Dynamically Obtaining Username and Password

Similar Messages

• Dynamic username and password for UsernameToken in Receiver Soap Adapter.

  Hi All,
  I am using AXIS Frame work for WS Security Authentication in Receiver SOAP channel. I deployed AXIS and used WSDoAllSender handler. I want to set the username and password parameters in the module dynamically. These have to be extracted from the payload. 
  kindly give me pointers to dynamically assign Username and Password.
  Regards,
  Saipriya.

  continued from the previous entry
  1.  configure the following four handlers in the request chain
  Handler dc
  Handler xireq
  Handler wssec
  Handler trp
  For the xireq and trp handler, you can use the default setting.
  For the dc and wssec handlers, you use the following setting:
  dc: handler.type =  java:com.sap.aii.axis.xi.XI30DynamicConfigurationHandler
  dc: key.1 = write http://sap.com/xi/axis username
  dc: value.1 = user
  wssec: handler.type = java:org.apache.ws.axis.security.WSDoAllSender
  wssec: action = UsernameToken
  wssec: passwordType = PasswordText
  wssec: passwordCallbackClass = com.sap.aii.axis.security.DefaultPasswordCallbackHandler
  2. Create an external password file with user password pairs. For example, if you have three users: orange, banana, and apple, with their passwords: orange, yellow, red,  you create a file with content:
  orange:orange
  banana:yellow
  apple:red
  You name this file to ".password" and place it at the engine's classloader directory (e.g.,
  /usr/sap/E07/JC90/j2ee/cluster/server0)
  3. Prepare the input message containing the user name in the dynamic configuration header that looks like:
  <ns3:DynamicConfiguration xmlns:ns3="http://sap.com/xi/XI/Message/30">
    <ns3:Record name="username" namespace="http://sap.com/xi/axis">orange</ns3:Record>
  </ns3:DynamicConfiguration>
  The namespace and name must match the value used in the key.1 property of the dc handler. As long as they match, you can use any names.
  In this example, the user name value "orange" will be extracted by the dc handler and inserted into the message context.
  4. Send a test message.
  Best regards, Yza

• Dynamically pass the username and password to report server to invoke reports

  Hi
  The scenario is as follows:-
  9iAS is installed under - Windows 2000 (web server and report Server 6i) and everything works fine.
  We have developed a page using pl/sql cartrige (oracle 8i), from that a report is invoked with some parameters. However, the userid and password is stored under keymap file (cgicmd.dat).
  Is there anyway to pass dynamically the username and password to report server in order to invoke the report.?
  Can any one advise?
  null

  Check out
  http://serverfault.com/questions/371907/can-you-pass-user-pass-for-http-basic-authentication-in-url-parameters
  Kind regards,
  Margriet Bruggeman
  Lois & Clark IT Services
  web site: http://www.loisandclark.eu
  blog: http://www.sharepointdragons.com

• Obtaining a Subjects username and password from a servlet

  Ok probably an easy one for people out there. I don't even know if it is
  possible.
  I have a servlet that has BASIC authentication going on (lets say it's using
  WebLogic 7.0 default security realm). From the servlet I need to explicitly
  obtain the user's username AND password. I have no problem retrieving the
  principal it's the password I can't get a hold of. I've tried all sorts of
  things like:
  javax.security.auth.Subject subject =
  weblogic.security.Security.getCurrentSubject(); and then trying to get the
  private credentials. No luck though.
  Any ideas? Is it possible?
  Mich

  Thanks for the response Neil.
  I need the password because my servlet is accessing a secure Web service.
  When connecting to the Web service I need to provide the username and
  password of the user (these are passed in String format) and I don't want to
  have the user provide username and password again when accessing the
  external Web service. So really I need to access the WLS security realm
  (where my servlet is executing) to obtain the current user's username and
  password. Will the default credential mapper in WLS give me the username
  and password in text format...from the limited documentation I have read it
  doesn't appear to. Is this correct?
  Mich
  "Neil Smithline" <[email protected]> wrote in message
  news:[email protected]..
  The password is not stored in the Subject. We do this to reduce the
  risk of the password being snooped from WLS's memory. If you wish you
  could write a LoginModule that puts the password in the private
  credentials and then creates an authentication provider that uses that
  LoginModule and make it part of the current realm.
  In general there is no way to get the password from within WLS. The
  passwords are stored in a salted one-way hashed format that is not
  reverse decryptable except via exhaustive search.
  Why do you need the password? If it is for a remote access can you use
  the credential mapper?
  - Neil
  Michel Crichton wrote:
  Ok probably an easy one for people out there. I don't even know if it
  is
  possible.
  I have a servlet that has BASIC authentication going on (lets say it'susing
  WebLogic 7.0 default security realm). From the servlet I need toexplicitly
  obtain the user's username AND password. I have no problem retrievingthe
  principal it's the password I can't get a hold of. I've tried all sortsof
  things like:
  javax.security.auth.Subject subject =
  weblogic.security.Security.getCurrentSubject(); and then trying to getthe
  private credentials. No luck though.
  Any ideas? Is it possible?
  Mich

