Lifetime of a session and/or access token

Hi folks,
I try to authenticate via API using both session IDs and oAuth access tokens.
Does anybody know how long such a session ID (retrieved with a SAML assertion) is valid? And, while we are on it: what is the lifetime of an access token?
Or, from a developers point of view: How can I retrieve the lifetime of both items programmatically after I retrieved them - is it somewhere coded into the response? 
Thanks & regards
  Mathias

Hi Mathias,
I do not know about SAML session IDs, but the lifetime of an OAuth access token is currently not limited (that is, as long as it is not revoked). AFAIK there is no way to retrieve the lifetime. My colleague Ruediger may be able to give you some information on the lifetime of SAML session IDs.
Simon

Similar Messages

  • How to restrict multiple ess session and access?

    Hi experts,
    how to restrict multiple session for ess user? and multi access for same ess user?
    our problem is when user login to ess (doing session, for example leave request) and at the same time their manager is accessing travel approval task for that user, the approval process getting error. (we use travel workflow to approve travel request)
    how to overcome this situation?
    thanks.

    but there is no information on ESS screen for user being lock.
    how to show the information on ess screen?
    thanks

  • Session List and Last Access Time

    I want to get a list of WebLogic's current/active sessions and find out
    the user's last access time for each session. How can I do this? I'm
    using WebLogic 4.5.
    Thanks in advance.
    Sincerely,
    William H. Stone
    X U M A <build-to-order e-business>
    William H. Stone
    160 Pine St., 2nd Floor
    San Francisco, CA 94111
    Phone:(415)777-9988
    Fax: (415)777-2704
    http://www.xuma.com

    I am trying to maintain simultaneous sessions with WebLogic and another
    app server. I am writing a daemon that will read thru the active
    session list and check to the last activity time. Based on this and a
    similar list I get from the other app server, I will "ping" the oldest
    session to keep it up to date. The result is that the sessions will not
    time out prematurely.
    Clear as mud?
    -WHS
    Mauricio Del Moral wrote:
    Many information about your WLS it could be viewed with the Weblogic
    Console....but exactly what are you trying to get???--
    X U M A <build-to-order e-business>
    William H. Stone
    160 Pine St., 2nd Floor
    San Francisco, CA 94111
    Phone:(415)777-9988
    Fax: (415)777-2704
    http://www.xuma.com

  • Invalid Access Token in Script

    Hey folks!
    I was hoping to set up a copy of my local Pictures directory from my home server to OneDrive, so I was following the blog
    post here.
    This led me to the
    blog post here regarding using Powershell 3.0 to connect to Live. From that post, I'm using the Authorization code grant flow to generate an Access Token. I get the Live login and application approvals, but when I try to Invoke-RestMethod to the URI,
    I get the following error, which leads me to believe I'm not really generating the Access Token.
    Any ideas? Thanks!
    Invoke-RestMethod -URI "https://apis.live.net/v5.0/me/skydrive?access_token=$AccessToken
    Invoke-RestMethod : { "error": { "code": "request_token_invalid", "message": "The access token isn't valid." } }
    At line:1 char:1
    + Invoke-RestMethod -URI "https://apis.live.net/v5.0/me/skydrive?access_tok ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
       eption
        + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

    I did register, but didn't change the secret. I am getting intermittent success, so I think I might just be impatient and maybe the 24 hours applies on new applications?
    To answer the first question - just putzing around really on Windows 2012 Essentials, which can't run the SkyDrive app. Trying to see if a basic copy to SkyDrive would work using a PowerShell script.
    Go back and read the article very carefully.  THe token is initially only good for an hour.  You need to change the request.
    Sit down and read slowly while testing each bit of code presented.  You need to do it in three steps.
    1. Acquire current token.
    2. Apply token to session
    3. Get folder.
    ¯\_(ツ)_/¯

