No matching authentication protocol- JDBC
Hi Experts,
we have JDBC interface...recently one of our partner have upgraded its version of Oracle to higher one (12C) from Oracle 9...
because of which the messages are failing in PI system saying” ORA-28040 –No matching authentication protocol”.
How can we resolve this issue? they are asking us to upgrade the JDBC drivers to the new version of Oracle..but we have other partners who are still using the older version of Oracle..and we dont prefer to upgrade the JDBC drivers..is there any other alternatives to resolve this issue please?
thanks
Hi experts,
Can we have Oracle 10 Java drivers installed to have both backwards compatibility with oracle 8 and forward compatibility with oracle 12c...is it possible?
we have different versions of Databases(Oracle8, Oracle 12c)...please advise.
thanks
Similar Messages
-
ORA-28040: No matching authentication protocol in version 11.2.0.3
Hi,
I am working on database server 11.2.0.3 and the OS is linux 86 bit. i created an entry in sqlnet.ora file with
SQLNET.ALLOWED_LOGON_VERSION = 10
it is failing with ORA-28040: No matching authentication protocol error and i am not able to connect as sys till I comment the entry. How do i set this entry and where in the client side do I need to set this entry? Also, do I have to set it to SQLNET.ALLOWED_LOGON_VERSION = 11 instead? I am confused. Please help
thanks a lot.Hello;
Any chance you are using a JDBC driver?
Try changing it to : ( Workaround )
SQLNET.ALLOWED_LOGON_VERSION=8
OR = 9
This is an old bug if I remember correctly.
Bug 8730787
Best Regards
mseberg
Added to mine, but I'm unable to recreate the error. Using Oracle 11 client.
Found this
Action: Administrator should set SQLNET_ALLOWED_LOGON_VERSION parameter
on both client and servers to values that matches the minimum
version supported in the system.
Edited by: mseberg on Feb 16, 2012 12:34 PM
Edited by: mseberg on Feb 16, 2012 12:36 PM -
No matching authentication protocol Oracle 12c
Hi, we are working with ColdFusion 10 and Oracle 12c Database, but when we are trying to connect with the database across CF, we have the following message:
java.sql.SQLException: [Macromedia][Oracle JDBC Driver][Oracle]ORA-28040: No matching authentication protocol
Does anybody know how can we work with Oracle 12c? Is necessary an update to fix that?
Thank you.Hi Stephen Johnson
I appreciate too much your help, for this moment we will continue working
in CF 10, and we will wait the new version of CF 11 to work with 12c.
Thank you very much for your support, greetings from Mexico.
Sincerely
Javier Morales Rangel
2014-03-24 10:46 GMT-06:00 Runrocket <[email protected]>:
Re: No matching authentication protocol Oracle 12c created by
Runrocket <http://forums.adobe.com/people/Runrocket> in Database Access- View
the full discussion <http://forums.adobe.com/message/6237571#6237571 -
Hello everyone:
I know this question have been asked in these forums quite a few times. I apologize if it is a repeat telecast but I was not able to find a suitable solution pertaining to my problem.
I have a AP/SM setup that is configured to get EAP-PEAP authentication from Windows 2012 Server. I have setup everything and have verified that the EAP-PEAP authentication works fine on AP/SM by getting authentication from FreeRADIUS server. Now, when I try
to get authentication from Windows Server, I am getting a reject. The Event log shows this generic message:
Reason Code: 23
Reason:
An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.
There is nothing in the EAP logs that is obvious too:
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4927",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,11,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1 07/11/2014 00:05:57 4927",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4928",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,11,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,5,"PEAP_TEST",0,"311 1 10.120.133.1 07/11/2014 00:05:57 4928",30,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,1,"SANDBOX\test","SANDBOX\test",,,,,,"10.120.133.10",5,0,"10.120.133.10","Canopy_AP",,,18,,,,11,"PEAP_TEST",0,"311 1 10.120.133.1
07/11/2014 00:05:57 4929",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
"USIL01PMPTST01","IAS",07/11/2014,11:59:44,3,,"SANDBOX\test",,,,,,,,0,"10.120.133.10","Canopy_AP",,,,,,,11,"PEAP_TEST",23,"311 1 10.120.133.1 07/11/2014 00:05:57 4929",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"PEAP_TEST_CONNECTION",1,,,,
So, basically, the sequence is this:
request , challenge, request , challenge, request, reject
Any idea what might be happening?
