HttpURLConnection and caching of authentication credentials

Similar Messages

• LDAP security provider and web service authentication

  Background: we are currently developing web services to our existing weblogic application. Our users can configure user/password authentication in one of three ways: database, LDAP, or SSO. Setting SSO aside, we need to implement the same authentication for database and LDAP that we use in our existing logon servlet in our web services. In our servlet we detect which they are configured for and, if database, authenticate the encrypted password to a database table we have for user id/password. If LDAP we use weblogic.servlet.security.ServletAuthentication and the weak() method to authenticate.
  We've to use SOAP headers to communicate username/password from the client to the web service. We want to code a SOAP message handler to grab the username/password and do the authentication there. We've successfully put something together that handles the database authentication no problem and are now struggling with how to handle the LDAP authentication. We distribute a LDAP security provider we've coded for LDAP authentication. I guess what I am looking for is an equivalent functionality provided with weblogic.servlet.security.ServletAuthentication. Note that I realize the weblogic.servlet.security package has been deprecated starting with Weblogic 9.0 but cannot find what functionality replaces it. Any help there would be appreciated as well.
  Note that I am fairly new to web service development (about 10 months now) and definitely new to web service security and Weblogic security. I tried digging into the volumes of documentation out there regarding these two topics but am simply having a difficult time sorting it all out and figuring out how to do what I want to do.
  Thanks in advance!
  Julia

  Hi,
  Add Provider (LDAP Credentials) in Admin console Security Realm --> defaultrealm -->Providers. Configuring Ldap in Admin Console will enable Admin Server to connect to LDAP. All the LDAP preconfigured Users/Groups will be available in Users and Groups Tab of Security Realms >defaultrealm >Users and Groups. Add Roles using Security Realms >defaultrealm > Roles and Policies > Global Roles > Roles. Add Role Conditions to the role by specifying users/groups configured in LDAP. If your webservice runs with SSL Anotate the Webservice file something like this below.
  @RolesAllowed({
  @SecurityRole(role="test")
  @Policy(
  uri="policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml",
  attachToWsdl=true)
  Here the role is Preconfigired role in AdminConsole. Add the following tag in the soapenv:header.
  <soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken>
  <wsse:Username>test</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>

• How can i deploy macbooks and 802.1x authentication using PEAP/MSChap version 2

  How can i deploy macbooks and 802.1x authentication for wireless connectivity using PEAP/MSChap version 2. The Cert is generated by a 2008 Windows CA authority. I am trying to get to join but the MAC doesnt seem to want to accecpt the cert. Can i not validate the cert and still have it join the 802.1x wireless netqwotk? The wireless netwotk is using a Cisco 5508 wireless controller and Cisco 1142 access points. All works fine with Windows devices.

  Hi Tarik,
  Thanks for your answers,
  I've attached my configured AuthZ rules and AuthZ profile for provisioning,
  I want the process to be the same for iPhone, Android and Windows.
  1) Connect to the SSID
  2) Login using your AD credentials PEAP-MS-CHAP-v2
  3) Redirect to device registration portal (So I can set a limit of 3 devices per employee)
  4) As soon as the client click "register" no more redirects and PERMIT-ALL
  I think that I don't need to rely on profiling because In terms of AuthZ policies it should be something like this:
  1) if WIRELESS802.1x and PEAP-MS-CHAPV2 and BYODREGISTRATION=!YES(Unknown or not reg) then "Redirect to device registration(that is NSP right?)"
  2) if WIRELESS802.1x and PEAP-MS-CHAPV2 then PERMIT-ALL(no redirection)
  3) everything else = DENY-ALL
  But the NSP looks for Client Provisioning policies, so if I don't configure any policy it should Allow Network Access(See attachment photo3.png) but as I said on the post it shows that cannot retrieve the MAC-Address so the client can't register his device and don't have access to the network. (To grant access I've configured provisioning policies, that way the clients can register their devices but they are redirected to google play or are forced to install the profile at iOS and this is what I don't want because it is not necessary)
  What screenshoot do you need after the registration? the Auth report?
  Thank you very much for your time!

