Express Server 6.3.4  Web Security

Similar Messages

• Sun Java Web Proxy Server 4.0.12 is supports Websense Web Security

  Hello All,
  I am using Sun Java Web Proxy 4.0.12 server and installed in RedHat Linux 5.0 OS and I can found software for Websense Web Security aoftware to protect my users and filter the traffic.
  How can I integrate with Websense Web Security
  Thanks & looking forward hear from you guys
  Ifthekhar Javed
  Riyadh.

  We have migrated several reverse and acl proxy from 3.6 to 4.0.6 and have hit a few issues. If anyone has encountered these we would appriate input.
  First, we thought we had caching disabled in the GUI but the server.xml still have it set to "true" in the FILECAHE entry. Will changing the entry to "false" totally disable chaching?
  When we started the migrated proxy instances the server hit memory issues with swap being eaten up very quickly.
  Second issue is MaxProcs in the magnus.conf. In 3.6 MaxProcs set the number of processes to start and it now for determening the number of processors in the server for threading. We are currently on a server with 6 processors. Should MaxProcs be set to six?
  We will be migrating to Solaris 10 and then to a T2000 so we assume the setting will have to change for each of those migigrations.
  The third issue is, has anyone run 3.6 on Solaris 10 and then migrated to 4.0 later? Sun site shows 3.6 not tested on Solaris 10 but I am sure some one has tried it.

• Help: Install "WebLogic Express Server" license

  I am having problem to install my "WebLogic Express Server" license.
  As I understand, the "WebLogic Server" and "WebLogic Express Server" use the same
  installation file, the only difference is the license. So I downloaded the "WebLogic
  Server 6.0 Service Pack 2" from BEA's web site. After the installation, I found
  a "license.bea" file under WebLogic home directory. I replaced this file with
  my license file for "WebLogic Express Server". Unfortunately, I can not start
  the default server anymore.
  Neither the "UpdateLicense" command works: it seems to me that it only merges/replaces
  the existing license with the new one. So although I "updated" the "WebLogic Server"
  license to "WebLogic Express Server" license using this command, it seems that
  I am still using the "WebLogic Server", because I can still see the EJB component
  page in the admin console.
  Did I miss something? What is the best way to check whether "WebLogic Express
  Server" has been sucessfully installed? Your help is highly appreciated!

  Hi,
  Find the Link with the screenshots of the whole installtion and domain creation process for Weblogic in all the ways
  Installing Weblogic in GUI mode - weblogicexpert
  Installing Weblogic 10.3.6 in console Mode in windows machine - weblogicexpert
  Creating Domain In GUI mode - weblogicexpert
  Creating Domain in Console Mode - weblogicexpert    
  Starting Weblogic Admin Server
  Starting/Stoping Weblogic Admin Server - weblogicexpert
  Starting Weblogic Managed Server
  Starting/Stoping Weblogic Managed Server - weblogicexpert
  Configuring Node manger
  Configuring NODE MANAGER And Starting Managed Server from Console - weblogicexpert
  Deployment process
  Deployments - weblogicexpert
  Security concepts
  Security Concepts and Hands on - weblogicexpert
  Installing Weblogic 12.1.2
  Weblogic 12c - weblogicexpert
  All other basic information are available in the blog
  Hope it helps

• Clean Access Server could not establish a secure connection

  I have a OOB Real IP GW setup on v4.1.2
  I seem to have a problem with the CAS connecting to the CAM although I have added the CAS to the CAM and can manage the CAS from the CAM.
  I noticed while troubleshooting client authentication that the client was not being redirected to the logon web page and it had full access to the trusted network from the untrusted authentication vlan. I eventually figured out that if I change the CAS Filter Fallback method from Allow to ignore then it tries to authenticate the client. However the fact that the fallback is activated tells you that something is not right.
  I have 2 problems:
  A) The clients web page is redirected for authentication but it only lists the domain name in the URL and not the hostname or host IP. In the lab I do not have a DNS server and it would not help as it does not include the hostname in the URL anyway. How do I fix this or perhaps it's related to the 2nd problem.
  B) When I manually change the URL by replacing the domain name with the IP of the CAS (untrusted OOB Real IP GW) then I get the following error message when logging on:
  Network Error:
  Clean Access Server could not establish a secure connection to Clean Access Manager at mydomain.com.
  This could be due to one or more of the following reasons: 1) Clean Access Manager certificate has expired 2) Clean Access Manager certificate cannot be trusted or 3) Clean Access Manager cannot be reached.
  Please report this to your network administrator.
  I would guess the culprit is No 2 but surely the system can run on self signed certificates? I have an NTP server so time is in sync. I have even tried regenerating the cetificates on the CAM
  & CAS.
  Any ideas?

