How to login secured application programmatic way?

Similar Messages

• How to change focus in programmatic way?

  Hi,
  1. how to change focus in programmatic way?
  2. is there any way to define tab index?
  With Regards,
  Wai Phyo

  1). http://docs.oracle.com/cd/E16162_01/apirefs.1112/e17491/tagdoc/af_scrollComponentIntoViewBehavior.html
  2). no

• How to login to eBay programmatically with Java

  Hi,
  I'm trying to write a Java program that can handle logging in to eBay in order to retrieve certain user-specific information, for example My eBay, or list of items with email address. The way I've done is like this:
  Retrieve (HTTP GET) the initial page at http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin. Then capture all the cookies. The resulting HTML page has a form with some <input...> fields in there. So I concatenate all these <input...>, then send a HTTP POST to the URL on that form together with the concatenated parameters. For some reason, the resulting HTML page is back at http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin
  I've pretty sure I've handled the cookies alright, because when I leave out the cookies, I'll get a "Cookies Rejected" HTML page. I've also been able to log in to hotmail in similar fashion, so I think most (if not all) technical details are ok. These are the calls I made (among others):
  HttpURLConnection conn = (HttpURLConnection) url.openConnection();
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setRequestMethod("POST");
  conn.setAllowUserInteraction(false);
  conn.setRequestProperty("Content-type", "application/x-www-form-urlencoded" );
  conn.setInstanceFollowRedirects(false);
  conn.setUseCaches(false);
  conn.setRequestProperty("Cookie", cookie);
  My question is, has anyone succeeded in logging into eBay using Java, and if so could you share how you've done it (like, is there anything special to be done?). I'm asking this because when logging to hotmail.com, there were some twists that I had to look into (in javascript code) before the thing works. But I can't see anything similar in the eBay login page.
  Alternatively, is there away to intercept and peek into HTTP requests sent by IE? I have Ethereal but it's at protocol level only (I think), not HTTP messages/requests. I figure if I can read these requests that IE makes when it logs in, I can try applying the same behaviour (simulate) in my Java code.
  Many thanks!

  Right after I posted this, I tried again in desperation and guess what, it already works! It turns out that I was just impatient, the second time the page http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin is returned, you just have to retrieve it again, this time using the cookies that you got from previous log in. Keep going like that (when you see a 3xx Redirect code) and you'll get to your My eBay page eventually.
  Anyway, these are the pages that I access in case anyone is attempting to do the same thing:
  1. Use HTTP GET on http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin, get a 302 (Moved) header with location=http://signin.ebay.com/aw-cgi/eBayISAPI.dll?SignIn&UsingSSL=0&pUserId=&ru=http%3A%2F%2Fcgi1.ebay.com%2Faw-cgi%2FeBayISAPI.dll%3FMyEbayLogin&pp=pass&co_partnerid=2&pageType=174&i1=0 (Let's call this page 1a)
  2. Use HTTP GET on page 1a, get a HTML content page (with login form) and 2 cookies.
  3. Use HTTP POST to send form data to the URL in the login form (which is http://signin.ebay.com/aw-cgi/eBayISAPI.dll), remember to send all cookies as well. (Also this is provided you have an eBay account, the form will ask for username and passwd). Get back a 302 (Moved) with Location=http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin, and 7-8 cookies. Store all these cookies.
  4. Use HTTP GET to access http://cgi1.ebay.com/aw-cgi/eBayISAPI.dll?MyEbayLogin , again remember to send all the cookies. Get back 302 (Moved) with Location=http://cgi1.ebay.com/aw-cgi/ebayISAPI.dll?MyEbayItemsBiddingOn&userid=xxxxxxxxxxx&pass=xxxxxxxxxxxxxx&first=N&sellerSort=3&bidderSort=3&watchSort=3&dayssince=2&p1=0&p2=0&p3=0&p4=0&p5=0&ssPageName=MerchMax (Let's call this page 4a)
  5. Finally! Use HTTP GET to access page 4a and you're at the "My Ebay" page.
  After manually going through all this, you'll appreciate how much work the browser does each time it logs in to something. Also if you're planning to do this, it may save time in the long run to create a rudimentary browser that can display and handle the cookies automatically, (and takes care of form data too).

• How to start a application with a login window?

  hi there
  does anyone have any idea on how to start an application with a login window? a login window is the first frame or window to be displayed when an application starts running. and only correct login id and password have been entered the real application will start. any sample out there? thank you.