• Embedding basic http authentication credentials in JNLP file

  I want to embed basic http authentication credentials in the JNLP file.
  Basically, I want the jars to be behind basic http authentication in order to distribute the application only to authorized users (I understand this is not strong security, but it's fine for my purposes) who are all on Windows, and once the java app is initially installed, I never want to have to enter the http login credentials again.
  So I set up the http authentication and in the jnlp file I have:
  <jnlp
       spec="1.5*"
  codebase="http://username:[email protected]"
       href="program.jnlp">
  This doesn't seem to phase the JWS authenticator. So on the first launch from the desktop shortcut I put the credentials in manually and select "save this password in my password list". It seems like I'm in the clear as the next time I launch the application from a desktop shortcut I am not asked for any credentials, but every time the Windows machine is restarted, I get the JWS authenticator again...the password is no longer saved.
  Is there a way to embed the username/password in the JNLP file to get past the JWS authenticator without having to retype the username and password every time the machine is restarted? Or to permanently save the password in the JWS authenticator password list? Or any other way to set it up where once the application is initially installed, the http authentication credentials never have to be manually entered again?
  Thanks!

  Hi everybody,
  I manage to do almost all (I suppose), but I need last help.
  Through SM59 I created the HTTP Destination needed; then, I implemented the code given by SAP here:
  http://help.sap.com/saphelp_47x200/helpdata/en/2d/64d053e74911d6b2e400508b6b8a93/content.htm
  I ran the program, and it gives me the error: "Binder not found for soapAction = null.
  I suppose that I should give the link to the soapAction, but I don't know where in the code.
  Have you any idea?
  Thanks and Regards,
  Francesco

• TL 11g: JPA and DB proxy authentication?

  Hi!
  I posted similar question of JDev 11g forum, but I hope I can get more profound expertise here :)))
  OK. I want to make a proof-of-concept for end-to-end security using a novel 11g technology: I want to use EJB 3.0 / JPA (TopLink) and to enable subject identity propagation to database using Proxy Authentication mechanism. I stress that I want to use JPA (annotated entities) and not TopLink mappings, and to have as simplest as possible code (yes, I know...).
  Now, my idea is to use Session Event Listener (registered in persistance.xml) to set a proxy connection inside a standard unit of work connection defined in persistance.xml (in the proxy connection I would not set username/password in event listener as I want to do that inside EJB Session Facade).
  Then, in EJB Session Fascade I would like to set a username/password for database login in session that will be used to execute a JPA transaction. I discovered that I can get a ServerSession and Active Session from Entity Manager, with:
  EntityManager em = emf.createEntityManager();
  ServerSession serverSession = ((oracle.toplink.jpa.JpaEntityManager)em).getServerSession();
  Session activeJPASession  = ((oracle.toplink.jpa.JpaEntityManager)em).getActiveSession();What I don't know is how to proceed. Do I have to use Server Session to create/open a new Client Session (but, I'm not sure if then I also have to use a manual transactions inside EBJ Session Bean method, or I can rely on container managed transaction?)? Or I can just set username/password on Active Session. Or I can change a DatabaseLogin (ActiveSession.getLogin().setUsername().setPassword())?
  Please, any advice is appreciated. I'm not an expert on JPA/TopLink so I may spend days figuring this out...
  Thanks in advance!
  PaKo

  PaKo,
  We need to make proxy authentication easier through the JPA interface. At present you can configure the event listener using the toplink.session-event-listener to implement the proxy events as described in the documentation. The piece that is missing is the ability to pass in the proxy authentication credentials when acquiring an EntityManager.
  You are correct that you would need to acquire a client session directly (Note: the JpaHelper can help). When acquired you can use this client session to access the database but it will function only as TopLink's native API and not completely as JPA.
  I filed bug 219434 against EclipseLink to address passing the credentials into:
  EntityManagerFactory.createEntityManager(Map properties)I will continue to investigate to get you a better solution.
  Doug

• Web Services - This WSDL requires authentication credentials. Please supply

  I am trying to access a web service on our network. This is an open service and doesn't require you to log in. I can put the link into IE and the service homepage is shown however when I try to create a new service in APEX I get the error:
  This WSDL requires authentication credentials. Please supply the username and password below.
  I have tried entering my Windows Username and password (the web service is hosted on a windows VM on our network) however this didn't work.
  Anybody know what might be causing this?
  Thanks

