Ise with proxy

Similar Messages

• ISE with Proxy Server (internet explorer)

  Hi guys.
  I´m implementing a Cisco ISE in customer now and I have the follow state:
  AUTHENTICATION
  mab > wired_mab OR wireless_mab > default network protocos > internal endpoints
  employee > wired_802.1x OR wireless_802.1x > Radius Server Sequence
  Guest > Default network protocols > internal users.
  AUTHORIZATION
  Guest IF ActivatedGuest Then PermitAccess (vlan L2)
  employee_wired_wifi  IF Workstation AND (Wireless_802.1X  AND Wired_802.1X AND Session:PostureStatus EQUALS Compliant )
  then PERMIT_ALL_TRAFFIC
  employee_pre_compliant IF Workstation AND (Wireless_802.1X  AND Wired_802.1X AND Session:PostureStatus NOT_EQUALS Compliant )
  And others configurations to Smartphones (android and apple) for example.
  I configured the CLIENT PROVISIONING like this:
  employee_win IF any AND windows all AND conditions any Then WebAgent 4.9.0.24
  SO, this configuration permit the scenario bellow:
  IF employee have NacAgent software installed - the communication happens and posture initiate.
  IF employee don´t have the NacAgent, Open Internet Browser and redirect page start to WebAgent provisioning.
  This work.  BUT to redirect the user to provisioning URL, I have to disable de proxy configurations in (Settings>Internet Options>Connections>Lan Settings).
  There are some kind of configuration that permit the Redirec Provisioning URL with internet proxy configured???
  PS: Also, do not work with I configured the ISE Ip adress in "proxy exceptions".
  Best Regards

  HI,
  Does the blue coat support anything such as transparent proxy? Ironport does this in a way that when it is integrated with Active Directory it can find the user to ip mapping and set the condition on the fly without redirecting users for authentication.
  https://kb.bluecoat.com/index?page=content&id=KB4799
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• Configuring ISE to proxy Authentications based on email address

  Hi
  I'm looking for a little help configuring ISE to proxy requests to external radius servers based on email address and password. I want to configure eduroam on our WLAN. Eduroam allows students connect to the WIFI of other Campuses using their local credentials
  Workflow:
  User associates to SSID (eduroamTest)
  Prompted for username & password (802.1x)
  User puts in username and password in the form [email protected] (UPN)
  If the user is part of our local institution they are authenticated using our local radius server (ISE)
  If the user is a  member of a partner institution the request is proxied to an external radius server (National Gateways).
  The National Gateways  passes the request to the relevant institution based on the UPN (eg @ucd.ie will be passed to ucd radius servers)
  The institution authenticates the user and passes the  request back to the National Gateways
  The National Gateways passes this request back to our ISE server and the external user is authenticated
  The user can browse the web
  What I have done:
  Setup the National Gateways as external proxy servers
  Created firewall rules to allow the traffic
  Configured the proxy sequence with these servers
  Created a policy to proxy requests to the proxy sequence
  What I need to figure out:
  How to get ISE to authenticate/proxy requests, for the SSID eduroamTest, based on UPN eg (if username = *@rcsi.ie then use local ISE otherwise use proxy service)
  Any help with this configuration would be greatly appreciated as I am new to ISE.
  If you need any more info please let know.
  Kind regards
  John

  Sounds like you did most of the work already. To get ISE to direct certain requests based on attributes in the request to another radius server, all you need to do, is create a new authentication rule, where you check for the following attributes ;
  radius/called-station-id contains "eduroam"
  and
  radius/username ends with "rcsi.ie"
  Then you can select the radius server sequence you created instead of the normal "Allowed protocols" list.
  If you want to be in control of the authorization, there is a flag you must set in the radius server sequence in ISE, this will let you control what rights the client is given locally, while still authenticating the user remotely.

• Communication problem with proxy server

  We have establish the configuration of an iPad to access the enterprise net, but when trying to access any webpage we get the next message: Safari can not open the page. Error:"There is a communication problem with proxy web server (HTTP)"
  The access has no problems with other movile devices.
  Ahy help?