  You can start a new thread by making a thread object and passing it an implementation of a runnable object. Runnable has just one method, public void run(), this is was gets executed in a second thread. perhaps the code you would use would look something like this.
  <code>
  // set up thread for login window
  new Thread(new Runnable() {
  public void run() {
  // construct your login window here
  // when you are done processing the
  // password....
  if(goodPassword) {
  authorized = true; // a global variable
  notifyAll(); // don't forget this
  else {
  System.exit(42);
  }).start();
  // control does not stop this code gets executed while
  // the above thread is running.
  // Set up main program here. This is done in the
  // backround.
  while(!authorized) {
  synchronized(this)
  { wait(50); }
  // now when the user logs in this frame pops
  // up real quick.
  myFrame.setVisible(true);
  </code>
  Hope you can figure it out.. good luck :)

• How to configure security policies like account locking, account expiry in portal application?

  Hi All,
  Can anybody pls tell me how to configure security policies like account locking,
  account expiry in portal application? By default, it has a 30 minutes lock period
  after 5 retries. But if I want to set other values or want to unlock account of
  a user, then what to do ?
  TIA,
  Sudarson

  I have read the SSO admin guide, and performed the steps for enabling SSL on the SSO, and followed the steps to configure mod_osso with virtual host on port 4443 as mentioned in the admin guide.
  The case now is that when I call my form (which is developed by forms developer suite 10g and deployed on the forms server which is SSO enabled) , it calls the SSO module on port 7777 using http (the default behaviour).
  on a URL that looks like this :
  http://myhostname:7777/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  and gives the error :
  ( Forbidden
  You don't have permisission to access /sso/auth on this server at port 7777)
  when I manually change the URL to :
  https://myhostname:4443/pls/orasso/orasso.wwsso_app_admin.ls_login?Site2pstoreToken=.......
  the SSO works correctly.
  The question is :
  How can I change this default behaviour and make it call SSO on port 4443 using https instead ?
  Any ideas ?
  Thanks in advance

• How to provide security to application

  Hai to ALL
  Can any one suggest me for Securites in BPC Application
  How to provide security to application in user, Admin levels,
  what are the privelliages to user, admin
  Cheers
  SRM

  Hi,
  When you talk about application level security, it is nothing but member access profile. This profile determines, whether you will have the authorization to post a value / read a value from a particular member of the dimension or not.
  Hope this helps.

• My wife got a Iphone in Bangladesh. she do not know the password for apple ID, there is no way to collect it, as the email id for that iphone is not her. how she can use application store and itunes? please help me

  My wife got a Iphone in Bangladesh. she do not know the password for apple ID, there is no way to collect it, as the email id for that iphone is not her. how she can use application store and itunes? please help me

  If it is second hand, try putting it in recovery mode, and restoring it with itunes on a mac or pc.
  Recovery mode tutoral:http://www.youtube.com/watch?v=dkVr5CxFiFM

• How can i secure the mail application against my friends

  Hi, how can i secure the mail application against my friends, when they use the ipad for surfing ?
  I want to block the mailapplication with the number code, the ipad already provides for some app´s, but for mail, it doesnt work :-(

  thank you for the answer, i cant understand, why apple wont make this possible for the build in apps. For some it is working (Safari, Appstore, etc.... ) but for mail not. Why ?  This cant be a technical problem.....
  how solve other people this problem, when their ipad is walking around the table for surfing ?

• How to deploy Java application securely

  hi everybody,
  I hope u can help me. Because this is my last resort.
  My problem is describing below.
  I have created a java application(Stand alone). Now I have to install that into a machine. When I am installing any how i have to copy all .class files to the system. When I am copying, how will I secure those files. Means if a person knows where the class files is copied, he can declompile the class fiels, that will gives the original source code, and he can make changes into that and recopy. This will spoil the application. So how I secure the class files from the external access.
  thanks for ur time.

  I would have to say that your best bet is to use an obfuscator.
  http://directory.google.com/Top/Computers/Programming/Languages/Java/Development_Tools/Obfuscators/
  The only other thing you can do, if you can, is to set permissions on the directory, and things like that...

• How can i hide application on login?

  Hi guys!i've try to hide on login some application,but this don't work,Mail and iChat show me their window on login...can somebody help me?
    Mac OS X (10.4.8)   macbook

  Open the Script Editor in the /Applications/AppleScript/ folder and enter the following:
  tell application "Mail"
  run
  end tell
  tell application "iChat"
  run
  end tell
  delay 2
  tell application "System Events"
  set visible of process "Mail" to false
  set visible of process "iChat" to false
  end tell
  Save the script as an application and place in the list of login items, and remove the existing Mail and iChat applications from the list.
  (19592)

• How to set an Application Item from PL/SQL

  I am attempting to set an Application Item
  After login to my app, I want to retrieve a row from my SETTINGS table and populate some Application Items with the settings information so that I can
  display some of that settings information on every page.
  Just to start, I created one Application Item named F106_YEAR
  I then created a Shared Components Application Process which executes on New Session: After Authentication
  I created this process as an Anynomous PL/SQL block.
  declare
  aucyr varchar(4);
  begin
  select year into auctyr
  from settings;
  :F106_YEAR := aucyr;
  end;
  I've tried a couple of other Syntax tricks attempting to reference the Application Item F106_YEAR from within PL/SQL (like V('F106_YEAR') but nothing seems to be working.
  I'm sure that I am missing something simple. Can someone tell me how to set an Application Item from PL/SQL?
  Thanks in advance.