  Hello,
  If you enter the name/location of that script in your browser, you'll see the contents (hopefully). Then you can see the name or IP address and port of your proxy. Try these ones first in the APEX setting.
  If that doesn't work, add your (windows) username/password also. The problem is (apart from the evident security issue) that you probably forced to change your windows password every now and then, and you'll forget to change that setting here. As far as I know you can't enter the URL to the script in the APEX proxy property - however...I never tried...
  Greetings,
  Roel
  http://roelhartman.blogspot.com/
  You can reward this reply by marking it as either Helpful or Correct ;-)

• UCM 11g and Weblogic SQL Authenticator

  A bit lengthy question about UCM 11g using WLS Security providers for user authentication.
  There's a lot of stuff on the web about integrating UCM 11g with WLS AD/LDAP authenticators. However there's literally nothing about integrating it with SQL-based authenticators. Does it mean that using WLS's built-in providers other than AD/LDAP is not supported ?
  I tried configuring my Custom DBMS Authenticator - it works fine. I can see my users/groups and membership info read from the DB in WLS Admin Console. The users can even log in to the Content Server but their WLS groups are never mapped to UCM roles/accounts. I tried reordering the WLS authenticators so that the DBMS authenticator is at the top but this does not help. Does this mean that group -> role/account mapping works only with LDAP ?
  thanks in advance

  Hi Sirnath,
  Thanks for the prompt reply.
  I did another exercise and defined the contributor group in both the DefaultAuthenticator and the SQL Authenticator and created two users 'default' (int the DefaultAuthenticator) and 'sql' (in the SQL authenticator). Both users are members of the 'contributor' group (in the respective Authenticator). If I log in as either of the users they all have the proper principals/credentials set in the javax.security.auth.Subject instance (the 'contributor' is a principal and a credential in both cases). However UCM maps it to a role only for the 'default' user.
  Is it possible that the JPS provider somehow bypasses the javax.security.auth.Subject abstraction? Do you know of any related docs available online ?

• AP1252 : Support for LEAP and PEAP for authentication

  Hi,
  We are deploying Cisco AP1252 in unified (lighweight) mode and would like to know whether it will support both LEAP as well as PEAP for authenticating clients at the same time (mixed mode). If yes, kindly let me know the configuration for the same.

  Local EAP authentication on Wireless LAN Controllers was introduced with Wireless LAN Controller version 4.1.171.0.
  Local EAP is an authentication method that allows users and wireless clients to be authenticated locally on the controller. It is designed for use in remote offices that want to maintain connectivity to wireless clients when the backend system becomes disrupted or the external authentication server goes down. When you enable local EAP, the controller serves as the authentication server and the local user database, so it removes dependence on an external authentication server. Local EAP retrieves user credentials from the local user database or the LDAP backend database to authenticate users. Local EAP supports LEAP, EAP-FAST, EAP-TLS, P EAPv0/MSCHAPv2, and PEAPv1/GTC authentication between the controller and wireless clients.
  Local EAP can use an LDAP server as its backend database to retrieve user credentials.
  An LDAP backend database allows the controller to query an LDAP server for the credentials (username and password) of a particular user. These credentials are then used to authenticate the user.
  Local EAP Authentication on the Wireless LAN Controller with EAP-FAST and LDAP Server Configuration Example
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008093f1b9.shtml

• How can i fix authentication credentials ?

  iplanet web proxy server 3.6 with use of ldap dir server. netscape server (general) admin, users&groups, shows "authentication credentials couldn't be obtained from admin server (no match for user id)". do you have any hint ?

  Hi,
  just to delete your system identifier in the DNS server and refresh the DNS server.Now you can add new host in you DNS server then refresh it.once again to configure your directory server through web proxy server.it will work fine.Or change your bind DN using o=domain,o=com (Ex:host http://system1.triens.com in this host bind DN: dc=triens,dc=com).Try with this.