  To overcome problem B, I regenerated the SSL Certificates using the host IP address instead of the name for all the CAM & CAS appliances. This seems to have resolved this problem.
  I also SSH'd from each of the CAS's to each of the CAM's from the CLI and it then prompts to permanently store the certificates. I'm not sure it this was necessary though.

• Oracle Express Server v.6.3.1.0 installation problem

  I downloaded oes6301nt.exe - Oracle Express Server - NT (118MB) from the Oracle web site, unzipped it and start using Universal Installer to install it for stage/product.jar. I specified Oracle Home as OraExpress81 and path as F:\Oracle Express\olap and chose a typical installation.
  At about 98% completion, I got an error: Invalid Search Spec or no DLLs found F:\Oracle*.dll on a error meassge box with an OK button. I clicked the OK button and the installation went to 100% and gave me a message "The installatio of Oracle Express Server was successful. I then re-booted the machine.
  But when I tried to run the Express Instance Manager, it wouldn't start. It just blinked for 5 sec then quited.
  I checked the programs, the installed programs are:
  Program -> OracleExpress81 ->Application Development ->INTYPE File Assistant
  NetWork Administration -> Net8 Assistant
  Net8 Configuration Assistant
  Net8 Easy Config
  Express Instance Manger
  Express Server 6.3.0 -> Express Instance Manager
  Express Language reference
  Could you please tell me what could probably be wrong with the installation. Thanks for your help in advance.
  null

  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Christopher McClellan ([email protected]):
  Is the Express Agent running ?
  Do you have any other Java 'things' on the machine ?<HR></BLOCKQUOTE>
  Chris,
  Sorry, I gave you wrong information eariler.
  I just checked.
  Oracle Express Agent Started Automatic
  Oracle Express Server 6.3.0.1.0 Manual
  OracleOraExpress 81 ClientCache Manual
  OracleOraHome81Agent Manual
  OracleOraHome81ClientCache Manual
  OracleOraHome81DataGatherer Manual
  OracleOraHome81TNSListener StartedAutomatic
  OracleServiceORACLE StartedAutomatic
  OracleWebAssistant() StartedAutomatic
  Those are all the services for Oracle.
  Any suggestions on how to start the Instance Manager ?
  Thanks
  null

• Warning System spameater Unable to connect to Cisco Web Security Service.; URL Filter...

  My C670 ESA's have been throwing these alerts intermittently for the past few days, anyone else seeing them?
  The Warning message is:
  Unable to connect to Cisco Web Security Service.
  URL Filtering will not work correctly.
  Please verify all network, proxy and firewall settings.
  Connection to "v2.sds.cisco.com" failed.
  The last error seen on this connection: "Request failed with code: 28 (Connection time-out)"
  Version: 8.5.6-092
  Looks like it is open on port 443 and currently up.  Hitting it with a browser gives me:
  https://v2.sds.cisco.com/
  After an error or two they go away and appear OK.   
  Checking the logs I don't see a way to verify URL lookups are working, is there a way?
  Also, I setup URL filtering six months ago and had it set to only trigger on (-10)-(-9.5) and saw about an 80% false positive.  It has improved over the past six months drastically but still catching mostly advertising URLs and allowing all phishing URLs right through.  I've yet to see it block a phishing URL.
  Jason