Thank you.Hi,
Have you installed certificates on the NPS server properly? Have you selected the proper certificate in the properties of PEAP?
Here is an article about the Certificate requirements of PEAP,
Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS
http://support.microsoft.com/kb/814394
If your certificate matches the requirement, you may try to reinstall the certificate by export and import.
To export a certificate, please follow the steps below,
Open the Certificates snap-in for a user, computer, or service.
In the console tree under the logical store that contains the certificate to export, click
Certificates.
In the details pane, click the certificate that you want to export.
On the Action menu, point to
All Tasks, and then click Export.
In the Certificate Export Wizard, click No, do not export the private key. (This option will appear only if the private key is marked as exportable and you have access to the private key.)
Provide the following information in the Certificate Export Wizard:
Click the file format that you want to use to store the exported certificate: a DER-encoded file, a Base64-encoded file, or a PKCS #7 file.
If you are exporting the certificate to a PKCS #7 file, you also have the option to include all certificates in the certification path.
If required, in Password, type a password to encrypt the private key you are exporting. In
Confirm password, type the same password again, and then click
Next.
In File name, type a file name and path for the PKCS #7 file that will store the exported certificate and private key. Click
Next, and then click Finish.
To import a certificate, please follow the steps below,
Open the Certificates snap-in for a user, computer, or service.
In the console tree, click the logical store where you want to import the certificate.
On the Action menu, point to
All Tasks, and then click Import to start the Certificate Import Wizard.
Type the file name containing the certificate to be imported. (You can also click
Browse and navigate to the file.)
If it is a PKCS #12 file, do the following:
Type the password used to encrypt the private key.
(Optional) If you want to be able to use strong private key protection, select the
Enable strong private key protection check box.
(Optional) If you want to back up or transport your keys at a later time, select the
Mark key as exportable check box.
Do one of the following:
If the certificate should be automatically placed in a certificate store based on the type of certificate, click
Automatically select the certificate store based on the type of certificate.
If you want to specify where the certificate is stored, select
Place all certificates in the following store, click
Browse, and choose the certificate store to use.
If issue persists, you may try to re-issue the certificate.
For detailed procedure, you may refer to the similar threads below,
Having issues getting PEAP with EAP-MSCHAP v2 working on Windows 2008 R2
http://social.technet.microsoft.com/Forums/windowsserver/en-US/c66cf0a8-24dd-4ccd-b5bb-16bd28ad8d4c/having-issues-getting-peap-with-eapmschap-v2-working-on-windows-2008-r2?forum=winserverNAP
Hope this helps.
Steven Lee
TechNet Community Support -
Can someone provide a code example of How to Connect With Operating System Authentication Using JDBC/OCI?
ThanksThat's a very good question, I am also looking for some solution to resolve it.
Please let me know if you get something. -
Fatal error: Client does not support authentication protocol
requested by server; consider upgrading MySQL client in
/homepages/28/d74942468/htdocs/cosmic/sites/onlinemove/Connections/db.php
on line 9
This is the error that comes up on the server where the site
sits. The database is working on my local machine with the local
settings, but wont connect due to the above.
I think im using MySQL client 3.23 How do i upgrade?
I found this on MySQL site:
http://dev.mysql.com/doc/refman/5.0/en/old-client.html
I'm not sure how to edit the connection string to make it
accept the vaules.The_FedEx_Guy wrote:
> Fatal error: Client does not support authentication
protocol requested by
> server; consider upgrading MySQL client in
>
/homepages/28/d74942468/htdocs/cosmic/sites/onlinemove/Connections/db.php
on
> line 9
> I think im using MySQL client 3.23 How do i upgrade?
