IPv6 OSPFv3 authentication (MD5) not working
I'm configuring two 2800 routers (ADVENTERPRISEK9, 12.4(24)T2) for OSPFv3. The interfaces are Frame-relay multipoint interfaces on both routers. OSPFv3 is fine without authentication. But when I added same MD5 authentication to the two interfaces, OSPFv3 adjacency never came back up. I'm using the exact same command as IOS IPv6 configuration guide.
Here are the configs on the two routers. What could be incorrect? In "show ipv6 ospf interface", secure socket is shown "up".
R1#
interface Serial0/0/0.402 multipoint
ipv6 address FE80:1:1::1 link-local
ipv6 address 2001:1:1::1/64
ipv6 ospf network broadcast
ipv6 ospf 1 area 0
ipv6 ospf authentication ipsec spi 500 md5 1234567890abcdef1234567890abcdef
frame-relay map ipv6 FE80:1:1::2 402 broadcast
ipv6 router ospf 1
router-id 1.1.1.1
R2#
interface Serial0/0/0.204 multipoint
ipv6 address FE80:1:1::2 link-local
ipv6 address 2001:1:1::2/64
ipv6 ospf network broadcast
ipv6 ospf 1 area 0
ipv6 ospf authentication ipsec spi 500 md5 1234567890abcdef1234567890abcdef
frame-relay map ipv6 FE80:1:1::1 204 broadcast
ipv6 router ospf 1
router-id 1.1.1.2
R1#sh ipv6 ospf int s0/0/0.402
Serial0/0/0.402 is up, line protocol is up
Link Local Address FE80:1:1::1, Interface ID 14
Area 0, Process ID 1, Instance ID 0, Router ID 1.1.1.1
Network Type BROADCAST, Cost: 64
MD5 authentication SPI 1000, secure socket UP (errors: 0) Rack61R4#sh ipv6 os int s0/0/0.402
I have had the same problem. The reason is a bug in Cisco IOS CSCtc72699.
Workaround:
The setting of "no crypto engine onboard 0" is added, and the
command of "clear crypto sa" is executed.
Before:
r1(config-if)#do sh crypto ipsec sa
interface: Serial0/0/1
Crypto map tag: (none), local addr FE80::219:E8FF:FEE0:3640
IPsecv6 policy name: OSPFv3-2001-256
IPsecv6-created ACL name: Serial0/0/1-ipsecv6-ACL
protected vrf: (none)
local ident (addr/mask/prot/port): (FE80::/10/89/0)
remote ident (addr/mask/prot/port): (::/0/89/0)
current_peer :: port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 416, #pkts encrypt: 416, #pkts digest: 416
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: FE80::219:E8FF:FEE0:3640,
remote crypto endpt.: ::
path mtu 1500, ip mtu 1500, ip mtu idb Serial0/0/1
current outbound spi: 0x100(256)
inbound esp sas:
inbound ah sas:
spi: 0x100(256)
transform: ah-md5-hmac ,
in use settings ={Transport, }
conn id: 2005, flow_id: NETGX:5, crypto map: (none)
no sa timing
replay detection support: N
Status: ACTIVE
inbound pcp sas:
outbound esp sas:
outbound ah sas:
spi: 0x100(256)
transform: ah-md5-hmac ,
in use settings ={Transport, }
conn id: 2006, flow_id: NETGX:6, crypto map: (none)
no sa timing
replay detection support: N
Status: ACTIVE
outbound pcp sas:
After:
r1#sh crypto ipsec sa
interface: Serial0/0/1
Crypto map tag: (none), local addr FE80::219:E8FF:FEE0:3640
IPsecv6 policy name: OSPFv3-2001-256
IPsecv6-created ACL name: Serial0/0/1-ipsecv6-ACL
protected vrf: (none)
local ident (addr/mask/prot/port): (FE80::/10/89/0)
remote ident (addr/mask/prot/port): (::/0/89/0)
current_peer :: port 500
PERMIT, flags={origin_is_acl,}
#pkts encaps: 56, #pkts encrypt: 56, #pkts digest: 56
#pkts decaps: 55, #pkts decrypt: 55, #pkts verify: 55
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 0, #recv errors 0
local crypto endpt.: FE80::219:E8FF:FEE0:3640,
remote crypto endpt.: ::
path mtu 1500, ip mtu 1500, ip mtu idb Serial0/0/1
current outbound spi: 0x100(256)
inbound esp sas:
inbound ah sas:
spi: 0x100(256)
transform: ah-md5-hmac ,
in use settings ={Transport, }
conn id: 1, flow_id: SW:1, crypto map: (none)
no sa timing
replay detection support: N
Status: ACTIVE
inbound pcp sas:
outbound esp sas:
outbound ah sas:
spi: 0x100(256)
transform: ah-md5-hmac ,
in use settings ={Transport, }
conn id: 2, flow_id: SW:2, crypto map: (none)
no sa timing
replay detection support: N
Status: ACTIVE
outbound pcp sas:
Similar Messages
-
MAC Authentication does not work
My MAC Authentication does not work.
