Dreamweaver Server Bahavior, User Authentication, Logout User Problem

Similar Messages

• ISE internal user authentication failure - user not found

  Hi Forumers'
  I trying to do wireless 802.1x, where identity store using intenral user.
  But i found this error message when i trying to connect
  Authentication failed                                                                                 :
  22056 Subject not found in the applicable identity store(s)
  My authrorization rules is built like this
  identity groups = user identities group / " mygroup"
  condition = no setting
  permissions = standard / PermitAccess
  Question 1
  Any troubleshooting step to do on this?
  Question 2
  For the Authorization rules, what's the condition should set for using Internal User as Identity store?
  Thanks
  Noel

  The error is caused to an authentication failure and is not an issue with authorization
  You need to look at your authentications policy (Policy->Authentications) and see which identity store was authenticated against
  In addition can do the Live Authentications page (Monitor->Authentications) and for the failing record click on the icon under details. This will give you the full details of the requets processing and you can see which rule was matched in the identity policy (Identity Policy Matched Rule) and "Selected Identity Stores".

• User Authentication and User Authorization

  We have a scenario where the B2B customers are being provided EP user ids so that they can access certain data and create certain transactions. there are two issues out here:
  (1) For multiple EP users, there will be one single SAP Backend user mapped (which is allowed by EP). However these multiple EP users would have different authorization based on which sales area/product they access/buy and this needs to be controlled via one SAP Backend user?
  (2) Under the above user mapping model, is it possible to have authentication at EP level and  authorization at SAP Backend?
  (3) Once the customer accesses the EP system, then the SAP Backend system is exposed to him? Are there possibilities of having any further layer of security between EP and SAP Backend?
  Looking for response to this or any documentation which addresses the above. My mail id is [email protected]

  This is a broad topic, let me try to point out some key issues: (I asume, B2B means actual SRM these days.)
  (1) The user that is mapped is the generic EBP/SRM user.
  Therefore, the SRM does only know this specific user. There is no way to pass additional data to the SRM. Once the authentication is done, the role assignement is done by SRM (i.e. derived from the generic SRM user, not the EP User) Whenever you want to pass extra context values from the EP to SRM, you can only do this with tricks.
  My experience is, that SAP wants to have a 1:1 relationship between portal users and EBP, even if the bundled mapping is "allowed". (Rather grey'ish area).
  The trick copuld be to set a cookie in the portal and use a BADI together with a Javascript, to  make addiional mappings. But this would count as modification, at the end.
  (2) The authentication is mappped from EP to SRM via SSO2-Ticket, which is accepted by the SRM as authentication. The authorization (role assignement etc) is done solely by the SRM.
  (3) The Backend is exposed to the usual content - the EP via https is considered secure, so is the connection via https to the SRM - you can harden the rfc connection between the srm and the backend as well.

• User authentication error after a successful authentication

  Hi,
  I have configured OAM 10g (10.1.4.3).It uses AD as the Directory server and OHS 11g (11.1.1.6) as the web server.
  Created a policy domain with the resouce URL /test.Created an authentication scheme which has the plugins: credential_mapping, validatepassword and a custom plugin which is a ".dll" file.
  So when i browse the URL http://IP:7777/test (Resource URL in policy domain), it redirects me to "/public/login.html" page which is the login page and resides in the web server. The login page consists of 3 fields: username, password and security code. This performs a 2 factor authentication. The first factor "username + password" is validated against AD, the second factor (username + security code) is validated against RADIUS, the custom plugin takes care of this.
  When the user is redirected to "/public/login.html", i can see the cookies "obFormLoginCookie" and "ObssoCookie" in the browser (mozilla). These 2 cookies are present even before the user authentication.
  User authentication works fine and user is redirected to a page which says "Authentication successful". This page doesn't have a logout button, you just have to close the page and login again.
  The next time when the user browses the URL "http://IP:7777/test (resource URL in Policy domain), it ideally has to redirect to "/public/login.html" where you have the form, but it throws an error saying "Not Found.The requested URL /test isn't found". But when i directly access the login page "/public/login.html", it would give you the login page and when i enter the credentials, this time it says "Not Found.The requested URL /access/dummy.cgi isn't found.
  /access/dummy.cgi" is the action URL present in the login page, the same is present in the authentication schemes.
  But when i clear the cookies, and login again, this time the authentication would be successful. So, i will always have to clear the cookies and login, which i think isn't feasible. Is the above mentioned error message expected? I just Couldn't understand the behaviour of these cookies in this context.
  Any ideas/suggestions would be really helpful to me.
  Thanks.
  Edited by: 886322 on Apr 12, 2012 4:11 AM