  • Sharepoint Workflow Access Token Error

    Whenever run a workflow on the SharePoint site it gets stuck on "Started" and throws this error when inspected in the workflow view:
    Retrying last request. Next attempt scheduled after 07/01/2015 10:58. Details of last request: HTTP 
    to https://***.sharepoint.emea.microsoftonline.com/support/_api/web/lists(guid'91616358-3515-49a4-8652-08e56a608d7e') Correlation Id: 
    Instance Id: dba845fc-941c-499f-9722-0929d85899ec
    System.Net.WebException: The request was aborted: The request was canceled. ---> System.InvalidOperationException: Failed to fetch an access token from the token service. The token service returned an error type of 'invalid_request' with the following
    description: ACS50000: There was an error issuing a token. ACS50001: Relying party with identifier 
    '00000003-0000-0ff1-ce00-000000000000/***.[email protected]f5cb8a2' was not found.
    Trace ID: e000a6d4-06d3-499b-95a6-a761150135cf
    Correlation ID: c7661e3d-2465-2ecb-9935-b7ba3142478d
    Timestamp: 2015-01-07 09:50:09Z ---> System.Net.WebException: The remote server returned an error: (400) Bad Request.
       at System.Net.HttpWebRequest.GetResponse()
       at Microsoft.Activities.Hosting.Security.OAuthS2SSecurityTokenServiceCredential.FetchAccessToken(Uri stsUri, String targetServiceAudience, String authenticatorToken, HttpWebRequest request, TimeSpan timeout, EventTraceActivity
    eventTraceActivity, TimeSpan& expirationDuration)
       --- End of inner exception stack trace ---
       at Microsoft.Activities.Hosting.Security.OAuthS2SSecurityTokenServiceCredential.FetchAccessToken(Uri stsUri, String targetServiceAudience, String authenticatorToken, HttpWebRequest request, TimeSpan timeout, EventTraceActivity
    eventTraceActivity, TimeSpan& expirationDuration)
       at Microsoft.Activities.Hosting.Security.OAuthS2SSecurityTokenServiceCredential.GetAccessTokenFromTokenService(OAuthS2SPrincipal client, OAuthS2SPrincipal targetServiceAudience, HttpWebRequest originalRequest, EventTraceActivity
    eventTraceActivity, TimeSpan& expirationDuration)
       at Microsoft.Activities.Hosting.Security.OAuthS2SSecurityTokenServiceCredential.GetAuthorization(OAuthS2SAuthenticationChallenge[] bearerChallenges, HttpWebRequest request, EventTraceActivity eventTraceActivity)
       at Microsoft.Activities.Hosting.Security.OAuthS2SAuthenticationModule.AuthenticateInternal(String challenge, WebRequest request, OAuthS2SCredential credential, EventTraceActivity eventTraceActivity)
       at Microsoft.Activities.Hosting.Security.OAuthS2SAuthenticationModule.Authenticate(String challenge, WebRequest request, ICredentials credentials)
       at System.Net.AuthenticationManager.Authenticate(String challenge, WebRequest request, ICredentials credentials)
       at System.Net.AuthenticationState.AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo)
       at System.Net.HttpWebRequest.CheckResubmitForAuth()
       at System.Net.HttpWebRequest.CheckResubmit(Exception& e, Boolean& disableUpload)
       at System.Net.HttpWebRequest.DoSubmitRequestProcessing(Exception& exception)
       at System.Net.HttpWebRequest.ProcessResponse()
       at System.Net.HttpWebRequest.SetResponse(CoreResponseData coreResponseData)
       --- End of inner exception stack trace ---
       at Microsoft.Workflow.Common.AsyncResult.End[TAsyncResult](IAsyncResult result)
       at Microsoft.Activities.Hosting.HostedHttpExtension.HttpRequestWorkItem.HttpRequestWorkItemAsyncResult.End(IAsyncResult result, Int32& responseCode)
       at Microsoft.Activities.Hosting.HostedHttpExtension.HttpRequestWorkItem.OnEndComplete(ScheduledWorkItemContext context, IAsyncResult result)
    This only occurs on the workflows that have been designer in SharePoint Designer 2013, when the using the template ones (for example the three-state) they run fine. Have searched the internet to no avail on the error but believe it is something to do with
    the server settings and permissions. Thanks in advance

    Hi,
    According to your post, my understanding is that Sharepoint Workflow get the Access Token Error.
    I reoconmend that you can properly configure the HTTPS endpoint and then re-register the workflow farm with SharePoint.
    The snippet below assumes that you have exported the SSL certificate from the workflow manager IIS web site to c:\wfm.cer.
    $cert = Get-PfxCertificate "c:\wfm.cer"
    New-SPTrustedRootAuthority -Name "Workflow Manager Farm" -Certificate $cert
    Register-SPWorkflowService -SPSite "http://dev.sharepoint.com" -WorkflowHostUri "https://devmachine
    In addition, it may caused by
    a mismatch between SharePoint and Workflows. You can install a new version workflow manger and sharepoint designer to check whether it works.
    Here are some similar threads for your reference:
    http://sharepoint.stackexchange.com/questions/71773/sharepoint-2013-workflow-cant-get-them-to-work-again
    http://community.office365.com/en-us/f/154/t/276478.aspx?pi14176=2
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • How do i get a long lived 60 days access token to post messages on facebook ? Getting exception error