I have a ACS 3.0 server set. the MAC address is set in the user name field and in the password field.
I can ping the ACS, I can ping my AP, I can ping my client.
I don't want WEP and I don't want LEAP just MAC. So I set my authentication to "Open with MAC" My client has WEP set to NO WEP and authentication to OPEN
I have the latest drivers for both AP and my 350 Client.
I see that the client is associating and disassociating back and forth non stop. My AP log is full with the following message:
Station 0009.7c9f.xxxx Authentication failed
this is my config:
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname GOM_1200IOS
aaa new-model
aaa group server radius rad_eap
aaa group server radius rad_mac
server 10.1.2.197 auth-port 1812 acct-port 1812
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa group server radius wlccp_rad_infra
aaa group server radius wlccp_rad_eap
aaa group server radius wlccp_rad_leap
aaa group server radius wlccp_rad_mac
aaa group server radius wlccp_rad_any
aaa group server radius wlccp_rad_acct
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login wlccp_infra group wlccp_rad_infra
aaa authentication login wlccp_eap_client group wlccp_rad_eap
aaa authentication login wlccp_leap_client group wlccp_rad_leap
aaa authentication login wlccp_mac_client group wlccp_rad_mac
aaa authentication login wlccp_any_client group wlccp_rad_any
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa accounting network acct_methods start-stop group rad_acct
aaa accounting network wlccp_acct_client start-stop group wlccp_rad_acct
aaa session-id common
enable secret xxxxxx
username Cisco password xxxx
ip subnet-zero
iapp standby timeout 5
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption key 1 size 40bit 7 9DF1C10BF11A transmit-key
ssid GOM_1230
authentication open mac-address mac_methods
speed basic-1.0 basic-2.0 basic-5.5 basic-11.0
rts threshold 2312
channel 2462
station-role root
no cdp enable
dot1x reauth-period server
dot1x client-timeout 600
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no cdp enable
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 172.16.43.45 255.255.240.0
no ip route-cache
ip default-gateway 172.16.47.254
ip http server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100
ip radius source-interface BVI1
access-list 700 permit 000a.b74c.e8c9 0000.0000.0000
access-list 700 permit 0009.7c9f.d6e0 0000.0000.0000
access-list 700 permit 0006.25b1.2f79 0000.0000.0000
access-list 700 permit 000a.b78b.2d19 0000.0000.0000
access-list 700 permit 000b.5f6e.77c8 0000.0000.0000
access-list 700 deny 0000.0000.0000 ffff.ffff.ffff
access-list 701 deny 000b.5f6e.77c8 0000.0000.0000
access-list 701 permit 0000.0000.0000 ffff.ffff.ffff
no cdp run
snmp-server community GOM_AP1230 RO
snmp-server enable traps tty
radius-server local
group AP1230
user brazil nthash 7 1249523544595F517972017912677A3055325A25770B08770D5C5B4E4478087605 group AP1230
radius-server host 10.1.2.197 auth-port 1812 acct-port 1812 key 7 00233C2B
radius-server retransmit 3
radius-server attribute 32 include-in-access-req format %h
radius-server authorization permit missing Service-Type
radius-server vsa send accounting
bridge 1 route ip
line con 0
line vty 5 15
end
What is wrong?
