IWS6.0 digest authentication with iDS5.1 on W2K?
Has anyone tried digest authentication between iWS6 and iDS5.1 on W2K? You need to enable the reversible password plug-in in the directory server for it to work. Any problems or comments about this set up and form of authentication?
In the iFS 1.1 for Windows NT/2000 Installation Guide, on page 1-6, we state that Oracle supports running iFS 1.1 on Windows 2000 Professional Edition and Windows 2000 Server Edition.
We have not tested Windows 2000 Advanced Server, and therefore have not listed it as a supported platform.
Could you please describe what the symptoms were of the failure when using the NTFS server (and give us any log file entries from the NTFSServer.log file).
Similar Messages
-
Digest Authentication with OC4J standalone
Hi,
I am using oc4j 9.0.3 standalone web container . I used axis application as soap engine for deploying a web service in the oc4j . I want to implement HTTP digest authentication for my webservice.
I am forced to use the same verison of OC4J due to some reasons. Could anyone help me in knowing the procedure for the HTTP digest authentication implementation using oc4j903 asap.
Advance thanks for helpcould anyone please reply to this thread asap
-
How to configure a Proxy in OSB with Digest Authentication?
Hello, Guys.
I need a help with this subject.
I have a demand to configure a Proxy in OSB 11.1.1.6 with Digest Authentication. I'm using a Embedded Ldap with Identity Asserter.
I'have configured a DefaultAuthenticator and the DefaultIdentityAsserter to support Digest Password and create a new LdapIdentityAsserter pointing to my embedded Ldap.
When I'll create a new Proxy, in the security options, i can see the digest options to authenticate my username and password. I selected the one of all the options, but in the time of the Proxy test the authentication didn't work.
Could anyone help me?
Thanks you.Unfortunately, a reference trigger can't be used for continuous acquisition after the trigger. The maximum post-trigger count is either 2^24 or 2^32 depending on your hardware. Depending on your sampling rate and how many samples you expect to acquire before issuing a software stop, using the max post-trigger count may be sufficient for you. There are a couple of other options I can think of that you might want to try:
1.) If possible, play with the trigger condition such that it occurs at the start of your pre-trigger data and use it as a start trigger instead. I suspect this may not be possible.
2.) Set up a continuous acquisition and implement detection of the trigger condition through software. This is more software work and is more CPU intensive than the hardware solution, but it can definitely be made to work.
3.) With some creative use of the counters, you may be able to latch the sample clock number that trigger occurred on. This would allow you to setup a continuous acquisition and use the hardware to tell you where the trigger occurred instead of figuring it out in software. What I'm thinking is you would set up a buffered event counting task with the ai/SampleClock as the timebase source of the counter and the trigger signal as the sample clock of the counter. By reading the first count value, you should know which AI sample the trigger occurred. From there, you can seek to the right position in the buffer and begin reading data indefinitely.
Good luck! -
Logical Port for Digest Authentication
Hello,
I want to connect to a webservice which is running at an IIS with Digest Authentication. I created a Consumer Proxy and added a Logical Port in SAO Management (Java-Stack) to this Consumer Proxy, but I can't find a digest authetification in Configuration of the Logical Port. Is it possible to connect from a SAP System to a webservice with Digest Authentification?
Thanks and best regards
IrisHello Gourav,
Thank you for your answer.
I tried to create a Logical Port with HTTP Access to the WSDL, but the WSDl needs digest authetication as well. So I get the error
Error: Error in WSDL access: Exception occurred in communication framework:Error in HTTP Framework:401Unauthorizedhttps://itnts2371/SecurityWebService.asmx?WSDL
though I logged in with right credentials.
Then I tried to read the WSDl from a file then, but I get the error
Error: Error in WSDL parsing: Exception occurred in library handler
So I created a manual Logical Port for SSL-Access. I get only "User ID/Password" and "SAP Authenticatoin Assertion Ticket", but no "Digest Authentication". "User ID/Password" doesn't work, I get a dialog to put in User ID and password, but I'm never authorized.