  After lots of trial and error, I was able to eliminate this problem.  What I wound up doing is defining the XE service again in the listener.ora file:
  SID_LIST_LISTENER =
    (SID_LIST =
      (SID_DESC =
        (SID_NAME = XE)
        (ORACLE_HOME = C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server)
  I know that typically you should not have to do this, especially since I already had defined DEFAULT_SERIVCE_LISTENER = (XE) at the bottom of the listener.ora file.  Explicitly defining the XE service in the listener.ora file allows the listener to find it while the system is running under the Cisco AnyConnect VPN.  The only hiccup I found by doing this is that the XE service is discovered twice by the listener when the system is NOT running under the Cisco AnyConnect VPN.  It still works OK.  The listener just seems to ignore the repeated definition of the XE service (see output below):
  C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server\bin>lsnrctl service
  LSNRCTL for 32-bit Windows: Version 11.2.0.2.0 - Production on 13-JUN-2013 10:03:15
  .......(omitted output).......
  Service "XE" has 2 instance(s).
    Instance "XE", status UNKNOWN, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0
           LOCAL SERVER
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0 state:ready
           LOCAL SERVER
  Service "XEXDB" has 1 instance(s).
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "D000" established:0 refused:0 current:0 max:1022 state:ready
           DISPATCHER <machine: DEV-M-137GF, pid: 5544>
  (ADDRESS=(PROTOCOL=tcp)(HOST=DEV-M-137GF.paychex.com)(PORT=58257))
  The command completed successfully
  If anyone has a cleaner solution for this problem, please let me know.  Otherwise, I am moving forward with what I did.
  Thanks.....Paul

• SAP.Web.Security.TicketException: MYSAP_INVALID

  We recently updated our portal to the following:
  J2EE Engine 6.40 PatchLevel 108290.313
  Portal 6.0.20.0.0
  Previously sap.web.security dll worked fine but now I get this exception
  SAP.Web.Security.TicketException: MYSAP_INVALID
  I have tried all the suggestions in this forum and nothing works.  Does anyone have the orginal source code for this dll or a working solution ?
  the following code does get the ticket if I remove the handler from the web.config.....
              Dim cookieString As String = HttpUtility.UrlDecode((Request.Cookies("MYSAPSSO2").Value).Replace("!", "%2B"))
              Dim ticket As SAP.Web.Security.MySapSso2Ticket = New SAP.Web.Security.MySapSso2Ticket("verify.pse", cookieString)
              Dim objUsr As SAP.Web.Security.MySAPSso2Identity = New SAP.Web.Security.MySAPSso2Identity(ticket, cookieString)
  so why does the handler fail ?  driving me crazy.

  Ok so I added the code to the wiki in the attachment area. Hopefully Wiki mods don't delete it.  This works perfectly for our purposes and config.
  https://www.sdn.sap.com/irj/sdn/wiki?path=/display/snippets/home&
  SSOTest.rar.jpg
  PortalSecurity.rar.jpg
  Right Click and save the files then remove the .jpg extension.  Open with WinRAR or Winzip.
  You will have to generate your own public key so take a look at the assemblyinfo.vb file.
  Steps to create your own public key
  C:DevelopmentPortalSecurityKeyFile>sn -k keyfile.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Key pair written to keyfile.snk
  C:DevelopmentPortalSecurityKeyFile>sn -p keyfile.snk publickey.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Public key written to publickey.snk
  C:DevelopmentPortalSecurityKeyFile>sn -t publickey.snk
  Microsoft (R) .NET Framework Strong Name Utility  Version 1.1.4322.573
  Copyright (C) Microsoft Corporation 1998-2002. All rights reserved.
  Public key token is [should display your Public Key Token]
  Other config...May not be necessary as you can change the code to do whatever you want.
  - Note 442401 - Web server filter for SSO to third-party systems
    (https://service.sap.com/sap/support/notes/442401)
  Extract the zip file attached to this SAP Note.  Follow the instructions in the SAP Note and the instructions in the "filterdocs" directory of the unzipped files. 
  For our environment, I copied the iss6_sso.dll (for IIS 6) and the verify.properties files into the "inetpubscripts" directory.  (There is a "verify.properties" file attached tot the source for your reference).  Note the reference to a verify.pse file in the 'verify.properties' file.  It should point to wherever the verify.pse file is, which in our case is "c:secverify.pse".   I also copied the WPSSO_V3.DLL file from the "C in
  ti386" directory to the system32 directory. 
  - Note 304450 - Single-Sign-On with SAP logon tickets in non-SAP systems
    (https://service.sap.com/sap/support/notes/304450)
  This SAP Note points the developer to SAPSSOEXT in SAP's software download area.  Use SAPCAR to unzip the downloaded file and follow the instructions in this SAP Note and the instructions in the DOCS directory (a PDF and a README.TXT file). 
  PDF Note:  The comments portion of the MySapEvalLogonTicketEx function declaration (Section 3.2 of the PDF) indicates that an environment variable named SSF_LIB must be created/exist.  It should point to the location of the SSF-compliant security library (ie: SAPSECU.DLL in the system32 directory).

