How to authenticate users by IP Adress

Hi!
We need authenticate some users by username/password and computer's IP address or subnet on iAS 10gR2 10.1.2.0.2.
Now we are authenticating only by user/pwd through SSO, we need to authenticate users depending on the subnet/computers they are.
In Metalink there is a note:
How to Simulate The Authorized Ports Setting from WAS 3.X in OAS 4.X
Doc ID: Note:73596.1
that talk about this option, but only for PLSPL/SQL cartridge.
Tx in advance!
Diego.

Hello,
I have got it to work here.
Let me try to help you.
In my app I used the following configuration:
<filter>
  <filter-name>NtlmHttpFilter</filter-name>
  <filter-class>jcifs.http.NtlmHttpFilter</filter-class>
  <init-param>
     <param-name>jcifs.netbios.wins</param-name>
     <param-value>10.76.122.3</param-value>
     <!-- This is the the IP or the DNS of the machine where the AD is intalled. The computer that authenticates the users in your network -->
  </init-param>
  <init-param>
     <param-name>jcifs.smb.client.domain</param-name>
     <param-value>ABCD</param-value>
     <!-- This is your DOMAIN name. Here my domain is ABCD.COM.BR, but I didn't have to put the sufix .COM.BR, only the main name -->
  </init-param>
</filter>
<filter-mapping>
  <filter-name>NtlmHttpFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>That's it. With this example, the authentication worked perfectly.
In order to test it, I put the following code inside a index.jsp file:
<%
String userName = request.getUserPrincipal().getName();
%>
And the Oscar goes to: <%=userName%>

Similar Messages

  • How to authenticate user when accessing a servlet in WLS6.0

              In my current project , i need to authenticate user when accessing(executing) a
              servlet deployed in WLS6.0. I tried to add
              <auth-method>
              BASIC
              </auth-method>
              in the web.xml.
              Also in the default fileRealmProperties file, i set up the ACL for
              acl.execute.weblogic.Servlet.myServlet = the user
              also i have disabled guest access in my config.xml.
              after all these, the servlet can still be accessed freely.
              do i miss something ? what is the right way to set up it in wls6.0
              thanks a lot
              hyliu
              

    The steps required are documented at:
              http://e-docs.bea.com/wls/docs60/quickstart/quick_start.html
              mark
              narendra wrote:
              > hi all,
              > I had written a simple servlet. I would like to know the steps to
              > be followed to run the servlet.
              > What i did is i kept that servlet class file in the default directory
              > and added the servlet path in the web.XML.
              > but when i try to run the servlet its giing me 404 error.
              > Can any one help me out by giving the detailed steps to be followed as I
              > am new to Weblogic6.0
              >
              > Thanks in Advance,
              

  • How can authenticate users´portal in OIM?

    I have installed Aqualogic Interaction 6.5, and I want import and authenticate users from OIM(or another LDAP)? What i can do?
    I read that i must install Oracle webcenter identity services? It´s true? Where i can adquire?
    thanks

    I have not tried with 6.5, btu I think you just need to install one of the identity services which allow you to sync and authenticate against various sources (LDAP, AD, etc). See here for more info http://edocs.bea.com/alui/integration/

  • How to authenticate user in Active Directory for an Oracle report

    Hey there,
    We have users of 1 report all over the country.
    Currently, when using the report, the user chooses a location as a parameter, then runs the report.
    The problem is we don't want the user to be able to see data from other locations, only their own.
    So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
    Thanks in advance!

    Hey there,
    We have users of 1 report all over the country.
    Currently, when using the report, the user chooses a location as a parameter, then runs the report.
    The problem is we don't want the user to be able to see data from other locations, only their own.
    So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
    Thanks in advance!

  • How to authenticate users from SharePoint 2007 to the Web Dynpro platform

    Hi, I am working on integrating Share to Webdypro application. I want to implelement Single sign on from Sharepoint to SAP.
    So I can make use of Windows credentials for accesing my SAP application.
    So what all configurations need to be maintained at SAP side to achieve this thing.
    Can anyone please help me on this.
    Thanks,
    Betcy

    Hi Betcy,
    I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
    You can find more details on following SAP note:
    #[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
    I hope it helps.
    Kind regards,
    Lisandro Magnus

  • Install Sun ONE Directory Server 5,2 & how to use it for authenticate user

    Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
    I read the forum seeking for anwser and i get confuse
    Thanks for the help and sorry for any inconvenient
    Message was edited by:
    Aku_28
    Message was edited by:
    Aku_28

    I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
    Chapter 14 System Administration Guide: Naming and Directory Services
    Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
    Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
    Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms".

