FWSM: AAA authentication using TACACS and local authorization
Hi All,
In our setup, we are are having FWSMs running version 3.2.22 and users are authenticating using TACACS (running cisco ACS). We would like to give restricted access ( some show commands ) to couple of users to all devices. We do not want to use TACACS for command authorization.
We have created users on TACACS and not allowed "enable" access to them. I have also given those show commands locally on the firewall with privilege level 1. and enabled aaa authorization LOCAL
Now , those users can successfully login to devices and execute those show commands from priv level 1 except "sh access-list". I have specifically mentioned this
"privilege show level 1 mode exec command access-list" in the config.
Is there anything i am missing or is there any other way of doing it?
Thanks.
You cannot do what you are trying to do. For (default login you need to use the first policy matched.
you can diversify telnet/ssh with http by creating different aaa groups.
But still you will be loging in for telnet users (all of them) using one method.
I hope it is clear.
PK
Similar Messages
-
Aaa authentication using tacacs+ for LAP
WIth Autonomous AP, you can configure aaa authtentication using Tacacs+.
In lightweight AP, do u have similar function where u authenticate using tacacs+ when u telnet/ssh into the LAP after it is registered to the WLC?
Rgds
Eng WeeThere really isn't anything you can do on the LAP through telnet/ssh. You can enable TACACS for access to the controller.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080851f7c.shtml -
About 802.1x port authentication using TACACS+
Hi
I have some question. Please help me. Thanks.
Question1. May I use that 802.1x port authentication using TACACS+
Question2. Is it true? TACACS+ will not work with 802.1x because EAP is not supported in TACACS+, and there are no plans to get EAP over TACACS+.
Any help would be greatly appreciated.
Thanks.Thanks to you.
Where to find the documents about Tacacs+ doesn't support EAP?
I cast more time and I cannot find the documents.
Please help me....
Thanks. -
ANM 4.2 - RBAC using Tacacs+ and ACS5.1
I want to configure RBAC for ANM 4,2 using tacacs+ and ACS 5.1
Service = ANM
ANM_UniqueID = ANM_1
RoleName = ANM_Admin
Domain = All
When the admin user logs in, this policy element is triggerd, but the Role is not sent back.
How to configure the Custom Attribute?
Cheers,
WolffCould you please move this tread to AAA community, since this community is mostly about load-balancing and I doubt that you will get any answers here. You can find AAA community here: https://supportforums.cisco.com/community/netpro/security/aaa
You should be able to move it by clicking on "Move thread" on the right side and then navigating to Communities -> Security -> AAA
Thanks -
OSB Authentication using username and password (plaintext or digest)
Hi,
I want to implement a simple osb authentication using username/password (plain text or digest) , so that client required to provide username password token in soap header (message Level security) to access our webservices. I have read some of articles which shows how to create custom ws policy, but received following error during deployment.
weblogic.wsee.ws.init.WsDeploymentException: The WebLogic Server 9.x-style policy is not supported in JAX-WS web services
Please note - I can not install OWSM as part of my requirement
=======
<?xml version="1.0"?>
<!-- WS-SecurityPolicy -->
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wssp="http://www.bea.com/wls90/security/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part">
<!-- Identity Assertion -->
<wssp:Identity>
<wssp:SupportedTokens>
<!-- Use UsernameToken for authentication -->
<wssp:SecurityToken IncludeInMessage="true"
TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
<wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"/>
</wssp:SecurityToken>
</wssp:SupportedTokens>
</wssp:Identity>
</wsp:Policy>You can use the default Auth.xml WS policy in OSB and be able implement the authentication using username and plain text password.
Just assign the Auth.xml on the Request Policies of the Proxy Service (under Policies).
Then use any user credentials that has access to the domain for testing.
If you want to restrict access for each operation then in the Security tab, under Message Access Control, specify a Role.
