GETTIN USER ID SESSION AND CLEARING IT IN LOGOUT
Hi
i ve a action class in which i ve put in the user id in session .
but for logout i dont ve session.. and
i ve 3-4 pages (ie) the main page is admin.do but when i do..
http://....... admin.do it opens and also when i try to do
http://......xyz.do
the page opens
the page should not open when i do xyz.do
if some1 does xyz.do then it should be redirected to login page(ie) admin.do
i tried to do
getRequest().getSession().getAttribute("userId", userInfo.getUserId() );in my xyz.do action class
but i am not able to go get Attribute.. i get an error saying
error msg
The method getAttribute(String) in the type HttpSession is not applicable for the arguments
(String, String)any suggestions?
thankx
this error means that you work this method in a wrong way.
this method wants only one input(as a String).not two.
this method works like the HashMap class get(Object key).
i mean that you have one key for each value is saved in HttpSession.
take a look at this code below,maybe will understand better what I'm trying to say.
this code is from the book:
"advanced java 2 platform,how to program"(this book is really very good).
Informations are in www.deitel.com.
now available this one:"Java How to Program, 7/e"
1 // Fig. 9.24: SessionServlet.java
2 // Using HttpSession to maintain client state information.
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
9
10 public class SessionServlet extends HttpServlet {
11 private final Map books = new HashMap();
12
13 // initialize Map books
14 public void init()
15 {
16 books.put( "C", "0130895725" );
17 books.put( "C++", "0130895717" );
18 books.put( "Java", "0130125075" );
19 books.put( "VB6", "0134569555" );
20 }
21
22 // receive language selection and create HttpSession object
23 // containing recommended book for the client
24 protected void doPost( HttpServletRequest request,
25 HttpServletResponse response )
26 throws ServletException, IOException
27 {
28 String language = request.getParameter( "language" );
29
30 // Get the user's session object.
31 // Create a session (true) if one does not exist.
32 HttpSession session = request.getSession( true );
33
34 // add a value for user's choice to session
35 session.setAttribute( language, books.get( language ) );
36
37 response.setContentType( "text/html" );
38 PrintWriter out = response.getWriter();
39
40 // send XHTML page to client
41
42 // start XHTML document
43 out.println( "<?xml version = \"1.0\"?>" );
44
45 out.println( "<!DOCTYPE html PUBLIC \"-//W3C//DTD " +
46 "XHTML 1.0 Strict//EN\" \"http://www.w3.org" +
47 "/TR/xhtml1/DTD/xhtml1-strict.dtd\">" );
48
49 out.println(
50 "<html xmlns = \"http://www.w3.org/1999/xhtml\">" );
51
52 // head section of document
53 out.println( "<head>" );
54 out.println( "<title>Welcome to Sessions</title>" );
55 out.println( "</head>" );
56
57 // body section of document
58 out.println( "<body>" );
59 out.println( "<p>Welcome to Sessions! You selected " +
60 language + ".</p>" );
61
62 // display information about the session
63 out.println( "<p>Your unique session ID is: " +
64 session.getId() + "<br />" );
65
66 out.println(
67 "This " + ( session.isNew() ? "is" : "is not" ) +
68 " a new session<br />" );
69
70 out.println( "The session was created at: " +
71 new Date( session.getCreationTime() ) + "<br />" );
72
73 out.println( "You last accessed the session at: " +
74 new Date( session.getLastAccessedTime() ) + "<br />" );
75
76 out.println( "The maximum inactive interval is: " +
77 session.getMaxInactiveInterval() + " seconds</p>" );
78
79 out.println( "<p><a href = " +
80 "\"servlets/SessionSelectLanguage.html\">" +
81 "Click here to choose another language</a></p>" );
82
83 out.println( "<p><a href = \"sessions\">" +
84 "Click here to get book recommendations</a></p>" );
85 out.println( "</body>" );
86
87 // end XHTML document
88 out.println( "</html>" );
89 out.close(); // close stream
90 }
91
92 // read session attributes and create XHTML document
93 // containing recommended books
94 protected void doGet( HttpServletRequest request,
95 HttpServletResponse response )
96 throws ServletException, IOException
97 {
98 // Get the user's session object.
99 // Do not create a session (false) if one does not exist.
100 HttpSession session = request.getSession( false );
101
102 // get names of session object's values
103 Enumeration valueNames;
104
105 if ( session != null )
106 valueNames = session.getAttributeNames();
107 else
108 valueNames = null;
109
110 PrintWriter out = response.getWriter();
111 response.setContentType( "text/html" );
112
113 // start XHTML document
114 out.println( "<?xml version = \"1.0\"?>" );
115
116 out.println( "<!DOCTYPE html PUBLIC \"-//W3C//DTD " +
117 "XHTML 1.0 Strict//EN\" \"http://www.w3.org" +
118 "/TR/xhtml1/DTD/xhtml1-strict.dtd\">" );
119
120 out.println(
121 "<html xmlns = \"http://www.w3.org/1999/xhtml\">" );
122
123 // head section of document
124 out.println( "<head>" );
125 out.println( "<title>Recommendations</title>" );
126 out.println( "</head>" );
127
128 // body section of document
129 out.println( "<body>" );
130
131 if ( valueNames != null &&
132 valueNames.hasMoreElements() ) {
133 out.println( "<h1>Recommendations</h1>" );
134 out.println( "<p>" );
135
136 String name, value;
137
138 // get value for each name in valueNames
139 while ( valueNames.hasMoreElements() ) {
140 name = valueNames.nextElement().toString();
141 value = session.getAttribute( name ).toString();
142
143 out.println( name + " How to Program. " +
144 "ISBN#: " + value + "<br />" );
145 }
146
147 out.println( "</p>" );
148 }
149 else {
150 out.println( "<h1>No Recommendations</h1>" );
151 out.println( "<p>You did not select a language.</p>" );
152 }
153
154 out.println( "</body>" );
155
156 // end XHTML document
157 out.println( "</html>" );
158 out.close(); // close stream
159 }
160 }
Similar Messages
-
Dowload open and cleared invoices to Users PC
Hi Friends..
Can someone suggest how to download the open and cleared invoices in an excel format to users PC either in foreground or bakground based on customer account (KNA1-kunnr) and company code..
your help is greatly appreciateld and rightly rewarded...
Thanks again..hi Kranthi,
here is the sample code for GUI_DOWNLOAD AND GUI_UPLOAD
hope this might help you
GUI_DOWNLOAD
DATA: W_WSD_FILENAME01 TYPE STRING,
W_WSD_FILETYPE01 TYPE CHAR10.
W_WSD_FILENAME01 = P_OUT1.
W_WSD_FILETYPE01 = 'DAT'.
CALL FUNCTION 'GUI_DOWNLOAD'
EXPORTING
BIN_FILESIZE =
FILENAME = W_WSD_FILENAME01
FILETYPE = W_WSD_FILETYPE01
APPEND = ' '
WRITE_FIELD_SEPARATOR = ' '
HEADER = '00'
TRUNC_TRAILING_BLANKS = ' '
WRITE_LF = 'X'
COL_SELECT = ' '
COL_SELECT_MASK = ' '
DAT_MODE = ' '
CONFIRM_OVERWRITE = ' '
NO_AUTH_CHECK = ' '
CODEPAGE = ' '
IGNORE_CERR = ABAP_TRUE
REPLACEMENT = '#'
WRITE_BOM = ' '
TRUNC_TRAILING_BLANKS_EOL = 'X'
WK1_N_FORMAT = ' '
WK1_N_SIZE = ' '
WK1_T_FORMAT = ' '
WK1_T_SIZE = ' '
IMPORTING
FILELENGTH =
TABLES
DATA_TAB = ITAB_VBAK
FIELDNAMES =
EXCEPTIONS
FILE_WRITE_ERROR = 1
NO_BATCH = 2
GUI_REFUSE_FILETRANSFER = 3
INVALID_TYPE = 4
NO_AUTHORITY = 5
UNKNOWN_ERROR = 6
HEADER_NOT_ALLOWED = 7
SEPARATOR_NOT_ALLOWED = 8
FILESIZE_NOT_ALLOWED = 9
HEADER_TOO_LONG = 10
DP_ERROR_CREATE = 11
DP_ERROR_SEND = 12
DP_ERROR_WRITE = 13
UNKNOWN_DP_ERROR = 14
ACCESS_DENIED = 15
DP_OUT_OF_MEMORY = 16
DISK_FULL = 17
DP_TIMEOUT = 18
FILE_NOT_FOUND = 19
DATAPROVIDER_EXCEPTION = 20
CONTROL_FLUSH_ERROR = 21
OTHERS = 22 .
IF SY-SUBRC <> 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
GUI_UPLOAD
DATA W_WSU_FILENAME02 TYPE STRING.
DATA W_WSU_FILETYPE02 TYPE CHAR10.
W_WSU_FILETYPE02 = 'ASC'.
CALL FUNCTION 'GUI_UPLOAD'
EXPORTING
FILENAME = W_WSU_FILENAME02
FILETYPE = W_WSU_FILETYPE02
TABLES
DATA_TAB = ITAB_INFILE
EXCEPTIONS
FILE_OPEN_ERROR = 1
FILE_READ_ERROR = 2
NO_BATCH = 3
GUI_REFUSE_FILETRANSFER = 4
INVALID_TYPE = 5
NO_AUTHORITY = 6
UNKNOWN_ERROR = 7
BAD_DATA_FORMAT = 8
HEADER_NOT_ALLOWED = 9
SEPARATOR_NOT_ALLOWED = 10
HEADER_TOO_LONG = 11
UNKNOWN_DP_ERROR = 12
ACCESS_DENIED = 13
DP_OUT_OF_MEMORY = 14
DISK_FULL = 15
DP_TIMEOUT = 16
OTHERS = 17
IF SY-SUBRC <> 0.
MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
ENDIF.
Regards,
Santosh -
I am trying to sign in to attend a session and it says 'Invalid user or password. Please try again.' I have reset my password and it still doesn't work. I created a new AdobeID and it still doesn't work. I need to attend this training. How can I get in?
