Form based login for KM

Hi,
We have the problem that we get an basic login box when we try to access documents in the KM. (e.g with a link in an eMail)
Is it possible to switch from basic login to form based login for the KM?
If this is possible, how?
Best regards,
Manuel

Good question! On a training server, using /irj/go/km/docs/documents/Public%20Documents/Laptops/Development/Test%20Reports/Performance%20EVO%20N610c%20in%20Network.doc gives the Windows authentication, but http://twdf0399.wdf.sap.corp:50000/irj/go/km/navigation/documents/Public%20Documents/Laptops/Development/Test%20Reports/Performance%20EVO%20N610c%20in%20Network.doc (changing docs to navigation in the URL) gives the form based...

Similar Messages

FORM based login form-error-page

Hi,
I have activated FORM based login for EM (oracle 9iAS on Solaris). So, in web.xml for EMD, I have
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/error/oc4j_error.html</form-error-page>
</form-login-config>
</login-config>
When I login as ias_admin, everything seems fine. However, when I login as any other user (not in ias_admin role), the browser redirects to /emd/console/ias/applicationServer...
Why is the container not redirecting to /emd/error/oc4j_error.html ?
Any input will be truly appreciated. Hopefully I am doing something wrong.
Thanks,
Krishnendu

Hi Frank,
Thanks for your reply. If I have a error page in the FORM login, then the container (according to j2ee specs) should redirect to /emd/oc4j_error.html if I authenticate as a user without administrator privileges.
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/jsp/login.jsp</form-login-page>
<form-error-page>/oc4j_error.html</form-error-page>
</form-login-config>
</login-config>
For all other containers (WAS, WebLogic and Sun Application server, Tomcat), it seems to work fine.
Thanks,
Krishnendu

SSL and login form for form based login over ldap

Hello,
i have configured an apache reverse proxy with virtual named host and the the webgate is also running on this server.
On a second server i have configured a webserver with the login form.
Access to the protected ressources is working when i use the following parameters in my Authentication schema
form:/form/login.html
action:/dummy
creds:userid password
ssoCookie:httponly
passthrough:no
SSL Required No
Challenge Redirect http://dummyserver.dummy.org
Changing the SSL required to yes and the url to https has the following result.
After filling out the login form and pressing the submit button "the requested URL /dummy was not found on this server"
Any hints are welcome.
Kind regards

Hi Colin,
Yes the dummy url is protected. Otherwise it should not work when using http.
I assume that i am not redirected back to the origin source. The obSSOCookie should do this in some way, when i remember that correctly.
I can see that the obSSOCokkies are created for both urls but the content is "loggedoutcontinue". Thats the difference to the http communication.
Is there anything else to configure when using SSL with a form based login. Have i missed some basics?
In the documentation it looks really simple - just trning it on - looking for access - and everything works :-)
KR

Form based login, iframes and session time out

Hi all,
I'm trying to create a site using form based login.
The site contains a page protected page, default.jsp that have a logout button/link (clicking it invalidates the session), and a navigation bar with links linking opening them in iframes inside the default.jsp page:
I have also a login.jsp page and and a error.jsp page
Everything works fine I can login, I can logout. My problem occurs when the session times out and the user tries to access protected contents in the internal frames. He then is promted for a new login. The problem is that the login,jsp page now turns up inside the jframe designatet for my contents.
I woud have liked the login page to turn up at the top level i.e. filling the entire browser window (i.e on the same level as the default.jsp page). Is this somehow possible?
Regards
Uno Engborg

Easy answer: use JS to jump out iframe.
Best answer: don't use iframes, but use server side includes like jsp:include. Iframes have too much disadvangages, topping the extremely bad SEO and UX.

How to get username from Form-based login

I am using form-based login in my web.xml file.
When I attempt to access a protected .jsp page, I get sent to my login page as expected.
When I enter my username/password successfully it forwards me to the .jsp page I was trying to go to, as expected.
From that .jsp page, how do I get the username/password info from the login form? I looked at the session attributes, request attributes, and request parameters, but I don't see anything. Does the form-based authentication remove these variables?
I need the username that is filled out in the login form, so that I can do custom work with it. I cannot ask the user for it again after they login, as that is inefficient and sloppy.