The MySQL client that the error refers to isn't the version
of MySQL,
but the MySQL library bundled with PHP. It sounds as though
your hosting
company has upgraded to MySQL 4.1 or higher, but is still
using PHP 4.
> I'm not sure how to edit the connection string to make
it accept the vaules.
You can't. It's the way that the user account passwords are
stored in
MySQL. You need to get the hosting company to upgrade to PHP
5 or to
reset the passwords in MySQL using the OLD_PASSWORD()
function. This
needs to be done by someone with top-level administrative
privileges on
the database.
David Powers, Adobe Community Expert
Author, "Foundation PHP for Dreamweaver 8" (friends of ED)
Author, "PHP Solutions" (friends of ED)
http://foundationphp.com/ -
Hi,
I posted this on Azure forim with no luck maybe here is a better choise.
When trying to connect a windows 8\8.1 client with a vpn connection for azure virtual network we get the fallowing error.
"A certificate could not be found that can be used with this Extensible Authentication Protocol. (Error 798)"\
I'm fallowing this msdn article about point to site vpn on azure. according to it the certificat is good for both win 7 and win 8.
http://msdn.microsoft.com/en-us/library/azure/dn133792.aspx
this is the commanf to build the client certificat:
makecert.exe -n "CN=ClientCertificateName" -pe -sky exchange -m 96 -ss My -in "RootCertificateName" -is my -a sha1
When runing the installtion of the certificat on the client the defult crtificate store is "Automatic", It does not metter if I leave it on Automatic or choose any of the other options (personal, trusted issuers ...) I always get the same error.
ThanksHi,
Apologize to say that I am not familar with Azure and lack of the environment to investigate the issue here.
Besides, please take a look at the below threads to see if it could help:
Point-to-Site on Windows 8 Client
connection Error 798
Best regards
Michael Shao
TechNet Community Support -
Configuring smb authentication protocol
Greetings,
I am trying to find info on how to change the authentication protocol that Mac OS X uses to connect to Samba shares.
I want to access our Samba network over a wireless network and I don't want to transmit the LANMAN hash. Is it possible to change the hash from LANMAN to NTLM or do I have tunnel my SMB connections over ssh ?
Thanks
Paul
Mac OS X (10.4.9)The 'process has forked' error messages persist, and users can still connect without passwords. Interestingly, they seem to connect as the correct user, so it's as if the previous connection isn't being terminated properly, or Windows is saving the login information. Perhaps the 'process has forked' messages are indicating that there's some problem with actually getting rid of processes?
If I shut down the SMB service, disconnect all clients, then restart the service and connect a client, this happens:
\[2008/03/19 17:05:51, 0\] /SourceCache/samba/samba-187/samba/source/smbd/server.c:main(890)
smbd version 3.0.25b-apple started.
Copyright Andrew Tridgell and the Samba Team 1992-2007
The process has forked and you cannot use this CoreFoundation functionality safely. You MUST exec().
Break on _THE_PROCESS_HAS_FORKED_AND_YOU_CANNOT_USE_THIS_COREFOUNDATION_FUNCTIONALITY___Y OU_MUST_EXEC_() to debug.
I don't know if this is relevant, but I saw another post that said that I had to make my SMB server the PDC, and I get a number of messages like this in the SMB Name Service Log:
Samba name server SERVERNAME is now a local master browser for workgroup WORKGROUPNAME on subnet xxx.xxx.xxx.xx
Thanks for any help,
Greg
Message was edited by: Greg Westin to add a few more details about error messages -
Re: ORA-28041: Authentication protocol internal error
Hi,
I am getting similar error,
can anyone help on it
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-04004: error from recovery catalog database: ORA-28041: Authentication protocol internal error
Thanks in advance.abdo.89 wrote:
Hi,
I am getting similar error,
can anyone help on it
RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-04004: error from recovery catalog database: ORA-28041: Authentication protocol internal error
Thanks in advance.
