How to secure webserver login popup

Hi,
I have a iPlanet webserver 4.1 running.
I have some ACL's there and users log in through
the "normal" webserver login popup window
when they try to access a file that has a ACL.
Audit now complained that the password goes
over the intranet in plaintext. Is there a way to
get the uid and pwd transfered encrypted?
Thanks a lot,
Matthias

In order to encrypt over the wire, I think that you
will need to enable SSL on the listening port for
that instance.But I can only turn on SSL for the complete server?
Ist there a chance to just secure the login prompt?

Similar Messages

  • How to bypass the login popup in AutoVue20 integrated to DMS (UCM, SP)

    Hi,
    Can anybody please help me, if I need to make any changes at AutoVue 20 side or DMS (UCM or SP) side to avoid the login credentials popup appearing again and again whenever I try to view any document with AutoVue.
    I know it's a security feature but, I need to handle it to avoid entering username/password details again and again, whenever I use Autovue 20 to view the documents..
    Any advice/suggestion will be of great help..
    Thanks,
    VK

    Hi Jeff,
    I'm happy to mention here that I found the reason for this problem.. :)
    As I mentioned in my previous thread!! The vuelink for UCM was deployed on the Autovue server machine (the Win2k8 server having Autovue20 installed) and the UCM server is on another machine (OEL5).
    But after, changing the Vuelink location to UCM Server machine (OEL5), it is not asking for the username/password again and again as it was before..
    But as per the "*Oracle VueLink 19.3 for Oracle UCM*" shipped with Vuelink for UCM 19.3, we need to mention the vuelink machine address in "autovue_environment.cfg" if the vuelink is running on separate machine.. But, even after mentioning the address of Vuelink machine, it was asking for the username/passwd again n again and the SSO was not happening..
    Please check the same..
    Thanks,
    Vij

  • HT204053 I recently changed ny Apple ID but it did not transfer over to my iCloud account. How do I change my iCloud ID? The login popup for iCloud will not go away so I cannot get into my iPad since it pops up as soon as I turn the device on.

    I recently changed my Apple ID but it did not transfer over to my iCloud account. How do I change my iCloud ID? The password for the new Apple ID does not work since the iCloud default user name is imbedded in the login box. The login popup for iCloud will not go away so I cannot get into my iPad since it pops up as soon as I turn the device on and re-occurs every few seconds.

    You have to go to Settings>iCloud, tap Delete Account, provide the password for the old ID when prompted to turn off Find My iPhone, then sign back in with the ID you wish to use.  If you don't know the password for your old ID, or if it isn't accepted, go to https://appleid.apple.com, click Manage my Apple ID and sign in with your current iCloud ID.  Click edit next to the primary email account, change it back to your old email address and save the change.  Then edit the name of the account to change it back to your old email address.  You can now use your current password to turn off Find My iPad on your device, even though it prompts you for the password for your old account ID. Then go to Settings>iCloud, tap Delete Account and choose Delete from My iPad when prompted (your iCloud data will still be in iCloud).  Next, go back to https://appleid.apple.com and change your primary email address and iCloud ID name back to the way it was.  Now you can go to Settings>iCloud and sign in with your current iCloud ID and password.

  • With FBA, How to get rid of Login popup while opening document in library

    I've enabled fba with custom login page.
    I've document library.While trying to open document, it asks for credentials everytime. Due to FBA with custom login page, it does not close the login popup automatically.
    How can I get this resolved?

    irst Enable Client Integration.
    Next U Activate the Site Collection Features
    "Open Documents in Client Applications by Default"
    and Deactivate "Office
    Web Apps".
    http://social.msdn.microsoft.com/Forums/vstudio/en-US/6e823898-f423-4af2-b43d-b43b2fc14409/open-microsoft-office-documents-in-sharepoint-2010-fba-without-login-prompt
    Or
    1) no need to do coding for checking the checkbox 'remember me' on loginpage
    2) on central admin, for the extended zone "UNCHECK" Enable Anonymous access & select "YES" in 'Enable Client Integration'-->You are all set--> these resolves
    2 problems: 1. the users will not be asked to login 2 times 2. when they open office document they will not receive any authentication window
    http://social.technet.microsoft.com/Forums/sharepoint/en-US/6dc1c682-371f-4a7d-b26c-4c09fc724189/sharepoint-2010-fba-asking-authentication-when-trying-to-open-a-excel-or-word-document-for?forum=sharepointadminprevious
    http://blogs.technet.com/b/steve_chen/archive/2010/06/25/multiple-logon-while-open-office-document-from-sharepoint.aspx

  • How do I redirect a secure zone login form with javascript?