Found it.
request.getUserPrincipal().getName()

Tomcat problem with form based login

Hi,
I have a page for form-based login, but the problem is that the image and css files dont load on the login page request. What I gather from other discussions is that this is because these are still protected when the page is requested. How do I exclude them from being protected.
Nirav

Hi tolmank,
Earlier I just filtered out the login page and images based on the extension, but now I am trying the second approach i.e. making a protected directory, but my application does not start. When i start it from the tomcat manager, it gives me this error,
FAIL - Application at context path /<app dir> could not be started
<web-resource-collection>
     <web-resource-name><app dir></web-resource-name>
     <url-pattern>/protected/*.jsp</url-pattern>
</web-resource-collection>
<login-config>
     <auth-method>FORM</auth-method>
     <form-login-config>
          <form-login-page>Login.jsp</form-login-page>
          <form-error-page>Error.jsp</form-error-page>
     </form-login-config>
</login-config>
what could be wrong?

How to trigger and change password for AD user after form based login

Hello,
We are authenticating against Active Directory with Weblogic 10.3 using FORM based security. Everything is working. I need to now change a password for an authenticated user. For example, I have set a user to have their password expire on next logon from the AD side. The user logs in but somehow I need to trap some info from Active Directory (or an LDAP conversation) to figure out if I need to force the user to change password.
Do I need to start looking at custom code with LDAP Java SDK's or can I use a canned MBean from Weblogic Server.
I am looking at http://www.mozilla.org/directory/ for LDAP.
Can I set/reset an AD user's password with an MBean like the following link?
http://download.oracle.com/docs/cd/E13222_01/wls/docs92/javadocs/index.html?weblogic/management/security/authentication/UserPasswordEditorMBean.html
If anyone has any experience with this or can point me in the right direction let me know.
If anyone else is interested please add to the tread and I'll be sure to keep the found solution(s) updated here.
Thanks...........
JJ Everett

Hello JJ
Please see document ID 403484.1 in http://metalink.oracle.com. This may help to understand what you are aiming to do. Cheers
-- Nathan

How to configure a form based login page with entitlement role

We need to have login page to our portal app.
When using "form based" authentication is it possible to map the security on a
"entitlement role" ?
Our need is to be abled to give direct url acces to some pages of the portal (for
exemple by sending urls like "http://server/appcontextpath/appmanager/myportal/mydesktop?_nfpb=true&_pageLabel=mypage")"
by email to portal users) and need a simple mecanism of authentication before
redirecting to the portal page.
Inste

Olivier,
You can't reference WLP visitor roles in weblogic.xml, but you can
reference global roles (created using the WLS console):
- <security-role-assignment>
<role-name>PortalSystemAdministrator</role-name>
<externally-defined />
</security-role-assignment>
-Phil
"Olivier" <[email protected]> wrote in message
news:[email protected]..
>
We need to have login page to our portal app.
When using "form based" authentication is it possible to map the securityon a
"entitlement role" ?
Our need is to be abled to give direct url acces to some pages of theportal (for
exemple by sending urls like"http://server/appcontextpath/appmanager/myportal/mydesktop?_nfpb=true&_page
Label=mypage")"
by email to portal users) and need a simple mecanism of authenticationbefore
redirecting to the portal page.
Inste

