FORM based authentication in UME
in UME for FORM based authentication we have to specify rsource in terms of <u>html login page or JSP......</u>
my problem is can i use <u>webdynpro screen</u> for a FORM based authentication in UME.
i want to create a dynpro project that will have its own login screen base on UME insted of the default WAS login screen.
hi snehal kendre,
create dynpro project in that u use UME api
like than u can code
IUserAccount accounts[] = null;
response.write("<br>*** LOGIN ACCOUNTS:");
try {
accounts = user.getUserAccounts();
} catch (UMException e) {
response.write("<br>Error getting accounts: "
+ e.getLocalizedMessage());
if (accounts != null) {
response.write("<br>Number of Login Accounts: " + accounts.length);
for (int i = 0; i < accounts.length; i++) {
response.write(
"<br>** Login ID #" + i
+ ": LogonUID=" + accounts<i>.getLogonUid()
+ ", AssignedUID=" + accounts<i>.getAssignedUserID());
response.write(
"<br>Last Login: "
+ accounts<i>.getLastSuccessfulLogonDate().toString());
response.write(
"<br># Logins: " + accounts<i>.getSuccessfulLogonCounts());
then u can get login based UME
Jagadish
Similar Messages
-
Hi,
We are have a quite specific issue. The problem is most likely by design in ADFS 3.0 (running on Windows Server 2012 R2) and we are trying to find a "work-around".
Most users in the organization is using their own personal computer and everything is fine and working as expected, single sign-on (WIA) internally to Office 365 and forms based (FBA) externally (using Citrix NetScaler as reverse proxy and load
balancing with the correct rewrites to add client-ip, proxy header and URL-transformation).
The problem occurs for a few (50-100) users where they are sharing the same computer, automatically logged on to the computer using a generic AD-user (same for all of them). This AD-user they are logged on with does not have any access to Office365
and if they try to access SharePoint Online they receive an error that they can't login (from SharePoint Online, not ADFS).
We can't change this, they need to have this generic account logged on to these computers. The issue occurs when a user that has access to SharePoint Online tries to access it when logged on with a generic account.
They are not able to "switch" from the generic account in ADFS / SharePoint Online to their personal account.
The only way I've found that may work is removing IE as a WIA-capable agent and deploy a User-Agent version string specific to most users but not the generic account.
My question to you: Is there another way? Maybe when ADFS sees the generic user, it forces forms based authentication or something like that?
Best regards,
SimonI'd go with your original workaround using the user-agent and publishing a GPO for your normal users that elects to use a user-agent string associated with Integrated Windows Auth.. for the generic accounts, I'd look at using a loopback policy that overwrites
that user agent setting, so that forms logon is preferred for that subset of users. I don't think the Netscaler here is useful in this capacity as it's a front-end proxy and you need to evaluate the AuthZ rules on the AD FS server after the request has been
proxied. The error pages in Windows Server 2012 R2 are canned as the previous poster mentioned and difficult to customize (Javascript only)...
http://blog.auth360.net -
Issue with form based Authentication in three tier sharepoint 2013 environment.
Hi,
We are facing issue with form based Authentication in three tier environment.
We are able to add users to the database and in SharePoint.
But we are not able to login with created users.
In single tier everything working fine
Please help , Its urgent ... Thanks in advance.
Regards,
Hari
Regards, Hariif the environments match, then it sounds like a kerberos double-hop issue
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs -
Error re-logging in after session timeout using form-based authentication
Hello,
We have a web app configured for form-based authentication. When the session times out, we're redirected to our login page as expected. However, after re-logging in, we are not redirected to the desired page (e.g., /faces/OurMainPage.jspx) but to /afr/page_lev_idle.gif.
Do we have to do anything special for session timeouts?
Thanks,
RicoSome extra information that might help:
After re-logging in and we're in /afr/page_lev_idle.gif, we hit the browser Back button (showing the login page again) and then hit the browser Refresh/Reload button and voila we're at the page we expect to be.
Rico -
How to redirect to j_security_check without the form based authentication
Hi,
I am trying to integrate my application authentication to a backend system with the ibm websphere form based authentication. Below is the scenario:
1. when the user clicks on a protected url, the container will redirect the user to the login page.
2. instead of displaying the login page, i would like to automatically redirect the user to j_security_check action. which means that instead of displaying the login.jsp page, the user will automatically be redirected to j_security_check to perform some user authentication, and if successful, the application pages will be displayed.
