Digest Authentication issues
Has anyone ever successfully performed a remote http server
digest authentication? I am currently building a script that
authenticates against a server using a supplied username and
password. All of my attempts thus far have come up empty and I am
not quite sure where I am going wrong with this.
I have modeled my headers exactly after the heads I get with
a successful Firefox login.
Here are the headers I get from the Live Headers firefox
addon.
Initial Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 401 Unauthorized
Content-Length: 1944
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
WWW-Authenticate: Digest
qop="auth",realm="[email protected]",nonce="2aaa0db6ed2bb21e8b913e1844b0abf1",opaque="2 0050024497281"
Date: Sun, 20 May 2007 00:24:49 GMT
Connection: close
Authenticated Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Authorization: Digest username="cril01",
realm="[email protected]",
nonce="2aaa0db6ed2bb21e8b913e1844b0abf1", uri="/rets/login",
response="db214dcb999219968d829b5513e476dd",
opaque="20050024497281", qop="auth", nc=00000001,
cnonce="1d545807784766d0"
HTTP/1.x 200 OK
Connection: close
Date: Sun, 20 May 2007 00:24:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: 0
Cache-Control: private
RETS-Version: RETS/1.5
Set-Cookie: RETS-Session-ID=2aaa0db6ed2bb21e8b913e1844b0abf1;
path=/
Content-Type: text/xml
Now even with me exactly copying these headers. I still get
401 (Unauthorized) errors. Does anyone see where I went wrong with
this?
Here is a link to my current test:
http://www.myhomesmart.com/admin/dev/test4.cfm
And here is my code.
You cannot just copy headers form successful login, since
they are a function of server's nonce, which is different on every
request (this is the main idea of Digest). Actually, authorization
is a function of server's nonce and client's nonce. So, you have to
correclty calculate this every time you log in.
However, with
CFX_HTTP5 I
immediately got this [successful] response without any programming:
<RETS ReplyCode="0" ReplyText="Operation Successful">
<RETS-RESPONSE>
MemberName = TRUDY MOORE
User = CRIL01,1,SUBSCRIBER,CRIL01
Broker = HOMESMART
MetadataVersion = 1.00.00004
MinMetadataVersion = 1.00.00004
OfficeList = NONE
TimeoutSeconds = 1440
Action = /RETS/Action
GetObject = /RETS/GetObject
Login = /RETS/Login
Logout = /RETS/Logout
Search = /RETS/Search
GetMetadata = /RETS/GetMetadata
X-Links = /RETS/LINKS
X-Stats = /RETS/STATS
X-OMEGA = /RETS/Omega
</RETS-RESPONSE>
</RETS>
Similar Messages
-
How to configure a Proxy in OSB with Digest Authentication?
Hello, Guys.
I need a help with this subject.
I have a demand to configure a Proxy in OSB 11.1.1.6 with Digest Authentication. I'm using a Embedded Ldap with Identity Asserter.
I'have configured a DefaultAuthenticator and the DefaultIdentityAsserter to support Digest Password and create a new LdapIdentityAsserter pointing to my embedded Ldap.
When I'll create a new Proxy, in the security options, i can see the digest options to authenticate my username and password. I selected the one of all the options, but in the time of the Proxy test the authentication didn't work.
Could anyone help me?
Thanks you.Unfortunately, a reference trigger can't be used for continuous acquisition after the trigger. The maximum post-trigger count is either 2^24 or 2^32 depending on your hardware. Depending on your sampling rate and how many samples you expect to acquire before issuing a software stop, using the max post-trigger count may be sufficient for you. There are a couple of other options I can think of that you might want to try:
1.) If possible, play with the trigger condition such that it occurs at the start of your pre-trigger data and use it as a start trigger instead. I suspect this may not be possible.
2.) Set up a continuous acquisition and implement detection of the trigger condition through software. This is more software work and is more CPU intensive than the hardware solution, but it can definitely be made to work.
3.) With some creative use of the counters, you may be able to latch the sample clock number that trigger occurred on. This would allow you to setup a continuous acquisition and use the hardware to tell you where the trigger occurred instead of figuring it out in software. What I'm thinking is you would set up a buffered event counting task with the ai/SampleClock as the timebase source of the counter and the trigger signal as the sample clock of the counter. By reading the first count value, you should know which AI sample the trigger occurred. From there, you can seek to the right position in the buffer and begin reading data indefinitely.
