How to authenticate users by IP Adress
Hi!
We need authenticate some users by username/password and computer's IP address or subnet on iAS 10gR2 10.1.2.0.2.
Now we are authenticating only by user/pwd through SSO, we need to authenticate users depending on the subnet/computers they are.
In Metalink there is a note:
How to Simulate The Authorized Ports Setting from WAS 3.X in OAS 4.X
Doc ID: Note:73596.1
that talk about this option, but only for PLSPL/SQL cartridge.
Tx in advance!
Diego.
Hello,
I have got it to work here.
Let me try to help you.
In my app I used the following configuration:
<filter>
<filter-name>NtlmHttpFilter</filter-name>
<filter-class>jcifs.http.NtlmHttpFilter</filter-class>
<init-param>
<param-name>jcifs.netbios.wins</param-name>
<param-value>10.76.122.3</param-value>
<!-- This is the the IP or the DNS of the machine where the AD is intalled. The computer that authenticates the users in your network -->
</init-param>
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>ABCD</param-value>
<!-- This is your DOMAIN name. Here my domain is ABCD.COM.BR, but I didn't have to put the sufix .COM.BR, only the main name -->
</init-param>
</filter>
<filter-mapping>
<filter-name>NtlmHttpFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>That's it. With this example, the authentication worked perfectly.
In order to test it, I put the following code inside a index.jsp file:
<%
String userName = request.getUserPrincipal().getName();
%>
And the Oscar goes to: <%=userName%>
Similar Messages
-
How to authenticate user when accessing a servlet in WLS6.0
In my current project , i need to authenticate user when accessing(executing) a
servlet deployed in WLS6.0. I tried to add
<auth-method>
BASIC
</auth-method>
in the web.xml.
Also in the default fileRealmProperties file, i set up the ACL for
acl.execute.weblogic.Servlet.myServlet = the user
also i have disabled guest access in my config.xml.
after all these, the servlet can still be accessed freely.
do i miss something ? what is the right way to set up it in wls6.0
thanks a lot
hyliu
The steps required are documented at:
http://e-docs.bea.com/wls/docs60/quickstart/quick_start.html
mark
narendra wrote:
> hi all,
> I had written a simple servlet. I would like to know the steps to
> be followed to run the servlet.
> What i did is i kept that servlet class file in the default directory
> and added the servlet path in the web.XML.
> but when i try to run the servlet its giing me 404 error.
> Can any one help me out by giving the detailed steps to be followed as I
> am new to Weblogic6.0
>
> Thanks in Advance,
-
How can authenticate users´portal in OIM?
I have installed Aqualogic Interaction 6.5, and I want import and authenticate users from OIM(or another LDAP)? What i can do?
I read that i must install Oracle webcenter identity services? It´s true? Where i can adquire?
thanksI have not tried with 6.5, btu I think you just need to install one of the identity services which allow you to sync and authenticate against various sources (LDAP, AD, etc). See here for more info http://edocs.bea.com/alui/integration/
-
How to authenticate user in Active Directory for an Oracle report
Hey there,
We have users of 1 report all over the country.
Currently, when using the report, the user chooses a location as a parameter, then runs the report.
The problem is we don't want the user to be able to see data from other locations, only their own.
So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
Thanks in advance!Hey there,
We have users of 1 report all over the country.
Currently, when using the report, the user chooses a location as a parameter, then runs the report.
The problem is we don't want the user to be able to see data from other locations, only their own.
So how can I do this as all users are set up in Active Directory, but the only thing that distinguishes them apart is under the Properties of the user, under the General tab, the Office field says where they are located.
Thanks in advance! -
How to authenticate users from SharePoint 2007 to the Web Dynpro platform
Hi, I am working on integrating Share to Webdypro application. I want to implelement Single sign on from Sharepoint to SAP.
So I can make use of Windows credentials for accesing my SAP application.
So what all configurations need to be maintained at SAP side to achieve this thing.
Can anyone please help me on this.
Thanks,
BetcyHi Betcy,
I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
You can find more details on following SAP note:
#[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
I hope it helps.