The reason i want to auto redirect the user to j_security_check is because i am implementing some integration work with a backend system. the user will key in the username/password from another system. once the user is authenticated, the user information will be passed to my system. The login page of my system will not be displayed again, and by using the username value, my system will assume that the user has successfully been authenticated (authentication done by the backend system), and therefore automatically gain authorization to login into my application.
i hope that clarifies my problem.
anyone out there has any solution to my problem?
thanks a lot in advance.Hi Darren,
Let me explain the whole authentication environment.
There are actually 2 systems in this environment. Let;s call it system A and system B.
System B is actually using the authentication mechanism that i described in my previous message.
A login page will be presented to the user (within system A). User credential is collected and passed to system A to be authenticated. System A will use its own mechanism to authenticate the user.
Once the user is authenticated, system A will pass the user ID to system B. At this point, system B will assume that the user is authenticated and grant authorization to access the application. (system B global security is enabled and implements the form based authentication mechanism) Therefore, at this point, the redirect page (so called login page) will not be displayed to the user, instead it will be automatically redirected to the j_security_check action to execute the customer Ldap Registry class. (ps : eventhough authentication is no longer needed, the flow will still go to Ldap Registry class. A check is done in the Ldap Registry class to skip the authentication, if it is not boot strap login. Only first and only time authentication is done for boot strap login).
In the case a protected url is clicked or invoked by the user directly, the application will redirect the user to the initial login of system A. Otherwise (the url link originates from system A, during the passing of user token to system B), system B will redirect to j_security_check and execute the customer Ldap Registry class.
Based on the above explained scenario, in your opinion, is there any security loopholes? consider that system B no longer perform authentication but only to grant authorization to the user.
Appreciate your advice. Thanks in advance
Anyway, i am using the ibm websphere server. :) -
Logout Functionality in Form Based Authentication Not Working Properly
Hi All,
I am using Form Based Authentication in ADF. In this I followed the following steps:-
1.Login On Page.
2.In successful login page ,copy the url
3.Click on "Logout"
4.Paste the url in login page and click enter
5.System taking me back to that page where I can perform all the actions.
But the Login operation should not happen just by entering the url. Please provide any help how to stop redirecting to my authenticated page just by typing the url. This is a big security constraint.Any Assistance to this is highly appreciated.
Thanks & Regards
Lovenish GargHi BaiG,
For Login I am using the form based authentication and for logout here is my code:-
public void logout() {
ExternalContext ectx =
FacesContext.getCurrentInstance().getExternalContext();
HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
session.invalidate();
response.setHeader("Cache-Control", "no-cache");
response.setHeader("expires", "0");
response.setHeader("Pragma", "no-cache");
try {
response.sendRedirect("AdminLogin.html");
} catch (IOException e) {
logger.severe(e.getMessage());
//Inform JSF to not take the response in hands
FacesContext.getCurrentInstance().responseComplete();
logger.info("session invalidated");
Thanks,
Lovenish Garg -
Faces context not found (Form based authentication)
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/jsp/WorkingZone.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/Login/login.jsp</form-login-page>
<form-error-page>/Login/error.jsp</form-error-page>
</form-login-config>
</login-config>
when i tried to login with valid user the the url shows
http://localhost:8080/FormAuth/jsp/WorkingZone.jsp
how to append faces context automatically.
I am not finding for this faces context.
Plz suggest me a solution soon.
Thanks
Raghavendra PattarThe FacesContext is created by FacesServlet which is
definied in the web.xml with an url-pattern.
If you just follow the url-pattern of this
FacesServlet, usually /faces/ or *.faces, or *.jsf,
then the FacesContext will be created.Hi balu,
this is the web.xml that i am using
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<context-param>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>/WEB-INF/navigation.xml,/WEB-INF/managed-beans.xml</param-value>
</context-param>
<context-param>
<param-name>com.sun.faces.validateXml</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>com.sun.faces.verifyObjects</param-name>
<param-value>false</param-value>
</context-param>
<filter>
<filter-name>UploadFilter</filter-name>
<filter-class>com.sun.rave.web.ui.util.UploadFilter</filter-class>
<init-param>
<description>
The maximum allowed upload size in bytes. If this is set
to a negative value, there is no maximum. The default
value is 1000000.
</description>
<param-name>maxSize</param-name>
<param-value>1000000</param-value>
</init-param>
<init-param>
<description>
The size (in bytes) of an uploaded file which, if it is
exceeded, will cause the file to be written directly to
disk instead of stored in memory. Files smaller than or
equal to this size will be stored in memory. The default
value is 4096.
