My question to frank on his JAAS implementation?
Hi Frank,
Your document for implementing JAAS in J2EE applications on OC4J is superb and simple. I have a simple query. Is it possible to have a single screen built in the application which will list out the current logged in users from JAAS model. If you can throw some light on this would be a gr8 help for all of us.
thanx and regards
Amit
Hi,
I must admit I wrote so many documents about JAAS in J2EE so that I don't know exactly which document you refer to.
If it is JAAS authentication within container managed authentication in OC4J then a call to getRemoteUser() on the Http request object returns the logged in username. You can also request for the user principal on the same API
In case you use pure JAAS - which i only documented once - the the user name is within teh authenticated JAAS Subject
Frank
Similar Messages
-
JAAS implementation vs. ACL implementation
Hello friends.
I'm wondering if I can get some general advice on what I should be pursuing for a security implementation.
We have a web application (STRUTS/Hibernate/Tomcat) that will have an increasing need for more complicated rules governing who can access specific components of the application. We have survived the 'prototyping' phase with a simple numerical scheme for providing access, but as more departments come on board they bring with them specialized needs. Thus, I have come to be evaluating our options for implementing a more complicated security system.
Authentication has pretty much already been handled in our application; there isn't an overwhelming need to re-work that area. Our primary need is the ability to grant privileges to users on a user by user basis and then evaluate for those privileges within the application to detemine what links a user should receive, and if they are allowed to access a particular url.
My preliminary evaluation makes me believe that jaas might not be what I'm looking for; authentication is handled already by LDAP lookup and I really don't need to lock down process/jar level access via java.policy level modifications (I don't think so, anyways). It would seem that our primary needs can be met by developing a series of objects implementing the ACL and related interfaces and assigning roles as appropriate to our user objects, and then writing appropriate code in the jsp / security filter servlet to identify the user, evaluate for the appropriate privilege, and forward as necessary.
I worry that I'm missing something here, either that jaas can provide me with these abilities and provide flexibility for the future or that there are other good reasons not to implement a custom ACL based solution.
Any and all advice is greatly appreciated.
- cmHi Sudipto,
It'd help if you pasted the exact exception into the problem you're seeing.
At any rate, I think this problem is because the JAAS classes should go in the /lib/ext directory of the JVM
There are a few other threads on this newsgroup about the various JAAS classpath issues
Check this search engine - it might help you to track them down
http://search.beasys.com/weblogic/gonews/
Hope this helps
Joe Jerry
sudipto wrote:
Hi,
This is regarding JAAS implementation in weblogic 6.1 sp1. When I try to load my configuration class through the log-in context, a null-pointer exception is thrown because weblogic is not able to find the configuration class. However when I run the same application as a stand alone program it works fine, what is that I am missing out on??? -
LoginModule with JAAS, setup question for Frank Nimphius
Hi Frank,
i am trying to use a custom LoginModule in conjuction with the setup procedure in your "J2EE Security in Oracle ADF Web Applications" white paper. Have you done this before? can you provide roadmap for additional/alternate setup steps needed to use a LoginModule?
this is my original post from early this week:
JAAS Setup question
thanks,
brendenBrenden,
please refer to the OC4J security documentation which si a part of the Oracle Application Server documentation that can be looked up online here on OTN. Custom LoginModule configurations require OC4J 9.0.4. In addition, this feature also only works with the jazn-data.xml provider and not with OID.
From the perspective of this whitepaper, the LoginModule will be used by the OC4J container to authenticate users and thus should not require any change in teh paper.
I haven't yet had the time created an example and document that showcases how to do this. Hopefully christmas will give me some rest to look into this.
Frank -
Weblogic poratl JAAS implementation with Oracle RDBMS
Hi,
Could you please help me to implement JAAS using oracle RDBMS store with Weblogic portal 10.3.2 or 10.3.0?
or can anybody sent me the sample examples or tutorials to implement JAAS with oracle store?
I want to store the the roles and users in custom tables (not predefined tables) and i want to access the roles and authentication information from oracle custom tables. I want to access the same roles for portal autorisation.
Thanks & Regards,
Sunil DK.Use the SQL Authenticator , you can specify your queries that should indicate which tables should be used. This will let you login to your app using these credentials
Could you please help me to implement JAAS using oracle RDBMS storeIm not sure what you mean . The weblogic security frameowrk does use JAAS modules . -
I have made a Simple Login Application, thats implemnent JAAS.