Then in the OSB > Security Configuration, create the appropriate role with the specific role conditions like User is User1 or User is User2 etc ...
Hope this helps.
Thanks,
Patrick -
PIX 525 aaa authentication with both tacacs and local
Hi,
I have configured the aaa authentication for the PIX with tacacs protocol (ACS Server).
It works fine, now i would like to add the back up authentication, as follows:
- If the ACS goes down i can to be authenticated with the local database.
Is it possible with PIX, if yes how?Hi,
I am trying to configure aaa using TACACS+ , i am not able to close.Problems are
1.It dosent ask for username /password in first level.
2.on second level it asks for user name it dosent authenticate the user .
Cud u pls let me know if the following config is correct.If not cud u help me .
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ (outside) host ip.ip.ip.ip key timeout 15
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
aaa authentication include tcp/0 inside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
aaa authentication include tcp/0 outside 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 TACACS+
aaa authen enable console TACACS+ -
Cisco Nexus to use Radius AAA authentication using Microsoft 2008 NPS
I have a Nexus 7010 running
Just wondering if you can help me with something. I'm having an issue with command authorization thru our aaa config. We don't have a problem authenticating its command authorization that is not working. From what I have seen and read Nexus NX-OS 6.x does not have any commands for aaa authorization unless you are configuring TACACS+. My basic config is below if you can help it would be much appreciated.
>>ip radius source-interface mgmt 0
>>radius-server key XXXXX
>>radius-server host X.X.X.X key XXXXX authentication accounting
>>radius-server host X.X.X.X key XXXXX authentication accounting aaa
>>authentication login default group Radius_Group aaa authentication
>>login console local aaa group server radius Radius_Group
>> server X.X.X.X
>> server X.X.X.X
>> source-interface mgmt0
Also does anyone know how to configure Microsoft 2008 NPS as a Raduis server to work with Nexus? I have read a few post that suggest changing the
shell:roles="vdc-admin" in the Attribute Value field in the RADIUS server
Does anyone know if this works????
ThanksI have never done this before with ACS but not with NPS. However, you are in the right path. Nexus uses NX-OS which is different in some regards to regular IOS. One of those differences is the AAA setup. In NX-OS you assign users to roles. So for full access you will need to return the following attributes from your Radius server:
Attribute: cisco-av-pair
Requirement: Mandatory
Value: shell:roles*"network-admin vdc-admin"
For more information take a look at this link:
http://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/115925-nexus-integration-acs-00.html
Hope this helps
Thank you for rating helpful posts! -
Same user in tacacs and local database with different privilege
Hi there,
i am just not sure if this is correct behavior.
i am running NX-OS image n5000-uk9.5.1.3.N1.1.bin on the nexus 5020 platform.
i have configured authorization with tacacs+ on ACS server version 5.2 with fall back to switch local database.
aaa authentication login default group ACS
aaa authorization commands default group ACS local
aaa accounting default group ACS
a user test with priv 15 is craeted on ACS server, password test2
everything works fine, until i create the same username on the local database with privilege 0. ( it doesnt matter if the user in local database was created before user in ACS or after )
e.g.:
username test password test1 role priv-0 (note passwords are different for users in both databases)
after i create the same user in local database with privilege 0,
if i try to connect to the switch with this username test and password defined on ACS, i get only privilege 0 authorization, regardless, that ACS server is up and it should be primary way to authenticate and authorizate the user.
is this normal?
thank you for help...Hello.
Privileges are used with traditional IOS. Privileges are part of "command authorization". Other operating systems (like IOS-XR, Nexus OS , Juniper JunOS) use "role-based authorization" instead of "command authorization".
So traditional IOS can use the "privilege" attribute but other operating systems can not.
Although IOS-XR, Nexus, ACE, Juniper have "roled-based authorization" feature, every single one of them use their particular attributes.