</description>
<param-name>sizeThreshold</param-name>
<param-value>4096</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>UploadFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>ThemeServlet</servlet-name>
<servlet-class>com.sun.rave.web.ui.theme.ThemeServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>ThemeServlet</servlet-name>
<url-pattern>/theme/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file></welcome-file>
</welcome-file-list>
<jsp-config>
<jsp-property-group>
<url-pattern>*.jspf</url-pattern>
<is-xml>true</is-xml>
</jsp-property-group>
</jsp-config>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
<!-- Default a login configuration that uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/Login/login.jsp</form-login-page>
<form-error-page>/Login/error.jsp</form-error-page>
</form-login-config>
</login-config>
<!-- Define a logical role for this application, needs to be mapped to an actual role at deployment time -->
<security-role>
<role-name>manager</role-name>
</security-role>
</web-app>1)My requirement is Login page should be the first page
If enter the valid user and password
then i will get directory structure
when i click the secured JSF page inside secure
i got this URL
http://localhost/secure/WorkingZone.jsp
obiviously /faces is missing
and i am getting faces context not found.
If u need further clarification i will send u..
Plz reply me... -
SP4 and Form Based Authentication
Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
Patrick.Hehe Hiya Patrick!, that was Me! seems we use the same hot source of info :)
Cheers
Rob :)
"Patrick Byrne" <[email protected]> wrote in message
news:[email protected]..
Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
Patrick. -
J_security_check in form-based authentication - not checking for blank passwords
I am using the LDAP Security Realm to authenticate against an iPlanet
Directory Server. All works as expected when a user-id and password
are entered for form-based authentication.
However, when a userid is entered but no password, j_security_check
logs the user in successfully. Aparently, this is correct LDAP
behaviour as anonymous login to the LDAP server is permitted. It seems
that the j_security_check servlet should check for blank passwords
before trying to authenticate against the LDAP server and fail
authentication if this is the case.
Has anyone else experienced this problem?Hi Brian,
I do not believe it is j_security_check's job to check for blank
passwords.
In many security realms, it is "legal" for a user to have a blank
password. j_security_check forwards whatever password was entered so that
even users with blank passwords can be authenticated by the realm on the
backend. For this reason I believe that j_security_check is "doing the
right thing" by just forwarding whatever is presented to it, rather than
having its own logic. It is best if j_security_check just acts as a very
dumb middle man.
If behavior was altered, it is true that your particular problem would be
solved, but then many other people would have a problem with their users
with blank passwords authenticating properly...
Try looking into how to disable anonymous logins on the LDAP end of
things. Hope this helps.
Cheers,
Joe Jerry
brian wrote:
I am using the LDAP Security Realm to authenticate against an iPlanet
Directory Server. All works as expected when a user-id and password
are entered for form-based authentication.
However, when a userid is entered but no password, j_security_check
logs the user in successfully. Aparently, this is correct LDAP
behaviour as anonymous login to the LDAP server is permitted. It seems
that the j_security_check servlet should check for blank passwords
before trying to authenticate against the LDAP server and fail
authentication if this is the case.
Has anyone else experienced this problem? -
Hi
I configured forms based authentication mode in Sharepoint 2013 site. When i tried to log in with windows authentication prompt it throws the following error
The remote server returned an error: (500) Internal Server Error
[WebException: The remote server returned an error: (500) Internal Server Error.] System.Net.HttpWebRequest.GetResponse() +8548300 System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +111 [ProtocolException:
The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+msbin1). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first
1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
How to fix this issue?
Regards,
SivaDid you create a new web application or modify an existing web application?
I would start by checking the ULS logs, maybe there is an incorrect setting within one of the web.config files, or SQL permissions.
Also, as suggested above, check application pools are running.
This blog post is a great guide for setting up FBA, check it through to make sure you haven't missed any steps:
http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx -
Big problem :anything is accepted by form-based authentication on Jboss
Hi there
I'm new to form-based authentication. I've been stuck on this problem for one and a half day. I set up the form-based authentication(with JDBC realm) on JBoss 3.2/Tomcat 5.0. When I visit the protected area, it did ask me for password. But it accepts whatever I input and forwards the desired page, even when I input nothing and just click on submit, it allows me to go through. No error message at all. I am in desperate need for help.