  • How to protect my PDF file using Adobe Acrobat Pro that i can trace user's IP adress?

    How to protect my PDF file using Adobe Acrobat Pro that i can trace user's IP adress?

    Used to be able. Considered a security bug. Fixed.

  • How to use CSACS 3.3 to authenticate users from multiple windows domain?

    Can Cisco Secure ACS 3.3 be used to authenticate users from another Windows domain that is not a child nor a trusted domain???
    hello, here is my scenario:
    ACS 3.3 was installed on a member server on domain1. I need to authenticate and ultimately populate the users into ACS from another domain. The service already works perfect on just domain1, but now I need to authenticate users from another domain.
    And adding those domains as trusted domains in domain1 is not an option.
    Is Generic LDAP my only other option? Any config guides that you guys know with regard to doing this?
    Any input is much appreciated.

    Hi Betcy,
    I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
    You can find more details on following SAP note:
    #[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
    I hope it helps.
    Kind regards,
    Lisandro Magnus

  • How to authenticate external and internal users on different AD

    What is the recommended way to authenticate external users as well as internal employees in a customer facing application?
    We have external users in an Active Directory in the DMZ and our employees in our internal DMZ.  Unfortunately we don't have an identity management system in place and wondering if there is a way we could authenticate user against two active directories without creating a trust between them.
    We are implementing EP7.0
    Thanks in Advance.

    You can also use user partitioning. A feature of the UME which allows for having different user persistence options for different users. What you could do in this case have the external user stored in the local db or an LDAP for the external users and the internal users stored in an internal LDAP directory. For more details about <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/e0/b60b404b2b1e07e10000000a1550b0/frameset.htm">user partitioning</a>, please see the docs.
    regards,
    Patrick

  • How do i authenticate users directly in AD from the Controller?

    I have a 4402 Controller and want to authenticate users in our Microsoft AD, is it possible? Im using a IAS server today but it would be great to do the authentication directly in AD.
    Regards Oystein

    http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml

  • OC4J Security fails to authenticate users on a 64 bit solarisx86 machine

    Hi,
    I am using a database login module to authenticate users. The login module I use is DBTableLoginModule. On 32 bit windows based machine, the module functions perfectly fine. When I deployed my project on a 64 bit solarisx86 machine, users are no longer able to login. On debugging the DBTableLoginModule, the authentication shows success and the commit method is return true to the OC4J security. But OC4J is redirecting to error page and I have no clue as to why it is doing so. The problem is I am not able to debug OC4J security for I have no source code for that. My question is how can i turn on debugging for OC4J Security
    so I can watch out for any errors or anything that OC4J complains about so I can have better chances to overcome this problem.
    Thanks
    Sam

    Hi,
    sounds like a OC4J bug to me (or issue at least). You may want to check
    OC4J
    Frank

  • Mac os x wiki server can't authenticate user password from active directory recently after we upgraded to windows 2008 server.

    after upgraded to windows 2008 server, our  mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.

    Solved it by deleting the user and creating a new one with the same userID.
    Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!?

  • Scipt to prompt and authenticate users to AD and then map 2 next available drive letters to 2 network shares

