Is IOS FW Proxy Authentication Compatible w/ HTTPS server?

Similar Messages

• Connection timeout when using iPlanet web-server uses Weblogic 6.1 proxy server to proxy requests to an HTTP server

  Hi all,
  My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
  6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
  for 120 seconds. This causes Weblogic to timeout after a while. The error I get
  is as follows:
  <Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
  java.net.ConnectException: Connection timed out
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
  at java.net.Socket.<init>(Socket.java:273)
  at java.net.Socket.<init>(Socket.java:127)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
  at weblogic.net.http.HttpClient.New(HttpClient.java:149)
  at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
  at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
  t.java:285)
  at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
  >
  I get the same error when I added the following plug-in configuration parameters
  (in obj.conf):
  ConnectTimeoutSecs="170" ConnectRetrySecs="170".
  What do I need to do to extend this timeout? Any help you can provide will be
  greatly appreciated..
  Thanks
  Manish

  Hi all,
  My configuration is as follows: I have an iPlanet web-server that uses a WebLogic
  6.1 (sp1) server to proxy requests to another HTTP server. The HTTP request runs
  for 120 seconds. This causes Weblogic to timeout after a while. The error I get
  is as follows:
  <Aug 25, 2003 3:37:09 PM GMT+00:00> <Warning> <HttpClient> <Couldn't open connection
  java.net.ConnectException: Connection timed out
  at java.net.PlainSocketImpl.socketConnect(Native Method)
  at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:320)
  at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:133)
  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:120)
  at java.net.Socket.<init>(Socket.java:273)
  at java.net.Socket.<init>(Socket.java:127)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:194)
  at weblogic.net.http.HttpClient.openServer(HttpClient.java:254)
  at weblogic.net.http.HttpClient.<init>(HttpClient.java:117)
  at weblogic.net.http.HttpClient.New(HttpClient.java:149)
  at weblogic.net.http.HttpURLConnection.connect(HttpURLConnection.java:109)
  at com.db.gmr.dcm.DebtIssueServlet.getVectorFromConnection(DebtIssueServle
  t.java:285)
  at com.db.gmr.dcm.IssuesUSThread.run(IssuesUSThread.java:29)
  >
  I get the same error when I added the following plug-in configuration parameters
  (in obj.conf):
  ConnectTimeoutSecs="170" ConnectRetrySecs="170".
  What do I need to do to extend this timeout? Any help you can provide will be
  greatly appreciated..
  Thanks
  Manish