  Hi,
  I am not sure whether you have already solved the problem or not....
  Do the following to deploy MobileBIService.war file on tomcat
  1.Stop Tomcat Web application server.
  2.Copy the file, MobileBIService.war from [Install directory]\Mobile 14\Client to the Tomcat's "Webapps" directory.
  In my case, I copied the MobileBIService.war from C:\Program Files (x86)\SAP BusinessObjects\Mobile14\Client to C:\Program Files (x86)\SAP BusinessObjects\Tomcat6\webapps. ( I used BO 4.0 SP02)
  3.     Start Tomcat.
  Restarting Tomcat would automatically deploy war file as a Web App
  One folder u201CMobileBiServiceu201D will appear in webapps folder when MobileBIService.war is deployed successfully.
  Hope it helps.
  Regards,
  Ankur

• Administration of APEX in SQL Developer with Proxy Authentication impossibl

  Hello!
  We are using latest version of SQL Developer to administer APEX. We are connecting to the database with proxy authentication. The syntax is:
  personal_user[apex_ws_owner]
  e.g.: mdecker[apex_demo]
  When trying to deploy APEX application I go to "Database Object" -> Application Express -> Application1 [100] -> right mouse click: "Deploy Application". Then I select the appropriate database identifier and next, I am presented with a screen showing import options. In second line, it says: "Parsing Schema: MDECKER".
  This is wrong: it has to be Parsing Schema: APEX_DEMO. It seems that managing APEX with SQL Developer does not support Proxy Authentication.
  Could you please confirm?
  Is there a way to formally ask for this enhancement?
  Best regards,
  Martin
  Update:
  I found out that if I check the flag "Proxy Authentication" in the connect details and provide both passwords, the deploy application parsing schema is set to the correct APEX_DEMO account. However, we are using Proxy Authentication in order to avoid having to know the application password.
  Edited by: mdecker on Jan 28, 2013 4:48 PM

  There is a write-up about connecting to APEX here: <a href ="http://www.oracle.com/technology/products/database/application_express/html/sql_dev_integration.html" >SQL Dev Oracle APEX Integration</a>
  <p>You do need to have updated to Oracle APEX 3.0.1.
  <p>Regards <br>
  Sue

• ISE with Trend Micro OfficeScan supported version

  Hi.
  My customer have plan to install ISE with Trend Micro OfficeScan 10.5 as NAC solution.
  I confirmed below supported AV/AS Products list.
  Server side Trend Micro OfficeScan Corporate Edition 10.x is not included.
  But Client side Trend Micro OfficeScan Client 10.x is incduled.
  What this means?
  Trend Micro OfficeScan Client 10.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Client 5.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Client 6.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Client 7.85.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 -
  Trend Micro OfficeScan Client 7.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Client 8.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Corporate Edition 5.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Corporate Edition 6.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Trend Micro OfficeScan Corporate Edition 7.x 4.9.0.28 / 3.4.21.1 4.9.0.28 / 3.4.21.1 yes
  Cisco Identity Services Engine Supported Windows AV/AS Products Compliance Module Version 3.5.2221.2
  http://www.cisco.com/en/US/docs/security/ise/ComplianceModule/win-avas-3_5_2221_2.pdf
  Regards,
  Miyazaki

  http://support.mozilla.com/en-US/kb/Installing+a+previous+version+of+Firefox
  http://www.mozilla.com/en-US/firefox/all-older.html