    I would like to redirect what page a user goes to after filling out the secure log in form. I would change the landing page of the secure zone, but I need a log in form to go to a different page of the site. I would also create a seperate secure zone, but I have almost 3000 subscribers and it would be very time consuming to add all those users to this new zone.
    I would like to redirect the user (using the form from a secure zone) to a different page other than the landing page of the log in form. How do I do this with javascript?
    I saw this page: http://kb.worldsecuresystems.com/598/bc_598.html#main_Logging_into_different_Secure_Zones_ according_to_ID_number but couldn't make sense of it for my current situation. (I don't need multiple zones, just the form to redirect to a different page after submission)
    <form action="https://redlakewalleye.worldsecuresystems.com/ZoneProcess.aspx?ZoneID=12369&Referrer={module_siteUrl,true,true}&amp;OID={module_oid}&amp;OTYPE={module_otype}" method="post" onSubmit="return checkWholeForm52938(this)" name="catseczoneform52938">
                <div class="form">
                <div class="item"><label for="SZUsername">Username</label><br />
                <input type="text" maxlength="255" id="SZUsername" name="Username" class="cat_textbox_small" /></div>
                <div class="item"><label for="SZPassword">Password</label><br />
                <input type="password" autocomplete="off" maxlength="255" id="SZPassword" name="Password" class="cat_textbox_small" /></div>
                <div class="item"><input type="checkbox" id="RememberMe" name="RememberMe" /><label for="RememberMe">Remember Me</label></div>
                <div class="item"><input type="submit" value="Log in" class="cat_button" /> <a href="/_System/SystemPages/PasswordRetrieveRequest">Lost password?</a></div>
                </div>
                <script type="text/javascript" src="/CatalystScripts/ValidationFunctions.js"></script>
                <script type="text/javascript">
                    //<![CDATA[
                    function checkWholeForm52938(theForm){
                        var why = "";
                            if (theForm.Username) why += isEmpty(theForm.Username.value, "Username");
                            if (theForm.Password) why += isEmpty(theForm.Password.value, "Password");
                            if (why != ""){alert(why);
                                return false;
                       // Add the redirect code here?
                        theForm.submit();
                        return false;
                    //]]>
                </script>
            </form>

    I've been working on the same thing and have nearly solved it with these tutorials:
    http://www.bcgurus.com/tutorials/re-directing-users-to-the-correct-secure-zone
    http://www.bcgurus.com/tutorials/building-a-better-secure-zone-login-page
    The first tutorial will let a person continue on to the page he/she was attempting to access. For example, if your site offers learning lessons in a secure zone... A visitor could click on a lesson, get prompted to login and then be redirected to that particular lesson instead of the landing page for the secure zone.  The script in the tutorial also accommodates general logging in: "if the person wasn't going somewhere specific then send him/her here (landing page, user account, whatever).
    Might be worth checking out the free BCGurus trial or joining for a month.
    Brian

  • How do I disable login keychain popups?

    How do I disable login keychain passwords?

    Maybe:
    Keychain "login" cannot be found-pop up keeps coming up on my screen. I have OS X 10.9 using a Mac Mini. I am no longer able to  receive email on this computer either, but can retrieve my mail on my i pad. Anyone else having this problem with Keychain?
    My mac keeps on asking me for keychain passwords ...which I have either forgotten or never used
    OS X Mavericks v10.9.1: Repeated prompts to unlock "Local Items" keychain - Apple Support
    http://support.apple.com/kb/HT1631

  • How to pass SSO Login Ticket to an URL iView

    Hello experts,
    We have an application running on Netweaver and it is setup to accept SSO Login Tickets for authorisation.
    I have the following question:
    We want to expose some of the portlets in our application in a portal page using URL iViews, but we don't know, how to setup this environment, so for each iView, the SSO Login ticket is passed to the portlet of our application (this way access to it can be granted)?
    How can we achive this? Or, is there another approach for this scenario?

