an application that internally makes use of JAAS to authenticate users. There is a LoginModule that authenticates users against some database tables containing all the user data and profile. The application was not designed to be deployed to NetWeaver. So it does not make use of UME or some other NetWeaver specific feature. Actually it handles user management and authoroization issues completely on its own. The only reason for having JAAS is to allow customers to plug in their own LoginModule to use some other kind of user store.
    When deploying the web application to a simple servlet engine like Tomcat, all I have to do is to register my LoginModule in the "jaas.conf" file that is parsed by JAAS default implementation. I also tell the JVM where my jaas.conf file is located by appending a "-Djava..." runtime parameter to the JVM startup script.
    When using other application servers like IBM WebSphere things become a bit different. Normally you use the administration GUI of that server to configure your LoginModules. WebSphere for example keeps the login configuration in an internal database rather than writing everything into a "jaas.conf" text file. But the way the application can use the LoginModule is the same as in Tomcat.
    But when it comes to Netweaver, it seems to me that it's not possible to define a LoginModule that your application can use WITHOUT having to couple it tightly to UME. Or did I get something wrong? Initially I've tried to modify the JVM's parameters (using SAP J2EE Config Tool) to include the location of my "jaas.conf" file containing the my login configuration. But that did not work. The parameter was really passed to the JVM but anyway my LoginModule was not found, I guess that NetWeaver has some own implementation of the JAAS interfaces that just ignore the plain text JAAS configuration files (like WebSphere also does).
    The documentation that I have downloaded from SDN doesn't seem to match the 6.4 sneak preview version that I just downloaded some days ago. They say you should deploy your LoginModule as a library and add a refernce to the application. I tried that out but it did not help. The login configuration that the application wants to access is still not found. Actually there seems to be no way to specify the name for a JAAS Login Configuration in NetWeaver. At least I cound not find that in the documentation.
    So basically my question is: is it possible to deploy an application that wants to use some own LoginModule (either deployed separately or together with the application, that does not matter) without making use of Netweaver specific features like UME? The application has its own user management infrastructure and just needs a way to setup a JAAS Login Configuration to access its own LoginModule.
    Thanks in advance
    Henning

  • Custom login fails to add user to Authenticated_Users group

    We have a custom login servlet that authenticates to MS Active Directory with 9iAS 9.0.2 portal. However, none of the users are automatically added to authenticated_users group upon login. Our login servlet behaves as follows:
    - we do a ldap copy once a day to move usernames into OID
    - the servlet authenticates to AD with username and password
    - if authenticated, verify username is in OID
    - if username in OID, update password as provided by servlet
    - login
    I should also mention that we have 9iAS, portal, SSO, etc. using SSL.
    Is our problem missing logic within the servlet or with the ldap copy not populating a certain field? or other?

    Any ideas? We are getting close to deploying to operational network.

  • Simultaneous login problem

    Hi 
    I am having simultaneous login problems. In the past I have been able to sign into my skype account on both my Mac Book Pro and my Windows 7 desktop PC. However since I had to change my password I can only login into one machine at a time now. Also when I change my password on the desktop PC I can only sign into that skype / computer. Whenever I type the same account name and same exact password on my Mac Book Pro, it says it doesn't recognize my sign-in details but I am 100% sure that I typed it in exactly the same way as I did on my desktop. Another is that when I reset my password on my Mac Book those details won't work on the Desktop PC and vice-versa.
    I would like to know what is the problem in this situation, I am not sure if this is an application error or a networking error where the account details are not signing in from a different IP or MAC address.
    Please and thank you!

    "The load balancing was already functional:"
    Do you have a description how to do that?
    I Would like to know how.
    "so ALL traffic, not going to the LAN network and so over this interface, went out on the DMZ interface, with source IP from LAN."
    If you put the VPN servers behind 1-1 NAT instead they will use the firewall as GW and the VPN clients will get at your remote sites/LAN IF you add routing definitions in VPN config what networks are reachable through VPN.
    Or you keep servers as they are but also add add more routing definitions in VPN AND static routes to each server with the firewall as gw to those remote networks. Default gw will still be through the DMZ IPs though.
    The problem with more than one VPN client from behind same IP address is, with your current server settings, most likely because of the client side NAT router isn't coping with the task. Your public IP VPN server(s) should mean NAT VPN problem is at the other end (customer/client network router/firewall).
    If two VPN clients behind same NAT router connected to different servers at your end, "12.34.56.80" and "12.34.56.81" (both are public IPs?) respectively I believe at least two should be able to connect.
    3G/4G modems isn't an option?
    Maybe try bringing your own tested working portable router (ethernet/wifi maybe includes a VPN client that connect to your servers) to the customer and put it temporarily on their LAN? There are these small new 3G/WiFi routers too. Depends on wether you need to be connected to customer LAN or not.
    Try other VPN solution, SSL or OpenVPN?
    Use both PPTP and L2TP simultaneously (PPTP could be troubelsome if GRE/TCP 1723 passthrough is disabled)?