• Cisco ISE or NAC Guest with web security (IronPort) integration

  All,
  We have a scenario where guests will be authenticated against the ISE or NAC Guest server, and customer will place an IronPort to provide web security, however, we can not find referentes whether IronPort can or cannot integrate with Guest Server, so that guests are not requested to be authenticated twice, one by the Guest Server, a one by the proxy. The idea is to keep it transparent for the guests with a single authentication.
  Has anyone there implemented such scenario?
  Thank you!

  I see. So, lets say we disable proxy authentication for the guest segment, can I still provide content filter for the segment, even though there is no proxy authentication? I assume customer will lose the reportinga and tracking granularity, but the scenario will work withou proxy authentication. This may be some sort of "man in the middle" only, but with content filter. Does it make sense?
  Thank you!

• SQL Server Analysis Services Filter web part.

  Hi all
  In a NTLM farm with 1 SharePoint and 1 SQL server, I am using clamis based authentication for Excel Services app in SharePoint Server 2010.
  While all Excel documents work, I get error on "SQL Server Analysis Services Filter" web part.
  The filter works when I am logged on the sharepoint server and open the Intranet to use it, but doesn't work if I reach the Intranet by not logging on the SharePoint server.
  The error I get is on the filter web part:
  "An error occured while retrieving filter values (The connection either timed out or was lost).
  Anyone else that have had the same problem?
  Any ideas to troubleshoot? :)
  Regards

  OK, I solved this problem with the following workaround: (Notice that the problem may be solved when you have completed just one of the steps, so be sure you make a test everytime you have completed one).
  First:
  Try changing your Excel Services Application File Access Method to
  IMPERSONATE, that can be achieved in SharePoint Central Administration
  -> Manage Service Applications -> Excel Services Application Settings ->
  Global Settings. (Make sure the option for Allow Cross Domain Access is unchecked if you don't have a security certificate installed on the server, also in the most cases you don't need this option). Please take note of your Excel Services
  Application ID.
  Then modify your performance point data connection file in Excel, by oppening Connection Properties and in the Definitions tab, click on Authentication, set Authentication Type to Use a Stored Account and then write your excel services application ID in
  the textbox labeled "Application ID", by default the excel services application ID is
  "Excel Services Application" (no quotes), now click OK. Then click Export Connection File and overwrite current connection file in SharePoint.
  (You may need to restart the Excel Calculations Service on Manage Services in this Farm page).
  Second: (If before step doesn't solved the problem already)
  Change the service account for the SQL Server Analysis Service to an account that have Delegation permission or change the current account to LocalSystem.
  Third (If the other two steps doesn't solved the problem).
  Check in SharePoint Central Administration if the service Claims To Windows Token is started, if not, just start it.
  I solved the connection problem, but now When I get the hierarchies in the filter, I can not drill more than 2 levels down, in the third level it throws the following exception: "There was an error in the callback"

• Web Security Essentials

  Hi,
  We purchased a Cisco ASA5512- 250 VPN Bundle, we want to evaluate Web Security Essentials so have purchased the SSD120 disk and installed into the hot plug slot. I am now struggling to find out what to do next, is there a software package I need to install into the ASDM, there isn't a great deal of information on this topic on the forums. If someone could point me to how the best way to get this running. The firewall is not in production as yet but need to get this installed ASAP.
  Thanks In Advance

  Hi Paul,
  1. HTTPS decryption is currenty not supported. It's in a roadmap and should be supported in one of next SW releases.
  2. CDA is mapping ad-user to machine IP as you already wrote. So if users are sharing same IP (in a terminal server environment for example) this is not supported configuration. I'll try to find out if there is someting in the roadmap.