• Weblogic certificate is not being authenticated in Oracle HTTP Server

  I am using Oracle HTTP Server with SSL and mod_proxy set up trying to pass a url through to the weblogic server. I start with my OHS url in the browser and the proxy is switches to the url to weblogic but I get the following error on the OHS side:
  [2011-12-22T18:40:09.4683-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-2077] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] nzos proxy handshake error, nzos_Handshake returned 29024(server social.us.oracle.com:443, client 10.139.164.191)
  [2011-12-22T18:40:09.4683-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-2171] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] NZ Library Error: Invalid X509 certificate chain [Hint: the client probably doesn't provide a valid client certificate]
  [2011-12-22T18:40:09.4685-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-9999] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] (20014)Internal error: proxy: pass request body failed to 10.139.164.191:7001 (denovm11-1.us.oracle.com)
  [2011-12-22T18:40:09.4685-07:00] [OHS] [INCIDENT_ERROR:32] [OHS-9999] [core.c] [host_id: denovm11-6] [host_addr: 10.139.164.196] [tid: 1155799360] [user: root] [ecid: 004hBXzInYHEOPb_THt1ic0007DM000002] [rid: 0] [VirtualHost: social.us.oracle.com:443] proxy: pass request body failed to 10.139.164.191:7001 (denovm11-1.us.oracle.com) from 10.139.164.196 ()
  And the following error on the weblogic side:
  ####<Dec 22, 2011 6:40:10 PM MST> <Warning> <Security> <denovm11-1> <AdminServer> <[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <8e6c6502a1af117a:4eeee51e:13466bb040d:-8000-000000000000a764> <1324604410502> <BEA-090482> <BAD_CERTIFICATE alert was received from denovm11-6.us.oracle.com - 10.139.164.196. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.>
  Here is my ssl.conf from OHS:
  # Oracle HTTP Server mod_ossl configuration file: ssl.conf #
  # OHS Listen Port
  Listen 443
  <IfModule ossl_module>
  ## SSL Global Context
  ## All SSL configuration in this context applies both to
  ## the main server and all SSL-enabled virtual hosts.
  # Some MIME-types for downloading Certificates and CRLs
  AddType application/x-x509-ca-cert .crt
  AddType application/x-pkcs7-crl .crl
  # Pass Phrase Dialog:
  # Configure the pass phrase gathering process.
  # The filtering dialog program (`builtin' is a internal
  # terminal dialog) has to provide the pass phrase on stdout.
  SSLPassPhraseDialog builtin
  # Inter-Process Session Cache:
  # Configure the SSL Session Cache: First the mechanism
  # to use and second the expiring timeout (in seconds).
  SSLSessionCache "shmcb:${ORACLE_INSTANCE}/diagnostics/logs/${COMPONENT_TYPE}/${COMPONENT_NAME}/ssl_scache(512000)"
  SSLSessionCacheTimeout 300
  # Semaphore:
  # Configure the path to the mutual exclusion semaphore the
  # SSL engine uses internally for inter-process synchronization.
  <IfModule mpm_winnt_module>
  SSLMutex "none"
  </IfModule>
  <IfModule !mpm_winnt_module>
  SSLMutex pthread
  </IfModule>
  ## SSL Virtual Host Context
  <VirtualHost *:443>
  <IfModule ossl_module>
  # SSL Engine Switch:
  # Enable/Disable SSL for this virtual host.
  SSLEngine on
  # Client Authentication (Type):
  # Client certificate verification type and depth. Types are
  # none, optional and require.
  SSLVerifyClient none
  # SSL Cipher Suite:
  # List the ciphers that the client is permitted to negotiate.
  SSLCipherSuite SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA
  # SSL Certificate Revocation List Check
  # Valid values are On and Off
  SSLCRLCheck Off
  #Path to the wallet
  SSLWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"
  <FilesMatch "\.(cgi|shtml|phtml|php)$">
  SSLOptions +StdEnvVars
  </FilesMatch>
  <Directory "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/cgi-bin">
  SSLOptions +StdEnvVars
  </Directory>
  BrowserMatch ".*MSIE.*" \
  nokeepalive ssl-unclean-shutdown \
  downgrade-1.0 force-response-1.0
  </IfModule>
  <IfModule proxy_module>
  ProxyRequests Off
  <Proxy *>
  Order deny,allow
  Allow from all
  </Proxy>
  # Path to the wallet
  SSLProxyWallet "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"
  SSLProxyEngine on
  SSLProxyVerify none
  # ottest : denovm11-1
  ProxyPass /test https://abc.us.oracle.com:7001/test
  ProxyPassReverse /test https://abc.us.oracle.com:7001/test
  </IfModule>
  </VirtualHost>
  </IfModule>
  On the OHS side I have all the certificates needed so SSL is working properly. The weblogic environment is currently working fine with other webgates, but those are apache and we are trying to switch to OHS.
  Can OHS use mod_proxy to connect to weblogic or do I need to use mod_wl_ohs?
  Does anyone see anything wrong in my ssl.conf file in regards to the proxy section.
  Thanks in advance.

  In summary:
  You need to create a new wallet with CSR (certificate signing req)
  Send this to your certificate authority and get the signed server certificate.
  Now import the signed server cert and the trusted root cert in to the wallet that you created newly.
  Modify ssl.conf to point to the new wallet location.
  To create wallet refer to : http://docs.oracle.com/cd/E25054_01/core.1111/e10105/wallets.htm#CHDGIJDC
  Further reference: http://docs.oracle.com/cd/E25054_01/core.1111/e10105/sslconfig.htm#CBDGIJDF
  Dont mind if this doc is 500 pages ;)

