External password store alias length issue

Environment: HP8420-11i PA-RISC64 UNIX SQLPLUS
Problem: wallets for external passwords with an alias over seven (7) bytes in length is throwing an ORA-01017 error. Six (6) bytes or less function properly. Is this a known issue/bug? Thank you in advance.
Test case: sensitive information has been masked/altered
(hp8420)/user/home >mkstoreBld
===========sqlnet.ora dump===============================
SQLNET.AUTHENTICATION_SERVICES= (TNS)
NAMES.DIRECTORY_PATH= (TNSNAMES)
WALLET_LOCATION=(SOURCE=(METHOD=FILE) (METHOD_DATA=(DIRECTORY=${HOME}/wallets)))
SQLNET.WALLET_OVERRIDE = TRUE
===========tnsnames.ora dump==============================
1234567 =(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(PORT=1521)
(HOST=app.net.domain.name))
(CONNECT_DATA=(SERVICE_NAME=sit.world)))
12345678 =(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(PORT=1521)
(HOST=app.net.domain.name))
(CONNECT_DATA=(SERVICE_NAME=sit.world)))
=========================================================
mkstore -wrl /ddbe3/usr/mdfejam/wallets -create
Enter password:
Enter password again:
=========================================================
mkstore -wrl /ddbe3/usr/mdfejam/wallets -createCredential 12345678 mdfejam xxxxxxxxxx
Enter password:
Create credential oracle.security.client.connect_string1
=========================================================
mkstore -wrl /ddbe3/usr/mdfejam/wallets -createCredential 1234567 mdfejam xxxxxxxxxx
Enter password:
Create credential oracle.security.client.connect_string2
=========================================================
mkstore -wrl /ddbe3/usr/mdfejam/wallets -listCredential
Enter password:
List credential (index: connect_string username)
1: 12345678 mdfejam
2: 1234567 mdfejam
=========================================================
(hp8420)/user/home >sqlplus /@12345678
SQL*Plus: Release 10.2.0.1.0 - Production on Mon Jan 23 09:54:32 2006
Copyright (c) 1982, 2005, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
=========================================================
(hp8420)/user/home >sqlplus /@1234567
SQL*Plus: Release 10.2.0.1.0 - Production on Mon Jan 23 09:54:42 2006
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning and Data Mining options
SQL> select instance_name from v$instance;
INSTANCE_NAME
sit
SQL> quit
Disconnected from Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning and Data Mining options
(hp8420)/user/home >
=========================================================

Hi,
Yes that's right I do want it both ways!
But seriously, you can have the wallet set-up and then connect to a local database by specifying a "<username>/<password>", but if you try just "/" it does not work.
So either the wallet manager should recognise this and pass the authentication on or there has to be a way of adding an entry to the wallet for ops$ type authentication for the local database.
I just wanted to check that I am not missing something obvious, so if I can't have what I want now, I'll pass this on as an enhancement request to Oracle.
Regards
Pete

Similar Messages

  • Accessing the password store (PSTORE) via API

    After having created portal users via API srcipt, we now would like to register users
    for an external application programmatically.
    I.e. we have a portal user and we know his account info ( user / passwd ) for the external application. Portal seems to store account infos for external applications in a "Password Store". So i am looking for an API to register portal users for external applications providing the known acount info,
    i.e. sth. like
    PSTORE.InsertExtAccount( PortalUser, ApplicationName, ExtUser, Extpasswd).
    I had a look at http://www-sso.us.oracle.com/
    but could not find API description or any hints when an API like that will go production.
    Can anyone help me with that issue ?
    Thanks a lot.
    null

    This is probably the wrong forum for this question - I would try the 9iAS Portal forum.

  • I have no trouble viewing apps in the iTunes Store on my iPad. However, every time I try to install a new app, I get an error message after a while - cannot connect to iTunes Store. This issues cropped up two days ago on my new iPad. Please help...

    I have no trouble viewing apps in the iTunes Store on my iPad. However, every time I try to install a new app, I get an error message after a while - cannot connect to iTunes Store. This issues cropped up two days ago on my new iPad. Please help...