Thanks very much for your help.I figured out what was wrong so thank you for stopping by.
I will publish the config for other people to see.
Regards, -
NGS Sponsors authentication does not work in case user has non-English character in his password
Hi,
we are using the NAC Guest Server v 2.0.1 and have Sponsors authentication done through Radius servers. Radius servers are Microsoft IAS using AD.
Sponsors user authentication works okay in case user's password includes English characters, but does not work in case an user uses national characters like for example Umlauts in German.
On Radius server I can see these error messages:
User XXXX was denied access.
Reason = Authentication was not successful because an unknown user name or incorrect password was used.
As soon as an user changes his password and uses English characters only, it resolves.
I guess this might be that NGS uses different coding while sending a password to Radius server, but not sure.
Appreciate if anyone knows a root cause and what could be a workaround. Unfortunately our AD policy allows users to use national characters and we can hardly change it. So a change on NGS or Radius side would be more viable.
Many thanks for your help.A case has been opened at Cisco and it is now quite clear that it is a problem with coding.
According to Cisco development team NGS uses UTF-8 coding to send the password, of course encrypted, to the Radius server. This cannot be changed within NGS. We use Radius Microsoft IAS Version 5.2.3790.3959 running on VMWare Windows 2003 SP2. More tests are scheduled to be performed. -
Authentication function not working in APEX but works in pl/sql
Greetings, Jim here.
I have written a very simple authentication funtion which uses the dbms_ldap package to authenticate using the userid and password from the login page.
I've tested this function thru pl/sql and it returns true and false accordingly.
I've created a custom authentication schema and in the authentication function I have return myfunction;
The problem is, when called thru APEX, it appears to always return true and lets the login proceed, even if the password is correct. I know its using the function due to the fact that if I enter a bogus function as the authentication function, APEX spits up a message saying so.
So, I know the function works, but I don't know why it does not work with APEX. Posting function below.
CREATE OR REPLACE FUNCTION ODBS.CUSTAPEXLOGIN (p_username IN VARCHAR2,p_password IN VARCHAR2)
RETURN BOOLEAN AS
retval PLS_INTEGER;
emp_session DBMS_LDAP.session;
ldap_host VARCHAR2(256);
ldap_port VARCHAR2(256);
ldap_user VARCHAR2(256);
ldap_passwd VARCHAR2(256);
ldap_base VARCHAR2(256);
BEGIN
ldap_host := 'oraldap';
ldap_port := '389';
ldap_user := p_username;
ldap_passwd := p_password;
ldap_base := 'cn=users,dc=company,dc=com';
emp_session := DBMS_LDAP.init(ldap_host,ldap_port);
retval := DBMS_LDAP.simple_bind_s(emp_session,('cn=' || ldap_user || ',' || ldap_base),ldap_passwd);
if retval = 0 then
return true;
else
return false;
end if;
EXCEPTION
WHEN OTHERS THEN
begin
if sqlcode = -31202 then
return false;
end if;
end;
END;
/Hi Jim,
Can you clarify this -
The problem is, when called thru APEX, it appears to always return true and lets the login >proceed, even if the password is correctThat implies you're saying your authentication function ALWAYS returns true? Is that correct? Also 'even if the password is correct' doesn't read correctly to me, did you mean 'even if the password is incorrect'?
You then say -
now the function works, but I don't know why it does not work with APEX.So by 'does not work' you mean in APEX it is always returning true therefore allowing you to login regardless of the username/password you use? Is that correct? -
Client Authentication is not working
Hi all..