Here is my configuration. The web.xml is like this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<display-name>LoginTest</display-name>
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>manager</role-name>
</auth-constraint>
<user-data-constraint><transport-guarantee>NONE</transport-guarantee></user-data-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description>Manager security role</description>
<role-name>manager</role-name>
</security-role>
</web-app>
I also add the following JDBC realm definition into the server.xml which is under jboss/server/default/deploy/jbossweb-tomcat50.sar
<Realm
className="org.apache.catalina.realm.JDBCRealm" debug="1"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://myipdadress:3306/field_bak"
connectionName="plankton"
connectionPassword="plankton"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles"
roleNameCol="role_name"
/>
The JDBC realm is enclosed by the <engine> element. I checked the server log file, when the jboss server is started, it does load the mysql driver correctly and connect to mysql database fine. If I changed the IP of the mysql server to a non-existing one, then when I start jboss server, the server boot process will complain about connection to mysql faiure.
I guess maybe the server doesn't do the authentication by connecting to mysql and verify it when I submit the log in form. It seems the JDBC realm authentication is bypassed. I notice that even I get rid of the JDBC realm definition from the server.xml file, and test the web application. It behaves exactly the same way. It asks me for password but anything will go through even nothing.
Can anybody help me about this? I'm really stuck on this.
Thanks a lot!By the way, I did create database"field_bak" and the tables for the JDBC realm verification.
I also created the users and the roles.
But it seems like Tomcat container doesn't do the JDBC realm authentication. -
FORM based Authentication issue on Sun ONE AS7
I am trying to use FORM based authentication for a web module I created, and can not get it to work. I have registered the roles through the admin console of the server, and adjusted the web.xml. When I try to use BASIC authentication, I get a 'Authentication refused for []' message before I even log in, and another one after I do. When I use FORM authentication, the URL points to my login.jsp page (no matter what I put in the path, which is what is supposed to happen), however my default servlet (hello.java) is actually run, and the login.jsp page never comes up. I created my jsps and servlet in the mounted [ejb]_WebModule. Please let me know if something seems incorrect here, or if you can think of something I should check...I can't find anything out there to help me.
Here is my web.xml:
<web-app>
<display-name>DiningGuideManager_TestApp</display-name>
<servlet>
<servlet-name>front</servlet-name>
<servlet-class>data.DiningGuideManager_WebModule.hello</servlet-class>
</servlet>
<servlet>
<servlet-name>myPage</servlet-name>
<jsp-file>/myPage.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>front</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Security</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Me</role-name>
<role-name>EveryoneElse</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>Me</role-name>
</security-role>
<security-role>
<role-name>EveryoneElse</role-name>
</security-role>
<ejb-ref>
<ejb-ref-name>ejb/TestedEJB</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>data.DiningGuideManagerHome</home>
<remote>data.DiningGuideManager</remote>
<ejb-link>DiningGuideManager</ejb-link>
</ejb-ref>
</web-app>
for FORM authentication I have this:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Thanks,
MichelleYes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/test/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/test/secure/loginpage.jsp</form-login-page>
<form-error-page>/test/secure/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
"Authentication Mechanism FORM".
Hope that makes more sense.
I've tried restarting tomcat but it makes no difference. -
Error in form based authentication
Hi all,
i want 2 implement form based authentication to a dummy resource in iis.
first i created authentication as
Challenge Method Form
Challenge Parameter passthrough: no
creds: usernamevar passwordvar
action: /access/oblix/apps/webgate/bin/webgate.dll
form: /public/login.html
SSL Required No
Challenge Redirect
Enabled Yes
and configured a policy domain for a dummy resource test.html with form authentication schema. i kept that in a folder 'access' which was placed in iis. i mentioned the action attribute to '/access/test.html' in login.html through which i want to do authentication.
but when i am accessing http://*...*/test.html
i am getting http 404 error.
can anyone help me.
Thank youHi,
thanks for ur response. i make some changes to my configuration which was given in previous post. now i configured as follows:
i kept my test.html and login.html in the iis root folder. and i defined my policy as follows:
Name : form (policy name)
Enabled : Yes
Resource Resource Type :http
URL Prefix : /test.html
Description
Authorization Rules Name ---- Form authorization
Description ---
Enabled --- Yes
Allow takes precedence ----Yes
Allow Access Role---- Any one
Default Rules
Authentication Rule
name of the authentication: policy form authentication
Authentication Scheme : Form authentication -----------------which was created in Access system console
Authorization Expression
Expression : Form authorization
Duplicate Actions: No policy defined for this Authorization Expression. The Access System level default policy for dealing with duplicate action headers will be employed.
Audit Rule
There is no Audit Rule defined.
Policy Name : form policy
Description :
Resource Type: http
Resource Operation(s) : POST
GET
Resource : all
Authentication Rule
policy auth. rule
Authentication Scheme Form authentication
Authorization Expression
There is no Authorization Expression defined.