Kind regards,
Lisandro Magnus -
Install Sun ONE Directory Server 5,2 & how to use it for authenticate user
Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
I read the forum seeking for anwser and i get confuse
Thanks for the help and sorry for any inconvenient
Message was edited by:
Aku_28
Message was edited by:
Aku_28I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
Chapter 14 System Administration Guide: Naming and Directory Services
Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms". -
How to protect my PDF file using Adobe Acrobat Pro that i can trace user's IP adress?
How to protect my PDF file using Adobe Acrobat Pro that i can trace user's IP adress?
Used to be able. Considered a security bug. Fixed.
-
How to use CSACS 3.3 to authenticate users from multiple windows domain?
Can Cisco Secure ACS 3.3 be used to authenticate users from another Windows domain that is not a child nor a trusted domain???
hello, here is my scenario:
ACS 3.3 was installed on a member server on domain1. I need to authenticate and ultimately populate the users into ACS from another domain. The service already works perfect on just domain1, but now I need to authenticate users from another domain.
And adding those domains as trusted domains in domain1 is not an option.
Is Generic LDAP my only other option? Any config guides that you guys know with regard to doing this?
Any input is much appreciated.Hi Betcy,
I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
You can find more details on following SAP note:
#[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
I hope it helps.
Kind regards,
Lisandro Magnus -
How to authenticate external and internal users on different AD
What is the recommended way to authenticate external users as well as internal employees in a customer facing application?
We have external users in an Active Directory in the DMZ and our employees in our internal DMZ. Unfortunately we don't have an identity management system in place and wondering if there is a way we could authenticate user against two active directories without creating a trust between them.
We are implementing EP7.0
Thanks in Advance.You can also use user partitioning. A feature of the UME which allows for having different user persistence options for different users. What you could do in this case have the external user stored in the local db or an LDAP for the external users and the internal users stored in an internal LDAP directory. For more details about <a href="http://help.sap.com/saphelp_nw2004s/helpdata/en/e0/b60b404b2b1e07e10000000a1550b0/frameset.htm">user partitioning</a>, please see the docs.
regards,
Patrick -
How do i authenticate users directly in AD from the Controller?
I have a 4402 Controller and want to authenticate users in our Microsoft AD, is it possible? Im using a IAS server today but it would be great to do the authentication directly in AD.
Regards Oysteinhttp://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml
-
OC4J Security fails to authenticate users on a 64 bit solarisx86 machine
Hi,
I am using a database login module to authenticate users. The login module I use is DBTableLoginModule. On 32 bit windows based machine, the module functions perfectly fine. When I deployed my project on a 64 bit solarisx86 machine, users are no longer able to login. On debugging the DBTableLoginModule, the authentication shows success and the commit method is return true to the OC4J security. But OC4J is redirecting to error page and I have no clue as to why it is doing so. The problem is I am not able to debug OC4J security for I have no source code for that. My question is how can i turn on debugging for OC4J Security
so I can watch out for any errors or anything that OC4J complains about so I can have better chances to overcome this problem.
Thanks
SamHi,
sounds like a OC4J bug to me (or issue at least). You may want to check
OC4J
Frank -
after upgraded to windows 2008 server, our mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.
Solved it by deleting the user and creating a new one with the same userID.
Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!? -
Hi,
So I have been trying to write some code that will
prompt users to authenticate to AD and use that authentication to map the next 2 available drive letter to two network shares.
I have adopted using the HAT format as this provides me with the ability to prompt for a username and password and authenitcate to AD.
<script language="vbscript">
Function setSize()
window.resizeTo 350,300
Window.moveTo (screen.width-240)/2, (screen.height-600)/2
End Function
Function cmdSubmit_OnClick()
Dim strUser 'User Name variable
Dim strPW 'User Password variable
if auth.username.value = "" Then
msgbox ("ERROR: No User account information provided. Please Try Again!")
cmdSubmit_OnClick = False
Elseif auth.password.value = "" Then
msgbox ("ERROR: No User account information provided. Please Try Again!")