    I created just now a new app in the facebook site: https://developers.facebook.com
    I have a new access token but its for short time will expire after 2 hours or so.
    And i also got the app id and app secret code.
    This is how im trying to use it:
    private string PostFacebookWall(string accessToken, string message)
    var responsePost = "";
    try
    //create the facebook account object
    var objFacebookClient = new FacebookClient(accessToken);
    var parameters = new Dictionary<string, object>();
    parameters["message"] = message;
    responsePost = objFacebookClient.Post("feed", parameters).ToString();
    catch (Exception ex)
    responsePost = "Facebook Posting Error Message: " + ex.Message;
    return responsePost;
    In this method PostFacebookWall its working now with the new access token i can post on my wall.
    But since it will expire in few hours i want to make it longer access token for 60 days. So i have this method:
    public static string RenewToken(string existingToken)
    var fb = new FacebookClient();
    dynamic result = fb.Get("oauth/access_token",
    new
    client_id = ,
    client_secret = "",
    grant_type = "fb_exchange_token",
    fb_exchange_token = existingToken
    return result.access_token;
    Si called the method RenewToken in my constructor and used with my current access token code and im getting this exception:
    (OAuthException - #1) The access token does not belong to application 1378943962355167
    Strange since i checked double time and got the app id and secret from the current app.
    This is the full exception error message:
    Facebook.FacebookOAuthException was unhandled
    HResult=-2146233088
    Message=(OAuthException - #1) The access token does not belong to application 1378943962355167
    Source=Facebook
    ErrorCode=1
    ErrorSubcode=0
    ErrorType=OAuthException
    StackTrace:
    at Facebook.FacebookClient.ProcessResponse(HttpHelper httpHelper, String responseString, Type resultType, Boolean containsEtag, IList`1 batchEtags)
    at Facebook.FacebookClient.Api(HttpMethod httpMethod, String path, Object parameters, Type resultType)
    at Facebook.FacebookClient.Get(String path, Object parameters, Type resultType)
    at Facebook.FacebookClient.Get(String path, Object parameters)
    at ScrollLabelTest.Form1.RenewToken(String existingToken) in e:\scrolllabel\ScrollLabel\ScrollLabel\Form1.cs:line 290
    at ScrollLabelTest.Form1..ctor() in e:\scrolllabel\ScrollLabel\ScrollLabel\Form1.cs:line 28
    at ScrollLabelTest.Program.Main() in e:\scrolllabel\ScrollLabel\ScrollLabel\Program.cs:line 18
    at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
    at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
    at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
    at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
    at System.Threading.ThreadHelper.ThreadStart()
    InnerException:

    Questions related to Facebook should be posted on their forums.  These forums are for MS-related technologies.

  • Publish RD Gateway and Web Access with One-Time Password (OTP) / Two-factor Authentication WITHOUT ISA/TMG server