Sorry to hear about this problem. What site are you trying to log in on? Is it a Mozilla site? Usually you don't need to register or sign in to a Mozilla site to use Firefox. Usually you can just go straight to where you want to go.
-
Killing User sessions and user calcs
Hi all,
We have a situation where users run their business rules during evening and at times in night.
We also have a maxl script which does aggregation and other calcs daily in night and it does not run as other calcs are launched by users.
Is it possible to kill the user session and calcs launched by users before running maxl calculation for consolidations?
I know I can do in in EAS, but want to try to do it in MAxL for automation.
Thanks in advanceYou would be better off locking people out. After you kick off the automated calc, killing sessions doesn't stop them from initiating calcs while your automated calc is running. In answer to your question, yes, you can do that in maxl.
alter system kill request all;
You have other options if you want to be more selective on what you kill.
kill request <session-id>
kill request by user
kill request on application
kill request on database
Check out the technical documentation for more info - http://docs.oracle.com/cd/E17236_01/epm.1112/esb_tech_ref/launch.html.
Kyle Goodfriend
http://www.in2hyperion.com
Please make sure to assign helpful/answered to responses if applicable - it rewards those who help and benefits the user community. -
Symptom
RD License server is a key component of RDS. It licenses users to access RDS servers.
After purchase the required RDS CALs, we need to activate the RDS License server and install the purchased RDS CALs. However, during the installation or after installation, we may face errors
about RDS License.
In most cases, the following error may occur.
Error:
The Remote Desktop Session Host server is in Per User licensing mode and No Redirector Mode, but license server "Server name" does not have any installed licenses with the following
attributes:
Product version: Windows Server 2012
Licensing mode: Per User
License type: RDS CALs
Troubleshooting
1. Check whether the RD License Configuration is configured properly and there are no Warnings in the Event.
2. The License Server should be part of 'RD Server License' group in Active Directory Domain Services.
3. Check if the Licensing Mode is correct.
- To change the Licensing Mode we can use RD Licensing diagnose, PowerShell cmdlet and Group Policy.
Via PowerShell cmdlet:
To change the licensing mode on RDSH/RDVH:
$obj = get-wmiobject -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
$obj.ChangeMode(value)
# Value can be 2 - per Device, 4 - Per user
Via Group Policy
Path: Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing
Use the specified RD license servers = FQDN of server name
Set the Remote Desktop licensing mode =
Per User
However, if issue persists, please provide detailed information and post the question in the
Remote Desktop Services (Terminal Services) forum.
Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.Hi Richard,
You need to uninstall Remote desktop session host feature. After removing it, you will default two connections which does not need to purchase RD CALs'.
Thanks,
Umesh.S.K -
OBIEE Session and User list using query
Hi,
Is there a way to query the active sessions and its user in OBIEE.
I need the details (as shown in session info of admin page) in attached pic, using query.
My requirement is to limit the number of people accessing my application. Like if I configure 5, only 5 active session should be allowed in OBIEE.Hello 2790438,
No we cannot achieve this in the current version,Oracle is working on this.
Regards,
< Spam signature link deleted by moderator -- it violates OTN forum guidelines as noted in the FAQ's > -
With VBScript, can you map a local TS Client session users My Docs and Desktop?
I was wondering if there is a way using a VB logon script to have the remote server auto create network mapped drives to users local systems Desktop and My Docs Folder. This way users can save/upload files to their local system drive, skipping the
process of setting up RDP advanced settings, allowing access to local drives. Doing so, the user still has to drill their way to one of these two specific folders.
The Logon would create the two mapped as Network drives that path right to their local systems Desktop and MY Docs folders.
IE:
"\\davidr-310\c$\Users\davidr\Desktop" (Map to the remote server session as drive L: for example)
"\\ davidr-310\c$\Users\davidr\Documents" (Map to the remote server as drive M: for example)
Both examples above show my local system name [davidr-310] which is my systems network / ad computer name.
Users and Computers are all in AD on a corp lan. Comments or alternate methods to achieve this would be greatly appreciated.
I am hopeful the local system user desktop path/docs folders can be queried from the remote server and these two network drives be mounted automatically.
Thank you,
David RothWe have an 2008 Enterprise server with Terminal Services installed. There is a feature called RemoteApp Manager that is just like logging into the remote TS box but instead of the whole server session (desktop, drives, etc) in only presents the application
in the local user desktop environment.
For the user, it it appears just as any other application does from their system. The application remotely from the TS server, but looks just like its running on the local user desktop. There is a TS user connection/session but they don't see
anything but the app on their desktop. They interact with the application just like any other application on their local system.
The issue is because the application is running remotely from the TSBox, when it opens the application FILE dialog box, its presented with the file structure of the server user session. Having the local user Desktop/My Docs mapped when the user logs
in to the TS remote App session, would allow the user one click access to their local desktop and Docs folders.
Thanks -
Killing user session & and update v$session
i use
alter system kill session 'sid,serial#) immediate.
user session killed but not clean, V$session show that user connect
i also want clean user session and remove form V$session
Any one who can do this ...
ThanksHi,
>>how remove on killing user session
As I said before, you just need to wait ... Don't worry about. On the other hand, by finding the SPID, you can force the process to be killed instead of waiting for PMON to wake up and kill it, but I think that it is not necessary.
Cheers
Legatti -
Lion 10.7.2 On both mac book pro and iMac, both with Lion 10.7.2, obtain repeated iCal event notifications from calendar or address book. Cannot turn these off. They repeat several times per session and every time computer is used. How to diagnose this?
First, uninstall "SuperTV" (whatever that is) according to the developer's instructions. It isn't working and it's filling the log with noise.
If you have more than one user account, these instructions must be carried out as an administrator.
Launch the Console application.
Step 1
Make sure the title of the Console window is All Messages. If it isn't, select All Messages from the SYSTEM LOG QUERIES menu on the left.
Enter "BOOT_TIME" (without the quotes) in the search box. Note the timestamps of those log messages, which refer to the times when the system was booted. Now clear the search box and scroll back in the log to the last boot time when you had the problem. Post the messages logged before the boot, while the system was unresponsive or was failing to shut down. Please include the BOOT_TIME message at the end of the log extract.
Post the log text, please, not a screenshot. If there are runs of repeated messages, post only one example of each. Don’t post many repetitions of the same message. When posting a log extract, be selective. In most cases, a few dozen lines are more than enough.
PLEASE DO NOT INDISCRIMINATELY DUMP THOUSANDS OF LINES FROM THE LOG INTO A MESSAGE. If you do that, I will not respond.
Important: Some private information, such as your name, may appear in the log. Edit it out by search-and-replace in a text editor before posting.
Step 2
Still in Console, look under System Diagnostic Reports for crash or panic logs, and post the most recent one, if any. In the interest of privacy, I suggest you edit out the “Anonymous UUID,” a long string of letters, numbers, and dashes in the header of the report, if present (it may not be.) Please don’t post shutdownStall, spin, or hang logs — they're very long and not helpful. -
Time Machine, Disk Utility, and clearing out corrupted snapshots
Hi, all. I've been having some troubling issues with Time Machine and could use your collective insight.
I have a 500GiB external USB2 disk that I've been using for Time Machine since December (the oldest snapshot in Backups.backupdb is named 2007-12-13-222250). Everything worked fine until sometime in late January, when Time Machine decided to ax 2/3 of my Applications directory. Time Machine's logging is terse, so I wasn't able to determine what caused the corruption. The fact that this error wasn't caught and flagged by Time Machine bothers me.
Especially because I discovered this in the process of needing to recover from a crash on my laptop's hard drive -- I had to roll back to a previous, complete snapshot to get all my applications back.
After that I had to engage in some jiggery-pokery to get Time Machine to re-snapshot everything, but things proceeded normally until I received my new copy of DiskWarrior 4.1 last night (although DiskWarrior is an innocent bystander here). I tried to use DiskWarrior to rebuild the directory on the Time Machine disk, but it failed before trying to write anything.
(For those who care: after some back and forth with Alsoft tech support, we determined this was likely because my Time Machine volume has 6.2GB of catalog data, and DiskWarrior works by rebuilding the directory in memory, so it has to be able to fit the whole catalog into virtual memory.)
I was a little paranoid that something might be wrong with the disk after that, so I fired up Disk Utility and told it to repair the disk. It churned for about 6 hours and repaired an extraordinarily large number of hardlink reference count errors, but completed by claiming that the disk had been repaired.