• Proxy authontication popup for Https is not getting displayed

  Hi,
  We have proxy server in java, and it should ask for the authentication, while using old versions of IE (IE6), opera we get proper proxy authentication prompt for Https as well as Http request.
  But with the new version of browser IE8, Firefox 2, ... 3 we are not getting the Proxy authentication prompt for the Https request only (for http its working fine)
  Actually the proxy server ask for authentication for the every first request only, but if the first request is Https then it fails with 407 error, as per the logic whenever we set response.setStatus("407"); response.setMessage("Proxy authentication required"); it should prompt for the proxy authentication and its working fine for old browsers and for Http request but its not working for new browser with Https request
  Could you please provide some information on how to achieve proxy authentications for Https and new versions browsers.
  Following are the code used for it
  /*ResponseProcessor.java*/
       public static Response createResponse(ScriptableConnection connection, String message) {
            Response response = new Response();
            Request request = connection.getRequest();
            response.setRequest(request);
            if (message.equals(SPConstants.TECHNICAL_ISSUES)) {
                 response.setContent(message.getBytes());
            if (message.equals(SPAuthorizationConstants.INVALID_CREDENTIALS)) {
                 //response.setVersion(request.getVersion());
                 response.setHeader("Proxy-Authenticate", "Basic");
                 response.setStatus("407");
                 response.setMessage("Proxy authentication required");
                 if (request.getHeader("Proxy-Authorization") != null) {
                      response.setContent(message.getBytes());
                 return response;
            return response;
  /*ConnectionHandler.java */
  public void run() {
  String authorizationStatus = RequestProcessor.checkUserPreRequiste(request,user,ticket,statusVisitor); //SP CODE
                      if(authorizationStatus.equals(SPAuthorizationConstants.USER_IS_AUHTORIZED)) { //SP CODE
                               try {
                                    response = hc.fetchResponse(request);
                                    if (response.getRequest() != null)
                                         request = response.getRequest();
                                               }catch........
                     } finally {
                 try {
                      if (_clientIn != null)
                           _clientIn.close();
                      if (_clientOut != null)
                           _clientOut.close();
                      if (_sock != null && !_sock.isClosed()) {
                           _sock.close();
                 } catch (IOException ioe) {
                      _logger.warning("Error closing client socket : " + ioe);
  .......Thanks in advance,
  Sachin

  Hi
  Follow the steps
  In your current view where you create your Popupwindow; create a model attribute name "popWin" of type IWDWindow;
  In code;after creating the popup window assign window object to the context element
  IWDWIndow window = WDComponentAPI.getWindowManager().createWindow( WindowInfo, true);
  wdContext.currentContextElement.setpopWin( window);
  At the Popup window view; create a model attribute name popWin of type IWDWindow and map it with the one that created before.
  set the code on btnaction
  IWDWindow popwin = (IWDWindow)wdContext.currentContextElement().getPopWin();
  popwin.destroyInstance();
  This will work
  Regards
    - Vinod
  Edited by: Vinod V on Mar 3, 2008 7:21 PM

• Invalid Response Code: (407) Proxy Authentication Required

  Hi all,
  I have created a EJB that will access an external webservice to receive data and will display it in a jsp. But when i call it, i get the folllowing error-
  com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeExcpetion: Invalid Response Code: (407) Proxy
  Authentication Required (The ISA Server requires authorization to fulfill the request. Access to the Web Proxy is denied)
  I have already set the proxy user name and password in <i>visual admin</i> under <i>destinations</i> and also under <i>Web Services Container->Runtime->Settings</i>. Still i get this error. I checked a couple of threads here, that answer to my problem, but none helped! Am i missing something?
  Thanks in advance,
  Swarna

  Hi Swarna
  What is the patch level that you are running on?
  May be the "auth-scheme" element required by the HTTP specification is missing in the "Proxy-Authorization" HTTP header.
  I think that the solution is there in the new support packages or the patch update.
  Please check out the latest support packages and apply them.
  This should solve your problem.
  Regards
    Sumit Jain
  **Reward with points if useful

• Proxy authentication with WebStart

  I am trying to understand how WebStart handles proxy authentication for HTTP between my WebStart client and the server.
  WebStart prompts the user for the proxy userid/password when my application starts. This occurs when WebStart attempts to download the jars.
  However, now my application starts and wants to start communicating with the host. I am using URLConnection to make HTTP requests back to the same server.
  My question is: "How does WebStart help with the proxy authentication for MY http requests?"
  Does it insert the correct Authentication header on every HTTP request I create?