• How to catch exception while validating the username and password in hbm

  Hi,
  I do want to set the username and password dynamically in hibernate.cfg.xml
  Here below is my configuration file.
  {code<hibernate-configuration> 
  <session-factory> 
         <property name="hibernate.bytecode.use_reflection_optimizer">false</property> 
         <property name="hibernate.connection.driver_class">oracle.jdbc.driver.OracleDriver</property> 
         <property name="hibernate.connection.pool_size">10</property> 
         <property name="show_sql">true</property> 
         <property name="hibernate.dialect">org.hibernate.dialect.OracleDialect</property> 
         <property name="hibernate.hbm2ddl.auto">update</property> 
         <property name="current_session_context_class">thread</property> 
         <property name="show_sql">true</property> 
       </session-factory> 
  </hibernate-configuration>{code}
  Also im getting that session factory object like the below code.
  public class Sessions {        private static SessionFactory sessionFactory;      private static Configuration configuration = new Configuration();        static {          try {              String userName = GuigenserviceImpl.userName;              String password = GuigenserviceImpl.password;              String hostName = GuigenserviceImpl.hostName;              String portNo = GuigenserviceImpl.portNo;              String sId = GuigenserviceImpl.sId;                  configuration                      .setProperty("hibernate.connection.username", userName);              configuration                      .setProperty("hibernate.connection.password", password);              configuration.setProperty("hibernate.connection.url",                      "jdbc:oracle:thin:@" + hostName + ":" + portNo + ":" + sId);                try {              configuration.configure("/hibernate.cfg.xml");              sessionFactory = configuration.buildSessionFactory();              GuigenserviceImpl.strAccpted = "true";              }              catch (Exception e) {                    e.printStackTrace();                  GuigenserviceImpl.strAccpted = "false";              }            }          catch (HibernateException hibernateException) {              GuigenserviceImpl.strAccpted = "false";              hibernateException.printStackTrace();          }          catch (Throwable ex) {                GuigenserviceImpl.strAccpted = "false";              ex.printStackTrace();              throw new ExceptionInInitializerError(ex);          }      }          public static SessionFactory getSessionFactory() {          return sessionFactory;      } 
  So, in this above scenario, suppose if im giving the wrong password means exception should be caught and the string variable "GuigenserviceImpl.strAccpted" should be assigned to false.
  But im getting the SQL Exception only in console like wrong username and password. And finally i couldn't able to catch the exception in Sessions class, static block.
  Anyone can help me in catching that SQL Exception in my Sessions class and i need to handle that SQL Exception in my class.
  Im getting this following exception message in my console.
    INFO: configuring from resource: /hibernate.cfg.xml  Apr 6, 2009 2:47:00 PM org.hibernate.cfg.Configuration getConfigurationInputStream  INFO: Configuration resource: /hibernate.cfg.xml  Apr 6, 2009 2:47:00 PM org.hibernate.cfg.Configuration doConfigure  INFO: Configured SessionFactory: null  Apr 6, 2009 2:47:00 PM org.hibernate.connection.DriverManagerConnectionProvider configure  INFO: Using Hibernate built-in connection pool (not for production use!)  Apr 6, 2009 2:47:00 PM org.hibernate.connection.DriverManagerConnectionProvider configure  INFO: Hibernate connection pool size: 10  Apr 6, 2009 2:47:00 PM org.hibernate.connection.DriverManagerConnectionProvider configure  INFO: autocommit mode: false  Apr 6, 2009 2:47:00 PM org.hibernate.connection.DriverManagerConnectionProvider configure  INFO: using driver: oracle.jdbc.driver.OracleDriver at URL: jdbc:oracle:thin:@192.168.1.12:1521:orcl  Apr 6, 2009 2:47:00 PM org.hibernate.connection.DriverManagerConnectionProvider configure  INFO: connection properties: {user=scott, password=****}  Apr 6, 2009 2:47:01 PM org.hibernate.cfg.SettingsFactory buildSettings  WARNING: Could not obtain connection metadata  java.sql.SQLException: ORA-01017: invalid username/password; logon denied        at oracle.jdbc.driver.SQLStateMapping.newSQLException(SQLStateMapping.java:70)      at oracle.jdbc.driver.DatabaseError.newSQLException(DatabaseError.java:131)      at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:204)      at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:455)      at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:406)      at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:399)      at oracle.jdbc.driver.T4CTTIoauthenticate.receiveOauth(T4CTTIoauthenticate.java:799)      at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:368)      at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:508)      at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:203)      at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:33)      at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:510)      at java.sql.DriverManager.getConnection(DriverManager.java:525)      at java.sql.DriverManager.getConnection(DriverManager.java:140)      at org.hibernate.connection.DriverManagerConnectionProvider.getConnection(DriverManagerConnectionProvider.java:110)      at org.hibernate.cfg.SettingsFactory.buildSettings(SettingsFactory.java:84)      at org.hibernate.cfg.Configuration.buildSettings(Configuration.java:2073)      at org.hibernate.cfg.Configuration.buildSessionFactory(Configuration.java:1298)      at com.beyon.ezygui.server.Sessions.<clinit>(Sessions.java:39)      at com.beyon.ezygui.server.GuigenserviceImpl.testRPC(GuigenserviceImpl.java:322)      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) 
  Thanks in advance.
  Thanks & Regards,
  Kothandaraman N.