My Applicaiton Authenticate the User Successullly, but not authorize.
I am using MySQL (Database)
Server: JBOSS 4.0
I have made Two Tables:
1: Login (with column username ,password)
DATA-----------> ali 123
2:Userrole(with column username ,role, roleGroup)
DATA-----------> ali user Admin
Authentication Successful:
2:54:47,828 INFO [STDOUT] Here Our Subject is =Subject:
Principal: ali
Principal: Admin(members:user)
2:54:47,828 INFO [STDOUT] Principal= ali,org.jboss.security.SimplePrincipal
2:54:47,828 INFO [STDOUT] Principal= Admin(members:user),org.jboss.security.SimleGroup
2:54:47,828 INFO [STDOUT] ....Authentication Succeeded.....
But Problem is here:
An Exception occurs:
2:54:48,359 ERROR [RoleBasedAuthorizationInterceptor] Insufficient permissions, principal=null, requiredRoles=[user], principalRoles=[ ]
2:54:48,359 INFO [STDOUT] Authorization failure
2:54:48,359 ERROR [STDERR] javax.ejb.EJBAccessException: Authorization failure
2:54:48,359 ERROR [STDERR] at org.jboss.ejb3.security.RoleBasedAuthorizatio
Interceptor.invoke(RoleBasedAuthorizationInterceptor.java:104)
2:54:48,359 ERROR [STDERR] at org.jboss.aop.joinpoint.MethodInvocation.invo eNext(MethodInvocation.java:101)
Why I am getting this error while In Authentication lc.login() found the principal ali but when I am going to authorize "ali" then principal found =null.....
In My LoginSessionBean I have made method "hello()" Such as:
@Resource SessionContext ctx;
@RolesAllowed ({"user"} )
public void hello() {
System.out.println(".............With in hello() method..................");
System.out.println(ctx.getCallerPrincipal().getName());
System.out.println(".............Role are going to verify authorize users..................");
if(ctx.isCallerInRole("user")) {
System.out.println("hello Ali you r authorize to access:");
}else if(ctx.isCallerInRole("supervisor")) {
System.out.println("hello you r authorize to access");
}else {
System.out.println("UNAUTHORISED ");
}Not really related to JSF.
I would recommend posting your question to the jboss user forums/mailing list. -
JAAS implementation on tomact.
hello.
i am new to JAAS. i learnt how to implement JAAS in J2SE.
but now i want to implement JAAS for web application.
Now i want to implement JAAS for Tomcat server. i am totally stucked in it. there is almost no help available abt this or very vauge.
can anyone tell me how to implement JAAS for tomcat. where to keep the files like config files,callback handlers etc and how to configure them, i mean their path in xml files etc. plz plz hlp.............................
i am using Apache Tomcat 6.0.
thanks in advance.This is the JSSE forum. Try the 'Other Security APIs, Tools, and Issues' forum. Locking this thread.
-
Oracle EBS R12 Pre - Implementations phase question air
Oracle EBS R12 Pre - Implementations phase question air
Posted: Jun 30, 2009 10:22 AM Edit Reply
Dear all Gurus,
We are going to implement Oracle EBS r12, for industrial concern, we have following quires if any peer may suggest.
1) we heard the oracle R12 has build new release with 11g db , is it been practical for choosing it for corporate ???
2) Linux Read hat which version is more stable like 5 releases is compatible with R12 new release?
3) We are also thinking for 64 bit architecture rather than 32 bit, could any one figure out the practical pros and cons for this.
4) We are also wondering about the server machine brand and its configurations like HP DL380 G6, DELL 2850? could any one share abut his experience about the same.
5) What sort of Server configurations (Processor , 2way -4way , RAM , HD and other accessories ) for r12 Multi node setup for 150 clients (DB Server , Apps Server , Test Prod )
6) What should be backup strategies like tap backup and how much space requirements we must have provisioned for retaining almost 2~3 month backup.
7) Application implementations methodologies?
8)
I know to address our queries would be time consuming for you bust peoples , but I would really oblige for being shared your journey this would defiantly the PATH way for other like mentoring for others.
looking forward your valuable instructions ASAP.
Thanks & Best Regards
Muhammad Waseem
Manager IT
Neee-Has Textiles Divisions
31-Q Gulberg II Lahore
Pakistan
92-0333-4240949Duplicate post.