    Hi everybody,
    I've been struggeling with this problem for a few weeks now and can't find a way to solve it.
    We have an RD farm (Server 2012) which consists of two Remote Desktop Servers with Connection Broker and Web Access.
    I've recently published a new server, containing RD Gateway and Web Access in our perimeter network.
    Now we've got restrictions that OTP/2FA must be used for the external deployment and we've decided to go for a solution from Gemalto.
    The "program" is called IDConfim and the server is called SA Server (Strong Authentication).
    Also it's important that NO ISA/TMG server is supposed to be used, the OTP/2FA is supposed to work seamless with the Web Access/Gateway.
    After hours discuss we came to a point were their NPS agent setup would be the only way to accomplish our goals.
    The setup is supposed to be like this:
    LAN:
    1 DC (2008 R2)
    RD Farm (2012)
    1 SA Server (2012)
    DMZ:
    RD Gateway/Web Access (2012)
    Were Gateway and Web Access should forward the authentications with NPS to the NPS agent on the SA server.
    When you print your AD account to authenticate you add the 6 digits of OTP which you recieve from you mobile app.
    Initially this seems to work, the Gateway forwards the request to the remote NPS server, BUT only if you write the correct AD password
    (without the OTP extension).
    If you write the correct AD password the authentication is forwarded to out SA Servern and it's beeing rejeced because the password doesn't
    contain the correct OTP extension.
    The problem comes here.
    When you write you AD password along with the OTP extension you get a Windows Security error in the eventlog (On thw Gateway server) like this:
    An account failed to log on.
    Subject:
    Security ID: NULL SID
    Account Name: -
    Account Domain: -
    Logon ID: 0x0
    Logon Type: 3
    Account For Which Logon Failed:
    Security ID: NULL SID
    Account Name: user
    Account Domain: domain
    Failure Information:
    Failure Reason: Unknown username or password.
    Status: 0xc000006d
    Sub Status: 0x0
    Process Information:
    Caller Process ID: 0x0
    Caller Process Name: -
    Network Information:
    Workstation Name: server
    Source Network Address: 192.168.x.x
    Source Port: 63003
    Detailed Authentication Information:
    Logon Process: NtLmSsp
    Authentication Package: NTLM
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0
    This event is generated when a logon request fails. It is generated on the computer where access was attempted.
    The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
    The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
    The Process Information fields indicate which account and process on the system requested the logon.
    The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
    The authentication information fields provide detailed information about this specific logon request.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    What i can see it's a NTLM error, but hey?! aren't we supposed to forward all authentication handeling to the remote NPS server?
    The problem is that no matter what i try the above problem stays there.
    Is it not possible to just forward ALL authentication handeling to a remote server?
    The only solution I've found to get it working someday in the future is this:
    "Remote Desktop Pluggable Authentication and Authorization", which is supposed to be introduced in 2012 R2.
    Also this link describes it:
    http://archive.msdn.microsoft.com/Release/ProjectReleases.aspx?ProjectName=rdsdev&ReleaseId=3745
    Please, bring me some answers before my head explodes! :)
    PS, long question = maybe some errors, ask me if something is unclear.

    Hi,
    Based on our experience, if the NTLM error occurs, please check the password.
    Regards,
    Mike
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • Web session and authentification session pb with wl6.0

    Hi,
    I am evaluating weblogic 6.0 on windows 2000.
    I have a little web application, with some URL (html, servlet...), I want to protect.
    So I defined a <security-constraint> element in my web.xml
    file, and I binded the logical roles with real participant in
    weblogic.xml
    It works very well at startup. I launch a browser, request a protected URL and the
    authentification window popup. I enter valid info and I can access my URL.
    Perfect.
    Now I want to give the possibility to my user to terminate a session, to disconmect,
    so I had a button, (disconnect) which invoque a servlet which get the current session
    and invalidate it.
    I checked, the session is destroyed and a new one is defined (new ID, new counter...),
    but my user are still connected. It means that if I want to acces a protected URL,
    I still can do it.
    more strange. In both a secured and unsecured page I print the User Principal. When
    I connect, the two pages print the same and right value.
    But if I disconnect, the unsecured page print null(no connection for this session)
    and the secured page print the principal I used to connect in the previous message.
    I know this message is a little bit long, but I tried to give the cleares context.
    Has anyone ancountered that kind of problem? Is there a solution.
    I pass the test with netscape 4.76, netscape 6.01, Internet Explorer 5.50. I got
    the same behavior each time...
    Thanks
    Nicolas