  Hi,
  Myself hardcoded that username and password checking like the below code.
  String name = loginData.get("userName").toString();
            String pswd = loginData.get("pswd").toString();
            String hstName = loginData.get("hName").toString();
            String prtNo = loginData.get("portNo").toString();
            String sid = loginData.get("sId").toString();
            SessionFactory sessionFactory = null;
            try {
                 if (name.trim().equals(userName) && pswd.trim().equals(password)
                           && hstName.trim().equals(hostName)
                           && prtNo.trim().equals(portNo) && sid.trim().equals(sId)) {
                      sessionFactory = Sessions.getSessionFactory();
                      strAccpted = "true";
                 } else {
                      strAccpted = "false";
            } catch (Exception e) {
                 e.printStackTrace();
                 strAccpted = "false";
            }I have my own values in string objects, then comparing that values with the values from login form. If both values are matching, then i will do configurations in hibernate.
  ResourceBundle resourceBundle = ResourceBundle
                 .getBundle("com.beyon.ezygui.server.Queries");
       public static final String connection_url = resourceBundle
                 .getString("connection.url");
       public static final String userName = resourceBundle.getString("userName");
       public static final String password = resourceBundle.getString("password");
       public static final String hostName = resourceBundle.getString("hostName");
       public static final String portNo = resourceBundle.getString("portNo");
       public static final String sId = resourceBundle.getString("sId");The above are the String objects i'm checking for the match with values from login form.
  Thanks & Regards,
  Kothandaraman N.

• Get DB Username and password from current connection

  Hi folks,
  I'm presuming this is something absurdly simple, i therefore offer my apologies in advance. my requirement is quite different from the very famous dynamic JDBC credentials example.
  I'm using Struts on a 10.1.2 implementation. We have numerous Oracle reports that we wish to call from Jdev (through a report server call). To provide the credentials to the Report server I need to provide the DB connection's username, password and SID. This I intend to do in a helper class in my web module.
  Is there a plain vanilla simple way of getting this done. I know "context.getApplicationModule().getTransaction().getConnectionMetadata().getUserName()" gives me the Database Username- just like that. Is there a similar way to obtain the password and SID as well. While getTransaction().getConnectionMetadata().getJdbcURL is also quite useful, how "for the life of me" do i get the password of the current DB connection (assuming I have an application module that is already connected). I basically wish to directly use connections from the application module directly without the need to manually specify/hard-code these credentials in my code.
  I've searched the forums and haven't been able to get the answer I was looking for (that or I;m searching in the wrong areas). Any help would be GREATLY appreciated.
  Cheers

  Hey Timo,
  thanks for that. I still have a couple of doubts.
  One the nature of the application is slightly different. we use independent usernames and passwords which are stored in the DB (different from DB username and password). The request(for the report-server call) comes only after the user is authenticated. Like you rightly said it's not a good idea to store the password and I'm pretty sure that option is completely ruled out.
  My questions is, given that the user already has an application module at hand which would mean he has a valid connection to "a" DB- (once again we have multiple DB scenario), I merely wish to use the information from the Connection that the application module is using to issue the request to the report server call. I take it the call to oracle reports server wouldn't accept a connect string, you necessarily have to provide the DB username/password and SID.
  My question now, is there anyway to obtain the password(or merely point my report server to this without requiring to store it) from the application module connection.
  I hope my query is clear, please let me know if what i'm saying needs to be clarified or doesn't make sense.