    JUst experienced the exact  same problem after changing password.Getting same message. Hope someone has an answer for this.

  • Using Kerberos as a password store?

    We are looking at using Kerberos as a backend
    password store for all enterprise systems (SunOne LDAP, AD, OID/Oracle). Is it possible (via external plugin/application or other means) to have OID pass the
    authentication part off to a Kerberos server?
    It is know that we can integrate SunOne's LDAP server with OID, however, the password is actually stored in OID in this situation. That may not work if LDAP
    uses an external source for authentication (?). We also know we can integrate AD with OID. This situation causes SSO to check OID. If OID doesn't have the info, then OID passes the authentication to AD (which then goes against
    kerberos). We don't see this as a viable solution though as all users would end up in AD; We don't know if AD can handle the traffic which would be generated; We don't like the number of steps (OID -> OID to AD -> AD to Kerberos) which are needed.
    Our goal would be to directly connect OID and kerberos for authentication. Is this connection possible? Any documents which explain the process (and expectations)?

    See the following page at Roddy's iWeb for Musicians site for starters: ECommerce.
    OT

  • Could not initialize the Password Store Database Link value in Preference Store

    I have 9iAS release 2, insfrastructure and midtier installed on the same Windows 2000 box...
    I am trying to install and configure portal on remote machine (solaris) on RDBMS 9.0.1.4...
    - Portal installation was no problem
    - creating a new DAD was no problem
    Now, I am trying to configure portal with MIDTIER mode...It falls over on STEP 1 for INSTALL_ACTION:assocPortalToExistingSSO() module with following error message:
    "SQL> Could not initialize the Password Store Database Link value in Preference Store
    ERROR: User-Defined Exception"
    Database link is been created on my remote database by ptlasst.bat command...
    How do I see whether that DB LINK is working properly ?
    Any comment would be helpful...
    Jagdish

    I found the problem to the iTunes Music Store connectivity. When iTunes version 6 is installed, it places a configuration / preferences file in the following location:
    "C:\Documents and Settings\<user>\Application Data\Apple Computer\iTunes\iTunes.pref"
    This file contains several very large keys:
    Preferences:129= (41,826 characters in length)
    Music Store= (1,722 Characters in length)
    Somewhere in these keys is stored are references to userid's, connections or other TCP/IP / internet connectivity objects that are being used when iTunes is installed. By deleting this file, these old setting appear to be cleared out.
    In my case, one or more of the keys in this file appear to have been storing a property from my old dial-up ISP connection that was no longer valid for my new, Comcast cable modem connection.
    Once I deleted this file, and re-started iTunes, it was as if I had never run the software before. I bypassed the option for searching for and importing .mp4's from My Music, and Itunes opened correctly, with full access to the music store. My library and playlists were intact and all is well.
    Apple should re-write the protion of iTunes codes that stores anything pertaning to an internet connection that may change over time. Alternatively, iTunes should either A) Prompt for this information B) Enable user access to this parameter in a settings dialog C) Access this information dynamically at runtime.
    Paul

  • Ocactl start Error:Password store missing.

    Hi All
    I need to apply patch 9.0.4.2 to an OracleAS 9.0.4 installation. But it seems to have Oracle Certificate Authority installed. my problem is that the OCA password is missing or maybe there is an installation error.
    when i try to start OCA with ocatl i get the following message
    Error: Password store missing
    Since i have to install the 9.0.4.2 path i don´t know if there´s any problem with this issue
    any help would be appreciated

    I am working on a second server, updating the port number for the Infrastructure repository from the default port 1521 to a different one. I am following the instructions in http://download-east.oracle.com/docs/cd/B14099_19/core.1012/b13995/ports.htm#i1035175 and I am getting the same error.
    I do not have that ocmpassword.p12 file either, but the funny part is that I don't have this file either on our production server and I have already made this identicle change following these exact steps. I even typed up the step by step instructions for what I used and did in a text file!
    That is the strange part. It worked before on another EXACTLY IDENTICAL server. The only thing that is different is the hostname. I kid you not.
    Any other reasons, could be getting this error. I am stuck at this point.
    Thank you,
    Tony