    If you use a Form to authenticate then the browser is unaware of the
    username and password. The PetStore demonstrates how it's done in
    ..\samples\petStore\source\com\bea\estore\util\WLSecurityAdapter.java
    "Nicolas GANDRIAU" <[email protected]> wrote in message
    news:[email protected]...
    >
    Hi John,
    thank you for your answer. It confirmed my first guess, that the
    browser keep the secret info and send them back to the server.
    The server does not make any attachment with the current session.
    But you talk about a "ServletAuthentication" example which presents theway to bind
    the login info in the session. I have not found this servlet, in weblogic6.0 distribution
    or J2EE API.
    Can you give me the exact reference of this servlet.
    Thank you for your help.
    Nicolas
    "John Lindwall" <[email protected]> wrote:
    Nicolas,
    It is my understanding that the authentication information for this
    scenario
    (ie HTTP BASIC authentication) is not contained in the session -- it is
    maintained by the browser and resent with every request. That is why
    invalidating the session makes no difference. If you have a HTTPsnooping
    utility you will see the "Authorization" information (albeit encodedusing
    BASE64) present in the requests from your browser to the server.
    FYI: I've noticed that by using the ServletAuthentication class tomanually
    perform authentication, it DOES in fact store the authentication info in
    the
    session. There is a "done()" method in this class which removes thisinfo
    from the session (ie performs a logout).
    If this link reproduces properly, check it out -- it's a good simple
    explanation of what's going on:
    http://www.support.lotus.com/sims2.nsf/852561c1006719a98525614100588964/877
    a
    0ac029a78f8a8525645f0069a34d?OpenDocument
    For tons of detail on BASIC authentication see
    ftp://ftp.isi.edu/in-notes/rfc2617.txt
    John
    Nicolas GANDRIAU <[email protected]> wrote in message
    news:[email protected]...
    Hi,
    I am evaluating weblogic 6.0 on windows 2000.
    I have a little web application, with some URL (html, servlet...), I
    want
    to protect.
    So I defined a <security-constraint> element in my web.xml
    file, and I binded the logical roles with real participant in
    weblogic.xml
    It works very well at startup. I launch a browser, request a protectedURL
    and the
    authentification window popup. I enter valid info and I can access myURL.
    Perfect.
    Now I want to give the possibility to my user to terminate a session,to
    disconmect,
    so I had a button, (disconnect) which invoque a servlet which get thecurrent session
    and invalidate it.
    I checked, the session is destroyed and a new one is defined (new ID,new
    counter...),
    but my user are still connected. It means that if I want to acces aprotected URL,
    I still can do it.
    more strange. In both a secured and unsecured page I print the UserPrincipal. When
    I connect, the two pages print the same and right value.
    But if I disconnect, the unsecured page print null(no connection for
    this
    session)
    and the secured page print the principal I used to connect in the
    previous
    message.
    I know this message is a little bit long, but I tried to give the
    cleares
    context.
    Has anyone ancountered that kind of problem? Is there a solution.
    I pass the test with netscape 4.76, netscape 6.01, Internet Explorer
    5.50.
    I got
    the same behavior each time...
    Thanks
    Nicolas

  • Safari 5.1.7 resumes last session and freezes immediately

    Hello,
    Upon the start of Safari, it resumes the last session and immediately freezes, showing the spinning rainbow and failing to load pages. None of the toolbar options can be accessed. I can only force quit. Restarting the computed accomplishes nothing.
    I am running Mac OS 10.7.4 with Safari 5.1.7
    Thanks.

    Open System Preferences > General
    Deselect:  Restore windows when quitting and re-opening apps
    Now restart your Mac, launch Safari.
    From the Safari menu bar top of your screen, click Safari > Empty Cache
    See if that made a difference...

  • Session and JSession ID

    After a session has been invalidated using Session.invalidate() method, the next time a user logs in to the application within the same browser session and the servlet (as JSP) attempts to access a session variable; the session variable is no longer available. After printing the session id, JSession ID is appended to the session id which results in lost session after another page is loaded. Once again, this only happens after the session has been invalidated as mentioned before.
              

    Hi Anand,
              Invalidating a session effectively destroys all
              variables bound to the session.
              Regards,
              Slava Imeshev
              "Anand" <[email protected]> wrote in message
              news:[email protected]..
              > After a session has been invalidated using Session.invalidate() method,
              the next time a user logs in to the application within the same browser
              session and the servlet (as JSP) attempts to access a session variable; the
              session variable is no longer available. After printing the session id,
              JSession ID is appended to the session id which results in lost session
              after another page is loaded. Once again, this only happens after the
              session has been invalidated as mentioned before.
              

  • Reset JSF session and the managed beans with sesison scope

    Hi,
    this is a very general question and maybe stupid for most of you. I have my jsf/facelets web application and i use inside of this application some managed beans, which are session beans. I want to know how is it possible to reset this beans. I'm asking this question beacuse i have this kind of problem: i built my web application which has a login form and i use the browser to test it. When i browse to the login page and I login with my credentials i get my customized home page. Then i open another istance of the browser and i browse to the login page again but this time i login as a different user. The result home page is the same as i got before with my login credentials, so the session is always the same. Instead i want the session and all its objects to be resetted for the new user! Do youn know which is the solution?

    The fact is that i want to have two sessions in parallel, so using the same browser and opening two tabs, i want to browse to the login page and access as two totaly different users and using in parallel the application without the problem of one user's action affecting the other user beacuse of session sharing. So I want to force the application to create two different session for the two users logins, because as i told you before as it is now, they are sharing the same sesison. And i think that if i at the login time I iterate thorugh the session and delete all the objects i will be able to have only one session per time. Isn't it?

  • I want to disable "restore previous session" and enable "History record" at the same time.

    I want to disable "restore previous session" and enable "History record" at the same time.
    Because I don't want others to access my account such as "Gmail", "Facebook". But I want firefox to record my browsing history.
    What should I do?