  I'm still doing something wrong because this is not working for me.
  I've tried both of the following versions as an Application Process set to run on New Session after Authentication:
  declare
  auction_year varchar(4);
  begin
  select year into auction_year
  from PBUUC.SETTINGS where rownum < 2;
  :F106_AUCTION_YEAR:=auction_year;
  end;
  and I also tried:
  declare
  auction_year varchar(4);
  begin
  select year into auction_year
  from PBUUC.SETTINGS where rownum < 2;
  APEX_UTIL.SET_SESSION_STATE (p_name, p_value);
  end;
  F106_YEAR is a global Item (shared components).
  The select statement works just fine in SQL*PLUS so I know that it is correct.
  If I run the debugger and log into the application, here is the output. Shouldn't I see my Application Process get called if it is set to run on New Session after Validation?
  My Application process is named RETRIEVE_AUCTION_SETTINGS
  0.01: A C C E P T: Request="P101_PASSWORD"
  0.01: Metadata: Fetch application definition and shortcuts
  0.01: alter session set nls_language="AMERICAN"
  0.01: alter session set nls_territory="AMERICA"
  0.01: ...NLS: Set Decimal separator="."
  0.01: ...NLS: Set NLS Group separator=","
  0.01: ...NLS: Set date format="DD-MON-RR"
  0.01: ...Setting session time_zone to -04:00
  0.01: NLS: wwv_flow.g_flow_language_derived_from=0: wwv_flow.g_browser_language=en-us
  0.01: Fetch session state from database
  0.02: ...Check session 695371898690095 owner
  0.02: ...Check for session expiration:
  0.02: ...Metadata: Fetch Page, Computation, Process, and Branch
  0.02: Session: Fetch session header information
  0.02: ...Metadata: Fetch page attributes for application 106, page 101
  0.03: ...Validate item page affinity.
  0.03: ...Validate hidden_protected items.
  0.03: ...Check authorization security schemes
  0.03: Session State: Save form items and p_arg_values
  0.03: ...Session State: Save "P101_USERNAME" - saving same value: "jps"
  0.03: Processing point: ON_SUBMIT_BEFORE_COMPUTATION
  0.03: Branch point: BEFORE_COMPUTATION
  0.03: Computation point: AFTER_SUBMIT
  0.03: Tabs: Perform Branching for Tab Requests
  0.03: Branch point: BEFORE_VALIDATION
  0.03: Perform validations:
  0.03: Branch point: BEFORE_PROCESSING
  0.03: Processing point: AFTER_SUBMIT
  0.03: ...Process "Set Username Cookie": PLSQL (AFTER_SUBMIT) begin owa_util.mime_header('text/html', FALSE); owa_cookie.send( name=>'LOGIN_USERNAME_COOKIE', value=>lower(:P101_USERNAME)); exception when others then null; end;
  0.04: ...Process "Login": PLSQL (AFTER_SUBMIT) wwv_flow_custom_auth_std.login( P_UNAME => :P101_USERNAME, P_PASSWORD => :P101_PASSWORD, P_SESSION_ID => v('APP_SESSION'), P_FLOW_PAGE => :APP_ID||':1' );
  0.06: ...Process "Clear Page(s) Cache": CLEAR_CACHE_FOR_PAGES (AFTER_SUBMIT) 101
  0.06: Nulling cache for application "106" page: 101
  0.00:
  0.00: S H O W: application="106" page="1" workspace="" request="" session="695371898690095"
  0.01: alter session set nls_language="AMERICAN"
  0.01: alter session set nls_territory="AMERICA"
  0.01: ...NLS: Set Decimal separator="."
  0.01: ...NLS: Set NLS Group separator=","
  0.01: ...NLS: Set date format="DD-MON-RR"
  0.01: ...Setting session time_zone to -04:00
  0.01: NLS: wwv_flow.g_flow_language_derived_from=0: wwv_flow.g_browser_language=en-us
  0.01: Application 106, Authentication: CUSTOM2, Page Template: 2904114531488186
  0.01: ...Session ID 695371898690095 can be used
  0.01: ...Application session: 695371898690095, user=JPS
  0.01: ...Determine if user "JPS" workspace "1040027630222986" can develop application "106" in workspace "1040027630222986"
  0.01: ...Check for session expiration:
  0.01: Session: Fetch session header information
  0.01: ...Metadata: Fetch page attributes for application 106, page 1
  0.01: Fetch session state from database
  0.02: Branch point: BEFORE_HEADER
  0.02: Fetch application meta data
  0.02: Computation point: BEFORE_HEADER
  0.02: Processing point: BEFORE_HEADER
  0.03: Show page template header
  0.03: Computation point: AFTER_HEADER
  0.03: Processing point: AFTER_HEADER     
  0.04: Computation point: BEFORE_BOX_BODY
  0.04: Processing point: BEFORE_BOX_BODY
  0.04: Region: Auction_Title F106_AUCTION_YEAR