  Try to disable authorization and see if this error stops

• Authentication for user weblogic denied problem when starting managed serve

  Hi All,
  I have a strange situation here. I installed WLS and SOA and BAM servers. Initially I could start both WLS and SOA.
  Later I changed some files (possibly startManagedWebLogic.sh or deleted soa_server1/data/ldap/ or AdminServer/security/boot.properties), but later I remember I changed them back. I am now seeing that my WLS is starting up fine, but SOA is not. I am always getting the error:
  <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
  weblogic.security.SecurityInitializationException: Authentication for user weblogic denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Authentication Failed: User weblogic weblogic.security.providers.authentication.LDAPAtnDelegateException: [Security:090295]caught unexpected exception
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:251)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  >
  I tried to go to admin console to change/verify the password for weblogic user, and then put plaintext password in AdminServer/security/boot.properties, then restart Adminserver. But I still cannot start SOA server.
  Could you please let me know how to resolve this issue? I do want to save my environment at this point. Many thanks.

  Hi,
  My understanding is admin user server is coming up fine but when you try to bring the soa_server1(managed instance) is not coming up due the below mentioned exception.
  If not please correct me.
  I have a few query, please give me comment on this.
  1) Admin and managed instances are running on the same box or different
  2) Did you try to reset the password from console or using weblogic.security command
  3) Did you cleared the soa_server1 temp directory(server/soa_server1/*)
  Solution-1 (If Domain running on different box)
  =============================
  1) Copy the DefaultAuthenticatorInit.ldift file from Domain_dir/Security/ to Remote machine - Domain_dir/Security/
  Note- Remote machine - take a backup of DefaultAuthenticatorInit file.
  2) Remote machine- rename or take a backup of ldap directory and boot.properties file
  /servers/soa_server1/ldap
  /servers/soa_server1/security/boot.properties.
  3) Now try to brought up the soa_server1.It will prompt you the username and password.
  Please let me know.
  Thanks,
  Rajkumar

• Problem with Afaria and LDAP user authentication in Android device

  Hi all,
  I have a server with Afaria 7 (SP4, hotfix3) installed. In this Afaria there is a tenant (system) without LDAP/AD integration working correctly. I need to have other tenant with LDAP integration in which the users must be authenticated.
  I know that for iOS devices is necessary reinstall the iphoneserver selecting "Afaria Server managed authentication" but at first I want to make run the Android devices. For this reason I don't do this yet.
  I follow the next steps:
  1-Create a new tenant
  2- Configure LDAP integration
  3-Create a inventory policy with authentication required
  4-Create a static group associated to the inventory policy
  5-Create a enrolment policy associated to the static group.
  When I launch the Afaria agent on the device, the user/password parameters are required. After fill the user/password parameters, the device connect to the server and then is show the message "user or password incorrects".
  I have seen the log and seem the problem is that Afaria can't authenticate this user.
  I validate that Afaria can "see" the LDAP users creating a user group that contains this user(JimenM99)
  The problem is autentication, because if I remove "autentication required" of the inventory policy, the device enrol correctly.
  Could you please help to solve this problem?
  Thanks in advance.  

  Hi all,
  I have a server with Afaria 7 (SP4, hotfix3) installed. In this Afaria there is a tenant (system) without LDAP/AD integration working correctly. I need to have other tenant with LDAP integration in which the users must be authenticated.
  I know that for iOS devices is necessary reinstall the iphoneserver selecting "Afaria Server managed authentication" but at first I want to make run the Android devices. For this reason I don't do this yet.
  I follow the next steps:
  1-Create a new tenant
  2- Configure LDAP integration
  3-Create a inventory policy with authentication required
  4-Create a static group associated to the inventory policy
  5-Create a enrolment policy associated to the static group.
  When I launch the Afaria agent on the device, the user/password parameters are required. After fill the user/password parameters, the device connect to the server and then is show the message "user or password incorrects".
  I have seen the log and seem the problem is that Afaria can't authenticate this user.
  I validate that Afaria can "see" the LDAP users creating a user group that contains this user(JimenM99)
  The problem is autentication, because if I remove "autentication required" of the inventory policy, the device enrol correctly.
  Could you please help to solve this problem?
  Thanks in advance.  