Any other suggestions?
Thanks
With best regards
Iris -
OSB: HTTP digest authentication for WebServices
Hi,
How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
Best regards
DimoDid you figure out how to do it.?
-
Has anyone ever successfully performed a remote http server
digest authentication? I am currently building a script that
authenticates against a server using a supplied username and
password. All of my attempts thus far have come up empty and I am
not quite sure where I am going wrong with this.
I have modeled my headers exactly after the heads I get with
a successful Firefox login.
Here are the headers I get from the Live Headers firefox
addon.
Initial Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 401 Unauthorized
Content-Length: 1944
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
WWW-Authenticate: Digest
qop="auth",realm="[email protected]",nonce="2aaa0db6ed2bb21e8b913e1844b0abf1",opaque="2 0050024497281"
Date: Sun, 20 May 2007 00:24:49 GMT
Connection: close
Authenticated Response:
http://rets.armls.mlsrets.com/rets/login
GET /rets/login HTTP/1.1
Host: rets.armls.mlsrets.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Accept:
application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q= 0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Authorization: Digest username="cril01",
realm="[email protected]",
nonce="2aaa0db6ed2bb21e8b913e1844b0abf1", uri="/rets/login",
response="db214dcb999219968d829b5513e476dd",
opaque="20050024497281", qop="auth", nc=00000001,
cnonce="1d545807784766d0"
HTTP/1.x 200 OK
Connection: close
Date: Sun, 20 May 2007 00:24:54 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Expires: 0
Cache-Control: private
RETS-Version: RETS/1.5
Set-Cookie: RETS-Session-ID=2aaa0db6ed2bb21e8b913e1844b0abf1;
path=/
Content-Type: text/xml
Now even with me exactly copying these headers. I still get
401 (Unauthorized) errors. Does anyone see where I went wrong with
this?
Here is a link to my current test:
http://www.myhomesmart.com/admin/dev/test4.cfm
And here is my code.You cannot just copy headers form successful login, since
they are a function of server's nonce, which is different on every
request (this is the main idea of Digest). Actually, authorization
is a function of server's nonce and client's nonce. So, you have to
correclty calculate this every time you log in.
However, with
CFX_HTTP5 I
immediately got this [successful] response without any programming:
<RETS ReplyCode="0" ReplyText="Operation Successful">
<RETS-RESPONSE>
MemberName = TRUDY MOORE
User = CRIL01,1,SUBSCRIBER,CRIL01
Broker = HOMESMART
MetadataVersion = 1.00.00004
MinMetadataVersion = 1.00.00004
OfficeList = NONE
TimeoutSeconds = 1440
Action = /RETS/Action
GetObject = /RETS/GetObject
Login = /RETS/Login
Logout = /RETS/Logout
Search = /RETS/Search
GetMetadata = /RETS/GetMetadata
X-Links = /RETS/LINKS
X-Stats = /RETS/STATS
X-OMEGA = /RETS/Omega
</RETS-RESPONSE>
</RETS> -
Httpurlconnection digest authentication
We have an applet which runs after requesting a page from an http server. This applet then makes thousands of http requests (SOAP) to the same server. Our problem is that when we set the server to require digest authentication for the soap service, the httpurlconnection is sending the soap request, getting back an unauthorized, then sending the auth information with the next request. So every request is getting huge overhead, 2 round trips, when it should be 1. For the first request, java vm pops up its little window and asks for credentials, then for the rest of the requests it uses those same credentials, but does not automatically send them until the server requests them. How can I set it so that for each request, it automatically sends the credentials with the cnonce, instead of sending no credentials, getting an unauthorized reply, then sending again with the credentials? I tried System.setProperty("http.auth.digest.validateServer", "true");, but that did not change anything. All help is appreciated.