• JAX-WS client - WebLogic - SSL with proxy server

  Good night!
  I'm having trouble communicating with webservices using certificate authentication (weblogic.wsee.jaxws.sslclient.PersistentSSLInfo) through and going through a proxy server (weblogic.wsee.jaxws.proxy.ClientProxyFeature) .
  If communication with the webservice is done directly (no proxy server) everything happens perfectly, but to set the proxy server I get the exception "BAD_CERTIFICATE." it is as if the certificate was not attached in the request.
  The webservice client was generated by JDeveloper.
  Has anyone experienced this problem?
  Sorry for my bad english
  Exception
  javax.xml.ws.WebServiceException: javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
       at com.sun.xml.ws.transport.http.client.HttpClientTransport.readResponseCodeAndMessage(HttpClientTransport.java:218)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:204)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)
       at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)
       at com.sun.xml.ws.client.Stub.process(Stub.java:272)
       at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
       at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)
       at $Proxy30.cleCadastroLote(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at weblogic.wsee.jaxws.spi.ClientInstanceInvocationHandler.invoke(ClientInstanceInvocationHandler.java:84)
       at $Proxy31.cleCadastroLote(Unknown Source)
       at br.com.tbl.ws.CleCadastroPortClient.main(CleCadastroPortClient.java:51)
  Webservice client with proxy server (error)
  import weblogic.wsee.jaxws.sslclient.PersistentSSLInfo;
  import javax.xml.ws.BindingProvider;
  import weblogic.wsee.jaxws.JAXWSProperties;
  import weblogic.wsee.jaxws.proxy.ClientProxyFeature;
  import weblogic.wsee.jaxws.sslclient.SSLClientUtil;
  public class CleCadastroPortClient
  public static void main(String [] args)
  try{
  CleCadastro_Service cleCadastro_Service = new CleCadastro_Service();
  CleCadastro cleCadastro = cleCadastro_Service.getCleCadastroPort();
  String clientKeyStore = "C:\\certificados.jks";
  String clientKeyStorePasswd = "xxxxx";
  String clientKeyAlias = "xxxxx";
  String clientKeyPass = "xxxxx";
  String trustKeystore = "C:\\keystore_completo.jks";
  String trustKeystorePasswd = "xxxxx";
  PersistentSSLInfo sslInfo = new PersistentSSLInfo();
  sslInfo.setKeystore(clientKeyStore);
  sslInfo.setKeystorePassword(clientKeyStorePasswd);
  sslInfo.setKeyAlias(clientKeyAlias);
  sslInfo.setKeyPassword(clientKeyPass);
  sslInfo.setTrustKeystore(trustKeystore);
  sslInfo.setTrustKeystorePassword(trustKeystorePasswd);
  ClientProxyFeature clientProxy = new ClientProxyFeature();
  clientProxy.setProxyHost("proxy.com");
  clientProxy.setProxyPort(Integer.parseInt("3128") );
  clientProxy.setProxyUserName("user");
  clientProxy.setProxyPassword("pass");
  clientProxy.attachsPort(cleCadastro);
  ((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
  ((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, SSLClientUtil.getSSLSocketFactory(sslInfo));
  ((BindingProvider) cleCadastro).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https:/xxxx/ws");
  String retorno = cleCadastro.cleCadastroLote("xml", "xml");
  }catch(Exception ex){
  ex.printStackTrace();
  Webservice client without proxy server (OK)
  import weblogic.wsee.jaxws.sslclient.PersistentSSLInfo;
  import javax.xml.ws.BindingProvider;
  import weblogic.wsee.jaxws.JAXWSProperties;
  import weblogic.wsee.jaxws.proxy.ClientProxyFeature;
  import weblogic.wsee.jaxws.sslclient.SSLClientUtil;
  public class CleCadastroPortClient
  public static void main(String [] args)
  try{
  CleCadastro_Service cleCadastro_Service = new CleCadastro_Service();
  CleCadastro cleCadastro = cleCadastro_Service.getCleCadastroPort();
  String clientKeyStore = "C:\\certificados.jks";
  String clientKeyStorePasswd = "xxxxx";
  String clientKeyAlias = "xxxxx";
  String clientKeyPass = "xxxxx";
  String trustKeystore = "C:\\keystore_completo.jks";
  String trustKeystorePasswd = "xxxxx";
  PersistentSSLInfo sslInfo = new PersistentSSLInfo();
  sslInfo.setKeystore(clientKeyStore);
  sslInfo.setKeystorePassword(clientKeyStorePasswd);
  sslInfo.setKeyAlias(clientKeyAlias);
  sslInfo.setKeyPassword(clientKeyPass);
  sslInfo.setTrustKeystore(trustKeystore);
  sslInfo.setTrustKeystorePassword(trustKeystorePasswd);
  ((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.CLIENT_PERSISTENT_SSL_INFO, sslInfo);
  ((BindingProvider) cleCadastro).getRequestContext().put(JAXWSProperties.SSL_SOCKET_FACTORY, SSLClientUtil.getSSLSocketFactory(sslInfo));
  ((BindingProvider) cleCadastro).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "https:/xxxx/ws");
  String retorno = cleCadastro.cleCadastroLote("xml", "xml");
  }catch(Exception ex){
  ex.printStackTrace();
  }