• Windows 7 Wireless Logon - Problems with 802.1X Machine & User Authentication

  Hello All,
  We’ve had difficulty with our Windows 7 clients authenticating to our wireless network. I’m hoping someone out there has experienced the same thing and can offer some help.
  Some info about our environment:
  Single Windows 2008 R2 domain with 6 DCs
  MS Radius server
  Aruba wireless controllers
  The Problem:
  The client computer boots,
  Auths as machine (802.1X successful)
  User enters creds
  User auth (802.1X successful)
  To this point, everything is working normally. Next is where it gets weird.
  During the logon process, there is another machine auth
  2-5 minutes later another User auth
  OS is up and usable (connected to wireless network); however, no homefolder is mapped and GPP didn’t apply properly.
  From what I understand, after the user has logged in, Windows never attempts another machine authentication. When the user logs out, Windows can attempt it.
  Can anyone offer some insight to what is causing this? I have logs available if anyone is interested.
  Thanks in advance for any help you can offer!
  Brett
  -- Brett

  I did a network trace to gain more insight. I don’t understand why after 802.1X auth is successful on port 1, it then initiates 802.1X auth on port 2.
  Can you offer any insight?
  10487    3:50:19 PM 8/23/2012    63.0340126                                                         
  ONEX_MicrosoftWindowsOneX                ONEX_MicrosoftWindowsOneX:Port(1 (0x1)): Authentication Starting   {ONEX_MicrosoftWindowsOneX:126, NetEvent:5}
  10867    3:50:19 PM 8/23/2012    63.3403904                                                         
  ONEX_MicrosoftWindowsOneX                ONEX_MicrosoftWindowsOneX:Port(1 (0x1)): Time taken for this authentication = 281 (0x119) ms               
  {ONEX_MicrosoftWindowsOneX:126, NetEvent:5}
  Then >>>
  11718    3:50:35 PM 8/23/2012    79.3196653                                                         
  ONEX_MicrosoftWindowsOneX                ONEX_MicrosoftWindowsOneX:OneXDestroySupplicantPort     {ONEX_MicrosoftWindowsOneX:126, NetEvent:5}
  11938    3:50:36 PM 8/23/2012    80.0530315                                                         
  ONEX_MicrosoftWindowsOneX                ONEX_MicrosoftWindowsOneX:Finished initializing a new port with id=2 (0x2) and friendly name=Dell Wireless 1504 802.11b/g/n (2.4GHz)         
  {ONEX_MicrosoftWindowsOneX:126, NetEvent:5}
  11959    3:50:36 PM 8/23/2012    80.0556734                                                         
  ONEX_MicrosoftWindowsOneX                ONEX_MicrosoftWindowsOneX:OneXStartAuthentication           {ONEX_MicrosoftWindowsOneX:126,
  NetEvent:5}
  11964 3:50:36 PM 8/23/2012
  80.0557074 svchost.exe (1036)
  ONEX_MicrosoftWindowsOneX ONEX_MicrosoftWindowsOneX:Port(2 (0x2)): Starting a new 802.1X authentication (MSM initiated)
  11965 3:50:36 PM 8/23/2012
  80.0557333 svchost.exe (1036)
  ONEX_MicrosoftWindowsOneX ONEX_MicrosoftWindowsOneX:Port(2 (0x2)): Authentication Starting
  -- Brett

• Problems with 802.1x MS PEAP machine and user authentication

  Using Microsoft PEAP 802.1x client on Windows XP SP2, if we enable machine authentication against a Windows Domain, the machine authentication is successful and the machine gets access to the network. However, when user logon occurs to the domain, contrary to the flow given in ACS and Windows documentation, no user authentication takes place.
  We need to differentiate user access based on their identities. We need machine authentication only to allow users access to the domain controller and also GP implementation.
  Any idea why user does not get prompted when they logon. 802.1x is configured in users profile and I have tried with both integrated and non-integrated with Domain logon (i.e. "use my windows logon name and password and domain (if any) option"
  There is no record of any identity request/response in ACS after the initial machine authentication (which appears in successful authentication log)
  We are using MS-CHAPv2.

  Update...The problem of cached credentials in MS PEAP does not occur if "enable logon using Windows username and password (and domain if any) is checked. Using this option, MS PEAP always uses logged on users most current credentials.
  However, using this option sends the username as "DOMAIN\USERNAME". Since we are using ACS internal database for user authentication (even though the ACS and Windows passwords are same - using an identity management system) ACS does not recognize the user.
  I have tried proxy distribution with prefix stripping but it does not seem to work when it is pointing to the same ACS server on which proxy distribution is configured and which receives the request.
  Any idea how the domain\ can be ignored by ACS?