  • Custom pluggable idm with custom login module

    Hello All. I've developed a custom implementation of the pluggable identity management framework as explained in chapter 13 of the book "Oracle® Containers for J2EE Security Guide10g (10.1.3.1.0)". I have OAS 10.1.3.1.0.
    Everything works fine except when the identity is validated with in the tokenAsserter. The process is supposed to continue with the login method implemented in my custom login module but instead the default oracle implementation (RealmLoginModule) is being executed.
    The application is a servlet and is configured to use a custom loginModule. If I don't use de custom auth method (auth-method="CUSTOM_AUTH" in orion-application) my loginModule is called but when I plug it to my custom idm implementation it doesn't.
    The custom idm is packed in to a jar containing the idm and the login module. The jar is deployed to the <ORACLE_HOME>/ext/lib directory.
    Any suggestions? Thanks

    Thanks for your answer, it really helps. I had already cheeked all that stuff and it was correct, but knowing that another person had made it worked the same way I was doing it, made me think I was doing it right and the problem may simpler. It really was. OC4J was really calling my login module all the time but it was getting a runtime exception, a very simple one, that was making OC4J to propagate the authentication to the default login module (RealmLoginModule), and that was the error I was watching in the logs that had me all confused.
    I will start another thread though about stolen cookie in a SSO solution that I’m developing with this implementation.
    Thank you.

  • Custom Login Module, SSO Ticket validity & Login Module Stack

    Hi everybody,
    we have a portal (running on jboss) which links to a J2EE web application (running on SAP WAS 6.40) which itself is protected by a custom login module and redirects to different WebDynpro applications (running on same WAS as the J2EE app) depending on some parameters.
    So when we go from the portal to the J2EE web application, the custom login module authenticates the user, creates a MYSAPSSO2 Cookie and then redirects to a webdynpro app.
    What happens is that the webdynpro app doesn't accept the cookie and redirects to the login mask.
    Looking at the request header parameter HOST we have the request coming from sub1.sub2.mycompany.com, which is the portal.
    The WAS is located on sub3.mycompany.com.
    If we manipulate the HOST parameter to sub2.mycompany.com everything works fine and the webdynpro app successfully authenticates the user.
    This does sound either like a domain relaxing issue or a multi domain issue, which we added as parameters to the CreateTicketLoginModule in the Login Module Stack for the J2EE web app.
    Unfortunately without result.
    Did anybody have a similar problem and can give some hints on how to solve this?
    Any help is appreciated
    Regards,
    md
    Edited by: Minh-Duc Truong on Jul 17, 2008 7:18 PM
    Edited by: Minh-Duc Truong on Jul 17, 2008 7:19 PM
    Edited by: Julius Bussche on Jul 18, 2008 7:25 PM

    Hi md,
    I have split your 2nd question into a seperate thread => That would make them easier to answer as well, which will help.
    You can find it here: Custom Login Module, LM Stack ignored
    Cheers,
    Julius
    Edited by: Julius Bussche on Jul 18, 2008 7:26 PM

Maybe you are looking for

  • Text problem in SAPScript

    Hello, i have a problem i need to print one recepit with sapscript. I have to made a changes in displaying the text in o/p but it is in different language i.e PT text to display is IVA NÃO REGULARIZADO – ARTº 71 CIVA Now if you see above in sentence

  • [iPhone] Can't get app to deploy to device

    I followed these instructions: http://developer.apple.com/iphone/manage/provisioningprofiles/howto.action But when I deploy I get the wonderful "Your mobile device has encountered an unexpected error (0xE800003A) during the install phase: Verifying a

  • FaceTime worked fine for a year and just quick working??

    I had no problems with the Face Time usage on my MACPRO ...then a couple of months ago it just quit working?  Says it is off - I click on and preferences and the eternal circle goes non stop? Anyone else have issues with Face Time?

  • All Presets on Effects/Plugins Disappeared

    I've had Audition 3.0 for about two months and tonight I discovered that all the presets in the effects and plug-ins have disappeared - even the original presets that came when the program was first installed. All of my own created presets have also

  • Low output when using Akai MPK49 controller

    I'm completely new to Logic so I appreciate your taking the time to read this. When ever I add a software instrument track and use my Akai MPK49 controller to control the instrument, the meters show that I have plenty of signal coming in, but the out