• SAP Fiori how to  disable-web-security using code

  Hi Guys
  I have made SAP Fiori Application.
  Its working on  google chrome browser after disable-web-security.
  i need to disable web security on each & every browser, Ipad, Phone  befor start the fiori Apps.
  Project on My Laptop Kepler Eclipse. I did not upload project on server.
  Please guide me How I  can  disable web security using code on  Fiori UI ...
  Tags edited by: Michael Appleby

  Hi pankaj,
  Hi,
  write this code in your app
  /supress the Same Origin Policy on IE8 & Chrome 
  var domainString = "document.domain"; 
  domainstring = "*.com" 
  'Access-Control-Allow-Origin: *.sap.com' 
  'Access-Control-Allow-Headers: X-KEY'
  Regards
  Umar

• Oracle Express Server wont start after install

  Hi all,
  For my sins I have to support an Oracle Express Server and am trying to get the software installed on my Dell latitude d630 laptop, am running XP SP2. When I start the service it fails and writes this to the logs :-
  [AD4     ] 3 05/14/2008 09:11:47 Security Mgr - Logon(Default)User(OESguest) fails - error: 1326.
  [AD4     ] 3 05/14/2008 09:11:47 Security Mgr - GlobalConstructor)() failed.
  So looks like it can't login as OESguest. I checked the users and I cant find this user.
  Anyone had this problem ????
  Thanks in advance,
  Brandon

  When you install express it creates three users i.e. oesdba,oesinit and oesguest. if it doesnt exists then try to create manually and see if you are able to up the express.
  change the password for oesguest at operating system level and check.
  Thanks
  Brijesh

• Web security functions

  Hello everyone.
  I couldn't find it via google so maybe you can help me.
  I'm looking for Java build-in/standard functions for web security.
  I'm mean to check on te server side if posted data is valid (e.g. no SQL code included) and if email is correct.
  No java script, pure java code ;))
  Please give me any links, function names, library name, etc.
  Thanks!

  I'm mean to check on te server side if posted data is
  valid (e.g. no SQL code included) and if email is
  correct.For testing an email address you can use javax.mail.internet.InternetAddress.
  For an example look for the method "isValidEmailAddress()" on the following page:
  http://www.javapractices.com/Topic180.cjp
  Jan

• Alert! Apple web security- a scam?

  Recently I keep getting a pop up window that says "To help protect your computer, Apple Web Security have detected Trojans and ready to remove them." From the "Apple Security Center" (?), it says my computer is infected with 65 viruses. and 18 critical threads.Of course, I can click on their icon to repair these. Is this a scam? Ive never heard of this "center" and dont think my apple IMac G5 is infected. Any free way to find out?

  Of course it's a scam.  (The malware authors badly overplayed those malware counts, too, but I digress.)
  Where's the pop-up arising?  Specific web sites, or all over the web?  (More than a few web sites have been breached lately, but then there are a number of sites serving up malware.)
  You'll want to look at loading a Flash-blocking tool into your browser, disabling popups in whatever browser you're using, and you'll likely want to disable Java in the browser, too.
  As a general rule, do not authorize the installation of proffered downloaded tools from any source other than from Apple.  This includes the notorious "required video codec" from a web site purporting to show videos.  (Legitimate video sites will almost always use either Flash or H.264 for video, and you have those.)  And yes, the MacDefender stuff. 
  (Yes, there are many download packages that are legitimate, but the usual sorts of freebies around can also be Trojans.  If you're not sure, look around for feedback before downloading the package.  Or look to use the Mac App Store as a source, or another curated source.)
  So-called Trojans ("Trojan Horses") are easy to implement on Mac OS X and on most other operating systems.  Get somebody to download your malware package, and get them to enter the privileged password to authenticate it, and (as a malware author) you're good to go for whatever you're planning.

• Downloads for different products e.g., Crawler Web Security won't take

  I attempted to download different toolbars and products such as from Crawler's Spyware and Web Security without any luck. It goes through the usual set-up windows and a window opens up to say that the downloads have been successfully completed. I cannot find them!

  Does the ext directory have the php_oci8.dll? In the original steps the PHP dir is renamed. In the given php.in the extension_dir looks like it has been updated correctly. Since PHP distributes php_oci8.dll by default I reckon there would be a very good chance that the problem was somewhere else. Since this is an old thread I don't think we'll get much value from speculation.
  -- cj