• Lenovo U310: Clean Windows 7 Installation Guide (including Rapid Start and Caching)

  Hi there,
  this is the first time that I am writing such a guide/tutorial/whatever you may call it – there are probably better ones, but though not being a total computer noob, it took me almost one week to get this pretty (now again) little beast running again. So hopefully this helps some others to avoid such stupid downtimes.
  A brief overview on what has happened to my original win 7 Home Premium:
  As some may know, this laptop is very well usable as a “Hackintosh” called Macbook clone. So that’s what I did. It turned out to be nice, but I wanted to go back to Windows after a while, using a clean W7 Pro installation to start over. Actually an easy task, format all drives, install Windows, be happy. Just as I had been doing this for years. Unfortunately, it turned out to be a real challenge. First, I couldn’t “see” my drives during installation (and thus not install), then I got random errors during installation aborting it at different points and finally rapid start and caching didn’t work. Every time I tried to activate them (after Win installation), it crashed my PC. I even found an (official Lenovo!) guide stating to install W7 on the SSD, which worked, but sucks due to space limitations. Oh and another very nice thing: The SSD showed up during WIN installation (but not the classical hard drive) stating it was about 60 GB. So as you can see, I have had a lot of different tries and errors. Why I didn’t use Lenovo Easy Recover? As said before, I erased all partitions…
  Before we start: If you have a good Windows running on the Laptop, do yourself a favor and disconnect the RAID 0 disks using the Intel Rapid Storage Application before(!!!) proceeding. It will make things much easier. And don’t forget to get all you data on an external drive or something.
  Ok, now let’s start.
  1.)    Prepare a USB Stick with the following driver
           http://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=21730 (choose f6flpy-x64.zip If you’re running a   
           64-bit system (standard nowadays), take f6flpy-x86.zip if it is a 32-bit Windows, just download and copy them
           into the stick’s root directory) and plug this stick in one of the left side USB ports.
  2.)    You’ll need Win 7 on either a DVD (plus external drive, for sure) or (bootable) USB stick
  3.)    Connect your drive/stick (with W7) to the right side USB port.
  4.)    Switch the computer on, immediately hit FN and F2. That will open the BIOS.
  5.)    In the BIOS, navigate to the very right section (“save and exit”) and navigate the cursor to “load setup defaults”.
           Hit enter to approve.
  6.)    After that, go to the “boot” tab and disable UEFI-boot.
  7.)    Next, go one more tab to the left and set the controller setting to RAID (NOT AHCI or Compatible!!!).
  8.)    Navigate the cursor down to “Intel Rapid Start” and hit enter. A submenu will pop up-
  9.)    Disable the first entry in that window, that will make the rest be disabled as well.
  10.) Navigate to the very right tab, this time hit save and exit.
  11.) The PC restarts.
  12.) Immediately hit FN and F12 to open the boot selection menu. Select to boot from your W7 DVD drive or USB
          stick.
  13.) Click yourself through the whole process of installing Windows 7 until the page comes up where you will have
          to select where to install it.
  14.) Click on “load drivers” and after a few seconds your downloaded driver should be there. Click ok to use them.
          Please do this step even if you can see your drives (SSD Disk 0, 32 GB and HDD Disk 1, 465(<-?) GB) as you
          would expect them – otherwise you’re very likely to get an error during the install process.
  15.) Now erase all partitions on both drives and select the HDD as the drive to install W7 to – NOT THE SSD!!!!!
          Seriously, don’t choose the SSD.
  16.) Windows will probably say that some extra partitions are necessary and so on, click ok and install Windows.
  17.) After the installation has finished and you see your Desktop, I suggest you to proceed with the next steps in the
          following order to see as early as possible if you are on the right way.
  18.) Install the Chipset driver, restart.
  19.) Install the Intel Rapid Storage “driver” and check the box where it asks to additionally install the control center.
          Reboot.
  20.) Go into BIOS (FN and F2) and enable Intel Rapid Start (the one you disabled in Step 8 and 9)
  21.) Boot into Windows.
  22.) Click on the Windows button, type cmd and right klick on the cmd.exe, select to run it as Admin.
  23.) Now you’ll create a hibernation partition on the SSD. (which by now should be completely empty as we’ve
          deleted all partitions in step 15)
  24.) In the command prompt that we have just opened, type: (without quotas, for sure)
  “diskpart” and hit the enter button
  “list disk” and hit the enter button
  Now you should see your ssd as disk 0 and your hdd as disk 1
  If your ssd is disk 0 (that would be standard), write “select disk 0”, otherwise write: “select disk 1”, and hit the enter button.
  Now write “create partition primary size=4096” and hit enter again. [if you have 4GB of ram, type 4096, if you have 8 GB of ram, use 8192]
  Now write “detail disk” and hit enter to see the volume number behind the volume that we have just created (it is 4 GB or 8 respectively, should be easy to find), in my case that was “2”
  Now type “select volume 2” if your 4 or 8 GB volume has number 2 as well, otherwise use the number you found out in step f. Hit enter.
  Finally, type: “set id=84 override” and hit enter for one last time.
  It should now say back that the id has been set successfully.
  Exit the command prompt. (close)
  25.) Reboot
  26.) Install the Rapid Start driver. Reboot.
  27.) Open the Intel Rapid Storage Application.
  28.) Click on accelerate and approve the settings. Two RAID’s will be created. Reboot.
  29.) Install the remaining drivers, have fun with Windows Update and that’s it!
  Good luck to all of you… And hey Lenovo - wouldn't that have been your job after all these posts showing your costumers in trouble? Just my two cents...
  If you want, you can now turn on UEFI-boot in BIOS.
  PS: If, after installing all drivers, you happen to see one unknown device in your device manager – this one belongs to Lenovo Connect Software that came with your Laptop. (Updates FB, Email etc when PC is in sleep mode) If you install Lenovo Connect it’s going to be fine, however, I would not recommend it as it is said to use a lot of energy and cause some other problems. So just live with it, your PC is totally fine without it.
  Kind regards from Shanghai