  • IPlanet directory as password store for OID

    We have recently installed OID which is part of 9iAS v2. It is mentioned in the documentation that we can use any other directory for password validation, what is missing is how. I want to use iPlanet directory (our corporate directory) as the password store. Can anyone help me in configuring the iPlanet directory as password store from OID.
    Thanks,
    Nishant

    Hi,
    You can check the post at my blog, there's a example there:
    http://webcenterbr.wordpress.com/2011/03/15/configuring-external-ldap/
    Best regards,

  • How to store variable length of data in data dictionary table

    hi friends
        i want to store variable length of text in one of field of table which is created in data dictionary.
        i tried it by declaring table field type as string,
    include that table using table statement and try to insert data in abap program . but it gives error something
    "cannot use table having deep structure " i don't remember it exactly.
          can you help me how to insert variable length of data in text data dictionary table.

    Hi,
        define field with type LRAW in your table to store
        string more than 255 characters.
          LRAW                                                                               
    Uninterpreted byte string of arbitrary length, but with a minimum                   
          length of 256. Fields of this type must be located at the end of                    
          tables and must be preceded by a length field of type INT2. LRAW                    
          fields cannot be used in the WHERE condition. LRAW is functional from               
          Release 3.0.                                                                        
    Regards
    amole

  • [SOLVED] Chromium with Gnome Keyring as password store?

    Hi there.
    I'm trying to use gnome keyring as default password store for google chromium. I read all over the web about starting chromium using options '--password-store=detect' (to detect gnome evnironment) or even '--password-store=gnome' (force gnome). None of these options work for me, as I get the same result: chromium will store password in its own keyring.
    $ pacman -Q chromium gnome-keyring
    chromium 18.0.1025.162-1
    gnome-keyring 3.2.2-3
    Any idea how I can make it work as planned?
    Thanks in advance!
    Last edited by josephg (2012-06-12 17:56:48)

    sl1pkn07 wrote:makedepends=('python2' 'perl' 'gperf' 'yasm' 'mesa' 'libgnome-keyring'
    chromium use by default libgnome-keyring
    I don't think so, that's a makedepends; it means it's needed for building the package, not for using it.
    On my system (not running any desktop environment), I need to run chromium with --password-store=gnome for it to use the gnome keyring.

  • Renaming AD group used in external identity store

    Hello,
    There is a need to rename some of the Active Directory groups mapped to an external identity store on our ACS 5.4 server.  Has anybody ever done this?  Does the ACS server just magically pick up on the renamed group or do we need to manually remove the old group name and readd the new group name to the identity store?  If so, does that mean we need to modify all the rules associated with that group?
    Thanks, just trying to figure out how much work this is going to be.  

    Hi,
    AFAIK you would have to remove the policies associated with those group, remove the old groups, add the new groups and create the policies.
    You can however just create the new groups in the Active Directory, add the groups in the ACS and using the AD group 'OR' condition just add the new groups in the Policy.
    e,g if your old group name is "Helpdesk" and you would like to change it to "Helpdesk users"; you can create the new group in the AD, add the group in the ACS and in the policy just select if the user is part of either "Helpdesk" or "Helpdesk users" --> apply the policy.
    This way you would be able to save some of your time.
    Regards,
    Kush

  • Is LDAP or AD as a external identity store recommended in ISE implementation for machine authentication

    Hi Experts,
    I have question about External identity store integration in ISE . I had chance to go through the cisco doc for ISE configuration especially for external identity store .
    there are two ways to configure external identity store.
    1) AD
    2) LDAP
    Which one is actually recommended ? technically which one would be convinient to configure to set-up machine authentication. do we have any limitation in terms of functionality in either of one ?

    Hi Leo,
    its not duplicate post , I have created one more post where you have linked that is for client policy enforcement . I want to understand how certificates will be pushed to client.
    This post is to understand the LDAP & AD intergration with ISE .
    I have requirement where client is asking to intergrate machine database using LDAP.
    I am quite new for LDAP intergration that is the reason I have created this discussion.