I have developed a web service with server and client authentication.. I had configured OC4J 10g successfully for client authentication but the problem is: I can NOT access the webservice from the browser the server says: no_certificate. the stub client works properly. I tried to install the certificate into IE explorer but it is not working. please help me ... Thanks in advance
KhaledHi
How did you implement your solution to work with a client? I'm trying to authenticate users that try to access a webservice with basic authentication but I can't seem to make it work...
Thanks in advanced
Vitor -
CE7305 - Transparent mode authentication does not work.
Hi,
Im doing a trial content engine 7305 for my customer. Everything worked well so far with the box except with the authentication feature.
Authentication work well on proxy mode but when I turned it on with transparent mode it does not work. My customer is using LDAP for user authentication.
I suspect there is something that I did not turn on in the configuration.
Attached herewith is the show tech of the Cisco 7305 content engine.
Please advise!
Thanks in advance,
Raymond HewHi Zach,
My customer is using Novell LDAP.
Right at the moment the CE is already working with the auth. after rebooted the CE 7305. Just can't explain why but it works after rebooting.
Thanks for your fast respond.
Best regards,
Raymond Hew -
Pl/sql Custom Authentication is not working. DADs.conf is fine.
Hi All,
We have configured authentication mode to customowa in the dads.conf. same configuration is working in one instance, while it is not working on other instance.
Please advice me to find the solution.
Error message from the error_log is as follows.
mod_plsql: /imguat/mvt_cover_page.Instructions HTTP-403 ORA-0
Enabled the debug on in plsql.conf
the log file shows the following information.
if (owa_custom.authorize = TRUE) then
:authorized := 'yes';
else
:authorized := 'no';
end if;
:realm := owa.protection_realm;
end; successfully executed
<835614824 ms>(wpca.c,389) wpcaexe: function owa_custom.authorize returned no
<835614824 ms>(wpca.c,391) wpcaexe: Auth Realm set to
<835614824 ms>(wpcs.c, 77) Executed 'begin dbms_session.reset_package; end;' (rc=0)
<835614824 ms>(wpca.c,215) wpcauth: authorize returned 0
<835614824 ms>Custom auth failed without setting realm
<835614824 ms>/imguat/MVT_Web_Style.Style2 HTTP-403 ORA-0
Your help is highly appreciated.
Regards
Jaani.Hi All,
We have configured authentication mode to customowa in the dads.conf. same configuration is working in one instance, while it is not working on other instance.
Please advice me to find the solution.
Error message from the error_log is as follows.
mod_plsql: /imguat/mvt_cover_page.Instructions HTTP-403 ORA-0
Enabled the debug on in plsql.conf
the log file shows the following information.
if (owa_custom.authorize = TRUE) then
:authorized := 'yes';
else
:authorized := 'no';
end if;
:realm := owa.protection_realm;
end; successfully executed
<835614824 ms>(wpca.c,389) wpcaexe: function owa_custom.authorize returned no
<835614824 ms>(wpca.c,391) wpcaexe: Auth Realm set to
<835614824 ms>(wpcs.c, 77) Executed 'begin dbms_session.reset_package; end;' (rc=0)
<835614824 ms>(wpca.c,215) wpcauth: authorize returned 0
<835614824 ms>Custom auth failed without setting realm
<835614824 ms>/imguat/MVT_Web_Style.Style2 HTTP-403 ORA-0
Your help is highly appreciated.
Regards
Jaani. -
IP Address Changed on my AD - Now Authentication is not Working
I got a new service provider for my home network, and as a result their router provided a new set of IP addresses. My home network is supported by an OD running on Mac OS X Server v 10.4.11. The laptops in the house seem to be OK, but my main machine (Mac Pro) and two others can no longer authenticate, and therefore cannot be used by anyone but their local admin accounts. All of my user info came from the OD. I went through the process of changing the DNS services on the Mac Server, and it seems to be working properly. And I have removed the old LDAP Path on the client computers, and re-initiated it. But I'm not having any success. I'm guessing that the problem may be in the actual data stored in the LDAP database (since I would likely now have a new Kerberos key, but am reluctant to attempt to recreate it, for fear of losing access to critical data under my regular login accounts.