Good luck! -
Httpurlconnection digest authentication
We have an applet which runs after requesting a page from an http server. This applet then makes thousands of http requests (SOAP) to the same server. Our problem is that when we set the server to require digest authentication for the soap service, the httpurlconnection is sending the soap request, getting back an unauthorized, then sending the auth information with the next request. So every request is getting huge overhead, 2 round trips, when it should be 1. For the first request, java vm pops up its little window and asks for credentials, then for the rest of the requests it uses those same credentials, but does not automatically send them until the server requests them. How can I set it so that for each request, it automatically sends the credentials with the cnonce, instead of sending no credentials, getting an unauthorized reply, then sending again with the credentials? I tried System.setProperty("http.auth.digest.validateServer", "true");, but that did not change anything. All help is appreciated.
A brute-force way I have discovered is to clear out the entire AuthCacheValue map:
AuthCacheValue.setAuthCache(new AuthCacheImpl());
However, both AuthCacheValue and AuthCacheImpl are part of the sun.net.www.* classes, so this method would be very fragile and raises issues of incompatibility. -
Hi,
To authenticate users I have to use digest authentication (RFC2617). However, it seems there is no support for this authentication in BEA webserver 8.1.
How can I best implement this? Any tips on where to find classes which I can reuse, I hope I do not have to develop this from scratch.
Thanks,
SteveSteve, did this ever get solved? I have the same issue trying to use Mappoint.
Thanks. -
Authentication issue getting "UMELoginException"
Dear Guys,
I am facing an authentication issue. The situation is like this,
My NT password was about to expire (had 6 more days for expiry). I was able to login till yesterday and all of the sudden today, when I was trying to login, I was not able to (it gave me password change message). So I went back and changed my NT password and tried to login again into the portal, however I am still not able to. I am pasting the stack trace,
#1.5#001143FDCEA7006700000008000018C40004196E4AD849E8#1153861399615#com.sap.security.core.imp#sap.com/irj#com.sap.security.core.imp.[cf=com.sap.security.core.sapmimp.logon.SAPMLogonLogic][md=doLogon][cl=20282]#Guest#192####fff21cf01c2011dba425001143fdcea7#SAPEngine_Application_Thread[impl:3]_0##0#0#Error##Java###doLogon failed
[EXCEPTION]
#1#com.sap.security.core.logon.imp.UMELoginException
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:318)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.login(AuthenticationService.java:344)
at com.sapportals.portal.prt.connection.UMHandler.handleUM(UMHandler.java:126)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:186)
at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:522)
at java.security.AccessController.doPrivileged(Native Method)
at com.sapportals.portal.prt.dispatcher.Dispatcher.service(Dispatcher.java:405)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.servlet.InvokerServlet.service(InvokerServlet.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:312)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:368)
at com.sap.portal.navigation.Gateway.service(Gateway.java:101)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:390)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:264)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:347)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:325)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:887)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:241)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:92)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:148)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Please help.
Regards,
DeepakHi Deepak,
it is most times that it needs to replicate through your system(s).
Regards,
Kai
PS: Please reward points if that was helpful. -
Authentication Issue, When Profile ReCreate
Hi,
i face authentication issue in SQL Server 2012 Evalution after i login in new account.
Take a look situation and what i did.
1) I install SQL Server 2012 in Member Server (Server 2012 Standard).
2). Every Thing i Did i by using AD User name "SP_Farm"
3). I install SQL in Windows Authentication Mode only and i provide User ****\SP_Farm, when Ever Installation Ask.
Note: during the whole process i only use SP_Farm (AD Admin User)
Every thing going working fine till my mistake. By mistake i delete account SP_Farm from AD and i re create it.
after that i cant access Management Studio. :(
Please Guide if is there any other way.
Thanks you
Shariq Ayaz
[email protected]
www.shariqdon.com
www.shariqdon.com/itworld
www.shariqdon.comHi,
i face authentication issue in SQL Server 2012 Evalution after i login in new account.
Take a look situation and what i did.
1) I install SQL Server 2012 in Member Server (Server 2012 Standard).
2). Every Thing i Did i by using AD User name "SP_Farm"
3). I install SQL in Windows Authentication Mode only and i provide User ****\SP_Farm, when Ever Installation Ask.