When I was configuring TACACS with ACE, Juniper and other devices I had to capture the packets to find out what were the particular attributes of ACE, what were the particular attributes of JunOS, etc, etc and to search deeply some hints the documentation , because sadly documentation is not very good when talking about TACACS details.
If you find which attributes to use, and what values to assign to the attributes then you can go to ACS and configure a "Shell Profile".
Now back to Nexus 5000. It seems this particular device has the option to mix "role-based" with "command authorization" by overriding the default roles with other roles which names are called "priv". It seems this was an effort to try to map the old concept of "privileges" to the new concept of "roles". Although you see the word "priv", it's just the name of the role. My particular point of view is that this complicates the whole thing. I would recommend to use just the default roles, or customize some of them (only if needed), but not to use "command authorization".
http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/security/502_n1_1/Cisco_n5k_security_config_gd_rel_502_n1_1_chapter5.html
I will search the particular attributes Nexus use to talk to TACACS server. If I got them I will post them here.
Please rate if it helps -
AAA authentication not working and 'default' method list
Guys,
I hope someone can help me here in troubleshooting AAA issue. I have copied configuration and debug below. The router keeps using local username/password even though ACS servers are reachable and working. From debugs it seems it keeps using 'default' method list ignoring TACACS config. Any help will be appreciated
Config
aaa new-model
username admin privilege 15 secret 5 xxxxxxxxxx.
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization console
aaa authorization exec default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa authorization reverse-access default group tacacs+ local
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa session-id common
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
tacacs-server host x.x.x.x
tacacs-server directed-request
tacacs-server key 7 0006140E54xxxxxxxxxx
ip tacacs source-interface Vlan200
Debugs
002344: Dec 5 01:36:03.087 ICT: AAA/BIND(00000022): Bind i/f
002345: Dec 5 01:36:03.087 ICT: AAA/AUTHEN/LOGIN (00000022): Pick method list 'default'
002346: Dec 5 01:36:11.080 ICT: AAA/AUTHEN/LOGIN (00000022): Pick method list 'default'
core01#
002347: Dec 5 01:36:59.404 ICT: AAA: parse name=tty0 idb type=-1 tty=-1
002348: Dec 5 01:36:59.404 ICT: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0 port=0 channel=0
002349: Dec 5 01:36:59.404 ICT: AAA/MEMORY: create_user (0x6526934) user='admin' ruser='core01' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII service=NONE priv=15 initial_task_id='0', vrf= (id=0)
002350: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): Port='tty0' list='' service=CMD
002351: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/CMD: tty0 (2162495688) user='admin'
002352: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV service=shell
002353: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV cmd=configure
002354: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV cmd-arg=terminal
002355: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): send AV cmd-arg=<cr>
002356: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): found list "default"
002357: Dec 5 01:36:59.404 ICT: tty0 AAA/AUTHOR/CMD (2162495688): Method=tacacs+ (tacacs+)
002358: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC+: (2162495688): user=admin
002359: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC+: (2162495688): send AV service=shell
002360: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC+: (2162495688): send AV cmd=configure
002361: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC+: (2162495688): send AV cmd-arg=terminal
002362: Dec 5 01:36:59.404 ICT: AAA/AUTHOR/TAC+: (2162495688): send AV cmd-arg=<cr>
Enter configuration commands, one per line. End with CNTL/Z.
core01(config)#
002363: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): Post authorization status = ERROR
002364: Dec 5 01:37:04.261 ICT: tty0 AAA/AUTHOR/CMD (2162495688): Method=LOCAL
002365: Dec 5 01:37:04.261 ICT: AAA/AUTHOR (2162495688): Post authorization status = PASS_ADD
002366: Dec 5 01:37:04.261 ICT: AAA/MEMORY: free_user (0x6526934) user='admin' ruser='core01' port='tty0' rem_addr='async' authen_type=ASCII service=NONE priv=15
core01(config)#Are the tacacs+ servers reachable using the source vlan 200. Also in the tacacs+ server can you check if the IP address for this device is correctly configured and also please check the pwd on both the server and this device match.