    Hi Megha,
    The portlets are part of our application which is deployed on the same Netweaver App server as is the Portal.
    When the user log in into the Portal - SSO Tiket is being issued and we want this ticket to be passed to the URL of the URL iView, but currently HTTP 401 error is returned or HTTP Basic authentication login popup is displayed. We want to be able to use the SSO Ticket for this purpose.
    Regards,
    Georgi

  • How to create a login interface in labview PDA module?

    How to create a login interface in labview PDA module? So that it checks with a list of usernames and passwords and allow to go to another VI?
    Anu

    Anu,
    I've attached a really short example that does something like what you're talking about.  It just compares the user's username and password a pre-determined username and password and then "logs the user in" based on that comparison.  Like Greycat said, you probably want to store this username and password info in some sort of file on the PDA that's in an encrypted format for both security and flexibility of your application.
    I hope this helps,
    Justin D.
    Applications Engineer
    National Instruments
    Attachments:
    LoginVI.vi ‏17 KB

  • I downloaded TunesGoWatch by Wondershare. I deleted the app. Every time I turn on my computer I get a popup saying "TunesGoWatch" can't be opened because the identity of the developer cannot be confirmed. I deleted the app, how do I stop this popup?

    I downloaded TunesGoWatch by Wondershare. I deleted the app. Every time I turn on my computer I get a popup saying "TunesGoWatch can't be opened because the identity of the developer cannot be confirmed." I deleted the app, how do I stop this popup?  Your help is truly appreciated

    First:
     (Apple menu) > System Preferences > Users & Groups > select your account > Login Items.
    Determine if that program appears in that list. If it does, select it and then remove it from Login Items with the "–" (minus) button.
    Next:
    Select the entire line that follows (triple-click to select it), then control-click, and from the contextual menu that appears, select Services > Open:
    /Library/StartupItems/
    If the program or an alias to it appears in that folder, drag it to the Trash.
    Next:
    When you log out or shut down your Mac, de-select the checkbox that begins with the words "Reopen windows... "

  • Create a login page with NI Security Programmatic Login.vi

    Hi everyone,
    I'm trying to create a login page that inputs username and password of users, then authorize user information with the Domain Account Manager to recognize user identification.
    I google and see the NI Security Programmatic Login.vi can allow me to create a login page and it works. However, I got a problem is to redirect to other pages after authorizing. 
    NI Security Programmatic Login.vi only outputs some string to show the status of the authentication, it doesnt output boolean like true or fall.
    Does anyone has a solution to help me?
    Thank you.
    This is my screen shot:

    Thank you for suggesting me. I've done the checking task but I don't know how to call a subVi.
    As you can see in the images I post below, I have a login page with its diagram, and the main page that I want to show after logging in conrrectly.
    So should the main page is the subVi or the login page? And can you tell me how to show the main page after logging correctly?
    I also don't know how to refresh the page if logging information is incorrect. Do you have any solution?
    Thank you so much.

  • How to call custom Login Module from JSP

    Hi,
    I am stuck with the following issue:
    1) Exactly as presented in help.sap.com (http://help.sap.com/saphelp_nw04/helpdata/en/3f/1be040e136742ae10000000a155106/content.htm) I created custom login module and deployed it as a library on J2EE server. When I configured it to be used for my applications in the Security provider but I am getting "No user name provided" exception everytime when my applications use this custom login module.
    2) I realized that I would need to call my custom module somewhere within my application (simple JSP) using LoginContext class and then use MyLoginContext.login() spec to initiate login process. But I am not able to pass CallbackHandler parameters from JSP application to my custom login module.
    So I have the following questions:
    1. Can I pass parameters using LoginContext and CallbackHandler from JSP to my custom login module (created as exact copy of HELP.SAP.COM example) or this module cannot be used this way.
    2. How to pass CallbackHandler correctly to my custom login module from JSP. When I am trying to use CallbackHandler, I am getting "Abstract Class cannot be called" error.
    I'd appreciate any little help on this matter.
    Thanks and regards,
    Mike