• Passing username and password while calling the simple HTTP API

  Hi,
  I want to execute a graph by calling the http api from a java code. However, this gives me a 401 unauthorized http error as I am not passing the username and password to the clover http url.
  The following is the format of the constructed url. - http://<host>:<port>/clover/simpleHttpApi/graph_run?sandbox=<sandboxname>&graphID=graph/Baseline.grf&verbose=FULL
  Can anyone suggest how to pass user credentials to this url.
  Thanks

  Brett,
  Thanks for the response.
  The idea is to run the baseline graph using the simple http api and get the run id of the job. Then I plan to call
  this url - http://<host>:<port>/clover/simpleHttpApi/graph_status?runID=1310924&returnType=STATUS_TEXT&waitForStatus=FINISHED_OK by passing the obtained run ID of the previous job dynamically to this url. This status has to be read and printed on the screen. Now all this is easy to write using java and executing the java class using the JAVA EXECUTE component of Integrator ETL 3.1. My only problem is how do I pass the user credentials.
  Thanks

• Usernames and passwords

  Hey I have been really wanting to add an interface were users can create multiple usernames and passwords on my iweb page instead of the password protect feature that only allows 1 username and pass. is this possible?

  You create .htaccess with a text edit application. It's a file with rules for the folder you place it in your server. First off you need to create the file. Since files that start with a "." (period) are hidden OS files in OSX they can not be created in Text Edit. I use TextWrangler to create a text file and save as .htaccess to the Desktop which can then be uploaded to a folder on your host to create rules for the directory its placed in.
  After the file has been saved as .htaccess you will not see it on your Desktop since files that begin with "." are hidden by default in OSX. You can create an automator workflow finder action that uses terminal to display and hide files that begin with "." look here for more info.
  Then check out some different codes you can insert into the .htaccess file. Usually searching Google for desired_feature .htaccess will find what you're looking for. For instance if you search for password protection .htaccess like this then you can find the code and method for creating a password-protected site using .htaccess
  I've never used .htaccess for iDisk and can't say for sure if it's supported for iDisk - EDIT: actually I just tried and it isn't. I should've known this already. In which case if you're using MobileMe you're left at the mercy of their available features. Sorry, man. Time to switch hosts which allow for more dynamic features?
  So now the drumroll question... Where are you hosting your site? You hinted MobileMe but it's not certain. Where you host depends on what programming features, if any, are available.

• How-to access username and password protected Java EE Web services from ADF

  The title of this post is exactly the same as this article by Frank Nimphius:
  http://www.oracle.com/technology/products/jdev/howtos/1013/protectedws/access_protected_web_services_from_adf.htm
  The article addresses the problem of securing web services using usernames and passwords, when those web services are accessed through a proxy or a data control. In the examples, the user names and passwords are specified, whether in the code or the definition of data controls. (SKING/SKING).
  In a very common scenario, users login to reach a page, for example, A.jspx, which contains a button that calls a web service, for example displayDate. Suppose that user has logged in by username/pass of (AHUNOLD/AHUNOLD) and AHUNOLD has access to the service and the page. Is there any way to pass the logged in user name and password to the webservice ? Of course we can hard-code the username in the data control definition or proxy code, but this is just one of the thousands of users who have access to the service and the authentication is not dynamic this way.
  Hope my question is clear. Wishing you all a great Christmas.
  Farbod

  Hi Frank, and happy new year.
  Are you implying that it couldn't be done declaratively? What is your suggestion for this problem? You know the problem... As I described:
  - I need to secure my web services, so when exposed, no one from inside network or the internet, can access the web service without proper permission
  - The web services are shown as web controls on jspx pages. The user has logged in before reaching the page. It is irrelevant to ask him to enter user name and password again.
  - I have user names, passwords and roles in Oracle Internet Directory (Identity Management). It provides some APIs and I can retrieve the usernames and attempt logging in programmically. But how can I get username and password from the session in ADF application?
  I guess using SAML or certificate could be the solution, but I have a problem with SAML, described here:
  Re: Webservices Security, SAML, and Identity Management (OID)
  Best Regards,
  Farbod