As rick suggested sh tacacs would be good as well. That would show failures and successes
HTH
Kishore -
WAAS Authentication using TACACS+
Hi,
I am trying to use TACACS as the primary method of authentication. The thing is that I configured in WAAS the values required (security word, primary server and secondary server). Also, in Authentication Method I chose TACACS as primary and local as the secondary.
After that I logged in to the WAAS using my TACACS account and I could enter, but the Navigation Pane is empty. It seems like my account doesn't have permissions to change config, but it is level 15 in TACACS ( I used to change config in Sw and routers).
I dont know if I am missing a step to config this feature either on the WAAS or the ACS.
Thanks,TACACS really only provides a single "A" Authentication.
Are you allowed or not....
in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.
Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.
Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated. -
Privilege mode authentication using Tacacs for Cisco Routers
I am trying to set up a test environment where I need to be able to be asked for both a username and password while entering enable mode from exec mode on a cisco IOS router. I was told the only way to do that is through Tacacs. But I've not seen any such configuration options on Tacacs in order to set it up right. Has someone ever did a setup like this before. I would appreciate any help on this. Thanks.
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
hostname 2621-3
boot-start-marker
boot system flash c2600-i-mz.123-26.bin
boot-end-marker
logging buffered 5001 debugging
no logging console
no logging monitor
enable password cisco
memory-size iomem 10
clock timezone CST -7
clock summer-time CST recurring
aaa new-model
aaa authentication login default local
aaa authentication enable default group tacacs+
aaa authorization exec default group tacacs+ local
aaa session-id common
ip subnet-zero
ip cef
no ip domain lookup
ip domain name int.voyence.com
ip name-server 192.168.21.5
!key chain jetef
key 10
key-string c1sco
modemcap entry ZOOM
modemcap entry ZOOM
username jeff password 0 jeff
tacacs-server host 192.168.21.230 key cisco
tacacs-server host 10.6.230.32
tacacs-server directed-request
tacacs-server key dakey
line con 0
exec-timeout 15 0
logging synchronous
speed 115200
line aux 0
exec-timeout 15 0
password 7 104D000A0618
logging synchronous
modem InOut
modem autoconfigure discovery
terminal-type monitor
transport input all
stopbits 1
flowcontrol hardware
line vty 0 4
exec-timeout 15 0
password cisco
private
logging synchronous -
Tacacs + and local account
Hello all.. Im trying to set up my cisco switch not to use the local account if the tacacs server is up. Here is what I have so far..thanks
aaa new-model
aaa authentication login default group tacacs+ local
aaa authorization config-commands
aaa authorization exec default group tacacs+ if-authenticated
aaa authorization commands 15 default group tacacs+ local
aaa accounting send stop-record authentication failure
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+The current configuration you have will work in your favor.
aaa authentication login default group tacacs+ local
This command says user will be able to login via local username //password only if tacacs server goes down.
Conclusion : local user will not be able to authenticate in tacacs server presence.
HTH
Regds, Jatin
Do rate helpful posts~ -
Client remote Authentication using JAAS and EJB Access
Hi,
I have a problem using JAAS in combination with Sun One Appserver 8.1 and a java remote client trying to access an EJB. Here is the scenario:
I have implemented an EJB who's methods are protected through the deployment descriptor:
<assembly-descriptor>
<security-role>
<description>role for clients outside of the server </description>
<role-name>sedna</role-name>
</security-role>
<method-permission>
<role-name>sedna</role-name>
<method>
<ejb-name>ServerInfoBean</ejb-name>
<method-intf>Remote</method-intf>
<method-name>*</method-name>
</method>
</method-permission>
<method-permission>
<unchecked/>
<method>
<ejb-name>ServerInfoBean</ejb-name>
<method-name>getVersion</method-name>
</method>
<method>
<ejb-name>ServerInfoBean</ejb-name>
<method-name>create</method-name>
</method>
</method-permission>
</assembly-descriptor>I've deployed the EJB in a jar file which was packed into an ear file of a bigger application. The role has been mapped to the admin Principal in the sun-ejb-jar.xml descriptor.