cmdSubmit_OnClick= False
Else
strUser = auth.username.value
strPW = auth.password.value
Authenticate strUser, strPW
End If
End Function
Public Sub Authenticate (Byref strUser, Byref strPW)
On Error Resume Next
Const ADS_SECURE_AUTHENTICATION = &H1
Const ADS_SERVER_BIND = &H200
Dim strPath 'LDAP path where the Users accounts are listed
Dim LDAP 'Directory Service Object reference variable
Dim strAuth 'Parses the User Name and Password through the DSObject
strPath = "LDAP://fanzldap.au.fjanz.com/rootDSE"
Set LDAP = GetObject("LDAP://company/rootDSE")
Set strAuth = LDAP.OpenDSObject(strPath, strUser, strPW, ADS_SECURE_AUTHENTICATION Or ADS_SERVER_BIND)
If Err.number <> 0 Then
intTemp = msgbox(strUser & " could not be authenticated", vbYES)
if intTemp = vbYes Then
'window.location.reload()
End If
Else
For Each obj in strAuth
If obj.Class = "user" Then
If obj.Get("samAccountName") = strUser Then
msgbox ("Success! " & strUser & " has been authenticated with Active Directory")
window.close()
Set wShell = CreateObject("Wscript.shell")
wShell.run "Firstletterali.vbs"
End If
End If
Next
End If
End Sub
</script>
<head>
<body style="background-color:#B0C4DE">
<img src=Title.jpg><br>
<HTA:APPLICATION
APPLICATIONNAME="User Login"
BORDER="thin"
SCROLL="no"
SINGLEINSTANCE="yes"
WINDOWSTATE="normal">
<title>NAS Authentication</title>
<body onload="vbs:setSize()">
<div class="style2">
<h3>NAS Archive Authentication</h3>
</div>
<form method="post" id="auth" name="auth">
<span class="style3"><strong>User Name: </strong></span>
<input id="Username" name="Username" type="text" style="width: 150px" /><br>
<span class="style3">
<strong>Password: </strong></span>
<input id="password" name="password" type="password" style="width: 150px" /><br><br>
<input type="submit" value="Submit" name="cmdSubmit" />
<input type="button" value="Exit" onclick="self.close()">
</form>
</body>
</html>
using the above I can succefully authenticate users but I cant work out how to then use that authenticattion to map the next to available drive letters to a network source.
The code I have for that is
Option Explicit
Dim strDriveLetter, strRemotePath, strRemotePath1, strDriveLetter1
Dim objNetwork, objShell
Dim CheckDrive, DriveExists, intDrive
Dim strAlpha, strExtract, intAlpha, intCount
' The section sets the variables
strRemotePath = "\\mel\groups\Team\general"
strRemotePath1 = "\\mel\groups\Team\specific"
strDriveLetter = "B:"
strDriveLetter1 = "H:"
strAlpha = "BHIJKLMNOPQRSTUVWXYZ"
intAlpha = 0
intCount = 0
err.number= vbEmpty
' This sections creates two objects:
' objShell and objNetwork and then counts the drives
Set objShell = CreateObject("WScript.Shell")
Set objNetwork = CreateObject("WScript.Network")
Set CheckDrive = objNetwork.EnumNetworkDrives()
' This section operates the For ... Next loop
' See how it compares the enumerated drive letters
' With strDriveLetter
On Error Resume Next
DriveExists = False
' Sets the Outer loop to check for 24 letters in strAlpha
For intCount = 1 To 24
DriveExists = False
' CheckDrive compares each Enumerated network drive
' with the proposed drive letter held by strDriveLetter
For intDrive = 0 To CheckDrive.Count - 1 Step 2
If CheckDrive.Item(intDrive) = strDriveLetter _
Then DriveExists = True
Next
intAlpha = intAlpha + 1
' Logic section if strDriveLetter does not = DriveExist
' Then go ahead and map the drive
'Wscript.Echo strDriveLetter & " exists: " & DriveExists
If DriveExists = False Then objNetwork.MapNetworkDrive _
strDriveLetter, strRemotePath
call ShowExplorer ' Extra code to take you to the mapped drive
' Appends a colon to drive letter. 1 means number of letters
strDriveLetter = Mid(strAlpha, intAlpha,1) & ":"
' If the DriveExists, then it is necessary to
' reset the variable from true --> false for next test loop