And what did your research on ORA-28041 turn up?
Let me google that for you -
Windows 2003 enterprise
AD DC, DNS, DHCP, CA and IAS all are running from single server. But at the time of configuration of Remote Access Policy the error message of "a certificate could not be found that can be used with this extensible authentication protocol" is appeared.
So with the help of mmc snap in the certificate was requested from CA (Domain Controller template)as a new certificate request and placed in the local computer personal folder.
After placing the certificate the error message was disappeared during configuring PEAP.
But after sometime the certificate was disappeared from remote access policy. But the same imported certificate was present in personal folder.
What is reason for frequent disappearing?
How to manage the situation?Hi,
I think the cause is that the DomainControllerAuthentication certificate has superseded the
DomainController certificate which is chosen during the setup of IAS.
To avoid this, if you’re going to install IAS on a Domain Controller, the DC should be made to enroll for a separate certificate from the template
'RAS and IAS Servers' before the IAS server is installed and this certificate should then be chosen for any PEAP setup.
Further details:
Enrolling Certificates with Templates
http://technet.microsoft.com/en-us/library/dd197527(v=WS.10).aspx
Configure the server certificate template
http://technet.microsoft.com/en-us/library/cc755043(v=WS.10).aspx
Steven Lee
TechNet Community Support -
wireless authentication not working
I found the following in the radius
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 1/15/2014 2:07:57 AM
Event ID: 6273
Task Category: Network Policy Server
Level: Information
Keywords: Audit Failure
User: N/A
Computer: NAP01.test.local
Description:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: doamin \user.a
Account Name: user.a
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 00-0F-7D-C4-45-20:staff
Calling Station Identifier: 0C-74-C2-EF-Dd-0B
NAS:
NAS IPv4 Address: 192.168.9.10
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 497
RADIUS Client:
Client Friendly Name: wcont1
Client IP Address: 192.168.9.10
Authentication Details:
Connection Request Policy Name: Wireless
Network Policy Name: wism
Authentication Provider: Windows
Authentication Server: NAP01.test.local
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 22
Reason: The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server.
Please helpHi,
Anything updates?
In addition, this issue may also because your client didn't have CA certificate of your domain. Please make sure that your client has CA certificate.
Besides, the error "The client could not be authenticated because the Extensible Authentication Protocol (EAP) Type cannot be processed by the server" may be due to that the default maximum transmission unit that NPS uses for EAP payloads is 1500
bytes. You can lower the maximum size that NPS uses for EAP payloads by adjusting the Framed-MTU attribute in a network policy to a value no greater than 1344:
Configure the EAP Payload Size
Best regards,
Susie -
WLS 10.3.4: How to use OS authentication for JDBC Data Source
Hello all,
As a preface, I've tried searching the forum/Google for "OS authentication" and reading the WLS JDBC doc to no avail - if it's documented somewhere, a RTFM link would be much appreciated.
I'm trying to set up a JDBC data source on WLS that leverages the OS Authentication capability of the Oracle database. If it would help, I can go into the reasoning behind why I want to do this, but basically, it's to simplify the config/deployment of a COTS application. What I have in the database is an "identified externally" user that corresponds to the OS user that is running the WebLogic Server. Normally, in tools such as SQL*Plus, I would use "/@db" as the username/password (in other words, no username and no password specified), and I would be logged in as the "idenfitied externally" user. I want to configure the same thing for a WebLogic Data Source, but if I leave the username/password blank, testing the connection in the WLS console gives me "invalid username/password, login denied" I've also tried using "/" as the username, as was documented in a quite old WLS faq, but that gives me the same result.
Is there some magic switch I need to flip?