When I next told Time Machine to run, instead of copying over a couple GB of data like it usually does, it started copying 38GB! ***? I took a look at the previous Time Machine snapshots, and discovered that Disk Utility had totally corrupted every snapshot I'd made since last month's fandango. Most of the root-level directories in the snapshots now look like this:
$ ls -al /Volumes/Time\ Machine\ Backups/Backups.backupdb/xxx.net/2008-03-13-025640/Euphrosyne/
total 128
drwxrwxr-t@ 16 root admin 1020 Feb 15 00:17 ./
drwxr-xr-x@ 3 root ogd 204 Mar 13 02:56 ../
-r--r--r--@ 9151 root 20051003 0 Feb 11 23:13 .DRM_Data
-r--r--r--@ 50574 root 20051004 0 Feb 11 23:13 .DS_Store
-r--r--r--@ 9154 root 20051006 0 Feb 11 23:13 .SymAVQSFile
-r--r--r--@ 9155 root 20051007 0 Feb 11 23:13 .VolumeIcon.icns.candybarbackup
drwxr-xr-x@ 2 ogd admin 68 Feb 29 2004 .buildinstaller1.tmp/
-r--r--r--@ 9149 root 20051001 0 Feb 11 23:13 .com.apple.timemachine.supported
-r--r--r--@ 9150 root 20051002 0 Feb 11 23:13 .com.apple.timemachine.supported (from old Mac)
-r--r--r--@ 9153 root 20051005 0 Feb 11 23:13 .redethist
-r--r--r--@ 58730 root 20051009 0 Feb 11 23:13 Applications
-r--r--r--@ 37526 root 20051012 0 Feb 11 23:13 Desktop Folder
-r--r--r--@ 13328 root 20051013 0 Feb 11 23:13 Developer
-r--r--r--@ 64211 root wheel 0 Feb 11 23:13 Library
-r--r--r--@ 49886 root 20051080 0 Feb 11 23:13 Network
-r--r--r--@ 5643 root 20051120 0 Feb 11 23:13 System
lrwxr-xr-x 1 root ogd 60 Mar 13 02:56 User Guides And Information@ -> /Library/Documentation/User Guides and Information.localized
drwxr-xr-x@ 5 root admin 204 Dec 6 02:07 Users/
-r--r--r--@ 2554 root wheel 0 Feb 11 23:13 Volumes
-r--r--r--@ 37448 root 20051010 0 Feb 11 23:13 bin
-r--r--r--@ 37525 root 20051011 0 Feb 11 23:13 cores
lrwxr-xr-x@ 1 root ogd 11 Mar 13 02:56 etc@ -> private/etc
-r--r--r--@ 26309 root 20051078 0 Feb 11 23:13 mach_kernel
-r--r--r--@ 26310 root 20051079 0 Feb 11 23:13 mach_kernel.ctfsys
lrwxr-xr-x 1 root ogd 12 Mar 13 02:56 opt@ -> /private/opt
drwxr-xr-x@ 8 root wheel 272 Dec 6 02:31 private/
-r--r--r--@ 52664 root 20051119 0 Feb 11 23:13 sbin
lrwxr-xr-x@ 1 root ogd 11 Mar 13 02:56 tmp@ -> private/tmp
-r--r--r--@ 41668 root 20052660 0 Feb 11 23:13 usr
lrwxr-xr-x@ 1 root ogd 11 Mar 13 02:56 var@ -> private/var
That is clearly, completely wrong, and it alarms me that Disk Utility could cause so much damage to a Time Machine volume.
Since I also use SuperDuper! to regularly clone this disk, it's not as big a nightmare as it could be, but this means that I'm going to have to clear out every snapshot for the last month by hand, both because I obviously can't trust them anymore, and because I keep getting messages like this in the logs:
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.com.apple.timemachine.supported to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.com.apple.timemachine.supported (from old Mac) to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.DRM_Data to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.DS_Store to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.redethist to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.SymAVQSFile to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
2008/03/13 7:25:35 PM /System/Library/CoreServices/backupd[1229] Error: (-36) copying /.VolumeIcon.icns.candybarbackup to /Volumes/Time Machine Backups/Backups.backupdb/xxx.net/2008-03-13-192246.inProgress/70254508-90E3-4FF A-AE46-9E8210095DAE/Euphrosyne
I'd like to keep the old snapshots if I can. What's likely to happen if I just go and clear out the b0rked backup sessions by hand?
(Hmm... it appears yes, because I just deleted them all and the disk didn't recover the freed space.)
Here's the important question: has anyone else had issues using Disk Utility on a Time Machine volume, and does anyone at Apple have any plans to add integrity checking to Time Machine? As it stands, I don't really feel like I can trust it in its present form, as convenient as it is...I have trouble with disk utility on my new (1 TB Lacie) as well as on my old (500 GB WD) drive. After doing a backup, du tells me a never ending list of errors like
HasFolderCount flag needs to be set (id = 599567)
(it should be 0x10 instead of 0)
Everything was O.K. before doing the backup; so is the disk to be backupped, according to du.
Up to now, no other problem occurred, but I´d like to clear this issue before my trust in time machine is restored. -
WLAN User Idle Timeout and WPA2-PSK authentication
Hi,
There is a WLAN for Guest users with Session Timeout of 65535 sec and User Idle Timeout of 28800 sec. The WLAN uses PSK as Layer-2 authentication and Web Auth as Layer-3 authentication. Authentication source is locally created users on the controllers (LocalEAP) - can be RADIUS through ISE as well.
(Cisco Controller) show>sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.130.0
RTOS Version..................................... 7.6.130.0
Bootloader Version............................... 7.6.130.0
Emergency Image Version.......................... 7.6.130.0
Build Type....................................... DATA + WPS
System Name...................................... vwlc-1
System Location.................................. Matrix
System Contact................................... IT HelpDesk Matrix
System ObjectID.................................. 1.3.6.1.4.1.9.1.1631
IP Address....................................... 10.10.10.50
System Up Time................................... 6 days 17 hrs 30 mins 26 secs
System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... AU - Australia
--More-- or (q)uit
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
Number of Active Clients......................... 0
Burned-in MAC Address............................ 00:0C:29:74:15:2F
Maximum number of APs supported.................. 200
(Cisco Controller) show> wlan 2
WLAN Identifier.................................. 2
Profile Name..................................... Matrix-LocalEAP
Network Name (SSID).............................. Matrix-LocalEAP
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status
Radius Profiling ............................ Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Local Profiling ............................. Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 65535 seconds
User Idle Timeout................................ 28800 seconds
Sleep Client..................................... disable
Sleep Client Timeout............................. 12 hours
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... vwlc-1
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
WLAN Layer2 ACL.................................. unconfigured
mDNS Status...................................... Disabled
mDNS Profile Name................................ unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... 802.1P (Tag=2)
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 10.10.10.70 1812
Accounting.................................... 10.10.10.70 1813
Interim Update............................. Disabled
Framed IPv6 Acct AVP ...................... Prefix
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Enabled (Profile 'local-eap-matrix')
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Disabled
PSK..................................... Enabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Disabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
IPv4 ACL........................................ Unconfigured
IPv6 ACL........................................ Unconfigured
Web-Auth Flex ACL............................... Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Enabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
flexconnect PPPoE pass-through................ Disabled
flexconnect local-switching IP-source-guar.... Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
Eap-params.................................... Disabled
AVC Visibilty.................................... Disabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Split Tunnel (Printers).......................... Disabled
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
802.11u........................................ Disabled
MSAP Services.................................. Disabled
Local Policy
Priority Policy Name
The wireless user on joining the WLAN enters the PSK and than gets redirected to WLC Web Auth portal for authentication. On successful login, the user is granted access. The issue is that despite Idle Timeout being 28800 sec (8 hours), the WLC removes the client entry before 8 hours if the device goes to sleep - mostly within the first hour. Tested this on Windows 7 notebook multiple times. When the PC is put to sleep, the WLC loses its record after some time. When PC wakes up, it has to undergo Web Auth again. Debugging the client MAC generates these logs - from initial association to final clearing.
(Cisco Controller) >*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Association received from mobile on BSSID 00:26:cb:4c:89:d1
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Global 200 Clients are allowed to AP radio
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Max Client Trap Threshold: 0 cur: 1
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 override for default ap group, marking intgrp NULL
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Applying Interface policy on Mobile, role Local. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 10
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Re-applying interface policy for client
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2219)
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2240)
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 In processSsidIE:4850 setting Central switched to FALSE
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Applying site-specific Local Bridging override for station 3c:a9:f4:0b:91:70 - vapId 2, site 'default-group', interface 'management'
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Applying Local Bridging Interface Policy for station 3c:a9:f4:0b:91:70 - vlan 10, interface id 0, interface 'management'
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 STA - rates (6): 152 36 176 72 96 108 0 0 0 0 0 0 0 0 0 0
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Processing RSN IE type 48, length 22 for mobile 3c:a9:f4:0b:91:70
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 AID 1 in Assoc Req from flex AP 00:26:cb:4c:89:d0 is same as in mscb 3c:a9:f4:0b:91:70
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 apfMs1xStateDec
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Change state to START (0) last state WEBAUTH_REQD (8)
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 pemApfAddMobileStation2: APF_MS_PEM_WAIT_L2_AUTH_COMPLETE = 0.
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 START (0) Initializing policy
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 START (0) Change state to AUTHCHECK (2) last state START (0)
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Encryption policy is set to 0x80000001
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Central switch is FALSE
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Sending Local Switch flag = 1
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 8021X_REQD (3) DHCP Not required on AP 00:26:cb:4c:89:d0 vapId 2 apVapId 2for this client
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 10.10.1.130 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 00:26:cb:4c:89:d0 vapId 2 apVapId 2 flex-acl-name:
*apfMsConnTask_0: Feb 04 07:48:10.562: 3c:a9:f4:0b:91:70 apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 3c:a9:f4:0b:91:70 on AP 00:26:cb:4c:89:d0 from Associated to Associated
*apfMsConnTask_0: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 apfPemAddUser2:session timeout forstation 3c:a9:f4:0b:91:70 - Session Tout 65535, apfMsTimeOut '65535' and sessionTimerRunning flag is 0
*apfMsConnTask_0: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 Scheduling deletion of Mobile Station: (callerId: 49) in 65535 seconds
*apfMsConnTask_0: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 Func: apfPemAddUser2, Ms Timeout = 65535, Session Timeout = 65535
*apfMsConnTask_0: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 Sending Assoc Response to station on BSSID 00:26:cb:4c:89:d1 (status 0) ApVapId 2 Slot 0
*apfMsConnTask_0: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 apfProcessAssocReq (apf_80211.c:8294) Changing state for mobile 3c:a9:f4:0b:91:70 on AP 00:26:cb:4c:89:d0 from Associated to Associated
*pemReceiveTask: Feb 04 07:48:10.563: 3c:a9:f4:0b:91:70 10.10.1.130 Removed NPU entry.
*spamApTask7: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Sent 1x initiate message to multi thread task for mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Creating a PKC PMKID Cache entry for station 3c:a9:f4:0b:91:70 (RSN 2)
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Resetting MSCB PMK Cache Entry 0 for station 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Removing BSSID 00:26:cb:4c:89:d1 from PMKID cache of station 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Setting active key cache index 0 ---> 8
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Adding BSSID 00:26:cb:4c:89:d1 to PMKID cache at index 0 for station 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: New PMKID: (16)
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: [0000] 67 67 8f 7d 2a 8d 78 f9 6d 29 c7 74 d2 fd 6a 25
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Initiating RSN PSK to mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 EAP-PARAM Debug - eap-params for Wlan-Id :2 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 dot1x - moving mobile 3c:a9:f4:0b:91:70 into Force Auth state
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Skipping EAP-Success to mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 EAPOL Header:
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 00000000: 02 03 5f 00 .._.