If DriveExists = True Then DriveExists = False
Next
WScript.Echo "Out of drive letters. Last letter " & strDriveLetter
WScript.Quit(1)
'Sub ShowExplorer()
'If DriveExists = False Then Wscript.Echo strDriveLetter & " Has been mapped for archiving"
'If DriveExists = False Then objShell.run _
'("Explorer" & " " & strDriveLetter & "\" )
'If DriveExists = False Then WScript.Quit(0)
'End Sub
On Error Resume Next
DriveExists = False
' Sets the Outer loop to check for 24 letters in strAlpha
For intCount = 1 To 24
DriveExists = False
' CheckDrive compares each Enumerated network drive
' with the proposed drive letter held by strDriveLetter1
For intDrive = 0 To CheckDrive.Count - 1 Step 2
If CheckDrive.Item(intDrive) = strDriveLetter1 _
Then DriveExists = True
Next
intAlpha = intAlpha + 1
' Logic section if strDriveLetter1 does not = DriveExist
' Then go ahead and map the drive
'Wscript.Echo strDriveLetter1 & " exists: " & DriveExists
If DriveExists = False Then objNetwork.MapNetworkDrive _
strDriveLetter1, strRemotePath1
call ShowExplorer ' Extra code to take you to the mapped drive
' Appends a colon to drive letter. 1 means number of letters
strDriveLetter1 = Mid(strAlpha, intAlpha,1) & ":"
' If the DriveExists, then it is necessary to
' reset the variable from true --> false for next test loop
If DriveExists = True Then DriveExists = False
Next
WScript.Echo "Out of drive letters. Last letter " & strDriveLetter1
WScript.Quit(1)
Sub ShowExplorer()
If DriveExists = False Then Wscript.Echo strDriveLetter & " Has been mapped for archiving"
If DriveExists = False Then objShell.run _
("Explorer" & " " & strDriveLetter & "\" )
If DriveExists = False Then WScript.Quit(0)
End Sub
Now the above script will find the next availabe letter and map one location to it...I still havent worked out to create another loop for it to do it again. It obviously also requires that you already be authenticated to map to that location.
I looking for some help on how to marry these to scripts together.
Thanks
AliHi Ali
Here is some code that will enumerate two free adjacent drive letters. It starts searching from "C" all the way to "Z" for two drives letters that are adjacent and returns the results in an array then echos the results. You can easily adapt this code to
map your network drives to each drive letter. Hope that helps
Cheers Matt :)
Option Explicit
Dim objFSO
On Error Resume Next
Set objFSO = CreateObject("Scripting.FileSystemObject")
ProcessScript
If Err.Number <> 0 Then
WScript.Quit
End If
On Error Goto 0
'Functions Processing Section
'Name : ProcessScript -> Primary Function that controls all other script processing.
'Parameters : None ->
'Return : None ->
Function ProcessScript
Dim driveLetters, driveLetter
If Not GetFreeDrives(driveLetters) Then
Exit Function
End If
For Each driveLetter In driveLetters
MsgBox driveLetter, vbInformation
Next
End Function
'Name : GetFreeDrives -> Searches for a pair of free adjacent drive letters.
'Parameters : adjacentDrives -> Input/Output : variable assigned to an array containing the first two free adjacent drives.
'Return : GetFreeDrives -> Returns True if Successful otherwise returns False.
Function GetFreeDrives(adjacentDrives)
GetFreeDrives = False
Dim drive, driveLetter, drivesDict, i
Set drivesDict = NewDictionary
driveLetter = "C"
'Add the drives collection into the dictionary.
For Each drive In objFSO.drives
drivesDict(drive.DriveLetter) = ""
Next
'Check drive letters C: to Z: for two free adjacent drive letters and set the "driveLetter" variable to the first one.
For i = Asc(driveLetter) To Asc("Z")
If Not drivesDict.Exists(Chr(i)) And Not drivesDict.Exists(Chr(i + 1)) Then
driveLetter = Chr(i)
Exit For
End If
Next
'If two free adjacent drive letters were not found then exit.