  Hi,
  I tried to use the option "-DUseSunHttpHandler=true" and enabled "JSSE SSL", but it did not work, now showing the exception "General SSLEngine problem".
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <javax.xml.ws.WebServiceException: javax.net.ssl.SSLHandshakeException: General SSLEngine problem>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpClientTransport.readResponseCodeAndMessage(HttpClientTransport.java:218)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:204)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at $Proxy308.cleCadastroLote(Unknown Source)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)>
  <05/09/2012 15h36min55s GMT-03:00> <Notice> <StdErr> <BEA-000000> <at com.sun.xml.ws.client.Stub.process(Stub.java:272)>

• ISe with NAC agent pop up and Posture waiting

  Hi,
  I have ISE running ver 1.1.1.268. We limited access certain services before authuenticate with ACL-DEFAULT(given below) as per the Trustsec desgin guide.
  Now the issue is that when you have ACL-DEFAULT on the port NAC agent doest not pop-up and doest not start the posture part and saying waiting for Posture validation. When the ACL-DEFAULT removed from the access port NAC agent popup and do the posture validation.
  However we do not want user to get access to network before the authorization and that is the reason we use the ACL-DEFAULT.
  Please can someone advise me how to achieve the above both task. Why the NAC agent does not popup and do the posture when ACL-DEFAULT there in the switch.
  Here is what I have configured on ACL-DEFAULT.
  ip access-list extended ACL-DEFAULT
  remark DHCP
  permit udp any eq bootpc any eq bootps
  remark DNS
  permit udp any any eq domain
  permit tcp any any eq domain
  permit udp any any eq 389
  permit tcp any any eq 135
  permit tcp any any eq 445
  permit udp any any eq 445
  permit tcp any any range 135 139
  permit tcp any any eq 389
  permit tcp any any eq 3268
  permit icmp any any
  remark PXE / TFTP
  permit udp any any eq tftp
  permit tcp any host 172.xx.xx.xx eq 8443 (ISE-Pri)
  permit tcp any host 172.xx.xx.xx eq 8443 (ISE-Sec)
  remark Drop all the rest
  deny   ip any any log
  Appreciate if someone can give a solid resolution and explanation to this.

  Hi Saurav,
  We have already allowed those ports with another acl (ACL-POSTURE-REDIRECT). Our issue is not with the web nac agent.
  The issue is with NAC agent installed on corperate PCs connecting via wired port. With the ACL-DEFAULT it does not pop-up and does not do the posturing, however once we removed the ACL-DEFAULT from the access port, everything works fine.
  Since we do not want any user to access unwanted services before authorization we add this ACL on the access-port and as per the trustsec desgin this has to be there if you want to have ISE with closed mode.
  thanks

• Guest Portal Using ISE with Flexconnect Mode

  Folks,
  I have configured my guest web authentication using ISE with flexconnect mode like this:
  http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bcb905.shtml
  After done, I connect the SSID but cannot log in. I cannot get IP address and in the ISE I can see that my device has already hit my authorization profile and the status is pending. Can anyone help me with this?