Can anyone point me to some documentation on how to handle a change of IP address on a Mac OS X server (which is my only server on this network).? I have obviously missed something - either on the server - or on the clients - or both.
Thanks,
C.1. There are No Tickers Available (I assume that any previous ones were wiped, when I removed and then re-created the client's directory entry through the Directory Utility.)
The tickets will be generated the first time that you login to an OD server that has Kerberized services and will be used to access all services on the server that require authentication, if so configured, and will remain until you logout or the ticket expires. If you login to a client Mac as a local user and connect to the server as described previously, do you get the Kerberos login dialog, which will have the realm listed, or the standard login dialog?
2. When I try to create a new ticket, I get the dialog box, but cannot continue because the drop down for the REALM is blank.
The realm would be something on the order of, YOURSERVER.YOURDOMAIN.TLD. If the realm is not showing in Kerberos.app, then the client is not bound -or is incorrectly bound- to the server. Check your Server Admin app to see if Kerberos is running or not. Highlight the 'Open Directory' item under your server -it should show on the right as 'Running' or 'Stopped'. -
Client Authentication certificate not working in ADFS3.0
Hi,
I am currently working on integrating ADFS 3.o for Single Sign On to some 3rd party services along with PKI solution. The basic requirement is that I should be able to choose client authentication certificate as an authentication method in ADFS and then
federate user credentials to 3rd party trust for single-sign-on.
I had done this successfully with ADFS 2.0 and that setup is working fine. I have the setup as ADFS 3.0 client authentication method enabled. When I open browser to logon, the ADFS 3.0 page displays a message as "Select a certificate that you want to
use for authentication. If you cancel the operation, please close your browser and try again." but the certificates are not displayed for selection.
The certificates are valid and have valid chaining to CA. Could someone help me resolve this issue?
Thanks!
-Chinmaya KarveI am also having this problem where the certificate dialog (Windows Security is usually the title) is never prompted to the user. I tried it on several computers which are all part of the domain. The same computers can also login on another ADFS, so I have
working certificates.
I just get a page where a text says I should select a certificate but I never get the dialog to do so.
Any updates on this issue? -
Monitor OSPFv3 via SNMP not working - Is OSPFv3 MIB supported?
I need to be able to query the OSPFv3-MIB via SNMP to track the status of OSPFv3.
I have setup a 3945 router in a test lab network and I have configured it in an Ipv6 network with OSPFv3. The router has an active OSPFv3 neighbor and I can use that neighbor to send/receive data (the routing is working fine). However, when I walk the SNMP MIBs I don't get a response for the OSPFv3-MIB. According to the Cisco SNMP Object Navigator this MIB should be located at 1.3.6.1.3.102.*. Below is an example trying to query a particular OID from the OSPFv3 MIB.
C:\>snmpwalk -v 2c -c public 197.16.18.1 1.3.6.1.3.102.1.5.1.8
SNMPv2-SMI::experimental.102.1.5.1.8 = No Such Object available on this agent at this OID
I can walk other parts of the MIB (For example the OSPFv2 MIB) and get responses, so I know the router has SNMP turned on.
Looking at the Cisco IOS Mib Locator tool (http://tools.cisco.com/ITDIT/MIBS/MainServlet?IMAGE_NAME=c3900-universalk9-mz.SPA.152-4.M3.bin) for the current software version I am running (c3900-universalk9-mz.SPA.152-4.M3.bin) on a 3945 router it claims that the OSPFv3 MIB is supported in this image.