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Found an cache entry for BSSID 00:26:cb:4c:89:d1 in PMKID cache at index 0 of station 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Found an cache entry for BSSID 00:26:cb:4c:89:d1 in PMKID cache at index 0 of station 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: [0000] 67 67 8f 7d 2a 8d 78 f9 6d 29 c7 74 d2 fd 6a 25
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Starting key exchange to mobile 3c:a9:f4:0b:91:70, data packets will be dropped
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 Allocating EAP Pkt for retransmission to mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 mscb->apfMsLwappLradNhMac = 00:0c:29:e4:e9:6a mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 mscb->apfMsBssid = 00:26:cb:4c:89:d0 mscb->apfMsAddress = 3c:a9:f4:0b:91:70 mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 10 mscb->apfMsLwappMwarInet.ipv4.addr = 168430130
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.566: 3c:a9:f4:0b:91:70 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 168427904 mscb->apfMsLwappLradPort = 41879
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.567: 3c:a9:f4:0b:91:70 Received EAPOL-Key from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Received EAPOL-key in PTK_START state (message 2) from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Stopping retransmission timer for mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 EAPOL Header:
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 00000000: 02 03 5f 00 .._.
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 Reusing allocated memory for EAP Pkt for retransmission to mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 mscb->apfMsLwappLradNhMac = 00:0c:29:e4:e9:6a mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 mscb->apfMsBssid = 00:26:cb:4c:89:d0 mscb->apfMsAddress = 3c:a9:f4:0b:91:70 mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 10 mscb->apfMsLwappMwarInet.ipv4.addr = 168430130
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.568: 3c:a9:f4:0b:91:70 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 168427904 mscb->apfMsLwappLradPort = 41879
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Received EAPOL-Key from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Received EAPOL-key in PTKINITNEGOTIATING state (message 4) from mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Stopping retransmission timer for mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Freeing EAP Retransmit Bufer for mobile 3c:a9:f4:0b:91:70
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 apfMs1xStateInc
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state 8021X_REQD (3)
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Central switch is FALSE
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Sending the Central Auth Info
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Central Auth Info Allocated PMKLen = 32
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 PMK: pmkActiveIndex = 0
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 msAssocTypeFlagsMsb = 0 msAssocTypeFlagsLsb = 2
apfMsEntryType = 0 apfMsEapType = 0
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Sending Local Switch flag = 1
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 L2AUTHCOMPLETE (4) DHCP Not required on AP 00:26:cb:4c:89:d0 vapId 2 apVapId 2for this client
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 Not Using WMM Compliance code qosCap 00
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 00:26:cb:4c:89:d0 vapId 2 apVapId 2 flex-acl-name:
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 L2AUTHCOMPLETE (4) Change state to WEBAUTH_REQD (8) last state L2AUTHCOMPLETE (4)
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) pemAdvanceState2 6236, Adding TMP rule
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Adding Fast Path rule
type = Airespace AP Client - ACL passthru
on AP 00:26:cb:4c:89:d0, slot 0, interface = 1, QOS = 0
IPv4 ACL ID
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Fast Path rule (contd...) 802.1P = 2, DSCP = 0, TokenID = 64206 Local Bridging Vlan = 10, Local Bridging intf id = 0
*Dot1x_NW_MsgTask_0: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
*spamApTask7: Feb 04 07:48:10.569: 3c:a9:f4:0b:91:70 spamEncodeCentralAuthInoMsPayload: msAssocTypeFlagsMsb = 0 msAssocTypeFlagsLsb = 2
apfMsEntryType = 0 pmkLen = 32
*pemReceiveTask: Feb 04 07:48:10.570: 3c:a9:f4:0b:91:70 10.10.1.130 Added NPU entry of type 2, dtlFlags 0x0
*pemReceiveTask: Feb 04 07:48:10.570: 3c:a9:f4:0b:91:70 Pushing IPv6: fe80:0000:0000:0000:c915:4a8e:6d1a:e20d , and MAC: 3C:A9:F4:0B:91:70 , Binding to Data Plane. SUCCESS !!
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP received op BOOTREPLY (2) (len 308,vlan 10, port 1, encap 0xec03)
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP processing DHCP ACK (5)
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP xid: 0xcce207f6 (3437365238), secs: 0, flags: 0
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP chaddr: 3c:a9:f4:0b:91:70
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP ciaddr: 0.0.0.0, yiaddr: 10.10.1.130
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Socket Task: Feb 04 07:48:10.589: 3c:a9:f4:0b:91:70 DHCP server id: 10.10.1.20 rcvd server id: 10.10.1.20
*SNMPTask: Feb 04 07:48:16.594: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:48:16.594: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:48:16.595: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:48:16.595: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*ewmwebWebauth1: Feb 04 07:48:31.129: 3c:a9:f4:0b:91:70 Username entry (local1) created for mobile, length = 6
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 Username entry (local1) created in mscb for mobile, length = 6
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_REQD (8) Change state to WEBAUTH_NOL3SEC (14) last state WEBAUTH_REQD (8)
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 apfMsRunStateInc
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 10.10.1.130 WEBAUTH_NOL3SEC (14) Change state to RUN (20) last state WEBAUTH_NOL3SEC (14)
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 Session Timeout is 65535 - starting session timer for the mobile
*ewmwebWebauth1: Feb 04 07:48:31.130: 3c:a9:f4:0b:91:70 10.10.1.130 RUN (20) Reached PLUMBFASTPATH: from line 6571
*ewmwebWebauth1: Feb 04 07:48:31.131: 3c:a9:f4:0b:91:70 10.10.1.130 RUN (20) Replacing Fast Path rule
type = Airespace AP Client
on AP 00:26:cb:4c:89:d0, slot 0, interface = 1, QOS = 0
IPv4 ACL ID = 255, IPv6 ACL ID =
*ewmwebWebauth1: Feb 04 07:48:31.131: 3c:a9:f4:0b:91:70 10.10.1.130 RUN (20) Fast Path rule (contd...) 802.1P = 2, DSCP = 0, TokenID = 64206 Local Bridging Vlan = 10, Local Bridging intf id = 0
*ewmwebWebauth1: Feb 04 07:48:31.131: 3c:a9:f4:0b:91:70 10.10.1.130 RUN (20) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
*pemReceiveTask: Feb 04 07:48:31.132: 3c:a9:f4:0b:91:70 10.10.1.130 Added NPU entry of type 1, dtlFlags 0x0
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >*pemReceiveTask: Feb 04 07:48:31.132: 3c:a9:f4:0b:91:70 Pushing IPv6: fe80:0000:0000:0000:c915:4a8e:6d1a:e20d , and MAC: 3C:A9:F4:0B:91:70 , Binding to Data Plane. SUCCESS !!
*emWeb: Feb 04 07:49:14.120: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*emWeb: Feb 04 07:49:14.120: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*emWeb: Feb 04 07:49:14.120: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.646: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.646: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.662: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.662: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.663: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:51:19.663: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*IPv6_Msg_Task: Feb 04 07:53:35.661: 3c:a9:f4:0b:91:70 Link Local address fe80::c915:4a8e:6d1a:e20d updated to mscb. Not Advancing pem state.Current state: mscb in apfMsMmInitial mobility state and client state APF_MS_STATE_A
*dot1xMsgTask: Feb 04 07:54:26.664: GTK Rotation Kicked in for AP: 00:26:cb:4c:89:d0 SlotId = 1 - (0x47440ef0)
*dot1xMsgTask: Feb 04 07:54:26.665: Generated a new group key for AP 00:26:cb:4c:89:d0(1) - vap 1
*dot1xMsgTask: Feb 04 07:54:26.665: Sending of M5 for 00:26:cb:4c:89:d0 is Skipped, rc = 1
*dot1xMsgTask: Feb 04 07:54:26.665: Generated a new group key for AP 00:26:cb:4c:89:d0(1) - vap 2
*dot1xMsgTask: Feb 04 07:54:26.665: Sending of M5 for 00:26:cb:4c:89:d0 is Skipped, rc = 1
*SNMPTask: Feb 04 07:56:19.689: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 07:56:19.689: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 08:01:19.730: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*SNMPTask: Feb 04 08:01:19.730: 3c:a9:f4:0b:91:70 Central Switch = FALSE
*dot1xMsgTask: Feb 04 08:01:23.904: GTK Rotation Kicked in for AP: 00:26:cb:4c:89:d0 SlotId = 0 - (0x47440ef0)
*dot1xMsgTask: Feb 04 08:01:23.904: Generated a new group key for AP 00:26:cb:4c:89:d0(0) - vap 1
*dot1xMsgTask: Feb 04 08:01:23.905: Sending of M5 for 00:26:cb:4c:89:d0 is Skipped, rc = 1
*dot1xMsgTask: Feb 04 08:01:23.905: Generated a new group key for AP 00:26:cb:4c:89:d0(0) - vap 2
*dot1xMsgTask: Feb 04 08:01:23.905: GTK rotation for 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:23.905: 3c:a9:f4:0b:91:70 EAPOL Header:
*dot1xMsgTask: Feb 04 08:01:23.905: 00000000: 02 03 5f 00 .._.