A brute-force way I have discovered is to clear out the entire AuthCacheValue map:
AuthCacheValue.setAuthCache(new AuthCacheImpl());
However, both AuthCacheValue and AuthCacheImpl are part of the sun.net.www.* classes, so this method would be very fragile and raises issues of incompatibility. -
Authentication with Web Accees managment through Headervariable
Hi All
We have configured External WEb Access Management Product (reverse proxy, passthrough) for authentication to access our BI Java 7.0 Application using Header variable.We have configured authschemes.xml and UME Properties
When we are trying to access our BI Java 7.0 Application then get the below Error
" Cannot logon user defined in header variable"
Please help me on this if anyone have faced these type of issue
Waiting for your fast immediate response on this
Thanks with Regards
Deelip KumarHi Patrick
I have doubt on onething, in visual Administrator the below Login module stacks are available,
SAP-J2EE-Engine this is a default configured login module stack that can be used by everyone.
· Basic allows for Basic Authentication, supported by the Web container.
· Client allows for client certificate authentication, supported by the Web container.
· Digest allows for digest authentication, supported by the Web container.
· Form allows for form authentication, supported by the Web container.
· Ticket used for creating and verifying logon tickets.
· Evaluation assertion ticket used for verifying assertion tickets (tickets used between systems).
I have selected SAP J2EE Engine and then defined the below Logon stack
EvaluateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
HeaderVariableLoginModule REQUIRED {ume.configuration.active=true, Header=}
CreateTicketLoginModule SUFFICIENT {ume.configuration.active=true}
BasicPasswordLoginModule REQUISITE {}
CreateTicketLoginModule OPTIONAL {ume.configuration.active=true}
it do not understand whether it is right or we should create new policy under policy configuration and the define the above stack.now i am also facing problem in loggin to Visual adminstrator
Please suggest
Thanks with Regards
Deelip Kumar -
SPA112 - HTTP Authentication with Provisioning
Is it possible to provision a device with an HTTP server using HTTP Digest Authentication?
I've tried using the URL format of: http://username:[email protected]/spa.xml
But formatting it like that makes the SPA request the entire URL in a DNS query, which doesn't resolve properly.
Am I missing some username/password fields?
Thanks!I found some of the information you were looking for.
To include the username and password when you resync the phone,
the details are located in the provisioning guide p 90 here
http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/csbpvga/ata/provisioning/guide/Provisioning.pdf
The word to search for is “digest authentication” We are talking about using the profile rule
Digest Authentication Support in Profile and Report Rule
Digest Authentication based on the username and password is defined as part of
profile rule and a report rule. The syntax is:
[--uid $SA]
[--pwd $SB]
In the following example, the phone uses this username and password when it is challenged by the server:
[--uid slee --pwd 1234] http://download.com/spacfg.xml
Dan -
I get error message: "An error occurred with the publication of album...Authentication with server failed. Please check your login and password information" whenever I open a facebook file in my iPhoto. In each file, most of my photos have disappeared. I am hoping I can retrieve these "lost" files. What do I need to do?
Message was edited by: leroydouglas
better yet, try this solution:
https://discussions.apple.com/message/12351186#12351186 -
Flex Error #1001: Digest mismatch with RSL error
I apologize if this is not the correct location for this question but it was the closest I could find.
I am working in salesforce trying to add a new content pack. This screen uses a tool written in flash. The screen that comes up is an error with the following:
Flex Error #1001: Digest mismatch with RSL
https://cs13.salesforce.com/_swf/121310/sfc/flex/framework_3.5.0.12683.swf.
Redeploy the matching RSL or relink your application with the matching
library.
I have been working with SalesForce support but they don't have a clue and want to punt to Adobe.
The support staff at SalesForce has no trouble accessing the page with the flash control from thier pc. I have tried several computers in my office and from several browsers (IE 9 and Chrome). I have reinstalled Flash Player 11 and cleared browser caches. Nothing seems to work.