Oracle EBS R12 Pre - Implementations phase question air
Oracle EBS R12 Pre - Implementations phase question air -
Questions on Oracle E-Business Suite JAAS impl with ADF (Patch 8571001)
I am working at a customer site, where we are developing extensions to EBS R12 using ADF 11g. I have some questions around Oracle E-Business Suite JAAS implementation (Patch 8571001). The answers to these would help us choose the right path for the overall project.
1. How much integration is possible between ADF JAAS roles and the EBS User management roles? If we implement Oracle E-Business Suite JAAS implementation using this patch, how would the component/field level security work in ADF? Will ADF pages refer to roles in EBS UMX tables for field level security?
2. Is there any detailed documentation as to how to Oracle E-Business Suite JAAS implementation works. I have read the metalink note # 974949.1; however it does not provide enough details on UMX/EBS integration. Any pointers would be really helpful.
Thanks a lot.wrong forum - sorry.
Please try the Applications forums on OTN
Frank -
Hi All,
Suppose a customer wants to use XI.
What all questions should we ask them so that we can give them a estimate like What all applications they wud integrate. If they have XI or not....
Is there any standard template or standard set of questions for the same.
Cheers,
SumitHi Sumit,
The following are some of the questions:
1. About Database from which u want to take the data,
push the data & on which XI should be there.
2. How frequently data will be pushed by the sender
systems.
3. Do sender systems have the facility to push the data
(Do they support XML).
4. What will be the R/3 version.
5. What will be Service Pack Level for XI Server.
6. What kind of error handling is expected.
7. What is the mode of all the interfaces (i.e.
asynchronous or synchronous.
I hope these questions should be known before XI Implementation.
Reg,
Nishu -
J2ee implementation with jaas/LDAP
Hi;
I search a good j2ee implementation or light framework using jaas API and LDAP directory to authentifies and affects a profil to a user.
I have already analysed the framework : JGuard.
regards;If I understand you correctly, you want to have an application deployed in WebLogic (you don't say what version) use standard J2EE JAAS for declarative authentication and authorization, but use an LDAP provider for the actual implementation.
If that's the case, at least in WebLogic 8.1 (I don't know about older versions), you shouldn't need any third-party packages. You can configure your WebLogic domain with authentication and authorization providers that interface with an LDAP server. This will work with the JAAS implementation in WebLogic. You can go to <http://e-docs.bea.com/wls/docs81/secmanage/> to read about configuring security in WebLogic (including the LDAP authentication provider). -
Hey I have a couple of questions and remarks about the JMF implementation for windows.
First off I've been coding c++ for quite some time now, I went back to school to get my degree and was introduced to java there, and since I've been messing around with it. I must say the framework in general is damn sweet and clean, but some implementations are still really weak.. Which takes me to my point..
I've been messing around with the JMF library for some weeks now, making this sort of surveillance/webpage thingy.
The problems is that firstly I noted that JMF only supports resolutions up to 640x480 when capturing video, also it only supports the use of 1 usb webcam pr usbchannel...
JMF must be implemented using the old outdated vfw library(I'm not sure if the bug with the 1cam pr channel is from here or if its an error in the implementation, I haven't bothered tested it), but the 640x480 limit is from vfw.
Why isn't JMF implemented using DirectShow? This is afterall the successor of the old legacy vfw lib, which frankly belongs in the stoneage. Since JMF is implemented using vfw other capture devices such as camcorders, networking webcams(?) and etc will not work. Using DirectShow will also allow the use of any capture dimension and any custom colorsetup aswell.
At this point I'm really annoyed and this framework is just not good enough, I'm considering making my own .dll using directshow and communicate with it through jnative, perhaps I'll even just skip making it in java at all...
Using ds will:
1. allow as many cameras as I want on any usb channel
2. allow any custom capture dimension.
3. allow any bpp / pixel setup
4. allow any kind of realtime stream
5. allow capture devices other than just usb webcams
6. allow playback of audio/video of whatever codec as long as the codec has been installed...
7. will not require "complicated" setup/deployment of JMF for the end users(just need dx runtime installed).
8.etcetc
Which brings up my latest point, the deployment of JMF. Why is this library not a part of the standard jdk? And why has it been made so unclean? I mean for each time the user plugs in, adds, removes a webcam jmfinit.exe must be run, not to mention the installation, which I've also experienced failing (vista x64).