• Setup Java system directory server 6 client for user authentication

  I am trying to set up a native LDAP client for sun directory server 6 for network based user authentication. I checked the sun doc for naming service (LDAP) and the documentation are for setting up LDAP client for directory server 5. Is there any documentation for setting up LDAP client for directory server 6? Or the documents for setting LDAP client for directory server 5 is still good for 6? Particularly, I want to use SSL communication between server and client.

  Hi,
  could be one of the other 'bad jokes' of DS/ldapclient because the documentation describes a lot of stuff about profiles etc. but: you need some special schema files to use the whole stuff and they are not installed with Solaris or DS (and they include the NisDomainObject). I had to search for them in the internet. They are also printed in the documentation. Save them in your server's config/schema directory as i.e. 61DUAConfigProfile.ldif and 62nisDomain.ldif and try idsconf again (maybe you have to cleanup something).
  I test and prepare DS6 here, and we will use it in production too. I hadn't any problem with it and it has some important advantages over DS5.2. But we won't have a huge directory so I can't tell you anything more about it.
  Regards
  Jochem Ippers
  Here are the ldifs:
  61DUAConfigProfile.ldif:
  dn: cn=schema
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.0 NAME 'defaultServerList' DESC 'Default LDAP server host address used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.1 NAME 'defaultSearchBase' DESC 'Default LDAP base DN used by a DUA' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.2 NAME 'preferredServerList' DESC 'Preferred LDAP server host addresses to be used by a DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.3 NAME 'searchTimeLimit' DESC 'Maximum time in seconds a DUA should allow for a search to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.4 NAME 'bindTimeLimit' DESC 'Maximum time in seconds a DUA should allow for the bind operation to complete' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.5 NAME 'followReferrals' DESC 'Tells DUA if it should follow referrals returned by a DSA search result' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.6 NAME 'authenticationMethod' DESC 'A keystring which identifies the type of authentication method used to contact the DSA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.7 NAME 'profileTTL' DESC 'Time to live, in seconds, before a client DUA should re-read this configuration profile' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.14 NAME 'serviceSearchDescriptor' DESC 'LDAP search descriptor list used by a DUA' EQUALITY caseExactMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.9 NAME 'attributeMap' DESC 'Attribute mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.10 NAME 'credentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.11 NAME 'objectclassMap' DESC 'Objectclass mappings used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.12 NAME 'defaultSearchScope' DESC 'Default search scope used by a DUA' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.13 NAME 'serviceCredentialLevel' DESC 'Identifies type of credentials a DUA should use when binding to the LDAP server for a specific service' EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'user defined' )
  attributeTypes: ( 1.3.6.1.4.1.11.1.3.1.1.15 NAME 'serviceAuthenticationMethod' DESC 'Authentication method used by a service of the DUA' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  objectClasses: ( 1.3.6.1.4.1.11.1.3.1.2.4 NAME 'DUAConfigProfile' SUP top STRUCTURAL DESC 'Abstraction of a base configuration for a DUA' MUST ( cn ) MAY ( defaultServerList $ preferredServerList $ defaultSearchBase $ defaultSearchScope $ searchTimeLimit $ bindTimeLimit $ credentialLevel $ authenticationMethod $ followReferrals $ serviceSearchDescriptor $ serviceCredentialLevel $ serviceAuthenticationMethod $ objectclassMap $ attributeMap $ profileTTL ) X-ORIGIN 'user defined' )
  62nisDomain.ldif:
  dn: cn=schema
  attributeTypes: ( 1.3.6.1.1.1.1.30 NAME 'nisDomain' DESC 'NIS domain' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'user defined' )
  objectClasses: ( 1.3.6.1.1.1.2.15 NAME 'nisDomainObject' SUP top STRUCTURAL MUST nisDomain X-ORIGIN 'user defined' )

• The User Authentication Methode required by this server can't be found.

  Ok, I have a network of iMacs that are bound to OS X Server and the users log in with network based user folders via Kerberos and Open Directory.
  This is all working just fine, and all iMac users have full access to all sheared volumes as per the ACLs...
  My problem is when any of our office laptops that are not bound to the server and run on local user accounts need to login for access to the AFP shared volumes. ALL but one of these Laptops are receiving "The User Authentication Methode required by this server can't be found." Dialog box when attempting to login. They never even have a chance to enter login names or passwords.
  What am I missing? I can't find any settings on this one laptop user account that are any different that the other laptops user accounts...