It has to be something common to computers in my office or my network. All of the information I can find on the Internet talks about rebuilding the application and redeploying it. I can't do that since this is part of SalesForce and not something I own. Also, it works for them on their computers.
I am running windows 7 64 bit. I have McAfee running (and have checked that Flash is not blocked).
The flash player itself works when I go to the Adobe site and try other content.
The only other odd thing I have is that my hard drive is encrypted.
Any ideas?
Thanks,
MikeChris,
I have cleared the browsser and flash cache data then restarted browswers and windows. Still no luck. I reverted the flash player back to 10.3 after following the instructions in the link you provided for a clean install but still get the error. SalesForce did not state what version of FlashPlayer they are using but I will check with them later today.
All of the machines that I have tested on have been at the office and all have encrypted hard drives with PGP desktop. I am going to try my laptop on my home network tonight to see if we are blocking something during the download.
This is driving me nuts. I know is it something specific to the machines in the office or the office network but I can't find it.
Thanks for your help. Please let me know if you have any other ideas.
Mike -
Error in authentication with ldap server with certificate
Hi,
i have a problem in authentication with ldap server with certificate.
here i am using java API to authenticate.
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed.
I issued the new certificate which is having the up to 5 years valid time.
is java will authenticate up to one year only?
Can any body help on this issue...
Regards
Rangasorry i am gettting ythe same error
javax.naming.CommunicationException: simple bind failed: servername:636 exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed]
here when i am using the old certificate and changing the system date means i can get the authentication.
can you tell where we can concentrate and solve the issue..
where is the issue
1. need to check with the ldap server only
2. problem in java code only.
thanks in advance -
I got an issue with OS of widows 7.
unable to scan documents to user's PC.am getting error message "Authentication with the destination has failed. Check settings. To check the current status, press [Scanned Files Status
Other Windows xp PC can do this.
How can I fix this problem?
Printer Model :C2051 /mp2001spHi,
I searched for the error and it is mentioned in Ricoh's website:
Messages Displayed on the Control Panel When Using the Scanner Function
http://support.ricoh.com/bb_v1oi/pub_e/oi_view/0001045/0001045718/view/trouble/int/0036.htm
Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Message
Cause
Solution
“Authentication with the destination has failed. Check settings. To check the current status, press [Comm. Status/Print].”
The entered login user name or login password is not correct.
Check that the user name and password are correct.
Check that the ID and password for the destination folder are correct.
A password of 128 or more characters may not be recognized.
From the solution, it mentioned that the issue could relate to user account or its password.
Please let me know if it is in domain environment. If so, please test to log the same user account currently on Windows 7 to Windows XP and see if issue persists.
Also please test to directly access the scanning folder on printer server to see if there is any issue in accessing the destination folder. -
Not Working-central web-authentication with a switch and Identity Service Engine
on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
The interface configuration looks like this:
interface FastEthernet0/24
switchport access vlan 6
switchport mode access
switchport voice vlan 20
ip access-group webauth in
authentication event fail action next-method
authentication event server dead action authorize
authentication event server alive action reinitialize
authentication order mab
authentication priority mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
spanning-tree portfast
end
The ACL's
Extended IP access list webauth
10 permit ip any any
Extended IP access list redirect
10 deny ip any host 172.22.2.38
20 permit tcp any any eq www
30 permit tcp any any eq 443
The ISE side configuration I follow it step by step...
When I conect the XP client, e see the following Autenthication session...
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.184
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: single-host
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000490AC1A9E2
Acct Session ID: 0x00000077
Handle: 0xB7000049
Runnable methods list:
Method State
mab Authc Success
But there is no redirection, and I get the the following message on switch console:
756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
I have to mention I'm using an http proxy on port 8080...
Any Ideas on what is going wrong?