    You have two alternatives to do this:
    You can declare your JSP as a protected resource with the use of the deployment descriptors of the application (web.xml) and add the custom login module in the authentication stack of the application. This way, you will use container-based authentication, i.e. the Web Container will enforce the authentication and it will call the custom login module before it dispatches to the JSP. I recommend you this approach because it requires less coding and it makes the whole thing a matter of configuration. The configuration can be later on enhanced or changed runtime without the need to re-build and re-deploy the application. If you choose this approach you can go to the documentation of the server for help on how to modify the login module stack of the application.
    You can also use programmatic authentication by using JAAS API. To do this you need to create a custom security policy configuration with login module stack containing the custom login module, and then use the standard JAAS mechanism - new LoginContext(<configuration>, <callback-handler>).login(). This approach requires that you write your own callback handler and handle any LoginException.
    Let us know which approach you prefer and whether you have difficulties implementing it!

  • How to secure one page not entire application?

    Hi there,
    I'm looking for some guidance on how to secure individual pages on my site. I've read a number of articles discussing creating a login using the Application.cfc. The thing is this approach locks down the entire site. I only want to secure a page. In my scenario, if the user hasn't logged in, and goes to a profile.cfm page, they will be asked to login. Once they login, they will then be directed to the profile.cfm page.
    Any and all advice would be greatly appreciated.
    Thanks.
    Novian

    Hi, Novian,
    An option that come directly to mind is to check for the specific page to be locked down in onRequestStart of your Application.cfc.
    This approach is relatively easy to implement but may not be the best approach (don't know how it might affect performance or something else). Basically, use a conditional in your onRequestStart method to see if the page being requested by the user is the page that needs to be secured. Something along the lines of:
    <cffunction name="onRequestStart">
         <cfargument name="target_page" />
         <cfif target_page is 'super-secure-page.cfm'>
              <!--- security stuff --->
         </cfif>
    </cffunction>
    There are, of course, other options but this was a quick and easy one that came right to mind.

  • OC4J 10.1.3.1 Need to find oracle.security.jazn.login.module.db.util pckg

    Hi,
    I managed to configure Oracle's DBTableOraDataSourceLoginModule together with JavaSSO to access two tables which reside on a 9i database. One is the user's table and the other a roles table. The only problem is that the user's passwords should be encripted in this table.
    I followed the instructions in the Oracle Containers for J2EE Security Guide page 9-10 - Implementing DBLoginModuleEncodingInterface for Password Encryption, and specified in the pw_encoding_class parameter
    the DBLoginModuleSHA1Encoder class provided in the oracle.security.jazn.login.module.db.util package.
    I also wrote a small program to do the encryption in the table, using a getKeyDigestString method found in DBLoginModuleSHA1Encoder class of a sample dblogin module downloaded from a link in Lucas Jellema's article on how to secure an application developed with JDeveloper and deployed in OC4J. I used this class because I could not find the one mentioned in the Oracle documentation.
    Now the DBTableOraDataSourceLoginModule rejects the login with an invalid password message. It seems the encoding is calculated differently in the two classes. I tried to use the sample dblogin module in the javasso specification, and got a - no class found - message. I tried to locate the oracle.security.jazn.login.module.db.util package to use in the password encoding program, but I couldn't find it anywhere in either OC4J nor JDeveloper directories.
    Can you tell me where to find the oracle.security.jazn.login.module.db.util package ?
    Thanks for help.
    Gustavo

    Hi
    As I am also tried the same and found the encryption module working fine for me.
    This I could do only on JDeveloper 10g whereas while attempted on the same on JDeveloper 11g, I got lots of problems.
    Will you please help out in this regard, if you had already able to acheive the same on JDeveloper 11g TP3, please let me know the steps or any relevant URL which I can refer.
    Thanks in advance
    Kind Rgds
    Krishnamurthy. R