If driveLetter = "" Then
Exit Function
End If
adjacentDrives = Array(driveLetter, Chr(Asc(driveLetter) + 1))
GetFreeDrives = True
End Function
'Name : NewDictionary -> Creates a new dictionary object.
'Parameters : None ->
'Return : NewDictionary -> Returns a dictionary object.
Function NewDictionary
Dim dict
Set dict = CreateObject("scripting.Dictionary")
dict.CompareMode = vbTextCompare
Set NewDictionary = dict
End Function -
How to authenticate CXF-Webservice against external LDAP in WebLogic?
Hi there,
I'm trying to integrate our Camel-application into WebLogic 12c. All the incoming endpoints are CXF-based webservices. These are secured by "UsernameToken Timestamp" with the WSS4JInInterceptor configured like this:
<bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="UsernameToken Timestamp" />
<entry key="passwordType" value="PasswordDigest" />
<entry key="passwordCallbackClass"
value="de.mycompany.camel.cxf.UserTokenCallbackHandler" />
</map>
</constructor-arg>
</bean>
My problem is: WSS4JInInterceptor expects the UserTokenCallbackHandler to return the password of the user delivered in the header <wsse:Username>. Is there any way to retrieve this from an external LDAP configured in WebLogic? I've already managed to retrieve the users, groups etc with JMX (javax.management.MBeanServerConnection and weblogic.security.providers.authentication.LDAPAuthenticatorMBean), but I can't figure out how to authenticate the user against the LDAP, i. e. retrieve the password.
Or am I heading in a completely wrong direction and this is not the way to achieve authentication for CXF-Webservices in WebLogic?
Please give me a hint (code-snippets preferred ;-) ) how to solve this.
Regards,
FrankI have run into the exact same situation ? Did you ever get around this ? If so, how ? Please let me know.
-
Hi,
We have installed DAC server in Linux machine and client on windows. By using DAC client we restored the backup of DAC repository, DAC client was working fine still restoration and after restoring it’s not logging in. It throws error like "Can't authenticate user"
while starting DAC services in Unix server it throws an error like
ANOMALY INFO An exception occurred. Shutting down server...
MESSAGE:::/u01/DAC/jdk/jre/lib/i386/xawt/libmawt.so: libXext.so.6: cannot open shared object file: No such file or directory
EXCEPTION CLASS::: java.lang.UnsatisfiedLinkError
Note: since DAC client is not separately available for windows we have installed dac server also and while installing and after installing we never configured to connect to the dac server which is in Linux, we have configured only DB.
we have successfully installed OBIEE, Informatica, and DAC version is 10.1.3.4.1.
How to start the DAC services?
How to configure dac client to connect to DAC server and how to solve this "Can't authenticate user" issue?
Pls help in this regard.After your config try to restart dac11g server
dac10g is only desktop mode
~ http://cool-bi.com
Maybe you are looking for
-
How to update Acrobat to a newer version
I have Acrobat Pro Extended 9.3.1. How do I upgrade it to 9.4.1? How do I find the patch? What is the name of the patch? Thanks.
-
Table name decided at runtime - How to do a select?
Hi, Searching these forums I found how to do a select * from where the table name is decided at runtime. You use paranthesis on the variable containing the table name. However, I still get syntax error I can't solve and need some help. This syntax do
-
Why all NUMBERs in OO4O are showing up as strings ???
Hi! Whenever I create a dynaset, all the numeric fields are loaded as Strings ??? For example, I have a field defined as NUMBER(5,0). In my dynaset, the type is set to 4 (LONG) and the OraIDatatype is set to 2 (NUMBER) but the value is a really a str
-
Hello, I have a problem with S015 : The update date is budat, but if the date (budat) is after the end date (DATBI) of rebate arrangement, S015 is update with datbi. So I create a new S515, it's OK for the update of receipt or invoice but, when I cre
-
Windows 7 Not Recognising 8 Cores With MacPro!!!
Hi, I am running Windows 7 on my 8 core (x2 quad) MacPro and only just realised after running the task manager that its only recognising and running on 4 cores instead of 8 cores?? Also, its running Windows 7 home premium pretty crap also, quite slug