Regards
NunoOK, so I upgraded the IOS to version
SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
I tweak with ACL's to the following:
Extended IP access list redirect
10 permit ip any any (13 matches)
and created a DACL that is downloaded along with the authentication
Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
10 permit ip any any
I can see the epm session
swlx0x0x#show epm session ip 172.22.3.74
Admission feature: DOT1X
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
And authentication
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.74
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000160042BD98
Acct Session ID: 0x0000001B
Handle: 0x90000016
Runnable methods list:
Method State
mab Authc Success
on the logging, I get the following messages...
017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
What I'm I missing? -
I have recently upgraded a clients servers to Windows Server 2012 & since doing so have lost the ability to scan to folder.
Both servers are domain controllers and previously on a 2008 domain controller I would have had to make the following change to allow scan to folder:
Administrative Tools
Server Manager
Features
Group Policy Manager
Forest: ...
Default Domain Policy
Computer configuration
Policies
Windows Settings
Security Settings
Local Policies
Security Options
Microsoft Network Server: Digitally Sign Communications (Always)
- Define This Policy
- Disabled
However I have applied this to the Windows 2012 server but am still unable to scan, possibly due to added layers of security in server 2012. The error on the scanner is Authentication with the destination has failed check settings.
I have also tried the following at the server:
Policies -> Security Policies
Change Network Security: LAN Manager authentication level to: Send LM & NTLM - Use NTLMv2 session security if negotiated.
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients and uncheck the require 128 bit.
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers and uncheck the require 128 bit
I have created a user account on the server for the ricoh and set this in the settiings of the Ricoh and verified everything is correct.
Are there any other things I have missed?I can email anybody the firmware module if interested and how to...
Tell me your model and email
If your offer still stands we have an Aficio MP C3300
Firmwareversion
Modulnavn Version Delnummer
System/Copy 1.13 D0255562H
Network Support 8.16.1 D0255563D
Font EXP 1.03 D0255588
OptionPCLFont 1.02 D0255589
animation 1.3.1 D0255568A
Fax 01.10.00 D0255569B
RemoteFax 01.10.00 D0255564B
Printer 1.11 D0255572A
RPCS 3.7.5.4.1 D0255574A
Option PCL 1.00 D0255580A
Scanner 01.17 D0255570C
Network DocBox 1.00 D0255567B
Web Support 1.06 D0255565B
Web Uapl 1.07 D0255566C
libcvm(v4) 4.13 D4135765B
GWFCU3-13(WW) 03.00.00 D3935570C
PowerSaving Sys 1.10 D0255560C
Engine 1.51:09 D0255117E
OpePanel 1.03 D0251492A
LANG0 1.03 D0251496
LANG1 1.03 D0251496
ADF 03.420:02 D3665604
Finisher 01.090:03 D3725112
Best Regards/
Henrik Plougstad
henrik(a)pieroth.dk
Maybe you are looking for
-
WSUS Best practice for cleanup order?
Hi All, I have a Win 2012 WSUS install that initially grew large and the Server Cleanup Wizard would fail when running all of the available options together. I believe I have worked out the best order to run the cleanup options from a GUI: Expired up
-
Remove existing field value from transaction CV01N
Hi Ramchander, i already used that method but i.e. not working . when CV01N transaction has done docuement number is automatically created thats why it should be blank so, my problem is that document is blank for 1st record & when 2nd record is creat
-
How can I print and ship a photo book from another country?
I wish to print and ship a book from a different country (Hong Kong) but have it billed to my Canada credit card in order to avoid overseas shipping costs.. Does anyone know if this is possible? If I create a unique Apple ID on HK web site with a l
-
Vbscript, wsh or batch? Unsure which will work.
I've been trying to find something for a solution and the more I look the more confused I get. I tried a batch file, but can't get what I want. I need to map a temporary drive, open internet explorer with a specific folder\html file, allow user to br
-
No sound when video chatting - 'microphone enabled' grayed-out during chat
Recently, whenever I video chat there is no sound on the other end. 'Microphone enabled' is grayed out. It is not grayed-out when I am not video chatting. All sound preferences appear to be set correctly. This problem just appeared recently. Thanks i