Form based Login

Im trying to add form based logon in my application and have been running into trouble with it. I get to my logon screen and when I enter the information I get the following error from GlassFish:
[Web-Security] Policy Context ID was: Admin/Admin
[Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission /j_security_check POST)
[Web-Security] hasUserDataPermission isGranted: true
Processing login with credentials of type: class com.sun.enterprise.security.auth.login.PasswordCredential
Logging in user [Doug] into realm: Realm using JAAS module: jdbcRealm
Login module initialized: class com.sun.enterprise.security.auth.login.JDBCLoginModule
SEC1112: Cannot validate user [Doug] for JDBC realm, reason: com.microsoft.sqlserver.jdbc.SQLServerException: Invalid object name 'User'.
Cannot validate user
com.microsoft.sqlserver.jdbc.SQLServerException: Invalid object name 'User'.
at com.microsoft.sqlserver.jdbc.SQLServerException.makeFromDatabaseError(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerStatement.getNextResult(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerPreparedStatement.doExecutePreparedStatement(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerPreparedStatement$PrepStmtExecCmd.doExecute(Unknown Source)
at com.microsoft.sqlserver.jdbc.TDSCommand.execute(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerConnection.executeCommand(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerStatement.executeCommand(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerStatement.executeStatement(Unknown Source)
at com.microsoft.sqlserver.jdbc.SQLServerPreparedStatement.executeQuery(Unknown Source)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.isUserValid(JDBCRealm.java:324)
at com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm.authenticate(JDBCRealm.java:299)
at com.sun.enterprise.security.auth.login.JDBCLoginModule.authenticate(JDBCLoginModule.java:72)
at com.sun.enterprise.security.auth.login.PasswordLoginModule.authenticateUser(PasswordLoginModule.java:90)
at com.sun.appserv.security.AppservPasswordLoginModule.login(AppservPasswordLoginModule.java:184)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.sun.enterprise.security.auth.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:295)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:170)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:123)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:419)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:1011)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:622)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
JAAS authentication aborted.
SEC5046: Audit: Authentication refused for [Doug].
doPasswordLogin fails
javax.security.auth.login.LoginException: Security Exception
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at com.sun.enterprise.security.auth.LoginContextDriver.doPasswordLogin(LoginContextDriver.java:295)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:170)
at com.sun.enterprise.security.auth.LoginContextDriver.login(LoginContextDriver.java:123)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:479)
at com.sun.web.security.RealmAdapter.authenticate(RealmAdapter.java:419)
at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at org.apache.catalina.authenticator.AuthenticatorBase.processSecurityCheck(AuthenticatorBase.java:1011)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:622)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
Caused by: java.lang.SecurityException
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:857)
... 35 more
Web login failed: Login failed: javax.security.auth.login.LoginException: Security Exception
[Web-Security] Policy Context ID was: Admin/Admin
[Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission /loginError.jsp GET)
[Web-Security] hasUserDataPermission isGranted: true
[Web-Security] Policy Context ID was: Admin/Admin
[Web-Security] hasUserDataPermission perm: (javax.security.jacc.WebUserDataPermission /images/signon_error_box.jpg GET)
[Web-Security] hasUserDataPermission isGranted: true
[Web-Security] Policy Context ID was: Admin/Admin
[Web-Security] hasResource isGranted: true
[Web-Security] hasResource perm: (javax.security.jacc.WebResourcePermission /images/signon_error_box.jpg GET)
This is the code I put in web.xml
<security-constraint>
   <display-name>Example Security Constraint</display-name>
   <web-resource-collection>
     <web-resource-name>Secured Area</web-resource-name>
           <description/>
           <url-pattern>*.jsp</url-pattern>
           </web-resource-collection>
   <auth-constraint>
     <role-name>Admin</role-name>
   </auth-constraint>
</security-constraint>
<login-config>
   <auth-method>FORM</auth-method>
   <realm-name>MyRealm</realm-name>
   <form-login-config>
     <form-login-page>/login.jsp</form-login-page>
     <form-error-page>/loginError.jsp</form-error-page>
   </form-login-config>
</login-config>
   <error-page>
   <error-code>403</error-code>
   <location>/loginError.jsp</location>
</error-page>I have login.jsp and loginError.jsp and login.jsp contains:
<form action="j_security_check" method="POST">
               Username: <input type="text" name="j_username" value="" size="15" /><br/><br/>
               Password: <input type="password" name="j_password" value="" size="15" /><br/><br/>
               <input type="submit" value="Login" />
               </form>I created a User table and a Roles table in my database using SQL
User
username varchar NOT NULL
userpass varchar NOT NULL
Roles
username varchar NOT NULL
rolename varchar NOT NULL
created my own Realm called MyReal and set the settings to match the database tables and their columns
the class name is set to: com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm
JAAS context: jdbcRealm
JNDI: Required: jdbc/AAADDD
User Table: User
User Name Column: username
Password Column: userpass
Group Table: Roles
Group Name Column: rolename
Assign Group:
Database User: AAADDD
Database Password: AAADDD
Digest Algorithm: md5
Thanks for the help in advance

Is there anyone who can help me with this?