  • How to authorize my Login.jsp file to create LoginContext, deployed in war

    I am currently doing a login process and I need to know how to give my Login.jsp file the permission to create a LoginContext. I packaged everything in a war file and deployed it to the server.
    Specifically this is the error that I am getting:
    type Exception report
    message
    description The server encountered an internal error () that prevented it from fulfilling this request.
    exception
    org.apache.jasper.JasperException: access denied (javax.security.auth.AuthPermission createLoginContext.studentportal)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:384)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:297)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:247)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         java.lang.reflect.Method.invoke(Method.java:585)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
    root cause
    java.security.AccessControlException: access denied (javax.security.auth.AuthPermission createLoginContext.studentportal)
         java.security.AccessControlContext.checkPermission(AccessControlContext.java:264)
         java.security.AccessController.checkPermission(AccessController.java:427)
         java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
         javax.security.auth.login.LoginContext.init(LoginContext.java:224)
         javax.security.auth.login.LoginContext.(LoginContext.java:403)
         org.apache.jsp.Login_jsp._jspService(Login_jsp.java:55)
         org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:105)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:336)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:297)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:247)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
         sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
         sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
         sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
         java.lang.reflect.Method.invoke(Method.java:585)
         org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
         java.security.AccessController.doPrivileged(Native Method)
         javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
         org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
         org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
    note The full stack trace of the root cause is available in the Sun-Java-System/Application-Server logs.
    In my code in Login.jsp this is what I have at the top of the page:
    <%@ page language="Java" import="portal.*,javax.security.auth.login.*" %>
    <%
    String s = request.getParameter("loginButton");
    if (s != null) {
    out.println("The user attempted to login");
    String user = request.getParameter("username");
    String psw = request.getParameter("psw");
    AscCallbackHandler cbh = new AscCallbackHandler(user,psw);
    LoginContext ctx;
    try {
    ctx = new LoginContext("studentportal",cbh);
    } catch (LoginException  le) {
    out.println("Sorry, could NOT create context");
    }The admin page tells me that portal is deployed at location:
    ${com.sun.aas.instanceRoot}/applications/j2ee-modules/portal
    My entry in the server.policy file looks like so:
    grant codeBase "file:/home/jay/sun/Creator2_1/SunAppServer8/domains/creator/applications/j2ee-modules/portal/WEB-INF/-" {
    permission javax.security.auth.AuthPermission "createLoginContext.studentportal";
    permission javax.security.auth.AuthPermission "modifyPrincipals";
    permission javax.security.auth.AuthPermission "getLoginConfiguration";
    Which gives the error shown above
    Please help
    Message was edited by:
    jay_dawg
    Placing code tags

    java.lang.NoClassDefFoundError: org/jdom/JDOMException
         java.lang.Class.getDeclaredConstructors0(Native Method)
         java.lang.Class.privateGetDeclaredConstructors(Class.java:2357)
         java.lang.Class.getConstructor0(Class.java:2671)
         java.lang.Class.getConstructor(Class.java:1629)
         org.apache.jasper.compiler.Generator$GenerateVisitor.visit(Generator.java:1164)
         org.apache.jasper.compiler.Node$UseBean.accept(Node.java:1116)
         org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2163)
         org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2213)
         org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2219)
         org.apache.jasper.compiler.Node$Root.accept(Node.java:456)
         org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2163)
         org.apache.jasper.compiler.Generator.generate(Generator.java:3305)
         org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:198)
         org.apache.jasper.compiler.Compiler.compile(Compiler.java:295)
         org.apache.jasper.compiler.Compiler.compile(Compiler.java:276)
         org.apache.jasper.compiler.Compiler.compile(Compiler.java:264)
         org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:563)
         org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:303)
         org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
         org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
         javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
         org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.java:368)and following by this

  • How to get Custom Login Module to communicate with frontendtarget

    We have created a custom login module and placed it in our login module stack.
    So we have the following 3 Login Modules in our stack:
    EvaluateTicketModule
    OurCustomLoginModule
    CreateTicketModule
    Also we are using the standard SAP login screen for our frontendtarget, see our authschemes.xml entry:
    <authscheme name="cglogon">
                <authentication-template>
                    form
                </authentication-template>
                <priority>21</priority>
                <frontendtype>2</frontendtype>
                <frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
            </authscheme>
    Question:
    There are standard screens in the SAP login PAR:
                changePasswordPage.jsp
                umLogonProblemPage.jsp
                umResetPasswordPage.jsp
    How do I trigger one of these screens from my Login() method of my
    custom login module?  I thought if I throw some specific exception, these screens would
    be called?