  I am trying to understand how WebStart handles
  WebStart prompts the user for the proxy
  userid/password when my application starts. This
  occurs when WebStart attempts to download the jars.
  However, now my application starts and wants to start
  communicating with the host. I am using URLConnection
  to make HTTP requests back to the same server.
  My question is: "How does WebStart help with the proxy
  authentication for MY http requests?"
  Does it insert the correct Authentication header on
  every HTTP request I create?Let's split this in two topics.
  1. How is proxy authenication supposed to work
  2. What does Web Start
  Easiest way to figure out Web Start's behaviour is to do some network monitoring. On a Unix box use something like tcpdump to monitor the raw packet traffic and strings|grep for URLs. (There is more advanced monitor software available). Fire up Web Start, authenticate. Watch. You need admin priviledges of course.
  Second method would be to analyse Web Start sources, which is available under the Sun community license.
  Now comes the interesting question, who proxy authentication is supposed to work.
  I had this problem some years ago, when our application was tested from within a corporate network that used a proxy that demanded authentication.
  The tricky part was, that our database server asked for an authentication too!
  So one would have to provide a (user:password) pair to the proxy and another (user:password) pair to the web server in front of the database.
  At that time I found no solution.
  To my best knowledge there is only one http-authentication header in the HTTP header section possible, that carries the base64 encoded (user:password) pair. But I would need two and some means to tell which header of the two is for the proxy and which for the destination web server.
  Second, HTTP is a stateless protocol. This means every HTTP request has no state in common with the HTTP requests before and after.
  Analysis of the just open sourced Mozilla code base showed that Netscape handles proxy authentication against this design rule. Netscpae just issues the same HTTP request for the doc two times. The first time with authentication for the proxy, then the proxy seems to memorize that particular request (so much for the statelessness), and when Netscape fires the second HTTP request, this time with authentication for the destination server, the proxy just lets this request through (BIG BIG security hole here) and the authentication is not fished out by the proxy but will arrive at the destination server.
  I was not able to find out at that time, if this behaviour was handled by any standard/RFC. What would happen if 5 proxies with authorization request were between me and the target server?
  Hope this helps somehow.
  Marc

• 3500XL HTTP server

  I have a few old switches being used for ilo. A scan found an http injection vulnerability. I need to disabled the http server on these switches but I can't for life of me figure out how they are enabled... There are three switches configured like this. All of them share the same config minus the obvious stuff. They are not part of a cluster.
  At any rate, pointing a browser to the vlan 2 interface IP results in success. I don't see anything about ip http
  Any ideas on how to disable something that isn't enabled?
  Building configuration...
  Current configuration:
  version 12.0
  no service pad
  service timestamps debug uptime
  service timestamps log uptime
  service password-encryption
  hostname BCA-ILO-1
  enable password 7 014254115502151632
  username scan.admin privilege 15 password 7 053D0F042842491A2A101419
  clock timezone CST -6
  clock summer-time CDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
  no spanning-tree vlan 205
  no spanning-tree vlan 208
  no spanning-tree vlan 216
  no spanning-tree vlan 218
  no spanning-tree vlan 220
  no spanning-tree vlan 222
  no spanning-tree vlan 228
  no spanning-tree vlan 230
  no spanning-tree vlan 242
  no spanning-tree vlan 300
  ip subnet-zero
  no ip finger
  udld enable
  interface FastEthernet0/1
   description ISL trunk to BCA-3750
   port group 1
   switchport trunk encapsulation dot1q
   switchport mode trunk
  interface FastEthernet0/2
   description ISL trunk to BCA-3750
   port group 1
   switchport trunk encapsulation dot1q
   switchport mode trunk
  interface FastEthernet0/3
   switchport access vlan 87
  interface FastEthernet0/4
   description APPCLSTR-PROD-3 iLO
   switchport access vlan 87
  interface FastEthernet0/5
   switchport access vlan 87
  interface FastEthernet0/6
   switchport access vlan 87
  interface FastEthernet0/7
   switchport access vlan 87
  interface FastEthernet0/8
   switchport access vlan 87
  interface FastEthernet0/9
   description LEMSJX-PROD-1 iLO
   switchport access vlan 87
  interface FastEthernet0/10
   description LEMSJX-PROD-2 iLO
   switchport access vlan 87
  interface FastEthernet0/11
   description LEMSJX-TEST-1 iLO
   switchport access vlan 87
  interface FastEthernet0/12
   description LEMSJX-TEST-2 iLO
   switchport access vlan 87
  interface FastEthernet0/13
   switchport access vlan 87
  interface FastEthernet0/14
   switchport access vlan 87
  interface FastEthernet0/15
   switchport access vlan 87
  interface FastEthernet0/16
   switchport access vlan 87
  interface FastEthernet0/17
   switchport access vlan 87
  interface FastEthernet0/18
   switchport access vlan 87
  interface FastEthernet0/19
   switchport access vlan 87
  interface FastEthernet0/20
   switchport access vlan 87
  interface FastEthernet0/21
   switchport access vlan 87
  interface FastEthernet0/22
   switchport access vlan 87
  interface FastEthernet0/23
   switchport access vlan 87
  interface FastEthernet0/24
   description BEAST-PROD-1
   switchport access vlan 87
  interface GigabitEthernet0/1
   shutdown
  interface GigabitEthernet0/2
   shutdown
  interface VLAN1
   no ip address
   no ip directed-broadcast
   no ip route-cache
   shutdown
  interface VLAN90
   ip address 10.34.90.236 255.255.255.0
   no ip directed-broadcast
   no ip route-cache
  interface VLAN91
   no ip directed-broadcast
   no ip route-cache
   shutdown
  ip default-gateway 10.34.90.1
  snmp-server engineID local 0000000902000009433F5100
  snmp-server community 
  snmp-server location 
  snmp-server contact 
  snmp-server chassis-id 
  banner motd ^C
  line con 0
   exec-timeout 60 0
   password 7 00074215070B
   login
   transport input none
   stopbits 1
  line vty 0 4
   exec-timeout 60 0
   password 7 00074215070B
   login
  line vty 5 15
   exec-timeout 60 0
   password 7 121A5404115B
   login
  ntp authentication-key 1 md5 045802150C2E01401D09 7
  ntp authenticate
  ntp trusted-key 1
  ntp clock-period 11259627
  ntp server  key 1
  ntp server  key 1 prefer
  end