Thanks,
JohnHi John, there's no way to do that with connection pools, which is how WLS datasources get their
connections, or middleware in general. WebLogic would have no way of knowing which if any of the
pooled connections was appropriate for the current 'user', which is not the application user, but
instead is the OS identity of the person who started the WebLogic server! If you start up your
WebLogic server, and people start pointing their browsers to it, doing various stuff, the OS knows
you started WebLogic, and maybe with the help of OCI, Oracle's JDBC might know it was you who
started WebLogic's OS process, but what does the OS know about any user that may be running
a browser or application elsewhere (even if on this same machine), when that browser or application
connects to your WebLogic server process?
HTH,
Joe -
OS Authentication using JDBC Thin driver
Hi
I have a problem while connecting to Oracle database using JDBC Thin Driver, Basically I am trying to connect using OS Authentication. The following explains clearly what I am trying to do.
String connectionURL = "jdbc:oracle:thin:@localhost:1521:XYZ";
String userName = "/";
String password = "";
java.util.Properties info = new java.util.Properties();
info.setProperty("user",userName);
info.setProperty("password",password);
conn = DriverManager.getConnection(connectionURL,info);
When executing the code I am getting an exception as follows.
java.sql.SQLException: Null user or password not supported in THIN driver
When i searched in the Oracle site i got the below information
Note:
By default, the JDBC driver retrieves the OS username from the user.name system property, which is set by the JVM. If the JDBC driver is unable to retrieve this system property or if you want to override the value of this system property, then you can use the OracleConnection.CONNECTION_PROPERTY_THIN_VSESSION_OSUSER connection property. For more information, see Oracle Javadoc.
I want to know how to set the OracleConnection.CONNECTION_PROPERTY_THIN_VSESSION_OSUSER connection property.
Advance ThanksBased on your code, when you try to connect your username is null and the password is "/". You are not going to be able to get the OS password using Java.
-
Proxy Authentication with JDBC Datasource instead of JDBC URL?
Hello,
A requirement for my current project (ADF 10g) is that a user should be able to log in with his regular database account. For the moment, this is implemented using Proxy Authentication, as described in the following article:
http://blogs.oracle.com/jheadstart/2008/01/using_proxy_authentication.html
For now, we are using a JDBC URL defined in the application module config for the BC. In short: a ProxyAuthConnectionPoolManager class was created that overrides the default ConnectionPoolManagerImpl. The getConnection method has been overridden to create a standard connection (with the username/pw defined on the AM), and additionally, create a proxy connection within this connection with the specific user credentials. The (simplified) code:
public Connection getConnection(String key, String url, Properties props, String username, String pwd) {
// first fetch a default connection from the pool through the superclass
Connection connection = super.getConnection(key, url, props, username, pwd);
// cast into an OracleConnection
OracleConnection oraConnection = (OracleConnection) connection;
// close any proxy sessions that would still exist on the connection
if (oraConnection.isProxySession()) oraConnection.close(OracleConnection.PROXY_SESSION);
// get a handle on the session scope
Map sessionScope = ADFContext.getCurrent().getSessionScope();
if (sessionScope != null) {
// find the user object in the session (the account the user logs in with)
ProxyAuthUser user = (ProxyAuthUser) sessionScope.get(ProxyAuthUser.JHS_USER_KEY);
if (user != null) {
// create a property map with the end user credentials
Properties proxyProps = new Properties();
proxyProps.put(OracleConnection.PROXY_USER_NAME, user.getDbUsername() + "/" + user.getDbPassword());
proxyProps.put(OracleConnection.PROXY_USER_PASSWORD, user.getDbPassword());
// open the proxy session
oraConnection.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, proxyProps);
return oraConnection;
}Now, this works perfectly when using a JDBC URL. But when I switch the JDBC Datasource the ProxyAuthConnectionPoolManager class is not called anymore. This is all done in code in the Application Server. While using a JDBC Datasource is actually necessary: otherwise for each environment (dev, test, production,...) a different WAR file is needed.
What class can I override with code similar to the piece above, to open a proxy connection inside the existing connection, when using a JDBC Datasource?
Your help would be greatly appreciated!