Maybe I need to configure something else? Maybe my SW doesn't really support this MIB? Could it be that I have to query the router over Ipv6 to get the OSPFv3-MIB (I have only been trying Ipv4)?Hi ,
As Vinod suggested , you need to configure the "SNMP CONTEXT"
Configure:
==========
Basic configuration consists of 4 steps:
Configure mapping between VRF name and SNMP context :
snmp-server vrf <vrf_1> context <context_1>
Create community string corresponding to the VRF :
snmp-server community <vrf_1> RW
Define context string
snmp-server context <context_1>
Configure mapping between context and community:
snmp-server community-map <vrf_1> context <context_1>
(optional) Configure snmp server traps for this VRF community
snmp-server host <IP> traps version 2c <vrf_1>
For e.g:
snmp-server vrf miki
context miki_bgp
snmp-server community miki RW
snmp-server context miki_bgp
snmp-server community-map miki context miki_bgp
Hope it will help
Thanks-
Afroz
***Ratings Encourages Contributors *** -
RV220W 1.0.6.6 IPv6 Tunnelbroker tunnel is not working
With firmware 1.0.4.17 I have had our IPv6 tunnel working fine for a couple of years but it does not seem to work after upgrading to firmware 1.0.6.6
I have followed the instructions in 43132-Connecting_RV220W_to_an_IPv6_Tunnel_broker.pdf to no avail.
Has anybody been able to run an IPv6 6in4 tunnel with a firmware later than 1.0.4.17 and if yes, how ?
This is also a question to CiscoI don't recall on which firmware version I set up the tunnel, but anyway I have fallen back to 1.0.4.17 with a factory reset.
It may be important to follow the instructions in https://supportforums.cisco.com/sites/default/files/legacy/2/3/1/43132-Connecting_RV220W_to_an_IPv6_Tunnel_broker.pdf in the proper sequence.
Pay attention to the two entries (different types) in the Advertisement Prefixes section.
In the Tunneling section your tunnelbroker IP-adress will not show up in the IPv6 Tunnel Status Table. I have enabled and entered the Remote End Point IPv4 Address. -
BPELConsole Authentication is not working. Can't log in to BPEL Console
I have installed the SOA Suite 10.1.3.10 which I have downloaded from OTN. I have selected the Standard Install and the installation was successful. I can start the SOA Suite without any problem. I can access the Oracle Application Server 10g Release 10.1.3.10 page.
But when I click the BPEL Console (or any other link such as ESB Console) link from the right it opens a new window asking me to enter the username and password.
After entering the username as oc4jadmin and the correct password which was specified as part of the installation, nothing happens and the Username/Password screen is displayed again without any error message. I have tried entering the username/password combination for more than 5 times and nothing happens. It appears that the web page is not communicating to the authentication server. Otherwise it should display an error if the password or username is not valid.
I have checked the log files and can't find anything wrong. I have even disabled the firewall, but still get the same problem. I'm using Windows XP professional on a HP notebook which has 2GB RAM.
I have re-installed the product three times and the same problem exists.
Any help or ideas would be appreciated.
Thanks
MahaI think the problem could be linked to the computer name. If I start the OAS Welcome page using localhost ie., http://localhost:8888 and click the BPELConsole then the URL shows http://localhost:8888/BPELConsole. With this, the username/password works.
In one of the old posts in the forum the people have complained that having an underscore in the computer name ie., xxx_yyy causes this problem. I haven't tried chaging the computer name, but the localhost works.
All the controls are working with localhost, but I have issues with the "Application Server Control". After accepting the oc4jadmin/<password> it comes up with an error asking me to "Supply Administration Credentials". The screen shows the username/password fields with the "Store Credentials" button. It also states that I have logged in as "oc4jadmin". The error message is shown below.
++++++++
This OC4J is configured to make JMX connections via RMIS and fall back to RMI if the RMIS port is not configured. The RMIS connection on the OC4J instance home on Application Server shara.SHARA_HP is configured but a connection could not be established. The JMX protocol is specified by the oracle.oc4j.jmx.internal.connection.protocol property in opmn.xml
+++++
I don't know whether I need to set the URL to localhost in any of the config files.
Has any one encountered this issue?
I will check search the forum and then post a new message for this issue.