  Hi Richard,
  I have one customer using an old 3524XL running c3500xl-c3h2s-mz.120-5.WC17.bin. This IOS does have the no ip http server that is included in more modern switches; after applying the command it did turn off the web server. What IOS are you running? Here is the output for this switch:
  CCT-3524XL#show ver
  Cisco Internetwork Operating System Software
  IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)WC17, RELEASE SOFTWARE (fc1)
  Copyright (c) 1986-2007 by cisco Systems, Inc.
  Compiled Tue 13-Feb-07 15:04 by antonino
  Image text-base: 0x00003000, data-base: 0x00352924
  ROM: Bootstrap program is C3500XL boot loader
  CCT-3524XL uptime is 39 weeks, 2 days, 1 hour, 52 minutes
  System returned to ROM by power-on
  System restarted at 15:59:08 EDT Tue Jun 17 2014
  System image file is "flash:c3500xl-c3h2s-mz.120-5.WC17.bin"
  cisco WS-C3524-XL (PowerPC403) processor (revision 0x01) with 8192K/1024K bytes of memory.
  Processor board ID FAB0536V288, with hardware revision 0x00
  Last reset from power-on
  Processor is running Enterprise Edition Software
  Cluster command switch capable
  Cluster member switch capable
  24 FastEthernet/IEEE 802.3 interface(s)
  2 Gigabit Ethernet/IEEE 802.3 interface(s)
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:07:50:CE:48:40
  Motherboard assembly number: 73-3904-11
  Power supply part number: 34-0851-02
  Motherboard serial number: FAB05362F31
  Power supply serial number: PHI052806L0
  Model revision number: A0
  Motherboard revision number: D0
  Model number: WS-C3524-XL-EN
  System serial number: FAB0536V288
  Configuration register is 0xF
  CCT-3524XL#conf t
  Enter configuration commands, one per line.  End with CNTL/Z.
  CCT-3524XL(config)#ip http ?
    access-class    Restrict access by access-class
    authentication  Set http authentication method
    path            Set base path for HTML
    port            HTTP port
    server          Enable HTTP server

• Proxy authentication screen blinks with ios 7

  Have a router that has VPN to my work's network.
  When I want to connect to our company network, I used to get a proxy authentication screen to enter user name and password.
  After I updated my iPad-2 to IOS 7, the authentication screen just blinks and goes away. Then I have a message that says I do not have a network connection.
  Although I can go to the internet, I can not get into my company's network.
  Connection is WPA Enterprise.
  It used to work just fine with the previouse IOS.
  Please advise,
  Thanks
  Tom

  Hello, Harmeet Singh. 
  Thank you for visiting Apple Support Communities.
  Here are the best troubleshooting resources to reference when experiencing this issue.
  iOS: Not responding or does not turn on
  http://support.apple.com/kb/TS3281
  Display has no backlight or dark screen
  Toggle the ringer switch to see if the unit vibrates. If it does, it could be that iPhone is getting power, but is not displaying any image.
  Try turning iPhone off and then on again.
  While connected to the iPhone charger, try to reset the iPhone.
  If the low-battery screen appears, charge the iPhone.
  iPhone: Hardware troubleshooting
  http://support.apple.com/kb/ts2802
  If the issue persists, see the section labeled issue not resolved. 
  Cheers,
  Jason H.