  As Richard says, check to see if you have an IP address.  If not check the AP settings for FlexConnect.  Is the mode on the AP set right?  Please confirm that you are using FC local switching and not centralised switching? 
  Is the VLAN tagging enabled on the AP, and/or the VLANs on the AP switchport set right?

• Strange behaviour when using connection pooling with proxy authentication

  All
  I have developed an ASP.NET 1.1 Web application that uses ODP.NET 9.2.0.4 accessing Oracle Database 8i (which is to be upgraded to 10g in the coming months). I have enabled connection pooling and implemented proxy authentication.
  I am observing a strange behaviour in the live environment. If two users (User 1 and User 2) are executing SQL statements at the same time (concurrent threads in IIS), the following is occurring:
  * User 1 opens a new connection, executes a SELECT statement, and closes this connection. The audit log, which uses the USER function, shows User 1 executed this statement.
  * User 2 opens the same connection (before it is released to the connection pool?), excutes an INSERT statement, and closes this connection. The audit log shows User 1, not User 2, executed this statement.
  Is this a known issue when using connection pooling with proxy authentication? I appreciate your help.
  Regards,
  Chris

  Hi Chris,
  I tried to reproduce your complaint, but was unable to. I didnt use auditting however, just a series of "select user from dual" with proxy authentication. You might want to see if you can put together a small complete testcase for this and open a sr with support.
  Cheers
  Greg

• SRT Framework exception: The WSDL document is not compatible with proxy

  hello,
  I'd like to create a logical port to my web service but when I create this type of error:
  SRT Framework exception: The WSDL document is not compatible with proxy class "YAIRPORT_CO_AIRPORT_SOAP": "Unsupported Operation (s): getAirportInformationByISOCountryCode, getAirportInformationByAirportCode, getAirportInforma
  someone has an idea?
  thank you

  Hi,
  Most probably your class YAIRPORT_CO_AIRPORT_SOAP was't automatically generated by SAP from the .wsdl file. If so, then you have to generate it from this file and then create the logical port. For this purpose, go to se80, display the function group there you want to add the class, right-click it and choose Create -> Web Service. Then on the following screens choose Service Consumer, Local File and specify the .wsdl file for the web service you want to use. Finally specify a Package, Prefix and Transport Request, activate the changes and you're done. Now you can create the Logical Port.
  Hope this helps,
  Greg

• ISE with two PKI enterprise servers

  Hi,
  I have to install Cisco ISE for one of my customer.
  this customer has two enterprise PKI.
  one PKI deliver a certificate for a group of user and the second PKI deliver a certificate for the others user.
  In this case how to do? do have need to add the two enterprise pki certificate in each Cisco ISE? the ISE need to have
  two certificates one from each PKI server?
  what I have already done is to configure cisco ISE with only one enterprise PKI.
  Guy charles

  Do both users group trust each of the enterprise CA certs?
  No, but I can ask to the customer to do it if it is a right solution.
  Are the two user groups in the same ad environment and are you planning on differentiated access based on AD groups?
  the two user groups are in the same ad environment, yes i am planning to do access based on ad groups.

• JDBC Dynamic Credential with proxy users

  Hi
  We've developed an application with Business Components and it's been working very well. We're using JDBC Dynamic Credential like explain the document (How to Support JDBC Dynamic Credentials - http://www.oracle.com/technology/products/jdev/howtos/10g/dynamicjdbchowto.html). Now we want to use proxy users with JDBC Dynamic Credentials. How can we
  user proxy users with JDBC Credentials? What classes or parameters we need to change?
  I've been tested proxy users a lot, but in simple java classes, I don't know where to set some parameters in business components, for example, where can I set the following parameters?:
  OracleOCIConnectionPool.PROXY_USER_NAME
  OracleOCIConnectionPool.PROXYTYPE_USER_NAME
  Thanks in advance
  Liceth