I can find the EJB, create it, and call the unchecked method getVersion and that works fine, so far so good.
But then I try to access another method which is protected and then I get this exception
org.omg.CORBA.NO_PERMISSION: vmcid: 0x2000 minor code: 1806 completed: Maybe
at com.sun.enterprise.iiop.POAProtocolMgr.mapException(POAProtocolMgr.java:179)
at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:853)
at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:137)
...I have to mention that I do make a login via the LoginContext. My jaas.config File has a reference to the com.sun.enterprise.security.auth.login.ClientPasswordLoginModule module.
After login (which works perfectly) I lookup the context with a corbaname url which - if I understood it right - ignores the Context.SECURITY_PRINCIPAL and Context.SECURITY_CREDENTIALS settings.
After that I make the calls to the EJB. And I am allways ANONYMOUS on the server side, which is definitely the problem. Because ANONYMOUS is not allowed to call the protected EJB Methods. But I made a jaas login in advance. So where am I making a mistake???
Am I doing something wrong?
Need help! Thx,
StephanHi.
I understand correctly that you call Subject.doAs on
the client to call the remote EJB. I guess It isn't
right way.I had also a bad feeling about this, so I forget it. But anyway it wasn't working with or without using that doAs().
>
>
Subject contextSubject =
Subject.getSubject(AccessController.getContext());
contextSubject.getPrincipals();This code throws exceptions in the Appserver. Unfortunately they are catched somewhere so I'm unable to find out what was going wrong. But I guess, that these exceptions where security exceptions. Never the less thanks for the hint!
But I don't think that doing the check on the server side is the way I want to go because that is programmatically security and I want to use the declarative security which can be used through the deployment descriptor. If used correctly - and supposed I do not completely misunderstand the specification - then it should be possible to create an EJB that is protected via it's deployment descriptor and access it through the client only if the client has been authenticated through JAAS mechanisms. After successful authentication the principal should be accessible through the EJB context but not for security check, that should allready been done at this time.
Unfortunately I don't find any resource on the internet describing the scenario in such a detail that I can reproduce it. There are only very high level documentations and hints in forums.
Again, thanks for your effort,
Stephan -
Authentication using userCertificate and SASL External
hi!
I try to authenticate using SASL "External" and SSL.
The SSL connection works fine, also SASL when using "Digest-MD5" but when I try to authenticate using "External" I get connected as anonymous.
Here is what I did:
I created a self-signed certificate with owner "uid=xyz,ou=OrgUnit1,ou=OrgUnit2,o=Org".
My client has this certificate in it's keystore.
The server has an entry with "dn=uid=xyz,ou=OrgUnit1,ou=OrgUnit2,o=Org" an this entry has the userCertificate attribute, which also contains my self-signed certificate.
I edited the "certmap.conf" file like this:
certmap default default
default:DNComps
default:FilterComps uid
default:verifycert on
As I understood the manual, this means the server should search the directory for an RDN "uid=xyz" and check if the certificate of this user is the same as the one provided by the client. If it is, the client should get the permissions of this entry.
But in the logfile I always get this message:
conn=4 fd=1148 slot=1148 SSL connection from 172.16.0.190 to 172.16.0.190
conn=4 SSL 128-bit RC4
conn=4 op=0 BIND dn="" method=sasl version=3 mech=EXTERNAL
conn=4 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn=""
conn=4 op=1 SRCH base="uid=xyz,ou=OrgUnit1,ou=OrgUnit2,o=Org" scope=0 filter="(objectClass=*)" attrs="entryid"
conn=4 op=1 RESULT err=0 tag=101 nentries=1 etime=0
conn=4 op=2 fd=1148 closed - A1
So, one possibility is I understood something completly wrong and the other is the server doesn't find the entry "uid=xyz,ou=OrgUnit1,ou=OrgUnit2,o=Org" because of any misconfiguration or I need a user certificate, which has been issued by a CA...