*dot1xMsgTask: Feb 04 08:01:23.905: 3c:a9:f4:0b:91:70 Key exchange done, data packets from mobile 3c:a9:f4:0b:91:70 should be forwarded shortly
*dot1xMsgTask: Feb 04 08:01:23.905: 3c:a9:f4:0b:91:70 Key exchange done, data packets from mobile 3c:a9:f4:0b:91:70 should be forwarded shortly
*dot1xMsgTask: Feb 04 08:01:23.906: Confirmation Key: (16)
*dot1xMsgTask: Feb 04 08:01:23.906: [0000] fa a3 68 28 46 1f 49 18 a0 60 7a 92 c4 f5 64 3d
*dot1xMsgTask: Feb 04 08:01:23.906: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state PTKINITDONE (message 5 - group), replay counter 00.00.00.00.00.00.00.02
*dot1xMsgTask: Feb 04 08:01:23.906: 3c:a9:f4:0b:91:70 Sending EAPOL-Key Message to mobile 3c:a9:f4:0b:91:70
state PTKINITDONE (message 5 - group), replay counter 00.00.00.00.00.00.00.02
*dot1xMsgTask: Feb 04 08:01:23.906: 3c:a9:f4:0b:91:70 Allocating EAP Pkt for retransmission to mobile 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:23.906: 3c:a9:f4:0b:91:70 mscb->apfMsLwappLradNhMac = 00:0c:29:e4:e9:6a mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: Feb 04 08:01:23.906: 3c:a9:f4:0b:91:70 mscb->apfMsBssid = 00:26:cb:4c:89:d0 mscb->apfMsAddress = 3c:a9:f4:0b:91:70 mscb->apfMsApVapId = 2
*dot1xMsgTask: Feb 04 08:01:23.907: 3c:a9:f4:0b:91:70 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 1 mscb->apfMsLwappLradVlanId = 10 mscb->apfMsLwappMwarInet.ipv4.addr = 168430130
*dot1xMsgTask: Feb 04 08:01:23.907: 3c:a9:f4:0b:91:70 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 168427904 mscb->apfMsLwappLradPort = 41879
*dot1xMsgTask: Feb 04 08:01:23.907: 3c:a9:f4:0b:91:70 Updated broadcast key sent to mobile 3C:A9:F4:0B:91:70
*dot1xMsgTask: Feb 04 08:01:23.907: 3c:a9:f4:0b:91:70 Updated broadcast key sent to mobile 3C:A9:F4:0B:91:70
*dot1xMsgTask: Feb 04 08:01:23.907: Sending of M5 for 00:26:cb:4c:89:d0 is Skipped, rc = 1
*osapiBsnTimer: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 802.1x 'timeoutEvt' Timer expired for station 3c:a9:f4:0b:91:70 and for message = M5
*dot1xMsgTask: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 Retransmit 1 of EAPOL-Key M5 (length 131) for mobile 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 mscb->apfMsLwappLradNhMac = 00:0c:29:e4:e9:6a mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 mscb->apfMsBssid = 00:26:cb:4c:89:d0 mscb->apfMsAddress = 3c:a9:f4:0b:91:70 mscb->apfMsApVapId = 2
*dot1xMsgTask: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 1 mscb->apfMsLwappLradVlanId = 10 mscb->apfMsLwappMwarInet.ipv4.addr = 168430130
*dot1xMsgTask: Feb 04 08:01:25.104: 3c:a9:f4:0b:91:70 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 168427904 mscb->apfMsLwappLradPort = 41879
*osapiBsnTimer: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 802.1x 'timeoutEvt' Timer expired for station 3c:a9:f4:0b:91:70 and for message = M5
*dot1xMsgTask: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 Retransmit 2 of EAPOL-Key M5 (length 131) for mobile 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 mscb->apfMsLwappLradNhMac = 00:0c:29:e4:e9:6a mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 mscb->apfMsBssid = 00:26:cb:4c:89:d0 mscb->apfMsAddress = 3c:a9:f4:0b:91:70 mscb->apfMsApVapId = 2
*dot1xMsgTask: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 1 mscb->apfMsLwappLradVlanId = 10 mscb->apfMsLwappMwarInet.ipv4.addr = 168430130
*dot1xMsgTask: Feb 04 08:01:26.104: 3c:a9:f4:0b:91:70 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 168427904 mscb->apfMsLwappLradPort = 41879
*osapiBsnTimer: Feb 04 08:01:27.104: 3c:a9:f4:0b:91:70 802.1x 'timeoutEvt' Timer expired for station 3c:a9:f4:0b:91:70 and for message = M5
*dot1xMsgTask: Feb 04 08:01:27.104: 3c:a9:f4:0b:91:70 Retransmit failure for EAPOL-Key M5 to mobile 3c:a9:f4:0b:91:70, retransmit count 3, mscb deauth count 0
*dot1xMsgTask: Feb 04 08:01:27.104: 3c:a9:f4:0b:91:70 Resetting MSCB PMK Cache Entry 0 for station 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Removing BSSID 00:26:cb:4c:89:d1 from PMKID cache of station 3c:a9:f4:0b:91:70
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Setting active key cache index 0 ---> 8
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Sent Deauthenticate to mobile on BSSID 00:26:cb:4c:89:d0 slot 0(caller 1x_ptsm.c:598)
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Setting active key cache index 8 ---> 8
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Deleting the PMK cache when de-authenticating the client.
*dot1xMsgTask: Feb 04 08:01:27.105: 3c:a9:f4:0b:91:70 Global PMK Cache deletion failed.
*dot1xMsgTask: Feb 04 08:01:27.106: 3c:a9:f4:0b:91:70 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
*dot1xMsgTask: Feb 04 08:01:27.106: 3c:a9:f4:0b:91:70 Freeing EAP Retransmit Bufer for mobile 3c:a9:f4:0b:91:70
*osapiBsnTimer: Feb 04 08:01:37.105: 3c:a9:f4:0b:91:70 apfMsExpireCallback (apf_ms.c:626) Expiring Mobile!
*apfReceiveTask: Feb 04 08:01:37.105: 3c:a9:f4:0b:91:70 apfMsExpireMobileStation (apf_ms.c:6655) Changing state for mobile 3c:a9:f4:0b:91:70 on AP 00:26:cb:4c:89:d0 from Associated to Disassociated
*apfReceiveTask: Feb 04 08:01:37.105: 3c:a9:f4:0b:91:70 Scheduling deletion of Mobile Station: (callerId: 45) in 10 seconds
*osapiBsnTimer: Feb 04 08:01:47.105: 3c:a9:f4:0b:91:70 apfMsExpireCallback (apf_ms.c:626) Expiring Mobile!
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 Sent Deauthenticate to mobile on BSSID 00:26:cb:4c:89:d0 slot 0(caller apf_ms.c:6749)
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 Setting active key cache index 8 ---> 8
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 Deleting the PMK cache when de-authenticating the client.
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 Global PMK Cache deletion failed.
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 apfMsAssoStateDec
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 apfMsExpireMobileStation (apf_ms.c:6787) Changing state for mobile 3c:a9:f4:0b:91:70 on AP 00:26:cb:4c:89:d0 from Disassociated to Idle
*apfReceiveTask: Feb 04 08:01:47.106: 3c:a9:f4:0b:91:70 Scheduling deletion of Mobile Station: (callerId: 47) in 10 seconds
*osapiBsnTimer: Feb 04 08:01:57.106: 3c:a9:f4:0b:91:70 apfMsExpireCallback (apf_ms.c:626) Expiring Mobile!
*apfReceiveTask: Feb 04 08:01:57.106: 3c:a9:f4:0b:91:70 pemApfDeleteMobileStation2: APF_MS_PEM_WAIT_L2_AUTH_COMPLETE = 0.
*apfReceiveTask: Feb 04 08:01:57.106: 3c:a9:f4:0b:91:70 10.10.1.130 START (0) Deleted mobile LWAPP rule on AP [00:26:cb:4c:89:d0]
*apfReceiveTask: Feb 04 08:01:57.106: 3c:a9:f4:0b:91:70 Username entry deleted for mobile
*apfReceiveTask: Feb 04 08:01:57.106: 3c:a9:f4:0b:91:70 Deleting mobile on AP 00:26:cb:4c:89:d0(0)
If Layer-2 Auth (PSK) is set to "none" and only Layer-3 Web Auth is kept, then there are no issues. PC can wake up before 8 hours and not prompted for Web Auth again. As a test, I setup the WLAN with Layer-2 PSK auth only with Layer-3 auth set to none. The WLC removed the client entry after 25 minutes. Not an issue for PSK based auth only as PC on wake up seamlessly gets associated to WLAN.
Is User Idle Timeout setting not valid when WPA2-PSK is used as the auth method ?
Thanks,
Rick.Thanks Scott, The code version is 7.6.130.0 which supports Sleeping Client feature. However, as per the docu "http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration-guide/b_cg76/b_cg76_chapter_010111.html#reference_7008E6F7D7094BA7AD39491D7361622D"
The authentication of sleeping clients feature is not supported with Layer 2 security and web authentication enabled.
and as you mentioned as well
...Sleeping client like George mentioned is a better way than adjusting the idle timer but strictly for layer 3 only...
Sleeping Client wasn't an option in my case. That is why I was hoping that Idle Timeout may do the trick here. This is an actual case where a client with an existing wireless network just wanted to enable sleeping client feature so that their guests don't need to re-auth if their device sleeps or they go out (break) and come back after some time. Layer-3 Web Auth alone should be enough I think. Keeping L2-PSK is probably their security team's decision, as they also use the same SSID for BYOD devices and don't want nearby people/buildings to see that there is an Open Wifi available and on joining would see the Web Auth portal and company disclaimer.
George, I agree with Dot1X method. It can be used for the BYOD devices (separate SSID) while we can keep the Guest WLAN as L3-WebAuth only on controller (or do CWA through ISE if available).
Thanks for all your help.
Rick. -
Web session and authentification session pb with wl6.0
Hi,
I am evaluating weblogic 6.0 on windows 2000.
I have a little web application, with some URL (html, servlet...), I want to protect.
So I defined a <security-constraint> element in my web.xml
file, and I binded the logical roles with real participant in
weblogic.xml
It works very well at startup. I launch a browser, request a protected URL and the
authentification window popup. I enter valid info and I can access my URL.
Perfect.
Now I want to give the possibility to my user to terminate a session, to disconmect,
so I had a button, (disconnect) which invoque a servlet which get the current session
and invalidate it.
I checked, the session is destroyed and a new one is defined (new ID, new counter...),
but my user are still connected. It means that if I want to acces a protected URL,
I still can do it.
more strange. In both a secured and unsecured page I print the User Principal. When
I connect, the two pages print the same and right value.
But if I disconnect, the unsecured page print null(no connection for this session)
and the secured page print the principal I used to connect in the previous message.
I know this message is a little bit long, but I tried to give the cleares context.
Has anyone ancountered that kind of problem? Is there a solution.
I pass the test with netscape 4.76, netscape 6.01, Internet Explorer 5.50. I got
the same behavior each time...
