Http proxy authentication for JDev 10.1.3

Similar Messages

• HTTP Proxy setting for SOA server

  Hi,
  my intention is to enable SOA Server to connect through HTTP Proxy to external services. This occurred when I am trying to connect to Yahoo Mail Server, via User Messaging Service but it keep throwing connection time out. One of the possible solution is to make the service to connect via the HTTP Proxy server in our network.
  There are no mention of how to setup HTTP Proxy connection for UMS, as well as SOA Server in any documents.
  Please advice or direct me to the relevant solutions.
  Appreciate any help rendered :)
  yee thian

  I have not worked in SoA server, but since it uses weblogic server underlying (I assume), you can try setting the -Dhttp.proxyHost , -Dhttp.proxyPort system properties ( https for secured URL's) to WLS to specify the proxy details. Also the product might not have the capability to pass user credentials for authentication at the proxy. The version of OSB we are using had this problem. To overcome this you might require to add the URL to the proxy free list in your proxy server. This prevents the proxy from prompting for the user name when you access that URL.

• ASA - cut through proxy authentication for RDP?

  I know how to set this up on a router (dynamic access-list - lock and key)... But, I'm having trouble understanding how to setup OUTSIDE to INSIDE cut through proxy authentication for RDP.
  OUTSIDE to INSIDE RDP is currently working.
  I have 2 servers I want RDP open for..
  [*]OUTSIDE 1.1.1.1 to INSIDE 10.10.70.100
  [*]OUTSIDE 1.1.1.2 to INSIDE 10.10.50.200
  What's required for OUTSIDE users  to authenticate on the ASA before allowing port 3389 opens? I was hoping for is a way to SSH into this ASA, login with a special user, then have the ASA add a dynamic ACE on the OUTSISE interface to open 3389 for a designated time limit. Is this possible?
  Here is my current config.
  [code]
  ASA Version 8.2(5)
  hostname ASA5505
  names
  name 10.10.0.0 LANTraffic
  name 10.10.30.0 SALES
  name 10.10.40.0 FoodServices
  name 10.10.99.0 Management
  name 10.10.20.0 Office
  name 10.10.80.0 Printshop
  name 10.10.60.0 Regional
  name 10.10.70.0 Servers
  name 10.10.50.0 ShoreTel
  name 10.10.100.0 Surveillance
  name 10.10.90.0 Wireless
  interface Ethernet0/0
  description TO INTERNET
  switchport access vlan 11
  interface Ethernet0/1
  description TO INSIDE 3560X
  switchport access vlan 10
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  shutdown
  interface Vlan1
  no nameif
  security-level 50
  no ip address
  interface Vlan10
  description Cisco 3560x
  nameif INSIDE
  security-level 100
  ip address 10.10.1.1 255.255.255.252
  interface Vlan11
  description Internet Interface
  nameif OUTSIDE
  security-level 0
  ip address 1.1.1.1 255.255.255.224
  ftp mode passive
  clock timezone PST -8
  clock summer-time PDT recurring
  dns domain-lookup OUTSIDE
  dns server-group DefaultDNS
  name-server 8.8.8.8
  name-server 4.2.2.2
  domain-name test.local
  access-list RDP-INBOUND extended permit tcp any host 1.1.1.1 eq 3389
  access-list RDP-INBOUND extended permit tcp any host 1.1.1.2 eq 3389
  pager lines 24
  logging enable
  logging timestamp
  logging trap warnings
  logging device-id hostname
  logging host INSIDE 10.10.70.100
  mtu INSIDE 1500
  mtu OUTSIDE 1500
  ip verify reverse-path interface OUTSIDE
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-645.bin
  no asdm history enable
  arp timeout 14400
  global (OUTSIDE) 1 interface
  nat (INSIDE) 1 LANTraffic 255.255.0.0
  static (INSIDE,OUTSIDE) tcp interface 3389 10.10.70.100 3389 netmask 255.255.255.255
  static (INSIDE,OUTSIDE) tcp 1.1.1.2 3389 10.10.50.200 3389 netmask 255.255.255.255
  access-group RDP-INBOUND in interface OUTSIDE
  route OUTSIDE 0.0.0.0 0.0.0.0 1.1.1.1 1
  route INSIDE LANTraffic 255.255.0.0 10.10.1.2 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  aaa authentication ssh console LOCAL
  aaa authentication http console LOCAL
  http server enable
  http Management 255.255.255.0 INSIDE
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  telnet timeout 5
  ssh 10.10.70.100 255.255.255.255 INSIDE
  ssh Management 255.255.255.0 INSIDE
  ssh 0.0.0.0 0.0.0.0 OUTSIDE
  ssh timeout 5
  ssh version 2
  console timeout 0
  threat-detection basic-threat
  threat-detection scanning-threat shun
  threat-detection statistics access-list
  threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
  webvpn
  username scott password CNjeKgq88PLZXETE encrypted privilege 15
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:1e9d278ce656f22829809f4c46b04a07
  : end
  [/code]