    A bit more info. 
    We created a new Authentication Scheme for certain iviews that are deemed more "sensitive" that required a step-up authentication. 
    I changed the Iview property "Authentication Scheme" to our custom one.
    If I navigate into one of these more sensitive Iviews, I get the standard SAP login screen: <frontendtarget>com.sap.portal.runtime.logon.certlogon</frontendtarget>
    Whis is what i expect.
    I enter a username and password and click Logon button.  I see that it successfully hits our custom login module and goes through Login(), and Commit() methods and finally displays the iview i originally requested.
    However, on a failure, i want it to return focus to the SAP login screen with an error explaining why...(i.e. wrong password, account locked, etc.)
    However, It always give iview runtime exception with Access Denied.
    #1.5 #0018FE8C6FD800690000029000004D6C00045B6E5E7D6014#1226429496628#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Debug##Java###Login module {0} from authentication stack {1} does not authenticate the caller.#2#companyname.com.CGLoginModuleClass#form#
    #1.5 #0018FE8C6FD800690000029100004D6C00045B6E5E7D6275#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule.abort()#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Plain###Entering method#
    #1.5 #0018FE8C6FD800690000029200004D6C00045B6E5E7D6308#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Debug##Plain###Internal Login Module data has been reset.#
    #1.5 #0018FE8C6FD800690000029300004D6C00045B6E5E7D6386#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.EvaluateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Java###Exiting method with {0}#1#true#
    #1.5 #0018FE8C6FD800690000029400004D6C00045B6E5E7D6438#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule.abort()#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Plain###Entering method#
    #1.5 #0018FE8C6FD800690000029500004D6C00045B6E5E7D64B2#1226429496629#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#sap.com/irj#com.sap.engine.services.security.authentication.loginmodule.ticket.CreateTicketLoginModule#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Path##Java###Exiting method with {0}#1#true#
    #1.5 #0018FE8C6FD800690000029700004D6C00045B6E5E7D6750#1226429496630#com.sap.engine.services.security.authentication.logincontext#sap.com/irj#com.sap.engine.services.security.authentication.logincontext#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Info#1#/System/Security/Authentication#Plain###LOGIN.FAILED
    User: N/A
    Authentication Stack: form
    Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
    1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          exception             true       authscheme not sufficient: uidpwdlogon<cglogon
            \#1 ume.configuration.active = true
    2. companyname.com.CGLoginModuleClass                                         REQUISITE   ok          exception             true       Authentication did not succeed.
    3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                                true      
            \#1 ume.configuration.com = true#
    #1.5 #0018FE8C6FD800690000029900004D6C00045B6E5E7DA973#1226429496647#System.err#sap.com/irj#System.err#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Error##Plain###Nov 11, 2008 10:51:36...                    com.sap.portal.portal [SAPEngine_Application_Thread[impl:3]_24] Error: Exception ID:10:51_11/11/08_0002_176065950
    #1.5 #0018FE8C6FD800690000029B00004D6C00045B6E5E7DCA91#1226429496647#com.sap.portal.portal#sap.com/irj#com.sap.portal.portal#JOHNDOE#182##servername_EPX_176065950#JOHNDOE#bb3365a0b02111ddabea0018fe8c6fd8#SAPEngine_Application_Thread[impl:3]_24##0#0#Error#1#/System/Server#Java###Exception ID:10:51_11/11/08_0002_176065950
    [EXCEPTION]
    {0}#1#com.sapportals.portal.prt.runtime.PortalRuntimeException: Access is denied: pcd:portal_content/com.companyname.portal.capitalgroup/com.companyname.com.security/com.companyname.portal.cghressnaaa/com.sap.pct.ess.employee_self_service/com.companyname.pg_sensitiveWebdynpro/com.cg.ivu_saplogon_0 - user: Guest
         at com.sapportals.portal.prt.deployment.DeploymentManager.getPropertyContentProvider(DeploymentManager.java:1936)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.refresh(PortalComponentContextItem.java:230)