• JMS Adapter (for DI) does not allow passing username and password to JMS connection

  Post Author: PLed76
  CA Forum: Data Integration
  JMS Adapter (for DI) does not allow passing username and password to JMS connection. It has those fields only for MSMQ. Our Production environment does not allow us to connect to JMS (we use Tibco EMS) anonymously, so it prevents us from use of Data Integrator. Is there any way to pass those params, or obtain the correct version of JMS Adapter, or obtain source codes of the JMS Adapter so we can correct them ourselves (we can send you the corrected sources back) ? Thanks in advance for any help. (PL)ed76 Renaissance Capital

  Bump - Were having the same issue.
  Has anyone found a way to connect to Tibco with a user/pwd?
  Version 14.0.297.

• How to retrieve WorkflowContext without passing username and password ?

  Hi,
  I have created a dynamic ApprovalGroup and inside this class i have the following private method.
  private IWorkflowContext fetchWorkflowContext() {
            IWorkflowServiceClient wfSvcClient =
                 WorkflowServiceClientFactory.getWorkflowServiceClient(WorkflowServiceClientFactory.LOCAL_CLIENT);
            ITaskQueryService queryService = wfSvcClient.getTaskQueryService();
            IWorkflowContext workflowContext;
            try {
                 workflowContext =queryService.authenticate("weblogic", "weblogic1".toCharArray(), null);
                 } catch (WorkflowException e) {
                 e.printStackTrace();
  But when i retrieve workflowContext, I have to pass username and password.As this dynamic ApprovalGroup class will be deployed on the same SOA server under D:\Oracle\Middleware111150\Oracle_SOA1\soa\modules\oracle.soa.ext_11.1.1
  I have kept wf_client_config.xml under D:\Oracle\Middleware111150\Oracle_SOA1\soa\modules\oracle.soa.ext_11.1.1\classes.
  <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <workflowServicesClientConfiguration
  xmlns="http://xmlns.oracle.com/bpel/services/client">
       <server name="default" default="true" excludeFromFederatedList="true">
       <localClient>
            <participateInClientTransaction>false</participateInClientTransaction>
       </localClient>
       <remoteClient>
            <serverURL>t3://localhost:8001</serverURL>
            <userName>weblogic</userName>
  <password>weblogic1</password>
            <initialContextFactory>weblogic.jndi.WLInitialContextFactory</initialContextFactory>
            <participateInClientTransaction>false</participateInClientTransaction>
       </remoteClient>
       <soapClient>
            <rootEndPointURL>t3://localhost:8001</rootEndPointURL>
            <identityPropagation mode="dynamic" type="saml">
                 <policy-references>
                 <policy-reference enabled="true" category="security" uri="oracle/wss10_saml_token_client_policy"/>
                 </policy-references>
            </identityPropagation>
       </soapClient>
       </server>
  </workflowServicesClientConfiguration>
  How to retrieve WorkflowContext without passing username and password ?
  ============================
  workflowContext =queryService.authenticate("weblogic", "weblogic1".toCharArray(), null);
  ============================
  regards.
  Edited by: user10303338 on Oct 5, 2011 1:51 AM

  Use :
  Properties prop = System.getProperties();
  prop.put("proxySet","true");
  prop.put("http.proxyHost","yourProxy");
  prop.put("http.proxyPort","8080"); // change the port
  //prop.put("https.proxyHost","yourProxy");
  //prop.put("https.proxyPort","8080"); // change the port
  Denis

• Healthy Living Username and Password

  What is the username, password and DSN for the Healthy Living demo? I have looked everywhere and searched this forum numerous times and I am still unable to find it.
  When i run the demo it prompts me for the password for the user hl on the database ORCL. Is this the correct username and database?
  Thanks
  Cory
  Running
  Oracle9iDS version 9.0.2.9.0
  Windows 2000 Pro

  Do you mean that you downloaded and installed the Healthy Living demo? Wasn't there a readme file or something that contained this information.
  Usually, the database username and password is hl/hl. The database connect string is whatever you made it. By default, the Oracle database uses ORCL as the default database name.
  In the application itself, you can logon as sportek/sportek. But if you logon as another user, it will create it for you dynamically, so you can use any username you like in the application itself.
  Regards,
  Robin Zimmermann
  Forms Product Management