  You're running ASA 8.2(5). In 8.4(2) Cisco added support for what they call Identity Firewall rules. That is, you can make access-lists entries specific to users (or object groups containing users).
  There's an overview document on this posted here. It's a bit dated but I believe the only change is that Cisco is now preferring use of the more current Context Directory Agent (CDA) - a free VM they provide - vs. the deprecated AD agent (software service that runs on your DC).

• OSB: HTTP digest authentication for WebServices

  Hi,
  How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
  Best regards
  Dimo

  Did you figure out how to do it.?

• DAP and http proxy authentication

  I have a ASA firewall with http proxy authetication and now i configure DAP for Anyconnect with AD .I disable the "Default Dynamic Access Policy"  proxy authentication fail .Someone knows how to configure the DAP for http proxy authentication ?
  best regards

  Still nothing about it. I've also posted to another threads with similar problems:
  http://discussions.apple.com/message.jspa?messageID=8165122#8165122
  http://discussions.apple.com/message.jspa?messageID=8165120#8165120
  http://discussions.apple.com/message.jspa?messageID=8165118#8165118
  http://discussions.apple.com/message.jspa?messageID=8149758#8149758
  As I said before, while I've had OS 1.1.4, everything was normal. It began when I upgraded to 2.0.2 and after to 2.1. I also double checked if the TI here changed the policies, and they assured me they don't.
  Several other users with 2.x are also reporting the same trouble. As far as now, I've came across a post suggesting me to install a local http proxy on the phone, but I don't think it's gonna work.
  Let's keep this thread alive!

• HTTP Proxy Connection for sharepoint-webservice endpoint in  SMP

  hi all,
       I want to consume share-point services(soap based) through SMP. for that i am creating HTTP Proxy Connection for sharepoint web service endpoint in
  SMP. i have done with creation of proxy connection without any error but while testing (on REST_CLIENT add-ons) it showing following error :
  Status Code: 400 <?xml version="1.0" encoding="utf-8"?> <error ><message xml:lang="en">Error occurred while connecting to the Gatewaynull</message> </error>
  Can anyone help me....
  Thanks in advance.

  hii Andrew,
  Here are screenshots of proxy connection configuration,
  security configuration:
  Application creation:
  connection white listing :
  Error message in Rest Client:
  Regards,
  SupriyaD

• How set  UserName and Password for HTTP Basic Authentication for a servlet

  Hi..
  How set UserName and Password for HTTP Basic Authentication for a servlet in JBoss server?
  Using Tomcat i can do it .(By setting roles in web.xml, and user credintails in tomcat-user.xml).
  But i dont know how do it in JBOSS..
  I am using Netbeans and Eclipse IDEs.. Can we do it by using them also!?
  Thank u

  Hi Raj,
  You can do this by creating a Login screen for the users and check the authentication of each user in PAI i.e. PROCESS AFTER INPUT.
  Store the user information in a database table and check the username and password when the user enters it.
  You can display password as *** also. For this double click on input box designed for password and goto Display tab. Select Invisible in the list and check it.
    CASE sy-ucomm.
      WHEN 'BACK'.
        LEAVE PROGRAM.
      WHEN <fcode for submit>.
        SELECT SINGLE uname pwd
         FROM <DB table>
         INTO (user, pass)
         WHERE username = user AND
                 password = passwd.
        IF sy-subrc = 0.
  <Go to next screen for further processing>
        ELSE.
  <Display Error message and exit>
        ENDIF.
    ENDCASE.
  Regards,
  Amit
  Message was edited by:
          Amit Kumar

• HTTP Basic authentication for proxy service and its wsdl?