  Hi Frank, thanks again
  Now we are using JDBC Credentials(like explain the paper http://www.oracle.com/technology/products/jdev/howtos/10g/dynamicjdbchowto.html), every user connects to the application with a diferent database user and password, then at database level the administrator can see diferents usernames (not the same user). Every application user correspond to a database user, relation one to one. The application works fine with that configuration. But, now for performance we want to change our application to use proxy users, I read that with proxy users redirectec to a single user, then the pooling connections are well reused, and at database level you have diferent usernames. Our principal goal is use pooling (for performance) and see diferent usernames at database level, this for facilitate administration tasks and auditory .
  We want that the application user autenticate with proxy users (username and password) but we have some problems because we don't know where specify that we're using proxy users. (The parameters OracleOCIConnectionPool.PROXY_USER_NAME
  OracleOCIConnectionPool.PROXYTYPE_USER_NAME).
  We want open our connections with the following code:
  OracleOCIConnectionPool ods = new OracleOCIConnectionPool();
  ods.setURL("jdbc:oracle:oci:@"+tnsAlias);
  ods.setUser("user_application");
  ods.setPassword("oracle");
  java.util.Properties prop = new java.util.Properties();
  prop.setProperty(OracleOCIConnectionPool.CONNPOOL_MIN_LIMIT,"3");
  prop.setProperty(OracleOCIConnectionPool.CONNPOOL_MAX_LIMIT,"20");
  prop.setProperty(OracleOCIConnectionPool.CONNPOOL_INCREMENT,"1");
  ods.setPoolConfig(prop);
  java.util.Properties userNameProp = new java.util.Properties();
  userNameProp.setProperty(OracleOCIConnectionPool.PROXY_USER_NAME,"Mark/123");
  Connection conn = ods.getProxyConnection(OracleOCIConnectionPool.PROXYTYPE_USER_NAME,userNameProp);
  with other user
  userNameProp.setProperty(OracleOCIConnectionPool.PROXY_USER_NAME,"Marty/123d");
  Connection conn = ods.getProxyConnection(OracleOCIConnectionPool.PROXYTYPE_USER_NAME,userNameProp);
  Thanks in advance
  Liceth

• How tune flash player 9 for use with proxy

  I use me browser with proxy. But flash player, when i show
  yourtube etc, use direct connection and not use proxy server. How
  tune flash player (last fersion, 9) for use with proxy. I want what
  all traffic go over proxy

  Will alienate? They've already alienated users a long time
  ago. That isn't the point, though, because it doesn't matter if
  users are alienated, it only matters if the users need flash.
  The only thing that could make flash player better is open
  source. I don't see why they don't do it. They make money on the
  authoring tool, not the player. All of my Linux machines are ppc
  and x86_64, no flash there. I also don't have flash on my PDA, a
  Palm T|X. If the player was open sourced, people would stop
  complaining about how much flash sucks -- because, right now, there
  are very serious, legitimate, complaints against it.
  Anyway, for now I'm hoping that SVG matures quickly.
  Although, I"m sure that once Adobe sees that train coming, they
  will extend Flash (dev.) to export SVG movies containing embedded
  binary data that can only play with their binary plugin.

• HT1277 Cofiguring mail in network with proxy

  I have cofigured mail with my account and i used it in network without proxy, it is working properly. But when i use mail in network with proxy, it is not working although i have configured proxy in Network in preference. Please help me to configure mail in network with proxy? thanks

  In a typical set-up, an SMTP proxy server is irrelevent to client mail access; the proxy servers I've worked with sit between the SMTP mail server and other mail servers on the 'net.
  For clients accessing the server, use IMAP or (less desirably) POP to read mail, and use the SMTP submission port to send mail, and you should connect directly to the mail server. 
  Typical configurations don't have the clients connecting to the SMTP port (TCP port 25) directly these days; that tends to be blocked on many networks, and many SMTP mail servers are set to reject remote connections on that port that aren't from SMTP servers.
  Alternatively, have a chat directly with whomever is managing or whomever is supporting the proxy server, and ask them how a legitimate user can access mail via the device, or around the device.