The JMF implementation is simply just not good enough, infact it borders to being totally useless. Another big drawback is the lack of supported codecs, which again could have been eliminated using ds.
For the love of good please fix this library! :)
What are you other developers views on JMF? Is there allready an opensource good alternative to JMF? (And no I don't want that thing this guy spams all over these posts all the time wich uses twain ;) )
And btw no offense, I did not intend to be rude in this post, but this is really and important issue that needs some serious adressing.
regards,
Stiana thx cheers mate!
I haven't got any eq. at hands atm so this is a relief to hear :D And you were not bound to 640x480 either.
Well I guess it's not all that dark then, however yes this library really need some serious improvements right now not in 5 years ;)
Another thing, I haven't been experimenting with webstart that much other than we had to make it for a couple projects at the uni. The impression I get now is that when you are dependent on external stuff such as JMF, you need to include this into your project regardless if the user have installed it or not on his system(that includes both jars and .dll's and stuff for the other os'es?). My JMF stuff crashes atm because of NoClassFound exception or what it's called (drinking atm ;) ).
Is this a fact? In that case why even bother with webstart? I really liked it for our school projects because it installed your projects and you got entries in the programs thing in windows. If this is a fact then I won't even bother using it again, because then its alot bether to spend 2 min in visual studio and create a .msi/setup.exe instead and run the .jar "locally".
anyways it's friday 21:18, drinking day have fun and cheers! :) Got some people here already and I need a shower lol.
I smell a simple directshow based .dll(oh nasty thats not all I smell.. ;) ) for playback of video/audio and recording is in the making the next week hehe :) Made a short and fast application that can playback any type of video input this evening, but ds is such a heck. I really hope there is a filter for grabbing stuff, last time I coded with ds I had to make a filter for rending stuff into d3d textures and it was not an easy task :( (well I think it was a filter I can't recall but it was a damn pain and hardly any documentation on the subject at that time, it should really have been a standard feuture in ds since it was a part of the dxsdk at that time(eons ago))
regards,
Stian
Edited by: Stian_ on Jun 27, 2008 12:31 PM -
Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about planning, designing, and implementing mobile remote access (Cisco Collaboration Edge Architecture) with Cisco subject matter experts Aashish Jolly and Abhijit Anand.
Cisco Collaboration Edge Architecture is an architecture that provides VPN-less access of Cisco Unified Communications resources to Cisco Jabber® users. This discussion is dedicated to addressing questions about design best practices while implementing mobile remote access.
For more information, refer to the Unified Communications Mobile and Remote Access via Cisco VCS deployment guide.
Aashish Jolly is a network consulting engineer who is currently serving as the Cisco Unified Communications consultant for the ExxonMobil Global account. Earlier at Cisco, he was part of the Cisco Technical Assistance Center (TAC), where he helped Cisco partners with installation, configuring, and troubleshooting Cisco Unified Communications products such as Cisco Unified Communications Manager and Manager Express, Cisco Unity® solutions, Cisco Unified Border Element, voice gateways and gatekeepers, and more. He has been associated with Cisco Unified Communications for more than seven years. He holds a bachelor of technology degree as well as Cisco CCIE® Voice (#18500), CCNP® Voice, and CCNA® certifications and VMware VCP5 and Red Hat RHCE certifications.
Abhijit Singh Anand is a network consulting engineer with the Cisco Advanced Services field delivery team in New Delhi. His current role involves designing, implementing, and optimizing large-scale collaboration solutions for enterprise and defense customers. He has also been an engineer at the Cisco TAC. Having worked on multiple technologies including wireless and LAN switching, he has been associated with Cisco Unified Communications technologies since 2006. He holds a master’s degree in computer applications and multiple certifications, including CCIE Voice (#19590), RHCE, and CWSP and CWNP.
Remember to use the rating system to let Aashish and Abhijit know if you have received an adequate response.
Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation on the Cisco Support Community Collaboration, Voice and Video page, in the Jabber Clients subcommunity, shortly after the event. This event lasts through June 20, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.Hi Marcelo,
Yes, there are some requirements for certificates in Expressway.
Expressway Core (Exp-C)
- Can be signed by either External or Internal CA
- Better to use a cluster name even if you start with 1 peer in Exp-C cluster. In the future, if more peers are added, changes would be minimal.
- Better to use FQDN of cluster as CN of certificate, this way the traversal zone configuration on Expressway-E won't require any change even if new peers are added to Exp-C cluster.