  Seriously guys, I can't use my 3 days old laptop. Some help would be mostly appreciated. At this point, the network connection issue doesn't show up anymore, it's just a blank screen after reboot. I reinstall windows and do it all over again just to achieve the same result.
  Now couple of things caught my attention: as I load the "6flpy-x64.zip" driver from step 14, I get a message saying I need to install signed drivers, because unsigned ones are likely to mess up the system.
  Secondly, I could not find any Rapid Storage Technology drivers for Windows 7 (particularly for U310 model), so I use the Windows 8 ones (http://support.lenovo.com/en_US/downloads/detail.page?DocID=DS031455), which seems a silly thing, yet I know of no alternatives.
  Could it be any of these issues to cause my problem? Or smth else? Please help!

• What is the diffrence between cookies and cache, is it safe to remove cache?

  what is the difference between cookies and cache , is it safe to remove cache ? . I had cleaned cookies many times but I have not removed cache , does it goes on increasing day by day ? please let me know

  Cookies are small files that contain information useful to a web site -- such as password, preferences, last date visited, etc. You may remove the cookies that you don't want adn since some of them are a privacy issue, many people remove them all.
  Cache is just a collection of data downloaded to help display a web page. After you leave a site, much of the cache is left on your computer and is no longer needed. You can always remove the cache because it will be replaced as needed.

• I cannot access the internet, I tried to answer that said to go to settings, safari, tap clear history, cookies and cache, cut off, then on, but it did not work.  When I go to internet the screen is grey??? please help I am a new user!!

  I cannot access the internet the screen is grey, I have tried by using the answer from someone but it does not work...I went to settings, tap safari, then clear the history, cookies, and cache, then turn off ipad.  When I did that twice, it did not work.  How long does it take for the clear history to work?  I am a brand new
  user of the ipad2 and I am disappointed that this is happening already.

  Have you been able to access the internet previously and now it's suddenly not working, or are you still trying to access the internet for the first time on your iPad?  Are you at home trying to connect through your home router?  If you are at home, did you put your home routers encryption code as your password?  The encryption code is what your iPad is looking for and it is usually found on the router and is typically a 13 digit combination of letters and numbers.  Let us know......

• Problem with HttpURLConnection and HttpSession.

  Hi,
  Problem with HttpURLConnection and HttpSession.
  I created a HttpSession object in my main class and then called a URL via HttpURLConnection.
  I tried to access the same session object from the servlet called by the URL . but the main session
  is not returned a new seperate session is created.let me know how can we continue the same session in
  the called URL also which is created in main class.
  Thanks
  Prasad

  You are not supported to create a HttpSession by java client. Only J2EE web container can create it.