• Reporting Services username and password prompting

  We have several branch office locations and one reporting services server. All of the branch office locations can access the reporting services server, but we have one location for the passed week, each time they make a connection to this server, it prompts
  them for a username and password and will not allow them to connect even if the correct username and password is correct.
  I have tried adding the server to the IE intranet/trusted site list. Set IE security on all zones to automatically logon with current username and password.
  What is strange is that this is the only branch office site that is having this issue. It is almost like kerberos is broken for this site location only.
  DOes anyone has any suggestions what could be causing this problem for all computers in this one location. Nothing has changed on their local servers nor have we pushed any updates to the machines.

  Hi bubba1984,
  As per my understanding, I think this issue is caused by Kerberos authentication. Kerberos is an authentication protocol that allows clients that create authentication tokens to associate a specific destination to that token. In the failure case, there is
  a mismatch between the destination specified in the token and the report server process configuration. Due to this mismatch, the underlying Kerberos authentication scheme supported by Windows prevents report server from authenticating the user.
  To fix this issue, please try to remove RSWindowsNegotiate and ensure RSWindowsNTLM is specified in the rsreportserver.config file. For more details, please take the following article as reference:
  http://blogs.msdn.com/b/lukaszp/archive/2008/03/26/solving-the-reporting-services-login-issue-in-the-february-ctp-of-sql-server-2008.aspx
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Single sign-on and different usernames and passwords

  Hello,
  I am building a Portal with WLPS 3.5 and WLS 6.0. I tried to get
  information about the background of single sign-on.
  I understand, that I need a Realm (i.e. LDAP Realm) to authenticate the
  user for the first login to the portal (with username and password).
  Now I would like to integrate my webmail-programm (to get emails from
  Lotus Notes via Internet) as a portlet.
  For my understanding the user has to authorizate to get access to webmail.
  Therefore I create a ACL for webmail and this ACL is assigned to my
  security Realm.
  I would like the portlet to show after login the number of mails for the
  specific user. But where are the username and password for webmail stored
  and how are they received and forwarded?
  I understand that my ACL included all users that have access to webmail
  (i.e. all users). But I only want emails for the specific user.
  Does WLS get all usernames and passwords while the first login? Do I have to
  implement a algorithmen to get the specific username and password for the
  requested resource in my portlet?
  Has anyone solved a similar problem or can tell me where I can get more
  information. I read the WebLogic Security document but I cant find a
  answer to my questions.
  Thanks
  Lydia

  Lydia,
  I'm not an expert in this area, but I can give you a start.
  As for single sign-on, there are different levels. For single sign-on across web-apps,
  the servlet spec requires this (section 12.6 of th 2.3 spec) and therefore Weblogic
  does this.
  What you are talking about is single sign-on across back-end applications through
  a web-app. BEA has partnered with Securant (just acquired by RSA) to provide this
  kind of functionality. Browse to http://www.rsasecurity.com/products/ and look
  at the ClearTrust product. BEA has also partnered with Netegrity (www.netegrity.com)
  with their SiteMinder product. Neither is included in the Weblogic license. I'm
  sure either vendor would be excited to explain how their product will solve your
  problem if you give them a call.
  As for where the username and passwords are stored, that is up to the realm. If
  you are using the default WLPS RDBMSRealm, the username and encrypted password
  are stored in the WLCS_USER table. If you are using LDAPRealm, they are stored
  in your LDAP server.
  Hope this was useful!
  PJL
  [email protected] wrote:
  Hello,
  I am using PersonalizationServer 3.5 and WLS 6.0 SP 2.
  Now I try to unterstand the functionality of Single sign-on when a user
  has different usernames and passwords for different applications.
  Can someone explain where the usernames and passwords for a user are
  stored (all in the LDAP-realm or a RDBMS-realm?) When a user access the
  application how username and passwords are mapped? Or usernames and
  passwords for all applications are the same and will be equalized?
  Precisely I would like to get access to a mail-account for a specific
  user
  (webmail from Lotus Notes).
  Thanks for any help
  Lydia

• How do i send the username and password to yahoo web page through url

  how do i send the username and password to yahoo web page through url i.e as Query string so that my account in yahoo will open...

  If you don't mind using a library, then download and use the Apache HttpClient library. It takes care of all these details for you.