• Http proxy authentication for JDev 10.1.3

  Hi,
  I found the http proxy settings in the "tools->preferences->Web Browser and Proxy" but there are no settings for the username and password. Is there some other way that I can add these.
  The problem is that whenver JDeveloper wants to do some http stuff it (or something else is doing it) asks me for the proxy user name & password - this happens over and over again. If JDev is doing this then surely it should remember the username & password.
  I sometimes get a JDeveloper dialog "waiting for the connection" come up over the proxy auth dialog and I have to cancel the function so I can authenticate, then re-request the function.
  I wish I didn't have the proxy authentication but I have no choice in this dev environment. I do get to choose JDeveloper at least.
  Regards,
  Simon.

  Hi,
  I get it when I 'check for updates' and I get it again when I 'go to JavaDoc' - and this is the one where the "waiting for connection dialog" pops on top of the proxy log in and I have to cancel it to log in. Then all subsequent 'go to JavaDoc' requests go straight through.
  I would prefer it if I could just configure (in proxy preferences) the username and password so it never asks me. I dont care if it less secure storing the password since I think authenticating proxies are a dumb idea anyway. If the password is not supplied then JDev can ask for it like it does now to keep the security-paranoid people happy.
  Also, this morning I got this Exception which appeared at the same time I got a proxy auth window. When JDev finally started all my previously open windows were lost. No real problem but unexpected. Here is the stack dump:
  java.lang.NullPointerException
       at oracle.jdevimpl.webdav.api.DAVAuthenticator.getPasswordAuthentication(DAVAuthenticator.java:79)
       at java.net.Authenticator.requestPasswordAuthentication(Authenticator.java:300)
       at sun.net.www.protocol.http.HttpURLConnection$1.run(HttpURLConnection.java:267)
       at java.security.AccessController.doPrivileged(Native Method)
       at sun.net.www.protocol.http.HttpURLConnection.privilegedRequestPasswordAuthentication(HttpURLConnection.java:263)
       at sun.net.www.protocol.http.HttpURLConnection.getHttpProxyAuthentication(HttpURLConnection.java:1427)
       at sun.net.www.protocol.http.HttpURLConnection.resetProxyAuthentication(HttpURLConnection.java:1246)
       at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:950)
       at oracle.ide.net.HttpURLFileSystemHelper.exists(HttpURLFileSystemHelper.java:191)
       at oracle.jdevimpl.webdav.net.WebDAVURLFileSystemHelper.exists(WebDAVURLFileSystemHelper.java:423)
       at oracle.ide.net.URLFileSystem.exists(URLFileSystem.java:498)
       at oracle.ideimpl.editor.EditorUtil.getNode(EditorUtil.java:126)
       at oracle.ideimpl.editor.EditorUtil.loadContext(EditorUtil.java:91)
       at oracle.ideimpl.editor.TabGroupState.loadStateInfo(TabGroupState.java:950)
       at oracle.ideimpl.editor.TabGroup.loadLayout(TabGroup.java:1758)
       at oracle.ideimpl.editor.TabGroupXMLLayoutPersistence.loadComponent(TabGroupXMLLayoutPersistence.java:31)
       at oracle.ideimpl.controls.dockLayout.DockLayoutInfoLeaf.loadLayout(DockLayoutInfoLeaf.java:123)
       at oracle.ideimpl.controls.dockLayout.AbstractDockLayoutInfoNode.loadLayout(AbstractDockLayoutInfoNode.java:631)
       at oracle.ideimpl.controls.dockLayout.AbstractDockLayoutInfoNode.loadLayout(AbstractDockLayoutInfoNode.java:628)
       at oracle.ideimpl.controls.dockLayout.AbstractDockLayoutInfoNode.loadLayout(AbstractDockLayoutInfoNode.java:614)
       at oracle.ideimpl.controls.dockLayout.DockLayout.loadLayout(DockLayout.java:302)
       at oracle.ideimpl.controls.dockLayout.DockLayoutPanel.loadLayout(DockLayoutPanel.java:128)
       at oracle.ideimpl.editor.Desktop.loadLayout(Desktop.java:353)
       at oracle.ideimpl.editor.EditorManagerImpl.init(EditorManagerImpl.java:1824)
       at oracle.ide.layout.Layouts.activate(Layouts.java:758)
       at oracle.ide.layout.Layouts.activateLayout(Layouts.java:179)
       at oracle.ideimpl.MainWindowImpl$2.runImpl(MainWindowImpl.java:734)
       at oracle.javatools.util.SwingClosure$1Closure.run(SwingClosure.java:50)
       at java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:199)
       at java.awt.EventQueue.dispatchEvent(EventQueue.java:461)
       at java.awt.EventDispatchThread.pumpOneEventForHierarchy(EventDispatchThread.java:242)
       at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:163)
       at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:157)
       at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:149)
       at java.awt.EventDispatchThread.run(EventDispatchThread.java:110)

• WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

  Hi,
  I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
  0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
  In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
  a second request with NTLMSSP_AUTH is sent.
  Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
  I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
  Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
  WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
  Any idea?
  Thanks

• Safari, Proxy Authentication, and Certificate Authorities ( for https )

  A recent update to Safari has caused it to not work with our proxy authentication.  It will not provide authentication details when looking up SSL certificate authorities, causing certificate errors on all https:// websites. All other traffic (http, https if certificate is bypassed, plugins, etc.) seem to work just fine. Is anyone else having this problem?  If so, is there a fix?
  It occurs on Mac and PC.  I am using SquidGuard with NTLM authentication.  All other browsers on our system (IE x.x, FireFox, Chrome, Opera ) don't have this issue.

  I have the same problem and it's frustrating as can be.
  What happens to me is that When I bring my laptop to work, and put it on the work network and launch Safari, Safari informs me that each of my plugins is invalid and then uninstalls them - I'm effectively not able to use any plug ins at work, and I have to go hunt them down when I get back home (for reference, The extensions are still physically in \users\me\Library\Safari\Extensions - so when I get home I can just double click on all of them)
  I opened a case with apple and I encourage you to do the same. Perhaps if enough users complain they will find a gentler way to work with it.
  They had me do a capture and after analyzing it said it was an issue with the work network and not being able to valdate the extensions.
  It sounds like the same issue you have - as my work network uses a proxy as well.
  The rep suggested that I use a different browser at work, but I'm so used to clicking safari, that I do it out of habit.
  I really like Safari, and hope they get it fixed - Safari may not get respect in the windows world, but it's really a great browser - especially on a laptop where screen real estate is limited (where I often hit command-shift-\ to hide the address bar to see more of the page)
  -Jack

• HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )

  17:06:13 Synchronizer Version 14.0.6123
  17:06:13 Synchronizing Mailbox '[email protected]'
  17:06:13 Synchronizing Hierarchy
  17:06:13   4 folder(s) added to online store
  17:06:13   1 folder(s) updated in online store
  17:06:13 Synchronizing local changes in folder 'Inbox'
  17:06:13 Error synchronizing folder
  17:06:13 [80041004-0-0-430]
  17:06:13 Error with Send/Receive.
  17:06:13 There was an error synchronizing your folder hierarchy. Error : 80041004.
  17:06:13 Synchronizing server changes in folder 'Calendar'
  17:06:13 Synchronizing server changes in folder 'Contacts'
  17:06:13 
  17:06:13 
  *Request*       
  17:06:13 17:06:13:0590
  17:06:13 POST
  17:06:13  http://
  17:06:13 contacts.msn.com
  17:06:13 /ABService/ABService.asmx
  17:06:13 
  17:06:13 <ABFindAll xmlns="http://www.msn.com/webservices/AddressBook"> <abId>00000000-0000-0000-0000-000000000000</abId><abView>Full</abView><deltasOnly>false</deltasOnly></ABFindAll>
  17:06:13 
  *Response*  
  17:06:13 17:06:13:0870
  17:06:13 HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  )
  Via: 1.1 TMG
  Proxy-Authenticate: Negotiate
  Proxy-Authenticate: Kerberos
  Proxy-Authenticate: NTLM
  Connection: close
  Proxy-Connection: close
  Pragma: no-cache
  Cache-Control: no-cache
  Content-Type: text/html
  Content-Length: 707
  17:06:13 
  17:06:13 
  17:06:13 
  17:06:13 Error with Send/Receive.
  17:06:13 There was an error synchronizing a contacts folder. Error : 80004005.
  17:06:13 Synchronizing server changes in folder 'Drafts'
  17:06:13 Synchronizing local changes in folder 'Inbox'
  17:06:13 Error synchronizing folder
  17:06:13 [80041004-0-0-430]
  17:06:13 Synchronizing server changes in folder 'Sent Items'
  17:06:13 Synchronizing server changes in folder 'Deleted Items'
  17:06:13 Synchronizing server changes in folder 'Junk E-mail'
  17:06:13 Done
  17:06:13 
  17:06:13 
  *Request*       
  17:06:13 17:06:13:0870
  17:06:13 POST
  17:06:13  http://
  17:06:13 mail.services.live.com
  17:06:13 /DeltaSync_v2.0.0/Settings.aspx
  17:06:13 
  17:06:13 <?xml version="1.0" encoding="utf-8"?><Settings xmlns="HMSETTINGS:"><ServiceSettings><SafetySchemaVersion>1</SafetySchemaVersion><SafetyLevelRules><GetVersion/></SafetyLevelRules><SafetyActions><GetVersion/></SafetyActions><Properties><Get/></Properties></ServiceSettings><AccountSettings><Get><Options/><Properties/></Get></AccountSettings></Settings>
  17:06:13 
  *Response*  
  17:06:13 17:06:13:0870
  17:06:13 HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  )
  Via: 1.1 TMG
  Proxy-Authenticate: Negotiate
  Proxy-Authenticate: Kerberos
  Proxy-Authenticate: NTLM
  Connection: close
  Proxy-Connection: close
  Pragma: no-cache
  Cache-Control: no-cache
  Content-Type: text/html
  Content-Length: 707
  17:06:13 
  17:06:13 