- If CUCM is mixed mode, include security profile names (in FQDN format) as Subject Alternate Names
- The Chat Node Aliases that are configured on the IM and Presence servers. They will be required only for Unified Communications XMPP federation deployments that intend to use both TLS and group chat. (Note that Unified Communications XMPP federation will be supported in a future Expressway release). The Expressway-C automatically includes the chat node aliases in the CSR, providing it has discovered a set of IM&P servers.
- For TLS b/w CUCM, IM-P & Exp-C
+ If using self-signed certificates on CUCM, IM/P. Load Cisco Tomcat, cup, cup-xmpp certificates from IM-P on Exp-C. Load callmanager, Cisco Tomcat certificates from CUCM on Exp-C.
+ If using Internal CA signed certificates on CUCM, IM/P. Load Root CA certificates on Exp-C.
+ Load CA certificate under tomcat-trust, cup-trust, cup-xmpp-trust on IM-P.
+ Load CA certificate under tomcat-trust, callmanager-trust on CUCM.
Expressway Edge (Exp-E)
- Signed by External CA
- Configured Unified Communications domain as Subject Alternate Name
- If using a cluster, select FQDN of this peer as CN and FQDN of Cluster + this peer as Subject Alternate Name.
- If XMPP federation is being deployed, enter the same Chat Node Aliases as entered in Exp-C.
For more details, please refer to the Certificate Creation Guide for Cisco Expressway x8.1.1
http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-1.pdf
- Aashish -
Use of JAAS in WLS6 for sngle logon
We're in the design stage of a product, which will be based on Weblogic Server 6 and are hoping to use JAAS.
I'm quite new to WL in general and JAAS security and having read the documentation, I'm still not clear on a few points about how JAAS is used in WLS6.
We're intending to provide a single logon for the system and then to log users on to other services such as email etc. behind the scenes, when the user requests them.
Does JAAS in WLS6 support this and if so, how best could we achieve it?
One idea I've read on the Sun site is that you can instantiate multiple LoginContexts at different times during the user session, each using a different Configuration pointing to different LoginModules to achieve this.
A couple of other things I've come across which may be useful in this context are :-
the <run-as-specified-identity> tag in the deployment descriptor
LoginModules being able to share information
Any help much appreciated
DaveSorry for the delay in replying, I was on vacation
Dave <[email protected]> wrote in message
news:[email protected]...
>
Thanks for the reply Alex.
If we just have a single LoginContext with multiple LoginModules, wouldn'tthat mean that when a user logged-on, it would log them on to all of the
services at the same time ?
Yes, that is the sequence specified under JAAS
We were trying to make it so that after the initial logon to the system,the user would be logged on to other services only when they accessed them
explicitly. Does that mean that we need multiple LoginContexts still ?
Unfortunately yes, you will need multiple LoginContext instances to do that.
set configuration
new context
context.login
context.getSubject
Subject.doAs(subject, action)
>
I understand that WLS6 will only provide for JAAS Authentication, notAuthorisation. Does that mean I need to use it in conjunction with the
existing Weblogic Authorisation, such as ACLs and Realms ?
>
The WLS6 JAAS implementation wrappers the existing ACL implementation and is
independant of the realm being used. Internally the Subject.doAs method
checks the ACLs of the user associated with the specified Subject instance.
Can I also ask about the granularity of Resources that can be protected byaccess control. Would these be at the level of Servlets, beans etc.
I believe you can but I'm not sure, check in the documentation on Servlets &
beans or post a followup question in those groups
>
Is the Beta Refresh available for downloaded now ? If not, how soon doyou think it would be ?
>
The beta refresh should be available early the week of 11/13
As regards the <run-as-specified-identity> tag in the deploymentdescriptor. Could you briefly explain its use and whether it would help us
with our logon approach ?
Again I'm not sure, again please post this to the associated group Servlets,
Beans, etc.
>
Thanks very much for your help again.
Dave
"Alex McDonald" <[email protected]> wrote:
Dave,
The WLS 6 JAAS implementation will support what you intend. While there
were
several bugs in the initial WLS 6 Beta these have been fixed in the Beta
refresh, if you need the updated files sooner I can send you a zip.
I would suggest the following. Single LoginContext, multipleloginModules.