Thanks
NicolasIf you use a Form to authenticate then the browser is unaware of the
username and password. The PetStore demonstrates how it's done in
..\samples\petStore\source\com\bea\estore\util\WLSecurityAdapter.java
"Nicolas GANDRIAU" <[email protected]> wrote in message
news:[email protected]...
>
Hi John,
thank you for your answer. It confirmed my first guess, that the
browser keep the secret info and send them back to the server.
The server does not make any attachment with the current session.
But you talk about a "ServletAuthentication" example which presents theway to bind
the login info in the session. I have not found this servlet, in weblogic6.0 distribution
or J2EE API.
Can you give me the exact reference of this servlet.
Thank you for your help.
Nicolas
"John Lindwall" <[email protected]> wrote:
Nicolas,
It is my understanding that the authentication information for this
scenario
(ie HTTP BASIC authentication) is not contained in the session -- it is
maintained by the browser and resent with every request. That is why
invalidating the session makes no difference. If you have a HTTPsnooping
utility you will see the "Authorization" information (albeit encodedusing
BASE64) present in the requests from your browser to the server.
FYI: I've noticed that by using the ServletAuthentication class tomanually
perform authentication, it DOES in fact store the authentication info in
the
session. There is a "done()" method in this class which removes thisinfo
from the session (ie performs a logout).
If this link reproduces properly, check it out -- it's a good simple
explanation of what's going on:
http://www.support.lotus.com/sims2.nsf/852561c1006719a98525614100588964/877
a
0ac029a78f8a8525645f0069a34d?OpenDocument
For tons of detail on BASIC authentication see
ftp://ftp.isi.edu/in-notes/rfc2617.txt
John
Nicolas GANDRIAU <[email protected]> wrote in message
news:[email protected]...
Hi,
I am evaluating weblogic 6.0 on windows 2000.
I have a little web application, with some URL (html, servlet...), I
want
to protect.
So I defined a <security-constraint> element in my web.xml
file, and I binded the logical roles with real participant in
weblogic.xml
It works very well at startup. I launch a browser, request a protectedURL
and the
authentification window popup. I enter valid info and I can access myURL.
Perfect.
Now I want to give the possibility to my user to terminate a session,to
disconmect,
so I had a button, (disconnect) which invoque a servlet which get thecurrent session
and invalidate it.
I checked, the session is destroyed and a new one is defined (new ID,new
counter...),
but my user are still connected. It means that if I want to acces aprotected URL,
I still can do it.
more strange. In both a secured and unsecured page I print the UserPrincipal. When
I connect, the two pages print the same and right value.
But if I disconnect, the unsecured page print null(no connection for
this
session)
and the secured page print the principal I used to connect in the
previous
message.
I know this message is a little bit long, but I tried to give the
cleares
context.
Has anyone ancountered that kind of problem? Is there a solution.
I pass the test with netscape 4.76, netscape 6.01, Internet Explorer
5.50.
I got
the same behavior each time...
Thanks
Nicolas -
How bapi different from session and call transaction?
how bapi different from session and call transaction?
thanks in advance.For one, Batch Data Communication (BDC) is older. Business Application Programming Interface (BAPI) came later, about 10 years ago (you can see this already from the name, which contains marketese like "business" ).
More important though, they are different technologies. With BDC you build the "batch input transaction" yourself, with an ABAP program which creates the "batch input session" ("Batch-Input-Mappe" in german). You then take that session, like an object, and "run" it on a system (most of the time, this is done on a local system by the administrators, after it has been tested for correctness).
With BAPI, a system (local or remote) exposes its interface to you through some kind of Remote Function Call (RFC). Practically, it tells you: "What do you want to do? Insert that data into Materials Management? Here is the function and the the parameters you have to use for each record". You only work with the Interface - the exposed function. How this function works does not have to interest you. You don't have sessions to "run", you fire your function calls filled with data, one after another and you're done.
BAPI can be run remotely. With BDC, you probably have to call the administrators of the remote system and send them the session you created for them to run. With BDC you go through the whole transaction in one BDC session, with BAPI you may need more than one "BAPI calls" to do this.
With BAPI you don't fill obcure field names with values, you just fill the parameters. You can use a BAPI from inside your ABAP program to let a "business object" do some clearly defined work for you, then you can continue with your code doing other things. You don't do this with BDC. With BDC you write a dedicated program that creates the "session", which is then executed separately.
Batch Data Communication (BDC) is the oldest batch interfacing technique that SAP provided since the early versions of R/3. BDC is not a
typical integration tool, in the sense that, it can be only be used for uploading data into R/3 and so it is not bi-directional.
BDC works on the principle of simulating user input for transactional screen, via an ABAP program. Typically the input comes in the form of a flat file. The ABAP program reads this file and formats the input data screen by screen into an internal table (BDCDATA). The transaction is then started using this internal table as the input and executed in the background.
In Call Transaction, the transactions are triggered at the time of processing itself and so the ABAP program must do the error handling.
It can also be used for real-time interfaces and custom error handling & logging features. Whereas in Batch Input Sessions, the ABAP
program creates a session with all the transactional data, and this session can be viewed, scheduled and processed (using Transaction SM35) at a later time. The latter technique has a built-in error processing mechanism too.
Batch Input (BI) programs still use the classical BDC approach but doesnt require an ABAP program to be written to format the
BDCDATA. The user has to format the data using predefined structures and store it in a flat file. The BI program then reads this and
invokes the transaction mentioned in the header record of the file.
Direct Input (DI) programs work exactly similar to BI programs. But the only difference is, instead of processing screens they validate
fields and directly load the data into tables using standard function modules. For this reason, DI programs are much faster (RMDATIND - Material Master DI program works at least 5 times faster) than the BDC counterpart and so ideally suited for loading large volume data. DI programs are
not available for all application areas.
Business Add-In (BADI) are a new SAP enhancement technique based on ABAP Objects.
They can be inserted into the SAP System to accommodate user requirements too specific to be included in the standard delivery. Since specific industries often require special functions, SAP allows you to predefine these points in your software.
As with customer exits two different views are available:
In the definition view, an application programmer predefines exit points in a source that allow specific industry sectors, partners, and customers to attach additional software to standard SAP source code without having to modify the original object.
In the implementation view, the users of Business Add-Ins can customize the logic they need or use a standard logic if one is available.
In contrast to customer exits, Business Add-Ins no longer assume a two-level infrastructure (SAP and customer solutions), but instead allow for a multi-level system landscape (SAP, partner, and customer solutions, as well as country versions, industry solutions, and the like). Definitions and implementations of Business Add-Ins can be created at each level within such a system infrastructure. -
How can we correct and process errorrecords in session and call transaction
hai all
how ca we correct and process error records in session and call transaction method . tell me with coding.
Edited by: swamy katta on May 14, 2008 10:25 AM
Edited by: swamy katta on May 14, 2008 10:26 AM
Edited by: swamy katta on May 14, 2008 10:27 AMhi,
Check out the below sample code ...Here are the records are getting posting with call transaction method and a session is getting created with erroreneous records....
REPORT ztest_report
NO STANDARD PAGE HEADING
LINE-SIZE 255
MESSAGE-ID ZRASH.
* Internal Table Declarations *
*--Internal Table for Data Uploading.
DATA : BEGIN OF IT_FFCUST OCCURS 0,
KUNNR(10),
BUKRS(4),
KTOKD(4),
ANRED(15),
NAME1(35),
SORTL(10),
STRAS(35),
ORT01(35),
PSTLZ(10),
LAND1(3),
SPRAS(2),
AKONT(10),
END OF IT_FFCUST.
*--Internal Table to Store Error Records.
DATA : BEGIN OF IT_ERRCUST OCCURS 0,
KUNNR(10),
EMSG(255),
END OF IT_ERRCUST.
*--Internal Table to Store Successful Records.
DATA : BEGIN OF IT_SUCCUST OCCURS 0,
KUNNR(10),
SMSG(255),
END OF IT_SUCCUST.
*--Internal Table for Storing the BDC data.
DATA : IT_CUSTBDC LIKE BDCDATA OCCURS 0 WITH HEADER LINE.
*--Internal Table for storing the messages.
DATA : IT_CUSTMSG LIKE BDCMSGCOLL OCCURS 0 WITH HEADER LINE.
DATA : V_FLAG1(1) VALUE ' ',
"Flag used for opening session.
V_TLINES LIKE SY-TABIX,
"For storing total records processed.
V_ELINES LIKE SY-TABIX,
"For storing the no of error records.
V_SLINES LIKE SY-TABIX.
"For storing the no of success records.
* Selection screen *
SELECTION-SCREEN BEGIN OF BLOCK B1.
PARAMETERS : V_FNAME LIKE RLGRAP-FILENAME,
V_SESNAM LIKE RLGRAP-FILENAME.
SELECTION-SCREEN END OF BLOCK B1.
* Start-of-selection *
START-OF-SELECTION.
*-- Form to upload flatfile data into the internal table.
PERFORM FORM_UPLOADFF.
* TOP-OF-PAGE *
TOP-OF-PAGE.
WRITE:/ 'Details of the error and success records for the transaction'
ULINE.
SKIP.
* End of Selection *
END-OF-SELECTION.
*-- Form to Generate a BDC from the Uploaded Internal table
PERFORM FORM_BDCGENERATE.
*--To write the totals and the session name.
PERFORM FORM_WRITEOP.
*& Form form_uploadff
* Form to upload flatfile data into the internal table.
FORM FORM_UPLOADFF .
*--Variable to change the type of the parameter file name.
DATA : LV_FILE TYPE STRING.
LV_FILE = V_FNAME.
*--Function to upload the flat file to the internal table.