  Steve can you explain more on how I use this Kerberos.app?
  I opened it on the one laptop that is working and can see one ticket in the Ticket Cache, and below that there is the same ticket listed with two subentries. All of them are listed as Expired at the moment, but then I have not connected to the server with this system since yesterday...
  When I open the App on the systems that don;t work, there are no tickets listed. I clicked on the new button, but the info it's asking for is different than any of the info I found in the working systems Kerberos app... ??? Help.
  It's asking for Name, Realm, Password...

• Dreamweaver User Authentication

  Im using dreamweaver cs4, and I've connected it to a database which is Wampserver 2.1 using PHP
  when i put the server behavior/user authentication/login/ I succesfully make it, but when I test the page, it says, an the connection to localhost was interrupted, help me pls

  First, try to make that page come up again, click on Apache-->Apache Error Log.  Look to that time for the Apache error.  Also open PHP.ini from the system tray icon and make sure that "error_reporting" is set to "error_reporting = E_ALL ".  That "error_reporting" should come up 2x in the search, the first is the instructions and the 2nd is the live command turning on error reporting if it is not already on.  Then we are going to need to see the source code and the error from the log in order to help you.

• CSM 3.1 local user authentication problem

  Hi every one.i have strange problem with local user authentication.in our csm i have configured csm to auhenticate users using TACACS+ from our acs server which every thing is ok about this configurtion but also i have configured fall back authentication for user admin.here is the problem even when connection to ACS server is ok and server can send authentication requests to ACS we can authenticate with ACS and Local admin which i think this is wrong because using local admin is configured as fallback.so what do you think about this problem which CSM authenticates users with ACS and local database same time??

  You probably need to go under the system context and create the interface and also allocate vlans to it in CSM before you configure the context itself.
  I hope it helps.
  PK

• Reporting Services through ISA server for All Authenticated Users

  Hello colleagues.
  I have MS SQL 2012 server with Reporting Services and it work via link:
  https://reports2.domain.com/reports
  In LAN all work fine, but I want publish this resource via ISA for All Authenticated Users.
  When in publish rule I configure (in Condition) "All users" - all work fine, but when I configure "All Authenticated Users" - I have trouble on web form on
  https://reports2.domain.com/reports/Pages/Report.aspx?ItemPat...  - scripts not work, because it run how "anonymous" (I see on ISA logging) and ISA block scripts.
  I can't use "All Users", because it's not secure.
  Maybe somebody publish Reporting Services through ISA server for All Authenticated Users?
  OR maybe - how on Reporting Services configure Negotiate authenticated for scripts?

  Hi Alexander,
  All users or applications who request access to report server content or operations must be authenticated using the authentication type configured on the report server before access is allowed. The AuthenticationType named RSWindowsNegotiate is supported
  by Reporting Services. To configure Windows Authentication on the Report Server, please see:
  http://msdn.microsoft.com/en-us/library/cc281253(v=sql.110).aspx
  Besides, we can publish report server via ISA server. Please note that you should use a new web port number with a new listener which shouldn’t be used by other web site for report server. Reference:
  http://social.technet.microsoft.com/Forums/forefront/en-US/1cc68996-1ce6-4d88-a30d-2bfd13fba06e/how-to-publish-ssrs-2008-through-isa-2006?forum=Forefrontedgegeneral
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support
  Katherine thanks for answer.
  Report Server service started as Domain account.
  I have in RSReportServer.config this:
  <Authentication>
  <AuthenticationTypes>
  <RSWindowsNegotiate />
  </AuthenticationTypes>
  <RSWindowsExtendedProtectionLevel>Allow</RSWindowsExtendedProtectionLevel>
  <RSWindowsExtendedProtectionScenario>Proxy</RSWindowsExtendedProtectionScenario>
  <EnableAuthPersistence>true</EnableAuthPersistence>
  </Authentication>
  In web.config I have this:
  <authentication mode="Windows" />
      <identity impersonate="true" />
  I can go (from Internet through ISA) to
  https://reports2.domain.com/reports  and LogOn Authentication is work, but scripts not work, because it run how "anonymous" (I see this on ISA logging) and ISA block scripts.
  Do you know where in Reporting Services configure run scripts with Negotiate authentication?