    Hi,
    So I have been trying to write some code that will
    prompt users to authenticate to AD and use that authentication to map the next 2 available drive letter to two network shares.
    I have adopted using the HAT format as this provides me with the ability to prompt for a username and password and authenitcate to AD.
    <script language="vbscript">
    Function setSize()
    window.resizeTo 350,300
    Window.moveTo (screen.width-240)/2, (screen.height-600)/2
    End Function
    Function cmdSubmit_OnClick()
    Dim strUser 'User Name variable
    Dim strPW 'User Password variable
    if auth.username.value = "" Then
    msgbox ("ERROR: No User account information provided. Please Try Again!")
    cmdSubmit_OnClick = False
    Elseif auth.password.value = "" Then
    msgbox ("ERROR: No User account information provided. Please Try Again!")
    cmdSubmit_OnClick= False
    Else
    strUser = auth.username.value
    strPW = auth.password.value
    Authenticate strUser, strPW
    End If
    End Function
    Public Sub Authenticate (Byref strUser, Byref strPW)
    On Error Resume Next
    Const ADS_SECURE_AUTHENTICATION = &H1
    Const ADS_SERVER_BIND = &H200
    Dim strPath 'LDAP path where the Users accounts are listed
    Dim LDAP 'Directory Service Object reference variable
    Dim strAuth 'Parses the User Name and Password through the DSObject
    strPath = "LDAP://fanzldap.au.fjanz.com/rootDSE"
    Set LDAP = GetObject("LDAP://company/rootDSE")
    Set strAuth = LDAP.OpenDSObject(strPath, strUser, strPW, ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)
    If Err.number <> 0 Then
    intTemp = msgbox(strUser & " could not be authenticated", vbYES)
    if intTemp = vbYes Then
    'window.location.reload()
    End If
    Else
    For Each obj in strAuth
    If obj.Class = "user" Then
    If obj.Get("samAccountName") = strUser Then
    msgbox ("Success! " & strUser & " has been authenticated with Active Directory")
    window.close()
    Set wShell = CreateObject("Wscript.shell")
    wShell.run "Firstletterali.vbs"
    End If
    End If
    Next
    End If
    End Sub
    </script>
    <head>
    <body style="background-color:#B0C4DE">
    <img src=Title.jpg><br>
    <HTA:APPLICATION
    APPLICATIONNAME="User Login"
    BORDER="thin"
    SCROLL="no"
    SINGLEINSTANCE="yes"
    WINDOWSTATE="normal">
    <title>NAS Authentication</title>
    <body onload="vbs:setSize()">
    <div class="style2">
    <h3>NAS Archive Authentication</h3>
    </div>
    <form method="post" id="auth" name="auth">
    <span class="style3"><strong>User Name:&nbsp; </strong></span>
    <input id="Username" name="Username" type="text" style="width: 150px" /><br>
    <span class="style3">
    <strong>Password:&nbsp;&nbsp;&nbsp;&nbsp; </strong></span>
    <input id="password" name="password" type="password" style="width: 150px" /><br><br>
    &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    <input type="submit" value="Submit" name="cmdSubmit" />
    <input type="button" value="Exit" onclick="self.close()">
    </form>
    </body>
    </html>
    using the above I can succefully authenticate users but I cant work out how to then use that authenticattion to map the next to available drive letters to a network source.
    The code I have for that is
    Option Explicit
    Dim strDriveLetter, strRemotePath, strRemotePath1, strDriveLetter1
    Dim objNetwork, objShell
    Dim CheckDrive, DriveExists, intDrive
    Dim strAlpha, strExtract, intAlpha, intCount
    ' The section sets the variables
    strRemotePath = "\\mel\groups\Team\general"
    strRemotePath1 = "\\mel\groups\Team\specific"
    strDriveLetter = "B:"
    strDriveLetter1 = "H:"
    strAlpha = "BHIJKLMNOPQRSTUVWXYZ"
    intAlpha = 0
    intCount = 0
    err.number= vbEmpty
    ' This sections creates two objects:
    ' objShell and objNetwork and then counts the drives
    Set objShell = CreateObject("WScript.Shell")
    Set objNetwork = CreateObject("WScript.Network")
    Set CheckDrive = objNetwork.EnumNetworkDrives()
    ' This section operates the For ... Next loop
    ' See how it compares the enumerated drive letters
    ' With strDriveLetter
    On Error Resume Next
    DriveExists = False
    ' Sets the Outer loop to check for 24 letters in strAlpha
    For intCount = 1 To 24
    DriveExists = False
    ' CheckDrive compares each Enumerated network drive
    ' with the proposed drive letter held by strDriveLetter
    For intDrive = 0 To CheckDrive.Count - 1 Step 2
    If CheckDrive.Item(intDrive) = strDriveLetter _
    Then DriveExists = True
    Next
    intAlpha = intAlpha + 1
    ' Logic section if strDriveLetter does not = DriveExist
    ' Then go ahead and map the drive
    'Wscript.Echo strDriveLetter & " exists: " & DriveExists
    If DriveExists = False Then objNetwork.MapNetworkDrive _
    strDriveLetter, strRemotePath
    call ShowExplorer ' Extra code to take you to the mapped drive
    ' Appends a colon to drive letter. 1 means number of letters
    strDriveLetter = Mid(strAlpha, intAlpha,1) & ":"
    ' If the DriveExists, then it is necessary to
    ' reset the variable from true --> false for next test loop
    If DriveExists = True Then DriveExists = False
    Next
    WScript.Echo "Out of drive letters. Last letter " & strDriveLetter
    WScript.Quit(1)
    'Sub ShowExplorer()
    'If DriveExists = False Then Wscript.Echo strDriveLetter & " Has been mapped for archiving"
    'If DriveExists = False Then objShell.run _
    '("Explorer" & " " & strDriveLetter & "\" )
    'If DriveExists = False Then WScript.Quit(0)
    'End Sub
    On Error Resume Next
    DriveExists = False
    ' Sets the Outer loop to check for 24 letters in strAlpha
    For intCount = 1 To 24
    DriveExists = False
    ' CheckDrive compares each Enumerated network drive
    ' with the proposed drive letter held by strDriveLetter1
    For intDrive = 0 To CheckDrive.Count - 1 Step 2
    If CheckDrive.Item(intDrive) = strDriveLetter1 _
    Then DriveExists = True
    Next
    intAlpha = intAlpha + 1
    ' Logic section if strDriveLetter1 does not = DriveExist
    ' Then go ahead and map the drive
    'Wscript.Echo strDriveLetter1 & " exists: " & DriveExists
    If DriveExists = False Then objNetwork.MapNetworkDrive _
    strDriveLetter1, strRemotePath1
    call ShowExplorer ' Extra code to take you to the mapped drive
    ' Appends a colon to drive letter. 1 means number of letters
    strDriveLetter1 = Mid(strAlpha, intAlpha,1) & ":"
    ' If the DriveExists, then it is necessary to
    ' reset the variable from true --> false for next test loop
    If DriveExists = True Then DriveExists = False
    Next
    WScript.Echo "Out of drive letters. Last letter " & strDriveLetter1
    WScript.Quit(1)
    Sub ShowExplorer()
    If DriveExists = False Then Wscript.Echo strDriveLetter & " Has been mapped for archiving"
    If DriveExists = False Then objShell.run _
    ("Explorer" & " " & strDriveLetter & "\" )
    If DriveExists = False Then WScript.Quit(0)
    End Sub
    Now the above script will find the next availabe letter and map one location to it...I still havent worked out to create another loop for it to do it again. It obviously also requires that you already be authenticated to map to that location.
    I looking for some help on how to marry these to scripts together.
    Thanks
    Ali