  Hello:
  For some reasons I needed to configure the HTTP basic authentication on a proxy service at OSB 11g. Everything was OK until I realized that, additionally to the authentication when calling the service, the OSB also asks for credentials when I try to get that proxy wsdl file.
  My requirements are to secure the proxy service when is called only, not when retrieving the wsdl.
  Is this possible to configure on OSB / WLS? How?
  Greetings!
  Edited by: user4483647 on 02-sep-2010 12:59
  Edited by: user4483647 on 02-sep-2010 13:25

  If I'm not wrong, Basic authentication is Transport level feature. So passing User/Password in SOAPHeader doesn't make sense. SOAP message can only be sent when you have a HTTP Connection open. During opening of HTTP connection User/Password is required for basic authentication.
  http://www.student.nada.kth.se/~d95-cro/j2eetutorial14/doc/Security7.html#wp156943
  Edited by: mneelapu on Apr 2, 2009 2:09 PM

• Http proxy setting for webservice client.

  Hi !
  I have set the following option for accessing the webservice through the proxy(webservice
  outside the firewall).
  I'm using weblogic v7.0 with sp1.
  -Dweblogic.webservice.transport.http.proxy.host=xxxx
  -Dweblogic.webservice.transport.http.proxy.port=8088
  It works fine and my soap client is able to access the webservice lying outside
  the firewall.
  But when I use the same setting, the soap client fails for accessing the webservice
  which are
  inside the firewall.
  I get "Connection refused".
  Is there any option to specify not to use proxy for specific hosts and ports ?
  For example http.nonProxyHost
  Any pointers will be of great help.
  Thanks
  Kumar Raj

  I have not worked in SoA server, but since it uses weblogic server underlying (I assume), you can try setting the -Dhttp.proxyHost , -Dhttp.proxyPort system properties ( https for secured URL's) to WLS to specify the proxy details. Also the product might not have the capability to pass user credentials for authentication at the proxy. The version of OSB we are using had this problem. To overcome this you might require to add the URL to the proxy free list in your proxy server. This prevents the proxy from prompting for the user name when you access that URL.

• Supressing the Browser HTTP Proxy Authentication Popup

  Hi there.
  I have an applet that does some socket proxying/tunnelling.
  It has some code that detects whether the browser is connecting through a HTTP proxy and whether or not that proxy requires authentication.
  When the code runs in a browser with a direct connection to the internet it is all good.
  When the code runs in a browser with a standard HTTP Proxy connection to the internet it is all good.
  But.. when it is connected through a HTTP Proxy that requires authentication I get a Java popup box asking for the Proxy's Username/Password.
  See image here: http://peterdamen.com/JavaProxyPopup.png
  I just want to suppress this popup. It pops up in the middle of a java routine, which suspends execution and then ruins javascript that communicates with the applet in the host HTML page.
  Any ideas?
  Thanks.
  Peter

  Did you ever get this figured out? I have the same issue. Thanks.

• Problems with HTTP Client Authentication in jdev 10.1.2.17.84.

  Hi,
  I've told HTTP Client Authentication doesn't work in jdev 10.1.2.17.84. I need users to be authenticated using a certificate so I'm trying several workarounds but none seems to be valid. Any help?
  Thanks.
  Luis Serrano.

  been there done that.. ive decompiled the oc4j code, debuged down to the core... its big waste of my time... :(
  my advice to you is to leave it.. if you do not plan to use oracle ldap sso or xml provider you can do nothing... your hands are tied... they hardcoded everything and if you want more than classic "username & password" custom login module you will have to change oc4j...
  there is no point to make a custom loginmodule which utilize a client certificate because oracle JAZN do not suport that type of login module!
  just implement a login filter and manage authentication and authorization yourself... just like steve muench did in his java store demo - he didnt use JAZN... :)
  anyway current approach do not allow you to leverage JAAS in ADF model layer so why bother to have that in the view/controller layer anyway...
  and if i understood correctly oracle plans big changes in this area in the next jdeveloper release, and they alredy said that custom login modules would be depreciated in the next releases...

• WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

• Proxy authentication for Internet

  I have searched high and low for an answer to this and cant belive nokia havn't included it as part of the firmware.
  At work on my laptop I connect via wireless to a access point that then passes my connection to a proxy server.
  When I try and access the internet on my phone I get No Gateway Reply
  Now my laptop requires I am authenticated on the network
  (username, password, domain) before allowing me access to the web/email etc
  How do I get these credentials on to my phone??NOKIA 5800 XM)
  someone out there must know

  I'm afraid you can't. S60 does not support proxy authentication.
  Was this post helpful? If so, please click on the white "Kudos!" star below. Thank you!

• HTTP Proxy settings for WIFI

  I am trying to access the wifi at work which requires me to use a http proxy.
  I can connect to the network in my company from my PC without any issues by giving the url in the lan settings
  When I open the browser it asks for the user id and password and once I authenticate it allows me internet access
  However I am having trouble mapping this into the iphone I realise I have two options i.e manual and auto
  Can someone help me map these settings or direct me to a forum where some has done this successfully
  Thanks.

  Your post is not going to be seen by the Apple Engineers. This is a users forum. You should contact Apple Technical Services directly.
  There is a new version of Apple Configuration Utility that just came out in the last two weeks. Manually setting the proxy settings isn't really very hard to do so I'm not sure what the concern is.

• Https proxy authentication

  I have a strange behaviour while browsing with Safari:
  I'm located behind a proxy server which requires authentication. For all http requests, everything works perfect, at the first access ever, Safary asked me to supply username and pasword for the proxy, I've chosen to save the password in my key chain and was never asked again for the pasword.
  For https requests, Safari asks at least one time per request to put in my proxy username and password. Sometimes, it seems that Safari asks for each single object on a web pagefor the proxy credentials.
  I've tried to narrow down the effect and it seems, that this is related to WebKit. If I use Firefox, it asks me only once to put in the proxy credentials and that's it. With OmniWeb (which is also based on WebKit) I have the same problem as in Safari.
  Has somebody got the same effect or even has a solution for that?
  Thanks,
  Frank
  MacBook Pro   Mac OS X (10.4.8)   15 inch, Core 2 Duo, 200GB HDD

  I have the same problem:
  I have to connect to a https url to post a string (and read the answer: OK or KO).
  The problem is that I have to set up this with jdk 1.2, so:
  - I download jsse 1.03
  - I set up the provider statically inside java.security
  (security.provider.2=com.sun.net.ssl.internal.ssl.Provider)
  - I use the code:
  System.setProperty("https.proxyHost","proxy");
  System.setProperty("https.proxyPort","80");
  System.setProperty("https.proxyUser","user");
  System.setProperty("https.proxyPassword","password");
  String password = "user:password";
  String encodedLogin = new sun.misc.BASE64Encoder().encodeBuffer(password.getBytes());
  System.setProperty("https.agent", "JSSE\n\rProxy-Authorization: "+encodedLogin+"\n\r");
  URL url = new URL(urlString);
  HttpsURLConnection connection = (HttpsURLConnection)url.openConnection();
  connection.setRequestProperty("Proxy-Authorization", "Basic " + encodedLogin);
  //connection.connect();
  connection.setDoInput( true );
  connection.setDoOutput( true );
  connection.setAllowUserInteraction(false);
  //URLConnection connection = new HttpsURLConnection(url);
  InputStream inStream = connection.getInputStream();
  When I call the getInputStream() I get the exception:
  java.io.IOException: Unable to tunnel through XX.XY.ZX.WW:80. Proxy returns "HTTP/1.1 407 Proxy Access Denied
  How can I authenticate to the proxy? The previos tips doesn't works ...
  Any suggest?