• Restarting A Flex Application Programmatically

  Howdy folks,
  I have just created a database driven user management system
  which works wonders, but I'm having a problem with logging out a
  user. By far the easiest, sure fire way of doing this would be to
  clear the users login in the database (not really relevant to the
  problem) then restart the application programmatically (as if the
  user pressed the refresh button in thier browser) which would bring
  them back to the login screen at the start of the application. Is
  re-initialising the application possible to do in actionscript?
  If not it would involve clearing user specific variables,
  resending http requests which relate to the login, removing
  permissions based controls and all this over many modules... just a
  hell of a lot of what may be unesscessary work, especially if all
  that really needs to happen is the application to re-initialise.
  Any help on this would be amazing!
  Many thanks

  quote:
  Originally posted by:
  mattyb1515
  My initial suggestion is to wrap your flex application in a
  PHP web page and let PHP do the authentication/deauthentication. To
  logout the user you can create a PHP function that destroys the
  session variable and then refresh/redirect to the login/home page
  of your application.
  Thanks for the reply but I'm afraid it isn't as easy as that.
  I'm a php guru and I do use PHP and FlashVars for use with
  authentication but only to 'remember' user information when the
  user opens up a different application (basically if they log into
  one application, theyre logged into the rest). Using 'out of
  application' authentication is of no use when it comes to a
  permissions based user system and applying dynamic permissions
  (such as "this user can see this menu", "this user cant press this
  button") to a flex application. It's clearing these permission
  variables I'd prefer not to do if the application can be
  programmatically re-initialised which would have the same
  effect.

• Ques;How  do you secure imail when used being used in iweb. People can mess

  How do you secure imail when used being used in iweb? People can mess w/my settings in iweb imail window.

  What is iMail?
  And what is an iWeb iMail window?
  iWeb is part of iLife 06 which is an application used to create websites hosted on .Mac.
  Are you referring to Apple's Mail application and webmail access using a browser such as Safari to access your .Mac account?
  Which people can mess with what settings? You shouldn't allow anyone else to access your Mac when logged in to your account and home folder/directory. OS X was designed for multiple users of the same Mac with each regular user having their own computer login account (with or without admin privileges) and associated home folder/directory to store and access their data and settings for their login account only.

• How to configure security realm for Active Directory ?

  Hi,
  Can any body suggest how to configure security realm in weblogic 8.1
  I have simple login page where in user can enter his credentials, and i have MS-Active Directory where we maintain all users.
  users who loged into web application has to be authenticated from Active Directory.
  please suggest what are the steps that we need to follow
  thanks in advance

  Hi Sankar,
  You can login to the weblogic server admin console and create a new realm.
  Once you have created the realm you can add the authentication provider.You add the Active Authentication Provider.But you must have the the configuration inforamation of MS AD.You can read my blog http://dev2dev.bea.com/blog/bishnu_kumar/
  where the integration is with iPlanet LDAP.Steps will be similar.
  You must have a login portlet in your portal application and that should have been in accordance with j2ee security standards.For example you may use basic authentication or userlogin control or p13n API
  Regards
  Bishnu

• What login security&encription are good for struts...?

  hello friends,
  I am developing a struts+hibernate application which
  contains a login page. I am not sure of which tools or API's to use for logn
  Authentication and encription.
  Can any bady suggest me which is best for login Authentication and what way
  can i proceed for secured login for WebApplication.
  Ajay

  HANRAM wrote:
  hello friends,
  I am developing a struts+hibernate application which
  contains a login page. I am not sure of which tools or API's to use for logn
  Authentication and encription.
  Can any bady suggest me which is best for login Authentication and what way
  can i proceed for secured login for WebApplication.
  AjayFor JSP you can use JAAS or form based.