Note: during the whole process i only use SP_Farm (AD Admin User)
Every thing going working fine till my mistake. By mistake i delete account SP_Farm from AD and i re create it.
Creating a user with the same name is
not the same user :-)
A user has a unique ID and you did not create the same ID, but a new user with same name.
after that i cant access Management Studio. :(
Please Guide if is there any other way.
Thanks you
Shariq Ayaz
[email protected]
www.shariqdon.com
www.shariqdon.com/itworld
www.shariqdon.com
You can try to use This solution:
http://blogs.msdn.com/b/raulga/archive/2007/07/12/disaster-recovery-what-to-do-when-the-sa-account-password-is-lost-in-sql-server-2005.aspx
* After the SQL Server Instance starts in single-user mode, the Windows Administrator account is able to connect to SQL Server using the sqlcmd utility using Windows authentication.
[Personal Site] [Blog] [Facebook] -
Essbase 6.5 External Authentication Issue!! Urgent Please!!
Hi all,
I am great trouble over an external authentication issue in Essbase 6.5. I request you all to please give me your feedback on the same as soon as possible.
I am in a situation where I need to get my Essbase 6.5 external Authentication converted from LDAP to Active Directory services.
I suppose there has been necessary changes done to the .cfg file for the same. However, I think I am getting an error
"User [vikc]'c external authentication protocol [MSEX]'s password check module is not loaded".
Please let me know if you have come across such an issue earlier and can anybody to able to help me with the same.
Its kinda Urgent. so any replies for the same will be appreciated.
Thanks and Regards,
VikramVikram,
Yes you will have to reconfigure the CSS.xml and cfg file for external auth.
Here is the Sample CSS
<spi>
<provider>
<msad name="full360">
<trusted>false</trusted>
<url>ldap://192.168.1.100:389/DC=full360,DC=com</url>
<userDN>CN=Ravinder Singh,DC=full360,DC=com</userDN>
<password>full@360</password>
<authType>simple</authType>
<identityAttribute>dn</identityAttribute>
<maxSize>1000</maxSize>
<user>
<loginAttribute>sAMAccountName</loginAttribute>
<nameAttribute>dn</nameAttribute>
</user>
<group>
<nameAttribute>cn</nameAttribute>
<objectclass>
<entry>group?member</entry>
</objectclass>
</group>
</msad>
Download this toll "http://www.ldapbrowser.com/download.htm"
LDAP browser to get the perfact DN information.
Let me know the status
Ravikant -
Logical Port for Digest Authentication
Hello,
I want to connect to a webservice which is running at an IIS with Digest Authentication. I created a Consumer Proxy and added a Logical Port in SAO Management (Java-Stack) to this Consumer Proxy, but I can't find a digest authetification in Configuration of the Logical Port. Is it possible to connect from a SAP System to a webservice with Digest Authentification?
Thanks and best regards
IrisHello Gourav,
Thank you for your answer.
I tried to create a Logical Port with HTTP Access to the WSDL, but the WSDl needs digest authetication as well. So I get the error
Error: Error in WSDL access: Exception occurred in communication framework:Error in HTTP Framework:401Unauthorizedhttps://itnts2371/SecurityWebService.asmx?WSDL
though I logged in with right credentials.
Then I tried to read the WSDl from a file then, but I get the error
Error: Error in WSDL parsing: Exception occurred in library handler
So I created a manual Logical Port for SSL-Access. I get only "User ID/Password" and "SAP Authenticatoin Assertion Ticket", but no "Digest Authentication". "User ID/Password" doesn't work, I get a dialog to put in User ID and password, but I'm never authorized.
Any other suggestions?
Thanks
With best regards
Iris -
ACS 5.2 Authentication Issue with Local & Global ADs
Hi I am facing authentication issue with ACS 5.2. Below is AAA flow (EAP-TLS),
- Wireless Users >> Cisco WLC >> ADs <-- everything OK
- Wireless Users >> Cisco WLC >> ACS 5.2 >> ADs <-- problem
Last time I tested with ACS, it worked but didn't do migration as there'll be changes from ADs.
Now my customer wants ACS migration by creating new Group in AD, I also update ACS config.
For the user from the old group, authentication is ok.
For the user from the new group, authentication fails. With subject not found error, showing the user is from the old group.
Seems like ACS is querying from old records (own cache or database). Already restared the ACS but still the same error.
Can anyone advice to troubleshoot the issue?