  Hi,
  According to the log, it seems that TMG firewall denied the request and replied with an HTTP 407 response, indicating that proxy authentication was required. This was done because the Forefront TMG firewall did not have any access rules which would allow
  the anonymous request. Please check if you have configured related access rules.
  When did you recieve this log? Is there anyting wrong? Which authentication method you have used, Kerberos, NTLM or other? 
  It seems that each time a web proxy client requests a resource through a Forefront TMG firewall that requires NTLM authentication the client is actually denied twice during the transaction before being successfully authenticated and allowed access. When
  the Forefront TMG firewall is configured to use Kerberos there is only a single denied request and HTTP 407 response and then contact a domain controller and obtain a Kerberos ticket to present to the TMG firewall to gain access to the resource.
  If you configured the TMG clients with a certain proxy name, please make sure you typed the TMG's domain computer name only (not IP address nor alias).
  Best regards,
  Susie

• DAP and http proxy authentication

  I have a ASA firewall with http proxy authetication and now i configure DAP for Anyconnect with AD .I disable the "Default Dynamic Access Policy"  proxy authentication fail .Someone knows how to configure the DAP for http proxy authentication ?
  best regards

  Still nothing about it. I've also posted to another threads with similar problems:
  http://discussions.apple.com/message.jspa?messageID=8165122#8165122
  http://discussions.apple.com/message.jspa?messageID=8165120#8165120
  http://discussions.apple.com/message.jspa?messageID=8165118#8165118
  http://discussions.apple.com/message.jspa?messageID=8149758#8149758
  As I said before, while I've had OS 1.1.4, everything was normal. It began when I upgraded to 2.0.2 and after to 2.1. I also double checked if the TI here changed the policies, and they assured me they don't.
  Several other users with 2.x are also reporting the same trouble. As far as now, I've came across a post suggesting me to install a local http proxy on the phone, but I don't think it's gonna work.
  Let's keep this thread alive!

• HTTP/1.1 407 Proxy Authentication Required for cloud connection

  I am using Jdeveloper version 11.1.1.7.1 for ADF deployment on cloud service(Java and DB services).As instructed ,I have followed all the steps and in jdeveloper .when I tried to Authenticate the created connection with username and password, i am getting HTTP/1.1 407 Proxy Authentication Required .I am clueless how to solve this,Followed all the blogs but no luck.Please help on this,

  Presumably you are behind a FW, does your proxy require authentication if so did you set it with "Tools > Preferences > Web Browser and Proxy > Proxy Server Requires Authentication". Also what is the version of your JCS SDK ? You can check it by:
  java -jar javacloud.jar -version
  It should be something like 15.1.2.0 or later ..
  Jani Rautiainen
  Fusion Applications Developer Relations
  https://blogs.oracle.com/fadevrel/

• Is there an issue with the latest version of FF with HTTPS requests and Proxy authentication?

  I'm currently working inside a cope network behind a proxy, which requires authentication.
  When browsing to websites externally to our network I would usually only be promoted once for authentication details; after that I would never see the prompt again until after restating the browser.
  However after the latest update I've found that when visiting HTTPS sites I'm promoted for my login details. But even though I enter the correct information the prompt does not take the details and continually asks until eventually our proxy closes the connection (usually with my account now being locked).
  My other browsers (IE, GC) work fine without problems.
  Any ideas?

  It could be a regression in Firefox 18 that wasn't present in Firefox 17. The developers are known nowadays for including too many experimental changes and my bet is one of them is causing this.
  But to confirm, could you downgrade back to Firefox 17 and still see if it works well with proxy authentication?
  Download link:
  <br> www.mozilla.org/en-US/products/download.html?product=firefox-17.0.1&os=win&lang=en-US