CALL FUNCTION 'GUI_UPLOAD'
EXPORTING
FILENAME = LV_FILE
* FILETYPE = 'ASC'
HAS_FIELD_SEPARATOR = 'X'
* HEADER_LENGTH = 0
* READ_BY_LINE = 'X'
* DAT_MODE = ' '
* IMPORTING
* FILELENGTH =
* HEADER =
TABLES
DATA_TAB = IT_FFCUST
EXCEPTIONS
FILE_OPEN_ERROR = 1
FILE_READ_ERROR = 2
NO_BATCH = 3
GUI_REFUSE_FILETRANSFER = 4
INVALID_TYPE = 5
NO_AUTHORITY = 6
UNKNOWN_ERROR = 7
BAD_DATA_FORMAT = 8
HEADER_NOT_ALLOWED = 9
SEPARATOR_NOT_ALLOWED = 10
HEADER_TOO_LONG = 11
UNKNOWN_DP_ERROR = 12
ACCESS_DENIED = 13
DP_OUT_OF_MEMORY = 14
DISK_FULL = 15
DP_TIMEOUT = 16
OTHERS = 17
IF SY-SUBRC = 0.
*--Deleting the headings from the internal table.
DELETE IT_FFCUST INDEX 1.
*--Getting the total number of records uploaded.
DESCRIBE TABLE IT_FFCUST LINES V_TLINES.
ENDIF.
ENDFORM. " form_uploadff
*& Form Form_bdcgenerate
* Form to Generate a BDC from the Uploaded Internal table
FORM FORM_BDCGENERATE .
*--Generating the BDC table for the fields of the internal table.
LOOP AT IT_FFCUST.
PERFORM POPULATEBDC USING :
'X' 'SAPMF02D' '0105',
' ' 'BDC_OKCODE' '/00' ,
' ' 'RF02D-KUNNR' IT_FFCUST-KUNNR,
' ' 'RF02D-BUKRS' IT_FFCUST-BUKRS,
' ' 'RF02D-KTOKD' IT_FFCUST-KTOKD,
'X' 'SAPMF02D' '0110' ,
' ' 'BDC_OKCODE' '/00',
' ' 'KNA1-ANRED' IT_FFCUST-ANRED,
' ' 'KNA1-NAME1' IT_FFCUST-NAME1,
' ' 'KNA1-SORTL' IT_FFCUST-SORTL,
' ' 'KNA1-STRAS' IT_FFCUST-STRAS,
' ' 'KNA1-ORT01' IT_FFCUST-ORT01,
' ' 'KNA1-PSTLZ' IT_FFCUST-PSTLZ,
' ' 'KNA1-LAND1' IT_FFCUST-LAND1,
' ' 'KNA1-SPRAS' IT_FFCUST-SPRAS,
'X' 'SAPMFO2D' '0120',
' ' 'BDC_OKCODE' '/00',
'X' 'SAPMF02D' '0125',
' ' 'BDC_OKCODE' '/00',
'X' 'SAPMF02D' '0130',
' ' 'BDC_OKCODE' '=ENTR',
'X' 'SAPMF02D' '0340',
' ' 'BDC_OKCODE' '=ENTR',
'X' 'SAPMF02D' '0360',
' ' 'BDC_OKCODE' '=ENTR',
'X' 'SAPMF02D' '0210',
' ' 'KNB1-AKONT' IT_FFCUST-AKONT,
' ' 'BDC_OKCODE' '/00',
'X' 'SAPMF02D' '0215',
' ' 'BDC_OKCODE' '/00',
'X' 'SAPMF02D' '0220',
' ' 'BDC_OKCODE' '/00',
'X' 'SAPMF02D' '0230',
' ' 'BDC_OKCODE' '=UPDA'.
*--Calling the transaction 'fd01'.
CALL TRANSACTION 'FD01' USING IT_CUSTBDC MODE 'N' UPDATE 'S'
MESSAGES INTO IT_CUSTMSG.
IF SY-SUBRC <> 0.
*--Populating the error records internal table.
IT_ERRCUST-KUNNR = IT_FFCUST-KUNNR.
APPEND IT_ERRCUST.
CLEAR IT_ERRCUST.
*--Opening a session if there is an error record.
IF V_FLAG1 = ' '.
PERFORM FORM_OPENSESSION.
V_FLAG1 = 'X'.
ENDIF.
*--Inserting the error records into already open session.
IF V_FLAG1 = 'X'.
PERFORM FORM_INSERT.
ENDIF.
*--Populating the Success records internal table.
ELSE.
IT_SUCCUST-KUNNR = IT_FFCUST-KUNNR.
APPEND IT_SUCCUST.
CLEAR IT_SUCCUST.
ENDIF.
*--Displaying the messages.
IF NOT IT_CUSTMSG[] IS INITIAL.
PERFORM FORM_FORMATMSG.
ENDIF.
*--Clearing the message and bdc tables.
CLEAR : IT_CUSTBDC[],IT_CUSTMSG[].
ENDLOOP.
*--Getting the total no of error records.
DESCRIBE TABLE IT_ERRCUST LINES V_ELINES.
*--Getting the total no of successful records.
DESCRIBE TABLE IT_SUCCUST LINES V_SLINES.
*--Closing the session only if it is open.
IF V_FLAG1 = 'X'.
PERFORM FORM_CLOSESESS.
ENDIF.
ENDFORM. " Form_bdcgenerate
*& Form populatebdc
* FOrm to Populate the BDC table.
FORM POPULATEBDC USING VALUE(P_0178)
VALUE(P_0179)
VALUE(P_0180).
IF P_0178 = 'X'.
IT_CUSTBDC-PROGRAM = P_0179.
IT_CUSTBDC-DYNPRO = P_0180.
IT_CUSTBDC-DYNBEGIN = 'X'.
ELSE.
IT_CUSTBDC-FNAM = P_0179.
IT_CUSTBDC-FVAL = P_0180.
ENDIF.
APPEND IT_CUSTBDC.
CLEAR IT_CUSTBDC.
ENDFORM. " populatebdc
*& Form FORM_OPENSESSION
* Form to Open a session.
FORM FORM_OPENSESSION .
*--Variable to convert the given session name into reqd type.
DATA : LV_SESNAM(12).
LV_SESNAM = V_SESNAM.
*--Opening a session.
CALL FUNCTION 'BDC_OPEN_GROUP'
EXPORTING
CLIENT = SY-MANDT
GROUP = LV_SESNAM
HOLDDATE = '20040805'
KEEP = 'X'
USER = SY-UNAME
PROG = SY-CPROG
* IMPORTING
* QID =
EXCEPTIONS
CLIENT_INVALID = 1
DESTINATION_INVALID = 2
GROUP_INVALID = 3
GROUP_IS_LOCKED = 4
HOLDDATE_INVALID = 5
INTERNAL_ERROR = 6
QUEUE_ERROR = 7
RUNNING = 8
SYSTEM_LOCK_ERROR = 9
USER_INVALID = 10
OTHERS = 11
IF SY-SUBRC <> 0.
WRITE :/ 'Session not open'.
ENDIF.
ENDFORM. " FORM_OPENSESSION
*& Form FORM_INSERT
* fORM TO INSERT ERROR RECOED INTO A SESSION.
FORM FORM_INSERT .
*--Inserting the record into session.
CALL FUNCTION 'BDC_INSERT'
EXPORTING
TCODE = 'FD01'
* POST_LOCAL = NOVBLOCAL
* PRINTING = NOPRINT
* SIMUBATCH = ' '
* CTUPARAMS = ' '
TABLES
DYNPROTAB = IT_CUSTBDC
EXCEPTIONS
INTERNAL_ERROR = 1
NOT_OPEN = 2
QUEUE_ERROR = 3
TCODE_INVALID = 4
PRINTING_INVALID = 5
POSTING_INVALID = 6
OTHERS = 7
IF SY-SUBRC <> 0.
WRITE :/ 'Unable to insert the record'.
ENDIF.
ENDFORM. " FORM_INSERT
*& Form FORM_CLOSESESS
* Form to Close the Open Session.
FORM FORM_CLOSESESS .
CALL FUNCTION 'BDC_CLOSE_GROUP'
EXCEPTIONS
NOT_OPEN = 1
QUEUE_ERROR = 2
OTHERS = 3.
IF SY-SUBRC <> 0.
ENDIF.
ENDFORM. " FORM_CLOSESESS
*& Form FORM_FORMATMSG
* Form to format messages.
FORM FORM_FORMATMSG .
*--Var to store the formatted msg.
DATA : LV_MSG(255).
CALL FUNCTION 'FORMAT_MESSAGE'
EXPORTING
ID = SY-MSGID
LANG = SY-LANGU
NO = SY-MSGNO
V1 = SY-MSGV1
V2 = SY-MSGV2
V3 = SY-MSGV3
V4 = SY-MSGV4
IMPORTING
MSG = LV_MSG
EXCEPTIONS
NOT_FOUND = 1
OTHERS = 2.
IF SY-SUBRC = 0.
WRITE :/ LV_MSG.
ENDIF.
ULINE.
ENDFORM. " FORM_FORMATMSG
*& Form form_writeop
* To write the totals and the session name.
FORM FORM_WRITEOP .
WRITE :/ 'Total Records Uploaded :',V_TLINES,
/ 'No of Error Records :',V_ELINES,
/ 'No of Success Records :',V_SLINES,
/ 'Name of the Session :',V_SESNAM.
ULINE.
ENDFORM. " form_writeop
* if routeindicator is initial.
* LOOP AT IT_YMMEE00090.
* LV_LENGTH = STRLEN( IT_YMMEE00090-CHANGETYPE ).
* IF SY-TABIX = '1'.
* IF IT_YMMEE00090-CHANGETYPE = 'B' AND LV_LENGTH = 1.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE = 'R' AND LV_LENGTH = 1.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE = 'S' AND LV_LENGTH = 1.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE CA 'BRSCD' AND LV_LENGTH GT 1
* AND LV_LENGTH LE 5.
* ROUTEINDICATOR = 'S'.
* ENDIF.
* ELSE.
* IF IT_YMMEE00090-CHANGETYPE = 'B' AND LV_LENGTH = 1 AND
* ROUTEINDICATOR = 'S'.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE = 'R' AND LV_LENGTH = 1 AND
* ROUTEINDICATOR = 'S'.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE = 'S' AND LV_LENGTH = 1 AND
* ROUTEINDICATOR = 'S'.
* ROUTEINDICATOR = 'S'.