    I managed to remove the "Restore Previous Session" button from the home page by changing my default home page with this : www.google.com/firefox/ (the default home page from the previous versions of Firefox). It worked for me, I hope it works for you too.

  • Oracle portal  session and pl/sql

    Hi all i use portal v.10.1.2.2.0 and i would like to play with a session variable. all i do is
    grant execute on wwsto_api_session to myportal from portal schema. and then i want to do
    l_store := portal.wwsto_api_session.load_session (p_domain, p_sub_domain);
    l_store.set_attribute ('myname', 'name');
    l_store.save_session;
    1) i do not know what is the p_domain, p_sub_domain
    2) when i do wwsto_api_session.get_sub_domain and wwsto_api_session.get_domain i get an error.
    How can i read and write to a variable session in oracle portal? to to like java set session and get session?
    Thank you in Advance,
    Antonis

    [email protected] wrote:
    Hi all i use portal v.10.1.2.2.0 and i would like to play with a session variable. all i do is
    grant execute on wwsto_api_session to myportal from portal schema. and then i want to do
    l_store := portal.wwsto_api_session.load_session (p_domain, p_sub_domain);
    l_store.set_attribute ('myname', 'name');
    l_store.save_session;
    1) i do not know what is the p_domain, p_sub_domain
    2) when i do wwsto_api_session.get_sub_domain and wwsto_api_session.get_domain i get an error."Storage is located by the combination of the domain and subdomain parameters, and the Login session ID.
    If a session store object has not previously been created for this combination of domain, sub-domain, and session ID, then an empty session store object is created and returned. "
    How can i read and write to a variable session in oracle portal? to to like java set session and get session?Hi,
    You may want to see the wwsto_api_session here in [Portal APIs|http://www.oracle.com/technology/products/ias/portal/html/plsqldoc/pldoc1012/index.html].
    "Working with the session object
    The general procedure for working with the session object is:
    1. Load the session object, with an appropriate domain and sub-domain combination, using the load_session method.
    2. Manipulate the content of the object using the set_attribute methods, or just access its content using the get_attribute methods.
    3. Force these changes to be saved, using the save_session method.
    Typically this sequence occurs within the scope of one client routine that extracts and/or sets all of the client states. For example:
    declare
    l_store portal30.wwsto_api_session;
    l_date date;
    begin
    l_store := portal30.wwsto_api_session.load_session ('PORTAL', 'TEST');
    l_store.set_attribute ('LAST_ACCESSED', sysdate);
    l_store.set_attribute ('USERNAME', 'SMITH');
    l_store.set_attribute ('COUNRTY_CODE', 1);
    l_store.set_attribute ('LOCATION', 'US');
    l_store.set_attribute ('LAST_LOGGED_ON', sysdate);
    l_store.set_attribute_as_string
    ('OFFICE_LOCATION', 'CALIFORNIA', 'US', 'STRING');
    l_store.save_session;
    end;
    The login session that creates the session storage object is defined by wwctx_api.get_sessionid. "
    ref: wwsto_api_session for Portal 10.1.2
    then, look for the functions for getting attributes as number, varchar2, string or index, etc. in the above link.
    hope that helps!
    AMN

  • ISE v1.2 - Endpoint abandoned EAP session and started new

    Hi.
    I have lots of clients that are not able to log on to both wired and wireless networks, and they always fails with these errors.
    5411 Supplicant stopped responding to ISE
    5440 Endpoint abandoned EAP session and started new
    This is with certificate authentication, both for client and for machine.
    The clients are for the most part Windows 7.
    We use both Cisco and Aerohive for wireless, and the switch I have tested with is a Cisco2960S
    A few strange things:
    It works perfectly for a lot of clients too, with the excact same configuration.
    One PC I'm testing with works fine when authenticating via wireless, but when I plug it into the switch, I get these errors.
    I seems to be a timeout of some kind, either to short or too long, but where?
    In the Win7 supplicant?
    In the switch?
    In the Cisco WLC
    or in the Aerohive AP?
    I have spent hours and hours on this problem, but I can't make it go away, it is very exhausting.
    There surely must have been others with the same problem?
    Thank you.