Thanks for all the responses for the original problem. -
Roles authenticed externally not working
i have created a role OPS$dummy which is authenticated externally..
i have also set the initialization paramters os_roles and remote_os_roles to true
but now when i manually try to set the role at the client side it says
ora 01989 role ops$dummy not authorized by operating system.
please guys can you just guide to solve this problem...oracle linux 5... any how got the solution... i created groups on teh server and then added the users to that... it worked..
can this os_authent_prefix value be added to the name of the role at the beggining... -
Web Service Call with Basic Authentication does not work
If I try to use Basic Authentication in my Web Service Client with the automatically created methods
setUsername(inUserName)
setPassword(inPassword)
setAddress(inAddress)
the application does not make a call. Did I forget something?
Is it possible to use "Test Method" with Basic Authentication?
Thank you.Thank you for your answer.
But: I already read this article. And it doesn't help me.
I use the following code:
getMyServiceClient1().setUsername(inUserName);
getMyServiceClient1().setPassword(inPassword);With this code I always get a java.lang.NullPointerException.
The methods setUsername and setPassword are definded as follows:
public void setUsername(String inUserName) {
myStub._setProperty(Stub.USERNAME_PROPERTY, inUserName);
public void setPassword(String inPassword) {
myStub._setProperty(Stub.PASSWORD_PROPERTY, inPassword);
}But if I look at the methods which are generated automatically by Sun Java Studio Creator I cannot find _setProperty.
I also found this thread in your forum:
http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=54773 -
Cisco Wireless AP 2602 - Web Authentication/Pass NOT working?
Product/Model Number:
AIR-CAP2602E-A-K9
Top Assembly Serial Number:
System Software Filename:
ap3g2-k9w7-xx.152-4.JB3a
System Software Version:
15.2(4)JB3a
Bootloader Version:
BOOTLDR: C2600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JA1, RELEASE SOFTWARE (fc1)
When "Web Authentication/Pass" option checked, it is totally unaccessible to internal or external network, any clue/advice?
Thanks in advance.Thanks, seems I missed the RADIUS part; after I done that it's still no luck, here are some tech support info, are you able to help?
------------------ show version ------------------
Cisco IOS Software, C2600 Software (AP3G2-K9W7-M), Version 15.2(4)JB3a, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Mon 23-Dec-13 08:11 by prod_rel_team
ROM: Bootstrap program is C2600 boot loader
BOOTLDR: C2600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JA1, RELEASE SOFTWARE (fc1)
WuGa-CiscoAP uptime is 3 days, 19 minutes
System returned to ROM by power-on
System restarted at 23:18:39 +0800 Mon Feb 10 2014
System image file is "flash:/ap3g2-k9w7-mx.152-4.JB3a/ap3g2-k9w7-xx.152-4.JB3a"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-SAP2602E-A-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FGL1650Z5X3
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: E0:2F:6D:A3:4D:0B
Part Number : 73-14511-02
PCA Assembly Number : 800-37898-01
PCA Revision Number : A0
PCB Serial Number : FOC164889AN
Top Assembly Part Number : 800-38357-01
Top Assembly Serial Number : FGL1650Z5X3
Top Revision Number : A0
Product/Model Number : AIR-CAP2602E-A-K9
Configuration register is 0xF
------------------ show running-config ------------------
Building configuration...