* ELSEIF IT_YMMEE00090-CHANGETYPE CA 'BRSCD' AND LV_LENGTH GT 1
* AND LV_LENGTH LE 5 AND ROUTEINDICATOR = 'S'.
* ROUTEINDICATOR = 'S'.
* ENDIF.
* ENDIF.
* ENDLOOP.
* endif. -
Determine blocking sessions and blocked sessions in 9iR2
Hi,
Running 9.2.0.7 on Solaris 2.
We are trying to develop a query that can show us the blocked sessions and the session causing it. I have one working for 11 but for 9i, its a little more trickier. I am running these two so far:
select s1.username || '@' || s1.machine || ' ( SID=' || s1.sid ||
' ) is blocking ' || s2.username || '@' || s2.machine || ' ( SID=' ||
s2.sid || ' ) ' AS blocking_status
from gv$lock l1, gv$session s1, gv$lock l2, gv$session s2
where s1.sid = l1.sid
and s2.sid = l2.sid
and l1.BLOCK = 1
and l2.request > 0
and l1.id1 = l2.id1
and l2.id2 = l2.id2;
select do.object_name,
row_wait_obj#,
row_wait_file#,
row_wait_block#,
row_wait_row#,
dbms_rowid.rowid_create(1,
ROW_WAIT_OBJ#,
ROW_WAIT_FILE#,
ROW_WAIT_BLOCK#,
ROW_WAIT_ROW#)
from gv$session s, dba_objects do
where sid = 543
and s.ROW_WAIT_OBJ# = do.OBJECT_ID;Reason I need this is that lately we have been getting a lot of DEADLOCKS and we want to determine why this is happening a lot now and we want to start with who it is and what objects are causing it....any suggestions?mbobak wrote:
There are a few critical pieces to interpreting a deadlock trace file. First, to be clear, you're getting ORA-00060, not ORA-04020 (which is a library cache deadlock), correct?
If so, the tracefile will contain a deadlock graph. This will show the type of enqueue involved (TM or TX are the likely candidates), and the modes that locks and requests are being made.
Then, there's the SQL which encountered the deadlock, and finally, the other SQL involved in the deadlock.
All the above information is in the deadlock trace file.
Using it, you ought to be able to determine root cause of the deadlock.
If you need help understanding it, post here. If you post the deadlock graph, make sure you use code tags, or it will be unreadable.Yes we are getting the ORA-00060. This is what we get exactly from the AppTeam from the App:
Available exception message: iims.ge.common.exception.IIMSTechnicalException : ORA-00060: deadlock detected while waiting for resourceFrom our latest Deadlock occurence we got a LMD Trace file generated. We can see the DeadLock graph and its SQL. We the enqueue of TX and it's modes. Basically everything you asked for we see it in the trace file. What we want to see is what is causing it or who is so we can fix it. Maybe I am not reading the trace file correctly. I appreciate your assistance in helping me interpret the trace file. As requested, here is the trace file.
Dump file /var/local/oracle/logs/ora_prod_can1_lmd0_4432.trc
Oracle9i Enterprise Edition Release 9.2.0.8.0 - 64bit Production
With the Partitioning and Real Application Clusters options
JServer Release 9.2.0.8.0 - Production
ORACLE_HOME = /opt/oracle/9.2.0
System name: SunOS
Node name: can-clust01
Release: 5.9
Version: Generic_118558-36
Machine: sun4u
Instance name: ORA_PROD_CAN1
Redo thread mounted by this instance: 0 <none>
Oracle process number: 5
Unix process pid: 4432, image: oracle@can-clust01 (LMD0)
*** SESSION ID:(4.1) 2010-08-15 08:07:02.736
open lock on RM 0 0
*** 2010-08-15 08:07:31.353
open lock on RM 0 0
*** 2010-08-16 11:17:21.469
user session for deadlock lock 40972c9c0
pid=50 serial=6956 audsid=189500961 user: 61/IIMS_UWR
O/S info: user: weblogic, term: unknown, ospid: , machine: can-prod03
program: JDBC Thin Client
application name: JDBC Thin Client, hash value=0
Current SQL Statement:
UPDATE T_POLICY_PROPERTY POP SET POP.PRP_EFFECTIVE_END_DATE = :B3 , POP.PRP_LAST_UPDATED_DATE = SYSDATE WHERE POP.PRP_POL_POLICY_ID = :B2 AND POP.PRP_
PROPERTY_SEQ_NUM = 1 AND POP.PRP_EFFECTIVE_END_DATE = TO_DATE(:B1 , DATE_FORMAT)
Global Wait-For-Graph(WFG) at ddTS[0.1] :
BLOCKED 40972c570 5 [0x90014][0x19bb82],[TX] [131094,2] 1
BLOCKER 40972bb98 5 [0x90014][0x19bb82],[TX] [65586,6177] 0
BLOCKED 40972c9c0 5 [0x110014][0x12ec40],[TX] [65586,6177] 0
BLOCKER 40972ba18 5 [0x110014][0x12ec40],[TX] [131094,2] 1
user session for deadlock lock 40972c9c0
pid=50 serial=6956 audsid=189500961 user: 61/IIMS_UWR
O/S info: user: weblogic, term: unknown, ospid: , machine: can-prod03
program: JDBC Thin Client
application name: JDBC Thin Client, hash value=0
Current SQL Statement:
UPDATE T_POLICY_PROPERTY POP SET POP.PRP_EFFECTIVE_END_DATE = :B3 , POP.PRP_LAST_UPDATED_DATE = SYSDATE WHERE POP.PRP_POL_POLICY_ID = :B2 AND POP.PRP_
PROPERTY_SEQ_NUM = 1 AND POP.PRP_EFFECTIVE_END_DATE = TO_DATE(:B1 , DATE_FORMAT)
Global Wait-For-Graph(WFG) at ddTS[0.2] :
BLOCKED 40972c9c0 5 [0x110014][0x12ec40],[TX] [65586,6177] 0
BLOCKER 40972ba18 5 [0x110014][0x12ec40],[TX] [131094,2] 1
BLOCKED 40972c570 5 [0x90014][0x19bb82],[TX] [131094,2] 1
BLOCKER 40972bb98 5 [0x90014][0x19bb82],[TX] [65586,6177] 0
*** 2010-08-16 11:17:42.495
user session for deadlock lock 4098bcd08
pid=59 serial=981 audsid=189501588 user: 61/IIMS_UWR
O/S info: user: weblogic, term: unknown, ospid: , machine: can-prod03
program: JDBC Thin Client
application name: JDBC Thin Client, hash value=0
Current SQL Statement:
UPDATE T_POLICY_PROPERTY POP SET POP.PRP_EFFECTIVE_END_DATE = :B3 , POP.PRP_LAST_UPDATED_DATE = SYSDATE WHERE POP.PRP_POL_POLICY_ID = :B2 AND POP.PRP_
PROPERTY_SEQ_NUM = 1 AND POP.PRP_EFFECTIVE_END_DATE = TO_DATE(:B1 , DATE_FORMAT)
Global Wait-For-Graph(WFG) at ddTS[0.3] :
BLOCKED 41228b128 5 [0x70001][0x178a52],[TX] [131100,2] 1
BLOCKER 4098bade8 5 [0x70001][0x178a52],[TX] [65595,583] 0
BLOCKED 4098bcd08 5 [0x130025][0x1475c9],[TX] [65595,583] 0
BLOCKER 412275b78 5 [0x130025][0x1475c9],[TX] [131100,2] 1
user session for deadlock lock 4098bcd08
pid=59 serial=981 audsid=189501588 user: 61/IIMS_UWR
O/S info: user: weblogic, term: unknown, ospid: , machine: can-prod03
program: JDBC Thin Client
application name: JDBC Thin Client, hash value=0
Current SQL Statement:
UPDATE T_POLICY_PROPERTY POP SET POP.PRP_EFFECTIVE_END_DATE = :B3 , POP.PRP_LAST_UPDATED_DATE = SYSDATE WHERE POP.PRP_POL_POLICY_ID = :B2 AND POP.PRP_
PROPERTY_SEQ_NUM = 1 AND POP.PRP_EFFECTIVE_END_DATE = TO_DATE(:B1 , DATE_FORMAT)
Global Wait-For-Graph(WFG) at ddTS[0.4] :
BLOCKED 4098bcd08 5 [0x130025][0x1475c9],[TX] [65595,583] 0
BLOCKER 412275b78 5 [0x130025][0x1475c9],[TX] [131100,2] 1
BLOCKED 41228b128 5 [0x70001][0x178a52],[TX] [131100,2] 1
BLOCKER 4098bade8 5 [0x70001][0x178a52],[TX] [65595,583] 0Let's see what we can get out of this now :)
Maybe you are looking for
-
Problem while creating a purchase order in JDEdwards worldsoft
While creating 'OP' and 'OA' purchase order in JDEdwards worldsoft 'G' type btach header creating in F0011 table. Anybody can tell me this is correct or not. If not correct please tell me whether this is JDE bug or not and also provide solution for t
-
Help! My T61 suddenly no longer recognizes my DVD-RAM drive!
Today I tried to retrieve some photos from a DVD and then a CD placed into my T61s DVD RAM (Mat**bleep**a UJ-852 ATA) ... and the drive was not recognized by the system. It was not displayed in the "My Computer" listing. The drive powered up whenev
-
"powerpc apps are no longer supported" when updated to yosemite
Updated macbook pro to yosemite and getting disclaimer that reads, "powerpc apps are no longer supported" for my microsoft office apps. Is there a way to get this problem fixed? I would hate to no longer have access to these apps and have to fork out
-
Information on GoldenGate Monitor (12) and veridata (12) products
We are planning to use GoldenGate Monitor (12) and veridata (12) products. I found a nice note (Doc ID 1947045.1) for setting up GoldenGate Monitor. does anyone have more information/best practices for Monitor/Veridata setup. I have already gone thro
-
Automatically display remote images from trusted senders?
To help control spam, I have Mail set to not display remote images. However, I get a couple daily emails that are from trusted senders and clicking on the "Display Images" button for these gets old pretty quickly. Is there a way I can get Mail to aut