         at com.sapportals.portal.prt.core.broker.PortalComponentContextItem.getContext(PortalComponentContextItem.java:312)
         at com.sapportals.portal.prt.component.PortalComponentRequest.getComponentContext(PortalComponentRequest.java:385)
         at com.sapportals.portal.prt.connection.PortalRequest.getRootContext(PortalRequest.java:435)
         at com.sapportals.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:607)
         at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:240)
         at com.sapportals.portal.prt.dispatcher.Dispatcher$doService.run(Dispatcher.java:545)
    and here's my login method...
         public boolean login() throws javax.security.auth.login.LoginException
              this.succeeded = false;
              String passwordString = "";
              if (callbackHandler == null)
                   throw new LoginException("Error: no CallbackHandler available to garner authentication information from the user");
              HttpGetterCallback httpgettercallback = new HttpGetterCallback();
              NameCallback nc = new NameCallback("User:");
              PasswordCallback pc = new PasswordCallback("Password:", false);
              Callback[] callbacks = new Callback[] { nc, pc };
              try
                   callbackHandler.handle(callbacks);
              catch (IOException e)
                   throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
              catch (UnsupportedCallbackException e)
                   return false;
              String userid = nc.getName();
              char[] password = pc.getPassword();
              pc.clearPassword();
              if (userid.length() == 0)
                   throwNewLoginException("USERID IS MISSING!", LoginExceptionDetails.IO_EXCEPTION);
              else
                   username = userid;
              if (password.length == 0)
                   throwNewLoginException("PASSWORD IS MISSING!", LoginExceptionDetails.NO_PASSWORD);
              else
                   passwordString = new String(password);
              String eccLoginResult = validateECCAuthentication(username, passwordString);
              if (!eccLoginResult.equals(""))
                   myLoc.infoT(this.username + " - failed ECC authentication.");
                   throwNewLoginException("Wrong UserId/Password", LoginExceptionDetails.WRONG_USERNAME_PASSWORD_COMBINATION);
              else
                   myLoc.infoT(this.username + " - failed ECC authentication.");
                   this.succeeded = true;
              if (this.succeeded)
                   try
                        refreshUserInfo(this.username);
                   catch (SecurityException e)
                        throwUserLoginException(e);
                   if (sharedState.get(AbstractLoginModule.NAME) == null)
                        sharedState.put(AbstractLoginModule.NAME, this.username);
                        this.nameSet = true;
              else
                   throwNewLoginException("Wrong UserId/Password", LoginExceptionDetails.WRONG_USERNAME_PASSWORD_COMBINATION);
              return this.succeeded;

Maybe you are looking for

  • MacBook Pro Freezes in Login Screen

    Hello, I've encountered a strange error on my 08 MBP (Should not be hardware related). When my computer boots up and gets to the login screen, it simply stops. Mouse clicks and key hits (either onboard or USB devices) do not appear to register, as no

  • IPhone Ringtone Not Synced to iPhone

    I bought a ringtone-eligible tune at the iTunes store, edited it, and it appeared in iTunes as a ringtone. When I synced my iPhone to the SAME computer, which is the computer I always sync the iPhone to, the ringtone did not sync and I got this messa

  • RENAME FINDER ITEMS

    - I am using the function RENAME FINDER ITEMS to rename hundreds of files. It is possible to use wild chars in the FIND field ? - All my file names start with date (example: 2010-04-10 xxxx.yyy) and i want to rename it to xxxx.yyy. thank you, Paulo

  • HT4208 my apple iphone5 is not showing the apps which the phone is demanding to update.

    in my apple store,there is a tap update but that is not showing update apps.

  • Advantages of 11i over 11.0.3

    Hi Everyone, I need some quick information...Hope I get some help here.. Can someone please point me to any white papers/blogs/notes which explain on the feature differences and advantages of 11i over 11.0.3..? Any pointers would be greatly appreciat