Note: My customer can only access their local ADs (trusted by Global ADs). Local ADs & ACS are in the same network, ACS should go to local AD first.
How can we check or make sure it?
Thanks ahead,
YeHello,
There is an enhacement request open already:
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCte92062
ACS should be able to query only desired DCs
Symptom:
Currently on 5.0 and 5.1, the ACS queries the DNS with the domain, in order to get a list of all the DCs in the domain and then tries to communicate with all of them.If the connection to even one DC fails, then the ACS connection to the domain is declared as failed.A lot of customers are asking for a change on this behavior.
It should be possible to define which DCs to contact and/or make ACS to interpret DNS Resource Records Registered by the Active Directory Domain Controller to facilitate the location of domain controllers. Active Directory uses service locator, or SRV, records. An SRV record is a new type of DNS record described in RFC 2782, and is used to identify services located on a Transmission Control Protocol/Internet Protocol (TCP/IP) network.
Conditions:
Domain with multiple DCs were some are not accessible from the ACS due to security/geographic constraints.
Workaround:
Make sure ALL DCs are UP and reachable from the ACS.
At the moment, we cannot determine which Domain Controller on the AD the ACS will contact. The enhacement request will include a feature on which we can specify the appropriate the Domain Controllers the ACS should contact on a AD Domain.
Hope this clarifies it.
Regards. -
Wireless Client Authentication issues when roaming Access Points (Local)
I have a Cisco 5508 with Software version 7.4.121.0 and Field Recovery 7.6.101.1.
There are a handful of clients that when roaming between AP's with the same SSID that get an authentication issue and have to restart the wireless to get back on.
From Cisco ISE
Event
5400 Authentication failed
Failure Reason
11514 Unexpectedly received empty TLS message; treating as a rejection by the client
Resolution
Ensure that the client's supplicant does not have any known compatibility issues and that it is properly configured. Also ensure that the ISE server certificate is trusted by the client, by configuring the supplicant with the CA certificate that signed the ISE server certificate. It is strongly recommended to not disable the server certificate validation on the client!
Root cause
While trying to negotiate a TLS handshake with the client, ISE expected to receive a non-empty TLS message or TLS alert message, but instead received an empty TLS message. This could be due to an inconformity in the implementation of the protocol between ISE and the supplicant. For example, it is a known issue that the XP supplicant sends an empty TLS message instead of a non-empty TLS alert message. It might also involve the supplicant not trusting the ISE server certificate for some reason. ISE treated the unexpected message as a sign that the client rejected the tunnel establishment.
I am having a hard time figuring out what is causing this. My assumption is if there were a problem with the Controller or AP configurations then it would happen to everyone. My further assumption is if the client had a problem with their laptop (windows 7) then why does work at other times? So I have checked and the ISE certificate is trusted by client.
Is something happening that the previous access point is holding on to the mac and the return authentication traffic is going to the old AP instead of the new one or something like that which is corrupting the data?
I also had this from Splunk for the same client:
Mar 5 13:44:51 usstlz-piseps01 CISE_Failed_Attempts 0014809622 1 0 2015-03-05 13:44:51.952 +00:00 0865003824 5435 NOTICE RADIUS: NAS conducted several failed authentications of the same scenario
FailureReason="12929 NAS sends RADIUS accounting update messages too frequently"
Any help on this would be appreciated. These error messages give me an idea but doesn't give me the exact answer to why the problem occurred and what needs to be done to fix it.
ThanksFurther detail From ISE for the failure:
11001
Received RADIUS Access-Request
11017
RADIUS created a new session
15049
Evaluating Policy Group
15008
Evaluating Service Selection Policy
15048
Queried PIP
15048
Queried PIP
15004
Matched rule
15048
Queried PIP
15048
Queried PIP
15004
Matched rule
11507
Extracted EAP-Response/Identity
12500
Prepared EAP-Request proposing EAP-TLS with challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12301
Extracted EAP-Response/NAK requesting to use PEAP instead
12300
Prepared EAP-Request proposing PEAP with challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12302
Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318
Successfully negotiated PEAP version 0
12800
Extracted first TLS record; TLS handshake started
12805
Extracted TLS ClientHello message
12806
Prepared TLS ServerHello message
12807
Prepared TLS Certificate message
12810
Prepared TLS ServerDone message
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
12305
Prepared EAP-Request with another PEAP challenge
11006
Returned RADIUS Access-Challenge
11001
Received RADIUS Access-Request
11018
RADIUS is re-using an existing session
12304
Extracted EAP-Response containing PEAP challenge-response
11514
Unexpectedly received empty TLS message; treating as a rejection by the client
12512
Treat the unexpected TLS acknowledge message as a rejection from the client
11504
Prepared EAP-Failure
11003
Returned RADIUS Access-Reject -
OSB: HTTP digest authentication for WebServices
Hi,
How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
Best regards
DimoDid you figure out how to do it.?