• Open and Network-EAP authentication - difference in security?

  As far as security goes, and assuming Radius authentication wil actually authenticate and allow users access to the wireless network (or not), it there any difference (once again, as far as security goes), between Open Authentication and Network-EAP as described below?
  In any EAP/802.1x-based authentication method, you may question what the differences are between Network-EAP and Open authentication with EAP. These items refer to values in the Authentication Algorithm field in the headers of management and association packets. Most manufacturers of wireless clients set this field at the value 0 (Open authentication), and then signal their desire to do EAP authentication later in the association process. Cisco sets the value differently, from the start of association with the Network EAP flag.

  1. Join process - comparable to connecting a cable in the wired network world. Usually "OPEN".2. Authentication - this verifies the client is who they claim they are because they possess a certificate (EAP-TLS), know the password or a PSK.3. Encryption with TKIP or AES - this is about protecting data as it is transmitted through the air AFTER authentication.
  You are correct.
  What confuses me when attempting to configure the Aironet I'm working with is the difference in terminology with the familiar choices I had in Linksys access points, something like this:- WEP- WPA- WPA-Enterprise- WPA2- WPA2-EnterpriseI thought WPA-Enterprise has to do with Radius and indeed I was able to create a test network in which a Windows XP laptop could connect via a Linksys access point, authenticating with EAP-TLS, with WPA-Enterprise selected on the AP. The Windows 2008 server was both a certificate authority, a radius (NPS) server and a domain controller.With the Aironet, I'm not sure what the equivalent choices should be, because, if you look at the link in my last post, there is a larger selection: WEP 40 bit, WEP 128 bit, TKIP, AES, combinations of what precedes and no reference to WPA or WPA2. I'm guessing TKIP = WPA and AES = WPA2.And while I can select "EAP" in the Express Security Setup tab, I cannot see where I would opt for EAP-TLS rather than PEAP or EAP-TTLS and so forth.I'm going to take a look at your blog now and see if that doesn't enlighten me further.
  You are on track my friend keep the thinking going .... you are very close!
  Some more foundation for you ...
  WPA   -  Is PSK with TKIP
  WPA2 -  Is PSK with AES
  WPA Enterprsie -  EAP- ??? with TKIP
  WAP2 Enterprsie - EAP - ??? with AES
  ??? = Your selected EAP type
  Now, why dont you have to configure EAP type on the AP? Great question, lets break this down.
  1. The AP or WLC for that matter doesnt care what EAP type you use . Why you ask?
  When you configure 802.1X, there are 2 virtual ports . These are virtual and you do nothing to configure these. Once you connect to an AP and EAP starts, the ap BLOCKS ALL TRAFFIC except for EAPOL  traffic. This is the ONLY traffic allowed past the until the AP / WLC receives a RADIUS SUCCESS. Once the AP/WLC sees this radius success it then switches virtually over to the controlled port and allows ALL your traffic to pass.
  2. With that being said, your client is only passing traffic through the ap and wlc. The ap / wlc doesnt care what EAP you are using. Your client is talking directly to the radius server at that point. The AP/WLC at this point is only a pass through, nothing more.
  Does that help ?
  "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

• My first generation iPad suddenly stopped opening Safari.  I cleared history, cookies, and cache, and Safari still won't open.  Any suggestions?

  When I attempt to open a Safari window on my first-generation iPad, it opens to a blank screen.  I can see the web address bar and the search box, but the rest of the page is white.  I cleared cookies, history, and cache, but still nothing happens.  The iPad is 3G, and I have tried to open Safari using both 3G and my home WiFi.  My wife has an iPad 3 WiFi, and hers opens without issue.  Any suggestions on what I might do?  Thanks!

  1. Double-click the Home button to close all Inactive Apps in Task Bar
  2. Hold the Apps in Task Bar down for a second or two until you see the minus sign
  3. Tap the minus sign to close Apps
  4. Tap center of screen to return to Home Screen
  5. Reset iPad. Hold the Sleep and Home button down for about 10 second until you see the Apple logo. Ignore the red slider