Current configuration : 5276 bytes
! Last configuration change at 23:36:14 +0800 Thu Feb 13 2014
! NVRAM config last updated at 23:36:14 +0800 Thu Feb 13 2014
! NVRAM config last updated at 23:36:14 +0800 Thu Feb 13 2014
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
hostname WuGa-CiscoAP
logging rate-limit console 9
enable secret 5
aaa new-model
aaa group server tacacs+ tac_admin
aaa group server radius rad_eap
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login webauth group radius
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login web_list group radius
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
clock timezone +0800 8 0
no ip cef
ip admission name webpass consent
ip admission name webauth proxy http
ip admission name webauth method-list authentication web_list
ip admission name web_auth proxy http
ip admission name web_auth method-list authentication web_list
ip admission name web-auth proxy http
ip admission name web-auth method-list authentication web_list
ip name-server 8.8.8.8
dot11 syslog
dot11 vlan-name GuestVLAN vlan 2
dot11 vlan-name InternalVLAN vlan 1
dot11 ssid Guest
vlan 2
web-auth
authentication open
mbssid guest-mode
dot11 ssid WuGa-6
vlan 1
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 0211115C0A555C721F1D5A4A5644
dot11 ssid WuGa-60
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 7 03084C070900721F1D5A4A56444158
dot11 guest
username wuga lifetime 360 password 7 030D5704100A36594908
username Cisco privilege 15 password 7
bridge irb
interface Dot11Radio0
no ip address
encryption mode ciphers aes-ccm
encryption vlan 1 mode ciphers aes-ccm
ssid Guest
ssid WuGa-6
antenna gain 2
stbc
mbssid
speed basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23.
channel 2452
station-role root
dot11 dot11r pre-authentication over-air
dot11 dot11r reassociation-time value 500
ip admission web-auth
interface Dot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0.2
encapsulation dot1Q 2
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 spanning-disabled
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
ip admission webauth
interface Dot11Radio1
no ip address
encryption mode ciphers aes-ccm
encryption vlan 1 mode ciphers aes-ccm
ssid WuGa-60
antenna gain 4
peakdetect
no dfs band block
stbc
speed basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23.
power local 5
channel width 40-above
channel dfs
station-role root
dot11 dot11r pre-authentication over-air
dot11 dot11r reassociation-time value 500
interface Dot11Radio1.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface GigabitEthernet0
no ip address
duplex auto
speed 1000
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
interface GigabitEthernet0.2
encapsulation dot1Q 2
bridge-group 2
bridge-group 2 spanning-disabled
no bridge-group 2 source-learning
interface BVI1
ip address 192.168.133.213 255.255.255.0
ip default-gateway 192.168.133.200
ip forward-protocol nd
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip route 0.0.0.0 0.0.0.0 192.168.133.200
ip radius source-interface BVI1
ip access-list extended ALL
permit ip any host 0.0.0.0
permit ip any any
permit ip 0.0.0.0 255.255.255.0 any
ip access-list extended All
permit tcp any any established
permit tcp any any eq www
permit ip any any
radius-server local
nas 192.168.133.213 key 7 070C285F4D06
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
radius server 192.168.10.2
address ipv4 192.168.10.2 auth-port 1812 acct-port 1646
radius server local
address ipv4 192.168.133.213 auth-port 1812 acct-port 1813
key 7
bridge 1 route ip
line con 0
terminal-type teletype
line vty 0 4
terminal-type teletype
transport input all
sntp server 128.138.141.172
sntp broadcast client
end
Maybe you are looking for
-
How to see if a program is running?
Hello, I need to implement a program that checks if a program called "Thing.exe" is runing. If it is not running it launches "Thing.exe" and if it is kills "Thing.exe". This is the first time I have to program something like this in java and I'm lost
-
Ziio: Composite video out?
In the initial specsheets released for the Ziio 7" a composite video out was mentioned. It seems that the current specs does not mention this? Is composite video out present on current Ziio's? /lars
-
Using Developer against DB2 on OS/390
I have read the document "Using Oracle Developer and the Oracle Open Client Adapter to access ODBC Data Sources". There is a chapter on how to use Developer agasint DB2/400. Is there information on how to use Oracle Developer gainst DB2 running on ma
-
JavaPOS for Ingenico Device Programming
Hi.. has any body done... or have any idea about JavaPOS? Actually I have some problem in developing the forms which are to be displayed on the device. In the device we use JavaPOS. It contains some Reference Path Convention->JavaPOS . But the device
-
Hi, Is it possible to create subreport in a subreport.I m using CR 2008 version.If yes, then please help me . If no, then is there any workaround for this. Thnx