  • AD -vs- LDAP for external Identity store in ACS

    Is there a difference in using AD versus LDAP in a Windows environment for an Identity Store? We are in the process of setting up the ACS 90 eval and I noticed you can setup either AD or LDAP or both as an external identity store. Are there advantages or disadvantages for one over the other?

    Suggest to go to "Monitoring & Reports > Reports > Catalog > AAA Protocol"
    Select TACACS Authorization and see the authorizations that occured today
    If you click on the details icon you should be able to see the actual LDAP groups that were retrieved in processing the request and so can see that the format/contents matches that which you entered

  • Windows 7 64bit doesn't recognize the USB External HDD Stor E art 3.5"

    I purchase the External HDD Stor E art 3.5" and pass a few days the windows don't recognize the HDD. Try to connect the drive to other 2 USB ports and nothing happen. Use a USB pen drive to see if was a problem with the USB ports but all 3 are OK. Try it on the Asus notebook and windows 7 recognize the HDD. I formated the HDD in FS NTFS. In the disk managment don't show the external HDD. What can I do to resolve this problem?
    My notebook is a Qosmio F60

    One last thing you can do about that.
    Install OS again using original Toshiba recovery image. After doing this you will have clean preinstalled OS and everything should work well again.
    If the same will happen again you should contact nearest Toshiba service and try to clarify the situation.
    I know it is pretty radical solution but, believe me, most effective to check notebook functionality.

  • HT3702 My Master card card was rejected in the US store, it was issued in Jordan from Jordan Ahli Bank! However, it is accepted in the Jordanian store, any reason why? and what should i do to get to use the US store for future purchases?

    My Master card card was rejected in the US store, it was issued in Jordan from Jordan Ahli Bank! However, it is accepted in the Jordanian store, any reason why? and what should i do to get to use the US store for future purchases?

    Because they are the terms of use of the stores - terms from the US store :
    The iTunes Service is available to you only in the United States, its territories, and possessions. You agree not to use or attempt to use the iTunes Service from outside these locations. Apple may use technologies to verify your compliance.
    And similar terms apply to all other country's iTunes stores. Part of the reason is licensing (Apple can only sell content where the providers have granted them licenses to sell it), amd part might be due country's laws (some country's have restrictions as to what can be sold within their country). If there is content that you want that is not currently in the Jordanian store then you can try requesting that it be added (but the content providers might not let Apple sell it there) : http://www.apple.com/feedback/itunes.html

  • Version doesn't work on external password protected disk image

    Version doesn't work on external password protected disk image.
    Any ideas?

    Hi
    Did you assign the external monitor as a primary display in the graphic properties?
    I think you did it due to the fact that the Toshiba boot display appears on the external monitor.
    But just moment please. The Tecra M7 was delivered with the Win XP Pro tablet edition and not with Vista.
    Did you install it at you own hand?
    I presume everything has worked running Win XP
    Maybe you should try remove the graphic driver from the Vista system and use one from the 3rd site like www.laptopvideo2go.com

Maybe you are looking for

  • Pls help me on how to compile servlet

    pls i need the help of some kind one to assist me on how to compile and deploy servlet .I'm new to javaEE & am using the javaEE tutorial from sun site.In the first example servlet in d book, after compiling and deploying the greetingServlet and respo

  • How to stop the Calendar from editing your input?

    How to stop the Calendar from editing your input?

  • EOIO in sender ABAP proxy

    Hi I am referring to I am referring to /people/arulraja.ma/blog/2006/08/18/xi-reliable-messaging-150-eoio-in-abap-proxies for EOIO in sender abap proxy My requirement was to send thedata and trigger messages in EOIO fashion in one Queue. This is work

  • Which board is better for P4 3.0E Prescott

    Hello Guys! just wanted to ask which board is better for P4 3.0E Prescott  MSI 865PENEO2-PFISR or  MSI 865PE NEO2-PFS Thanks in advance......

  • Add people to photo

    I need a photo of myself & a photo of my boyfriend who is out of town at the moment blended together to look like one photo. anyone know how to do this?