Set your first configured loginModule to prompt for theusername/password,
each of the following loginModules can than use that information behindthe
scenes or prompt as needed for additional user info. Configure the first
loginModule as REQUISITE so that it must succeed for the login process to
continue. The WLS 6 JAAS sample loginModule implementation contains theWLS
login information, additional email, etc services can be added to the
Subject container as needed.
Alex
Dave <[email protected]> wrote in message
news:[email protected]...
We're in the design stage of a product, which will be based on WeblogicServer 6 and are hoping to use JAAS.
I'm quite new to WL in general and JAAS security and having read thedocumentation, I'm still not clear on a few points about how JAAS is usedin
WLS6.
We're intending to provide a single logon for the system and then to
log
users on to other services such as email etc. behind the scenes, when the
user requests them.
Does JAAS in WLS6 support this and if so, how best could we achieve it?
One idea I've read on the Sun site is that you can instantiate multipleLoginContexts at different times during the user session, each using a
different Configuration pointing to different LoginModules to achievethis.
>>>
A couple of other things I've come across which may be useful in thiscontext are :-
the <run-as-specified-identity> tag in the deployment descriptor
LoginModules being able to share information
Any help much appreciated
Dave -
Ask the Expert: Cisco Prime Infrastructure - Implementation and Deployment
Welcome to the Cisco Support Community Ask the Expert conversation.
This Ask The expert Session will cover questions spanning Cisco Prime Infrastructure on Implementation and Deployment on Wired and Wireless. This will be more specific to Customer’s and Partners questions product covering PI on configuration, Features and Menu, Network Monitoring, Maps, Implementation, High Availability and Maintenance and t/s parts.
Monday, February 2nd, 2015 to Friday, February 13th, 2015
Dhiresh Yadav is a customer support engineer in High-Touch Technical Services (HTTS) handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco Prime Infrastructure and Cisco Wireless products. He has over 7 years of industry experience working with large enterprise and service provider networks. He also holds CCNP (RS) and CCIE (DC) certifications.
Afroz Ahmad is a customer support engineer in High-Touch Technical Services (HTTS) handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco NMS products like Prime Infrastructure, LMS, IP SLA and SNMP etc. He has over 7 years of industry experience working with large enterprise and service provider networks. He also holds CCNP (RS),CCIE (DC), and SCJP (Sun Certified Java Professional )
Vinod Kumar Arya is a customer support engineer in High-Touch Technical Services (HTTS) handling supporting Wireless and Network Management based Cisco products and is based in Bangalore. His areas of expertise include Cisco NMS products like Prime Infrastructure, LMS, IP SLA and SNMP etc. He has over 8 years of industry experience working with large enterprise and service provider networks. He also holds VCP 5 and RHCE certifications.
** Remember to use the rating system to let the experts know you have received an adequate response.**
Because of the volume expected during this event, the experts might not be able to answer every question. Remember that you can continue the conversation in the Network Infrastructure community, > Network Management, shortly after the event. This event lasts through February 13th 2015. Visit this forum often to view responses to your questions and those of other Cisco Support Community members.Hello Wilson,
Thanks for joining us.
1841 should just work fine for net flow . Hope you have a valid "PI Assurance license" installed on the server.
"PI Assurance license" is required for "net-flow" feature
Devices supporting Netflow in PI ::
1400, 1600, 1700 & 1800
2500, 2600 & 2800
3600, 3700, 3750 & 3800
4500 & 4700
AS5300 & 5800
7200, 7300, 7400 & 7500
Catalyst 4500 ASCI
Catalyst 5000, 6500, & 7600 ASCI
ESR 10000 ASCI
GSR 12000 ASCI
Cisco IOS Software Release Version
Supported Cisco Hardware Platforms
11.1CA, 11.1CC
Cisco 7200 and 7500 series, RSP 7200 series
12.0
Cisco 1720, 2600, 3600, 4500, 4700, AS5800
RSP 7000 and 7200 series
uBR 7200 and 7500 series
RSM series
12.0T, 12.0S
Cisco 1720, 2600, 3600, 4500, 4700, AS5800
RSP 7000 and 7200 series
uBR 7200 and 7500 series
RSM series, MGX8800RPM series, and BPx8600 series
12.0(3)T, 12.0(3)S
Cisco 1720, 2600, 3600, 4500, 4700, AS5300, AS5800
RSP 7000 and 7200 series
uBR 7200 and 7500 series
RSM series, MGX8800RPM series, and BPx8650 series
12.0(4)T
Cisco 1400, 1600, 1720, 2500, 2600, 3600, 4500,
4700, AS5300, AS5800
RSP 7000 and 7200 series
uBR 7200 and 7500 series
RSM series, MGX8800RPM series, and BPx8650 series
12.0(4)XE
Cisco 7100 series
12.0(6)S
Cisco 12000 series
NetFlow is also supported by these devices Cisco 800, 1700, 1800, 2800, 3800, 6500, 7300, 7600, 10000, CRS-1 and these Catalyst series switches: 45xx, 55xx, 6xxx.