Form-based Auth for DefaultWebApp

I'm using WLS 6.0 SP2 on WIN2K. I tested the sample security
web app that uses form-based auth and am trying to do something
similar w/ the default web app in mydomain.
Here's my web.xml:
<?xml version="1.0" ?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 1.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>

<security-constraint>
<web-resource-collection>
<web-resource-name>Default</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>system</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/fail_login.html</form-error-page>
</form-login-config>
</login-config>

<security-role>
<role-name>administrators</role-name>
</security-role>
</web-app>
When I try to access a web page, http://localhost:7001/res/hello.html,
the browser keeps trying to open that
page. It goes on and on.... I never
get challenged w/ the login form, nor
seeing the page. However, when I change
FORM to BASIC, and delete the "form-login-config"
settings, I get challenged w/ the HTTP
basic auth dialog. Enter my credentials
and I get the page.
How do I config the default web app to use form-based
auth?
Thanks for any help you can provide.
-Muwon

Problem solved. The definition of your <url-pattern>
(within <web-resource-collection>) can't inlcude where
your logon form is.
"Muwon" <[email protected]> wrote:
>
I'm using WLS 6.0 SP2 on WIN2K. I tested the sample security
web app that uses form-based auth and am trying to do something
similar w/ the default web app in mydomain.
Here's my web.xml:
<?xml version="1.0" ?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application
1.2//EN"
"http://java.sun.com/j2ee/dtds/web-app_2_2.dtd">
<web-app>

<security-constraint>
<web-resource-collection>
<web-resource-name>Default</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>system</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/fail_login.html</form-error-page>
</form-login-config>
</login-config>

<security-role>
<role-name>administrators</role-name>
</security-role>
</web-app>
When I try to access a web page, http://localhost:7001/res/hello.html,
the browser keeps trying to open that
page. It goes on and on.... I never
get challenged w/ the login form, nor
seeing the page. However, when I change
FORM to BASIC, and delete the "form-login-config"
settings, I get challenged w/ the HTTP
basic auth dialog. Enter my credentials
and I get the page.
How do I config the default web app to use form-based
auth?
Thanks for any help you can provide.
-Muwon

Can you enable both Windows Based Authentication and Forms Based Authenication for the same web application?

Hello Community
    In WS2012 and SharePoint 2013 Server is it possible when creating a
web application to enable both Windows Based Authentication/Negotiate
(Kerberos) and enable Forms Based Authentication or does the web application
use either one or the other?
    Thank you
    Shabeaut

Yes , you can use dual authentication on same web application. You can use same web application , at OOB login page you will have option to use windows or form login.
Or you can extend your web application to a new web app and configure extended web application to use Form Based Authentication(Note extended web application will also show same content database , so the content will same only url will be different)
http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx
http://gj80blogtech.blogspot.in/2013/11/forms-based-authentication-fba-in.html
Thanks
Ganesh Jat [My Blog |
LinkedIn | Twitter ]
Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.

How do I disable password based login for ssh

Before upgrading to Mountain Lion I had setup my computer to allow remote login via SSH. Now that I have upgraded I can no longer login to my computer via SSH without specifying a password. How do I get back to not having to supply a password to login?
I created a user named `remotepair` and generated a RSA ssh key. I had setup password-less login to this user by adding the public keys of those who login to the ~/.ssh/authorized_keys file and the following settings in /etc/sshd_config
Protocol 2
PubkeyAuthentication yes
PermitRootLogin no
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
AllowUsers remotepair
I also created a question on ServerFault about other issues I have with SSH. I solved the issue by doing a PRAM reset.
Since my settings are no longer working for password-less login, how do I enable password-less login to my Mountain Lion enable Mac?

Output for ssh -vvv [email protected]
OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /Users/jjasonclark/.ssh/config
debug1: Reading configuration data /usr/local/Cellar/openssh/5.9p1/etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to home.jjasonclark.com [50.47.10.153] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/jjasonclark/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /Users/jjasonclark/.ssh/id_rsa type 1
debug1: identity file /Users/jjasonclark/.ssh/id_rsa-cert type -1
debug1: identity file /Users/jjasonclark/.ssh/id_dsa type -1
debug1: identity file /Users/jjasonclark/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jjasonclark/.ssh/id_ecdsa type -1
debug1: identity file /Users/jjasonclark/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu7
debug1: match: OpenSSH_5.3p1 Debian-3ubuntu7 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "home.jjasonclark.com" from file "/Users/jjasonclark/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/jjasonclark/.ssh/known_hosts:20
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-e xchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14
-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],ecd
[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blow fish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.
liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blow fish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.
liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha
1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[email protected],hmac-sha
1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit: none,[email protected],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 80:b1:a1:11:8f:73:3a:bf:29:04:e9:70:18:d8:d5:cd
debug3: load_hostkeys: loading entries for host "home.jjasonclark.com" from file "/Users/jjasonclark/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/jjasonclark/.ssh/known_hosts:20
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "50.47.10.153" from file "/Users/jjasonclark/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/jjasonclark/.ssh/known_hosts:20
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'home.jjasonclark.com' is known and matches the RSA host key.
debug1: Found key in /Users/jjasonclark/.ssh/known_hosts:20
debug2: bits set: 475/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/jjasonclark/.ssh/id_rsa (0x7fbb53c14d60)
debug2: key: /Users/jjasonclark/.ssh/github (0x7fbb53c15600)
debug2: key: /Users/jjasonclark/.ssh/id_dsa (0x0)
debug2: key: /Users/jjasonclark/.ssh/id_ecdsa (0x0)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/jjasonclark/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: /Users/jjasonclark/.ssh/github
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/jjasonclark/.ssh/id_dsa
debug3: no such identity: /Users/jjasonclark/.ssh/id_dsa
debug1: Trying private key: /Users/jjasonclark/.ssh/id_ecdsa
debug3: no such identity: /Users/jjasonclark/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[email protected]'s password:

Updating password for Form Based authentication database using code

Hi,
We have created FBA(Form Based authentication) for SP2010. We are storing all the usernames and Passwords in FBA database. If any user changes their password needs to be save in FBA Database with latest password.
can any one suggest me how to do this one.....
Thanks....

https://msdn.microsoft.com/en-us/library/system.web.security.membershipprovider.changepassword(v=vs.110).aspx
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

[SOLVED] form based logout

Hi,
using Jdeveloper 10.1.3.3 ADF BC & JSF, I've implemented form based login like here: http://technology.amis.nl/blog/?p=1462
the problem is with logout. I have a commandLink and a method:
public void doLogout() throws IOException {
FacesContext ctx = FacesContext.getCurrentInstance();
ExternalContext ectx = ctx.getExternalContext();
HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
HttpSession session = (HttpSession)ectx.getSession(false);
try {
session.invalidate();
response.sendRedirect("../security/pages/login.jsp");
} catch (java.lang.IllegalStateException ex) {
System.out.println(ex.getMessage();
the thing that bothers me is when user logs out, he is redirected to the login page (session is invalidated ok), but when he enters credentials and tries to log in again he gets 404 Not Found message in browser, when I look in log there are no error messages. I've searched forum all over and everybody uses this way for logout so I don't know what could be wrong.
Please help,
thanks in advance,
Tomislav.

found what was the problem. After session.invalidate() I have to redirect user to index.jspx, since session was invalidated it opens login page.

FORM based Authentication issue on Sun ONE AS7

I am trying to use FORM based authentication for a web module I created, and can not get it to work. I have registered the roles through the admin console of the server, and adjusted the web.xml. When I try to use BASIC authentication, I get a 'Authentication refused for []' message before I even log in, and another one after I do. When I use FORM authentication, the URL points to my login.jsp page (no matter what I put in the path, which is what is supposed to happen), however my default servlet (hello.java) is actually run, and the login.jsp page never comes up. I created my jsps and servlet in the mounted [ejb]_WebModule. Please let me know if something seems incorrect here, or if you can think of something I should check...I can't find anything out there to help me.
Here is my web.xml:
<web-app>
<display-name>DiningGuideManager_TestApp</display-name>
<servlet>
<servlet-name>front</servlet-name>
<servlet-class>data.DiningGuideManager_WebModule.hello</servlet-class>
</servlet>
<servlet>
<servlet-name>myPage</servlet-name>
<jsp-file>/myPage.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>front</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Security</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Me</role-name>
<role-name>EveryoneElse</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>Me</role-name>
</security-role>
<security-role>
<role-name>EveryoneElse</role-name>
</security-role>
<ejb-ref>
<ejb-ref-name>ejb/TestedEJB</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>data.DiningGuideManagerHome</home>
<remote>data.DiningGuideManager</remote>
<ejb-link>DiningGuideManager</ejb-link>
</ejb-ref>
</web-app>
for FORM authentication I have this:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Thanks,
Michelle

Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/test/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/test/secure/loginpage.jsp</form-login-page>
<form-error-page>/test/secure/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
"Authentication Mechanism FORM".
Hope that makes more sense.
I've tried restarting tomcat but it makes no difference.

Form based login for KM

Similar Messages

Maybe you are looking for