-
We've had authentication issues with Infinity since the install just over a week ago (BT Business package)
The router will drop the connection and then we have a problem reconnecting (won't). Out of sheer frustration I've discovered a workaround that sometimes works that is to change the user name to the BT test account, connect, and then change the router user name setting back to our own. The BT test account always works, so despite a BT engineer being sent to trace the problem onsite yesterday the issue remains. We've also been sent a new router, and the BT engineer arrived with yet another new one yesterday
The problem seems to be purely authentication. The Technical Helpdesk have changed our password (twice) but we still get the problem. Yesterday I was told that some other users in our area have also had an authentication issue and that over the weekend 'patches' were going to be applied at our local exchange.
When the service works we get quite good speeds (37 down, 8 up) but we're frustrated with the lack of knowledge from the help-desk and have doubts that the 'patches' will resolve the issue
Such is the problem that BT will downgrade us back to ADSL2 (which was rock solid in comparison) next week if we're still unhappy
I did ask if our user name could be changed but told no. I'm curious to know as to what the switch to fibre could cause authentication problems?hi this is a BT Residential forum as a Business user you may get more help from the BT business forum
http://business.forums.bt.com/t5/Broadband-and-internet/bd-p/Broadband
If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’ -
HTTP Digest Authentication in Weblogic Server ?
I understand that Weblogic Server 10.3.0.0 does not have declarative support for HTTP Digest Authentication. In that case, what are the alternatives to do HTTP Digest Authentication on the server ?
Edited by: user566628 on Sep 19, 2008 1:47 PMI would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon. -
Digest authentication in WL7.0
Hi,
Does anybody know if Weblogic Server 7.0 supports HTTP
digest authentication method ?
I created my own authenticator, but I want Weblogic to check
the authentication method (but not the username/password). When
I try to set a security constraint in my application's web.xml,
the server says:
weblogic.xml.dom.DOMProcessingException: DIGEST authentication method is not supported.
Regards, Geza"Geza Szocs" <[email protected]> wrote in message
news:[email protected]..
>
Hi,
Does anybody know if Weblogic Server 7.0 supports HTTP
digest authentication method ?
Digest authentication is not supported in 7.0 -
I have noticed that neither SunONE nor weblogic support DIGEST authentication. Tomcat appears to have spotty support as well.
Digests should be supported by all browsers that use HTTP 1.1, but yet the servlet spec makes it an optional item for web container implementors. I would love to have a good way to hide passwords entered from the browser without going whole hog (SSL).
Does anyone know why DIGEST isn't better supported by containers?I'm not sure but I don't believe so.
Paul
On Fri, 29 Jun 2001 13:26:58 -0400, "Alex" <[email protected]> wrote:
Does WLS 5.1 support DIGEST authentication?
Alex
[email protected]
Maybe you are looking for
-
Hello. I started work at a new job and am continuously being asked for the previous employees Apple ID for various different reasons. I have sorted out most of the places where his ID was set as defualt, but have run into an issue I can't seem to fig
-
Is it possible to select multiple clips and create a sequence from each individually?
Is it possible to select multiple clips and create a sequence from each individually? If you select multiple clips and select "New Sequence from Clip" it puts all of the clips into one sequence. Is there an easy way to quickly perform this on multi
-
Score: Key Signature problem
I am working on an orchestral score that is in Concert-B (5 Sharps). I have created a staff style for my Bb Clarinets (can't use A Clarinets) which has a +2 transposition. Logic automatically transposes the written part up two half steps, showing the
-
Help needed, guys! Could anyone tell me where to find full list and description of SQL commands of Oracle?
-
Does Business Objects read SMF and RMF records on a mainframe?
Post Author: byrsch CA Forum: Performance Management and Dashboards I need to know if Business Objects reads SMG and RMF mainframe records and if I can do analytical work like I do with SAS with it?