NetFlow export is also supported on other Cisco switches when using a NetFlow Feature Card (NFFC) or NFFC II and the Route Switch Module (RSM), or Route Switch Feature Card (RSFC). However, check whether version 5 is supported, as most switches export version 7 by default.
You can check the below steps to diagnose the issue::
To verify that NetFlow is exported from a device to PI, follow the steps below:
1) Browse to Administration > Data Sources page. Check the value in column ‘Last Active Time’ for the ‘Device Data Sources’ table. If the table is empty or the value does not represent recent time, then
it is possible that the device is not exporting NetFlow or PI Assurance license is not applied / expired.
2) Login to PI console ( via SSH) as root user and run the command:
netstat –an | grep 9991 – Output of this should be like : udp 0 0 :::9991 :::*
Check the firewall settings on PI server using the command: firewall -L
1) Check the configuration on an IOS / IOS –XE device. Run the commands
a) sh running-config | inc destination
1) This should list the IP address of the PI SERVER ( along with other outputs if any)
b) sh running-config | inc 9991
1) This should list at least one entry.
c) If the above are fine, then verify that the flow monitor, flow exporter and the flow records are correctly configured on the device.
Refer to the URLs below to configure NetFlow export.
http://preview.cisco.com/en/US/docs/net_mgmt/prime/infrastructure/2.0/user/guide/setup_monitor.html#wp1056427
Thanks-
Afroz
***Ratings Encourages Contributors **** -
AddOn Solution License question
Hi experts, I have a question about solution license for an AddOn in B1 8.8 PL12
For licensing my addon i have done the following step:
1) I requested and obtained a solution identifier from SAP.
2) I generated the AddOn identifier (with solution identifier obtained in step 1) and I putted it in the AddOn connection code.
3) Then I logged in SAP business One customer portal as a customer (e.g. as an S user) and I started to modify license data.
4) I searched my AddOn name in the partner solutions section, find it and I added 1 licence to my system.
5) I downloaded and installed the license file on the production server.
6) I installed the AddOn and all works fine.
I would expect that a normal customer cannot download a valid and unlimited license without some partner activities (e.g, without paying for it), so my question is:
Is this the SAP licensing expected behavior or I have done some mistake?
Thanks
Regards
MarcoHi Owen, thank you for replaying.
So I realized that B1 AddOn license mechanism is totally unuseful for a partner, while is used by SAP to ensure that the partner or the customer will buy an SDK Development license.
While I can understand SAP reasons to enforce the partner buying an SDK Development license, really I cannot understand why SAP could not help his partner, implementing a license procedure useful also for partners.
Actually a partner who has develped an AddOn should implement a custom license check and this is an extra cost that, in my opinion, could be avoided.
If some SAP member could explain, I really will be very interested to the answer.
Regards
Marco
Maybe you are looking for
-
How can I get an old Casio CTK-593 to work with Logic Express?
Title pretty much says it all. I have a Fast Track USB from M-Audio to connect it to my pc but I don't know how to get it working with Logic. Thanks in advance.
-
hello I am trying to install Itunes 10.5.2 to my laptop running window 7 (32bit) I may have tried a zillion time and I am now running out of options. -Uninstalled and reinstalled countless time -Cleaned C drive of all Apple product countless time -Al
-
Hello. Yesterday we made the upgrade in our system to version 10.5.7. Onlyone 1 of our 6 computers had a problem importing quicktime to the shake. It's only with the shake, I tested in the final cut, in motion application and it's fine. Am I missing
-
Hello, How to find if there is any Web Template exist for a given BEx Query? Thanks, Dona Hill
-
How to dynamically display value in column header
Hi, I have a requirement where in the user selects a particular value from a drop down list, and the same has to be displayed in the column header. For example, there are A,B,C,D types of quantities in a drop down list. Once the user selects these va