    Thank for trying to help out, but this is.. insanely vague.
    How can i verify that NAS (the C2960S) is properly configured?
    What timers are we talking about here? There are many to choose from..
    The problem is still here, even with the latest patch 7 for ISE 1.2. It works fine on wireless, but not with wired, from the same computer. So it is logic to assume it has something to do with the switch.
    This is the configuration from the switch:
    interface GigabitEthernet1/0/20
      switchport mode access
     authentication event fail action next-method
     authentication open
     authentication order dot1x mab
     authentication port-control auto
     snmp trap mac-notification change added
     dot1x pae authenticator
     spanning-tree portfast
    end
    sh dot1x int g1/0/20
    Dot1x Info for GigabitEthernet1/0/20
    PAE                       = AUTHENTICATOR
    QuietPeriod               = 60
    ServerTimeout             = 0
    SuppTimeout               = 30
    ReAuthMax                 = 2
    MaxReq                    = 2
    TxPeriod                  = 30
    sh run aaa
    aaa authentication login default group radius local
    aaa authentication dot1x default group radius
    aaa authorization exec default group radius local
    aaa authorization network default group radius
    aaa accounting dot1x default start-stop group radius!
    aaa server radius dynamic-author
     client 192.168.100.85
     server-key nope!
     auth-type any
    radius server hmz
     address ipv4 192.168.100.85 auth-port 1812 acct-port 1813
     key nope!
    radius-server attribute 6 on-for-login-auth
    radius-server attribute 6 support-multiple
    radius-server attribute 8 include-in-access-req
    aaa new-model
    aaa session-id common
    Some debug from the switch:
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] Create attr list, session 0x1E0000E0:
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding MAC d43d.7e97.1e26
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Swidb 0x4F8BAC8
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding AAA_ID=14B
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Audit_sid=C0A864FA0000014B6983A2E0
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Domain=DATA (1)
    Apr  6 11:07:01.745: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding [email protected]
    Apr  6 11:07:01.745: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e97.1e26) on Interface Gi1/0/20 AuditSessionID C0A864FA0000014B6983A2E0
    Apr  6 11:07:01.745: AUTH-DETAIL: No default action(s) for event RX_METHOD_AGENT_FOUND.
    Apr  6 11:08:21.182: %DOT1X-5-FAIL: Authentication failed for client (d43d.7e97.1e26) on Interface Gi1/0/20 AuditSessionID C0A864FA0000014B6983A2E0
    Apr  6 11:08:21.187: %AUTHMGR-7-STOPPING: Stopping 'dot1x' for client d43d.7e97.1e26 on Interface Gi1/0/20 AuditSessionID C0A864FA0000014B6983A2E0
    Apr  6 11:08:21.187: %AUTHMGR-5-FAIL: Authorization failed or unapplied for client (d43d.7e97.1e26) on Interface Gi1/0/20 AuditSessionID C0A864FA0000014B6983A2E0
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] Create attr list, session 0x1E0000E0:
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding MAC d43d.7e97.1e26
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Swidb 0x4F8BAC8
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding AAA_ID=14B
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Audit_sid=C0A864FA0000014B6983A2E0
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Domain=DATA (1)
    Apr  6 11:08:21.187: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Username=host/HovedPC.gaasdal.net
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] Create attr list, session 0x1E0000E0:
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding MAC d43d.7e97.1e26
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Swidb 0x4F8BAC8
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding AAA_ID=14B
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Audit_sid=C0A864FA0000014B6983A2E0
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Domain=DATA (1)
    Apr  6 11:09:22.079: AUTH-DETAIL: [d43d.7e97.1e26, Gi1/0/20] - adding Username=host/HovedPC.gaasdal.net
    Apr  6 11:09:22.079: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e97.1e26) on Interface Gi1/0/20 AuditSessionID C0A864FA0000014B6983A2E0
    Apr  6 11:09:22.079: AUTH-DETAIL: No default action(s) for event SESSION_STARTED.

  • [office365 Exchange online][MVC5][EWS Managed Api] Need a hack to get access token ?