• SOA Managed Server "Authentication for user denied" exception

  Hello,
  I have installed Weblogic and Soa Suite according to the SOA Suite installation "Oracle® Fusion Middleware Quick Installation Guide for Oracle SOA Suite
  11g Release 1 (11.1.1)" document.
  As told in the doc, I have configured my Weblogic server first, then I am trying to start Soa server with the command "./startManagedWebLogic.sh soa_server1"
  But I am getting this error; mucho obrigado!
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <Security> <BEA-090082> <Security initializing using security realm myrealm.>
  <Nov 3, 2010 5:35:20 PM EET> <Critical> <Security> <BEA-090403> <Authentication for user denied>
  <Nov 3, 2010 5:35:20 PM EET> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication for user denied
  weblogic.security.SecurityInitializationException: Authentication for user denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:965)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1050)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:875)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:250)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  Truncated. see log file for complete stacktrace
  >
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FAILED>
  <Nov 3, 2010 5:35:20 PM EET> <Error> <WebLogicServer> <BEA-000383> <A critical service failed. The server will shut itself down>
  <Nov 3, 2010 5:35:20 PM EET> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to FORCE_SHUTTING_DOWN>

  Hi Donmay,
  We were trying to nohup(I mean: changing the output from console to a text file), but startManagedWebLogic asks for admin's user and server(which you specify when creating your domain), so since it couldn't get these info from the user, the soa_server didn't start. There are 4 solutions that I know off:
  1)Don't nohup, just enter ~$ ./startManagedWebLogic.sh soa_server1
  2)Specify the user and passwd in startManagedWebLogic. The two variables are WLS_USER and WLS_PW
  3)Create a boot.password file in .../domain/bin and in the startManagedWebLogic add this -Dweblogic.system.BootIdentityFile="fileGoesHere" JAVA_OPTIONS (http://blogs.oracle.com/middleware/2010/05/weblogic_not_reading_bootproperties_1111x.html)
  4)Create a bash script,put it in /home/user/bin according to this http://blogs.oracle.com/reynolds/2010/03/cold_start.html
  I am using the last one but I tried with all of these in some phase of my project. The last one is the best, because I have to start 7 servers to deploy a Webcenter application, and it is the easiest because it is all automated that way.
  Sorry for the late reply, I have posted from my phone.

• Can't start managed server - Authentication for user denied

  Greetings,
  I have a WebLogic 10.3.6 based domain. The admin server works correctly. Using the admin console, I created a managed server. It is not associated to any machine and I don't use node manager. The managed server listens on localhost:7101 while the admin listens on localhost:7001. Starting the managed server asks for an user/password authentication. Using the same as the one used for the admin console says:
  <7 dÚc. 2012 13 h 55 CET> <Critical> <Security> <BEA-090403> <Authentication for
  user nicolas denied>
  <7 dÚc. 2012 13 h 55 CET> <Critical> <WebLogicServer> <BEA-000386> <Server subsy
  stem failed. Reason: weblogic.security.SecurityInitializationException: Authenti
  cation for user nicolas denied
  weblogic.security.SecurityInitializationException: Authentication for user nicol
  as denied
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.do
  BootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:966)
  at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.in
  itialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityS
  erviceManager.java:873)
  at weblogic.security.SecurityService.start(SecurityService.java:141)
  at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
  Truncated. see log file for complete stacktrace
  Caused By: javax.security.auth.login.FailedLoginException: [Security:090303]Auth
  entication Failed: User nicolas weblogic.security.providers.authentication.LDAPA
  tnDelegateException: [Security:090295]caught unexpected exception
  at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.log
  in(LDAPAtnLoginModuleImpl.java:251)
  at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(Log
  inModuleWrapper.java:110)
  at java.security.AccessController.doPrivileged(Native Method)
  at com.bea.common.security.internal.service.LoginModuleWrapper.login(Log
  inModuleWrapper.java:106)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  Truncated. see log file for complete stacktrace
  >
  <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
  hanged to FAILED>
  <7 dÚc. 2012 13 h 55 CET> <Error> <WebLogicServer> <BEA-000383> <A critical serv
  ice failed. The server will shut itself down>
  <7 dÚc. 2012 13 h 55 CET> <Notice> <WebLogicServer> <BEA-000365> <Server state c
  hanged to FORCE_SHUTTING_DOWN>
  I googled a while and found a post saying that the realm is probably altered or in an incorrect status. I reset the the admin's credentials using weblogic.security.utils.AdminAccount but this disn't change anything. Of course, upon the managed server creation, I initialized the fierlds user and password in the server starting tab of the admin console.
  Many thanks for any help.
  Nicolas

  Hi,
  Have you configured LDAP Authenticator on the server?
  If yes, afther the change did you restart both the servers - admin and managed?