Can anyone help me?
Thanks a lot!
FlorianNikolay,
Assuming you mean authenticaion to your developed application and not the HTML DB facilities, yes you can do that. Take a look at the custom_page_sentry function that appears on this forum in several threads, e.g., Re: NTLM with Cookies ... - is someone there After you change this function to meet your requirements (cookie names, etc.) and compile it in your application's schema, you'd create a new authentication schema and type 'return custom_page_sentry;' into the page sentry function field. Then enter a URL to your site's login page into the Invalid Session URL field. Then make the new authentication scheme the current scheme. Of course, with this solution, you are responsible for making it as secure as you need it to be, preventing cookie forgery/theft, etc.
Scott -
Using ResourceBundle and Locale in an Applet
hello,
i worked out a little application to use with multilanguage support.
i wrote two classes so i can start the application within a jar file located on my computer and anotherone to launch it as an applet...
for development i use Eclipse; when i try to run it in eclipse everything works fine (although i limit the access of the applet!)
when i try to run the applet in IE i get the error message:
java.security.AccessControlException: access denied (java.util.PropertyPermission user.dir read)i did not use the function "System.getProperty("user.dir")" in MY code which is referred!
so i guess its one of the included packages:
ResourceBundle | Locale
how can i solve this problem as its working in the limited access applet in eclipse??
thanks in advancenote: i do load the .properties file from the JAR package, not from hdd!
here is my code
import java.util.Locale;
import java.util.ResourceBundle;
public class Xlocale {
private Locale locale = Locale.ENGLISH;
private ResourceBundle thisLocaleRB;
public Xlocale(String aXlocaleName, String aLocale) {
setLocale(getLocale(aLocale)); //if you leave this line it won't work *hmm?*
if (thisLocaleRB == null || getLocale() != thisLocaleRB.getLocale()) {
try {
thisLocaleRB = ResourceBundle.getBundle(aXlocaleName, getLocale());
} catch (Exception e) {
//System.err.println(e.getLocalizedMessage()+" ["+System.getProperty("user.dir")+"\\"+aXlocaleName+"_"+getLocale()+".properties]\n");
public String getString(String key, String dv) {
String val = thisLocaleRB.getString(key);
if (val == null)
return dv;
else
return val;
public void setLocale(Locale l) {
this.locale = l;
public Locale getLocale() {
return this.locale == null ? Locale.ENGLISH : locale;
public static Locale getLocale(String loc)
if(loc!=null && loc.length()>0)
return new Locale(loc);
else
return Locale.ENGLISH;
}
Maybe you are looking for
-
Calling function in another button?
I have 2 Movie Clips which create a menu system. When you hover the mouse over the 2nd button (will be adding more as soon as I figure this road block out) it drops down a menu. [Home][Forums] In the movie clip of "Forums", I created 2 labels. 1 is f
-
A Web Page Development Question
Hi, I want to develop a web page with an image. By clicking different areas on the image, people can go to different links. There are many such areas on the image. How can I implement that? Answer or whereabout of the answer is appreciated. myao1
-
Why is my scrolling jerky and not smooth?
Hi, I just bought a refurbished MBPro early 2013 model. However I noticed that the scrolling is not very smooth when using multitouch scroll, and can be quite jerky, particularly with Safari (I am using Chrome). I have already tried restarting in Saf
-
So pls explain me why it's happening
-
Hi everyone, I would like to discuss with you about User Management Strategy for multi-site MII implementations. What is the best architecture for the UME instances when you have MII users both on the corporate level and the shop floor level? Conside