    Hi Ali
    Here is some code that will enumerate two free adjacent drive letters. It starts searching from "C" all the way to "Z" for two drives letters that are adjacent and returns the results in an array then echos the results. You can easily adapt this code to
    map your network drives to each drive letter. Hope that helps
    Cheers Matt :)
    Option Explicit
    Dim objFSO
    On Error Resume Next
    Set objFSO = CreateObject("Scripting.FileSystemObject")
    ProcessScript
    If Err.Number <> 0 Then
    WScript.Quit
    End If
    On Error Goto 0
    'Functions Processing Section
    'Name : ProcessScript -> Primary Function that controls all other script processing.
    'Parameters : None ->
    'Return : None ->
    Function ProcessScript
    Dim driveLetters, driveLetter
    If Not GetFreeDrives(driveLetters) Then
    Exit Function
    End If
    For Each driveLetter In driveLetters
    MsgBox driveLetter, vbInformation
    Next
    End Function
    'Name : GetFreeDrives -> Searches for a pair of free adjacent drive letters.
    'Parameters : adjacentDrives -> Input/Output : variable assigned to an array containing the first two free adjacent drives.
    'Return : GetFreeDrives -> Returns True if Successful otherwise returns False.
    Function GetFreeDrives(adjacentDrives)
    GetFreeDrives = False
    Dim drive, driveLetter, drivesDict, i
    Set drivesDict = NewDictionary
    driveLetter = "C"
    'Add the drives collection into the dictionary.
    For Each drive In objFSO.drives
    drivesDict(drive.DriveLetter) = ""
    Next
    'Check drive letters C: to Z: for two free adjacent drive letters and set the "driveLetter" variable to the first one.
    For i = Asc(driveLetter) To Asc("Z")
    If Not drivesDict.Exists(Chr(i)) And Not drivesDict.Exists(Chr(i + 1)) Then
    driveLetter = Chr(i)
    Exit For
    End If
    Next
    'If two free adjacent drive letters were not found then exit.
    If driveLetter = "" Then
    Exit Function
    End If
    adjacentDrives = Array(driveLetter, Chr(Asc(driveLetter) + 1))
    GetFreeDrives = True
    End Function
    'Name : NewDictionary -> Creates a new dictionary object.
    'Parameters : None ->
    'Return : NewDictionary -> Returns a dictionary object.
    Function NewDictionary
    Dim dict
    Set dict = CreateObject("scripting.Dictionary")
    dict.CompareMode = vbTextCompare
    Set NewDictionary = dict
    End Function

  • How to authenticate CXF-Webservice against external LDAP in WebLogic?