Audit Rule
There is no Audit Rule defined.
Delegated Access Admins Delegate Rights
People Administrator
Grant Rights
There are no Delegated Access Admins with this right.
Basic Rights
There are no Delegated Access Admins with this right.
and i also created login.html with a method 'post' and pointed out the action to '/access/oblix/apps/webgate/bin/webgate.dll' . i placed it in IIS root folder.
now my auth. schema is as follows.
form: /login.html action:/access/oblix/apps/webgate/bin/webgate.dll passthrough: no creds: usernamevar passwordvar (which are names of fields in login.html)
and the plugin mapping is as follows:
credential_mapping:obMappingBase="cn=users,dc=orademo,dc=com", obMappingFilter="(&(&(objectclass=User)(sAMAccountName=%usernamevar%) )(|(!(obuseraccountcontrol=*))(obuseraccountcontrol=ACTIVATED)) )"
validate_password: obCredentialPassword="passwordvar"
so when i am accessing http://<hostname>/test.html
it is giving popup window like basic auth. schema. i am not getting my login page. and in that even i am logging as admin . it is saying unauthorized user.
please help me how to configure it.
Edited by: new2idm on Feb 17, 2010 9:19 PM
Edited by: new2idm on Feb 17, 2010 9:19 PM -
Form Based Authentication Redirect URL
I'm using form based authentication in standalone OC4J 10.1.3.1. I have set the system property oc4j.formauth.redirect to true to force OC4J to redirect using 302 any successful authentication to j_security_check.
The problem is that the redirect URL loses any query parameters. Here's the raw HTTP being posted:
POST http://localhost:8988/manage/j_security_check HTTP/1.1
Host: mvakoc-pc.peoplesoft.com:8099
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://mvakoc-pc.peoplesoft.com:8099/manage/target?instanceName=denlcmlx1_entserver_1&targetType=entserver
Cookie: JSESSIONID=0a8b7ff6231c049914997fdb4ebb93b4854b0956862b; SignOnDefault=18438; e1AppState=
Content-Type: application/x-www-form-urlencoded
Content-Length: 62
X-Forwarded-For: 10.139.127.246
j_username=username&j_password=password&url=%2Fmanage%2Fhome
However the response back drops off the query parameters:
HTTP/1.1 302 Moved Temporarily
Date: Fri, 05 Jan 2007 21:59:22 GMT
Server: Oracle Containers for J2EE
Content-Length: 231
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Location: http://mvakoc-pc.peoplesoft.com:8099/manage/target
<HTML><HEAD><TITLE>Redirect to http://mvakoc-pc.peoplesoft.com:8099/manage/target</TITLE></HEAD><BODY>http://mvakoc-pc.peoplesoft.com:8099/manage/target</BODY></HTML>
Any workaround?It does not appear to be quite the same issue. That bug indicates that everything works fine in a standalone OC4J environment. This would be true with the use case specified as the original URL (/em/console/ias) does not include any query parameters. In my case the original URL contains query parameters so the ultimate redirected URL should also contain those.
-
Problem in form based authentication
Hi,
I am encountering some problem in form based authentication.
When I try to login for the first time. It reoute me to the image
directory and not to the request page.
When I try it for the second time, it shows
"Form based authentication failed. Could not find session."
And it always show this message no matter how many time I try.
I am not sure is it something that I did not set ...
Thanks for any advice.
EricHi Eric,
It may be a problem in your web.xml, I missed the "/" slash character
in the web.xml's in <form-login-page> element. So your web.xml
must look like
Maybe you are looking for
-
I did a search and the only instance of that name is with the Tom Tom GPS folder and that is not an exe file
-
this is not a question about 'how i do X'. is rather a 'discussion' (flame or whatever, but to defend or argue about aspects, not people) about 'what is wrong with as3' and what aspects whould be taken into consideration for updates. right now i am u
-
PI 7.1 CTS+ - IDOC CC is transfered empty
Hi, We have PI 7.1 SP09 configured with CTS+. Suddenly we get a strange problem, Communication Channels idoc sender type are transfered without "Transport protocol", "Message protocol" & the description. This prevents from the object to be activated
-
If I need to use some vector clip art, but I have to guarantee that's it 100 percent grayscale with no color, I understand that I should open it in Illustrator and change it to grayscale. That's the safest option, right? I work with a designer who ch
-
I've been using me.com since 2008, back then it was a paid service. When the time came, I switched to iCloud, no problem, I enjoy the service. Recently I need to find some sent emails during the period of mid-2011 then I realized that my "Sent" folde