    Hi there, I am using following code example to get access token from Azure AD online. I need to bridge EWS managed api with office 365 Api via Azure AD. The below code is working just fine in my MVC application but I am looking for a way to get the access
    token in simple string returning  function so that I can use it to make call against EWS mananged api.
    private static string tempToken = "";
    public static string GetAccessToken()
    return tempToken;
    internal static async Task<OutlookServicesClient> EnsureOutlookServicesClientCreatedAsync(string capabilityName)
    var signInUserId = ClaimsPrincipal.Current.FindFirst(ClaimTypes.NameIdentifier).Value;
    var userObjectId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
    AuthenticationContext authContext = new AuthenticationContext(Settings.Authority, new NaiveSessionCache(signInUserId));
    try
    DiscoveryClient discClient = new DiscoveryClient(Settings.DiscoveryServiceEndpointUri,
    async () =>
    var authResult = await authContext.AcquireTokenSilentAsync(Settings.DiscoveryServiceResourceId,
    new ClientCredential(Settings.ClientId,
    Settings.AppKey),
    new UserIdentifier(userObjectId,
    UserIdentifierType.UniqueId));
    return authResult.AccessToken;
    var dcr = await discClient.DiscoverCapabilityAsync(capabilityName);
    return new OutlookServicesClient(dcr.ServiceEndpointUri,
    async () =>
    var authResult = await authContext.AcquireTokenSilentAsync(dcr.ServiceResourceId,
    new ClientCredential(Settings.ClientId,
    Settings.AppKey),
    new UserIdentifier(userObjectId,
    UserIdentifierType.UniqueId));
    return authResult.AccessToken;
    catch (AdalException exception)
    //Handle token acquisition failure
    if (exception.ErrorCode == AdalError.FailedToAcquireTokenSilently)
    authContext.TokenCache.Clear();
    return null;
    This is an excerpt from Microsoft single tenant application in MVC5.  In the code, I have created a function called GetAccessToken() which does nothing.. I am hoping you experts can help me figure out how to transfer the accessToken from EnsureOutlookServcesClientCreated
    function which is actually returning token, to  my GetAccessToken() so that I can make call against EWS managed Api. Sorry, If I sound pretty stupid but I really need your help in this regard. 
    best regards,

    Yes sir, Let me try to explain me about my scenario. I need to use EWS managed Api with office 365 Rest Api to get benefits from both the Apis. Here is here code I am using to connect to EWS managed Api but it is failing with 401:Unauthorized.  I already
    have "Full Access" turned on in Azure AD.  I have the access token from AZure AD and want to use it to make call against EWS managed Api.
    var outlookClient = await AuthHelper.EnsureOutlookServicesClientCreatedAsync("Mail");
    //IPagedCollection<IMessage> messagesResults = await outlookClient.Me.Messages.ExecuteAsync();
    // Get the ID of the first message.
    // string messageId = messagesResults.CurrentPage[0].Id;
    string tokenx = AuthHelper.GetAccessToken();
    ExchangeService service = new ExchangeService(ExchangeVersion.Exchange2013);
    service.HttpHeaders.Add("Authorization", "Bearer " + tokenx);
    service.PreAuthenticate = true;
    service.SendClientLatencies = true;
    service.EnableScpLookup = false;
    service.Url = new Uri("https://outlook.office365.com/EWS/Exchange.asmx");
    // Get all the folders in the message's root folder.
    ExFolder rootfolder = ExFolder.Bind(service, WellKnownFolderName.MsgFolderRoot);S
    Scenario of my migration application:
    1. I have a Gmail mailbox email in Raw(complete email in base64-urlsafe with attachments) format with RFC2822. I need to migrate this mailbox to Exchange online. I believe EWS managed Api has better support on this one.
    2.  Likewise I need to migrate Gmail Calendars, Tasks and Contacts to Exchange online.
    I would be highly grateful to you , if you tell me how to bridge EWS managed Api with office 365 Api.
    best regards,

Maybe you are looking for

  • Error while cancelling the Invoice

    Dear Gurus The Billing document was raised on a wrong customer on may month. Now that was realized, and that invoice was canceled but wrongly the date was given as may month. The FI period was closed for may month and the current period is july. So t

  • Can't rename important file!

    Hi everybody well, I have quite an extraordinary situation here. Today morning I created an iStopMotion file (.mov) and renamed it, to my misfortune, with a VERY long name. The file's only copy is on my external drive (unfortunately FAT 32). If I now

  • Digital o/p from 6221

    I hv LV 8.0 acedamic kit along with PCI-6221 (68 pin). using the Daqmx i generated a task that gives out a digital pulse o/p. I hv attched my task. this will trigger myinstrument. is thr any way i can avoid pull down the tsk menu in front panel and w

  • Sending mail with attachement

    Hi friends, im trying to send a mail with csv attachment to some users, can any pne share a sample code for it ? thanks Raj

  • Unable to open adobe acrobat reader

    I own a nokia n93. For the part few days i've been unable to open the adobe acrobat reader supplied with the device. Whenever i try to open it i get a message which says, ' App closed acrobat reader'. Would greatly appreciate any fruitful suggestions