    Hi there,
    I'm trying to integrate our Camel-application into WebLogic 12c. All the incoming endpoints are CXF-based webservices. These are secured by "UsernameToken Timestamp" with the WSS4JInInterceptor configured like this:
    <bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
              <constructor-arg>
                   <map>
                        <entry key="action" value="UsernameToken Timestamp" />
                        <entry key="passwordType" value="PasswordDigest" />
                        <entry key="passwordCallbackClass"
                             value="de.mycompany.camel.cxf.UserTokenCallbackHandler" />
                   </map>
              </constructor-arg>     
    </bean>
    My problem is: WSS4JInInterceptor expects the UserTokenCallbackHandler to return the password of the user delivered in the header <wsse:Username>. Is there any way to retrieve this from an external LDAP configured in WebLogic? I've already managed to retrieve the users, groups etc with JMX (javax.management.MBeanServerConnection and weblogic.security.providers.authentication.LDAPAuthenticatorMBean), but I can't figure out how to authenticate the user against the LDAP, i. e. retrieve the password.
    Or am I heading in a completely wrong direction and this is not the way to achieve authentication for CXF-Webservices in WebLogic?
    Please give me a hint (code-snippets preferred ;-) ) how to solve this.
    Regards,
    Frank

    I have run into the exact same situation ? Did you ever get around this ? If so, how ? Please let me know.

  • DAC 10.1.3.4.1 Services not starting up|| Error "cannot authenticate user"

    Hi,
    We have installed DAC server in Linux machine and client on windows. By using DAC client we restored the backup of DAC repository, DAC client was working fine still restoration and after restoring it’s not logging in. It throws error like "Can't authenticate user"
    while starting DAC services in Unix server it throws an error like
    ANOMALY INFO An exception occurred. Shutting down server...
    MESSAGE:::/u01/DAC/jdk/jre/lib/i386/xawt/libmawt.so: libXext.so.6: cannot open shared object file: No such file or directory
    EXCEPTION CLASS::: java.lang.UnsatisfiedLinkError
    Note: since DAC client is not separately available for windows we have installed dac server also and while installing and after installing we never configured to connect to the dac server which is in Linux, we have configured only DB.
    we have successfully installed OBIEE, Informatica, and DAC version is 10.1.3.4.1.
    How to start the DAC services?
    How to configure dac client to connect to DAC server and how to solve this "Can't authenticate user" issue?
    Pls help in this regard.

    After your config try to restart dac11g server
    dac10g is only desktop mode
    ~ http://cool-bi.com

Maybe you are looking for

  • How to update Acrobat to a newer version

    I have Acrobat Pro Extended 9.3.1. How do I upgrade it to 9.4.1? How do I find the patch? What is the name of the patch? Thanks.

  • Table name decided at runtime - How to do a select?

    Hi, Searching these forums I found how to do a select * from where the table name is decided at runtime. You use paranthesis on the variable containing the table name. However, I still get syntax error I can't solve and need some help. This syntax do

  • Why all NUMBERs in OO4O are showing up as strings ???

    Hi! Whenever I create a dynaset, all the numeric fields are loaded as Strings ??? For example, I have a field defined as NUMBER(5,0). In my dynaset, the type is set to 4 (LONG) and the OraIDatatype is set to 2 (NUMBER) but the value is a really a str

  • S015 Update with budat

    Hello, I have a problem with S015 : The update date is budat, but if the date (budat) is after the end date (DATBI) of rebate arrangement, S015 is update with datbi. So I create a new S515, it's OK for the update of receipt or invoice but, when I cre

  • Windows 7 Not Recognising 8 Cores With MacPro!!!

    Hi, I am running Windows 7 on my 8 core (x2 quad) MacPro and only just realised after running the task manager that its only recognising and running on 4 cores instead of 8 cores?? Also, its running Windows 7 home premium pretty crap also, quite slug