ChrisHello Krasimir,
Frank Nimphius gave me the solution to this problem. The prepareSession is indeed the best place to put the code:
private OracleConnection oconn = null;
public void prepareSession(SessionData SessionData) {
super.prepareSession(SessionData);
oconn = ((PrxyTransactionImpl)this.getDBTransaction()).getPrxyConnection();
// Specify the user that connects through the proxy user and its roles
Properties prop = new Properties();
prop.put(OracleConnection.PROXY_USER_NAME,"hr");
prop.put(OracleConnection.PROXY_USER_PASSWORD,"hr");
//prop.put(OracleConnection.PROXY_ROLES, roles);
// Open the proxy session (DB-authenticated users)
try {
oconn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME, prop);
catch (SQLException e) {
// Close the connection, to avoid connection to remain open after exception
oconn.abort();
e.printStackTrace();
}But Frank also created the following helper classes to extend the ADF BC behavior:
package oracle.sample.dbprxy.adfbc;
import oracle.jbo.server.DBTransactionImpl2;
import oracle.jbo.server.DatabaseTransactionFactory;
* TransactionFactory that returns PrxTransactionImpl, which is a subclass of
* DBTransactionImpl2
* @author Frank Nimphius
public class PrxyDatabaseTransactionFactory extends DatabaseTransactionFactory {
public PrxyDatabaseTransactionFactory() {
super();
* Override the create method to return an instance of PrxyTransactionImpl instead
* of DBTransactionImpl2
* @return PrxyTransactionImpl
public DBTransactionImpl2 create() {
return new PrxyTransactionImpl();
package oracle.sample.dbprxy.adfbc;
import oracle.jbo.server.DBTransactionImpl2;
import oracle.jdbc.internal.OracleConnection;
public class PrxyTransactionImpl extends DBTransactionImpl2 {
public PrxyTransactionImpl() {
super();
* The DBTransactionImpl2 does not expose the connection in a public
* method. This class is a wrapper to expose the connection to the
* BC app, so it can be accessed in the ApplicationModuleImpl class
* @return OracleConnection - SQL Connection
public OracleConnection getPrxyConnection() {
return (OracleConnection) this.getJdbcConnection();
}In the configuration of your Application Module, you have to set the property "TransactionFactory" (normally the last one in the list) to oracle.sample.dbprxy.adfbc.PrxyDatabaseTransactionFactory. This way, the DBTransaction() of your AM will have a getPrxyConnection() method and you will have the connection at your disposal. You won't need the createPreparedStatement in your code anymore.
To close the connection, this is the code behind my "logout button" on the backing bean. Application Module Pooling and Connection Pooling will take care of the rest for you!
ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
HttpSession session = (HttpSession)ectx.getSession(false);
session.invalidate();Another thing: be sure to set the internalconnection property to a different JDBC Datasource (or file based) than the one you are using to connect to the database (the default value). Otherwise connection pooling will be confused and there will be too much pending database connections.
This works for me, all sessions are closed in time and logging out seems secure. I do not have my complete, adjusted code here at my disposal, but next week, when I'm back at work, I'll have a look to see if there is anything I forgot to mention. So this should get you started, but I'll keep you posted!
A huge thank you to Frank again for helping me (/us) out with this problem!! And sorry I forgot to post the answer here sooner. I was too busy with testing it. :-)
Regards,
Chris -
I get the above described error when trying to connect to NPS 2012 with a Windows XP machine
I successfully connecting to that server with an Android phone.
I started examining the problem and saw the following:
1. The android phone uses some cipher suites that are not supported in Windows XP and the one that theserver selects in the Server Hello message is Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xc014
2. With the WINXP the selected cipher suite is Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 and it fails with the above error.
3. Next step I did was to restrict the NPS to use only the Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA 0x0035 and not to my surprise the Android phone could not connect and I was getting the same error as with the WINXP.
Any solution to this prpoblem?Hi and thanks for replying
I do not believe there is a problem with the certificate as it uses the same certificate in both authentication processes - the failed one using the TLS_RSA_WITH_AES_256_CBC_SHA
cipher suit and the successfull one using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
cipher suit - so I believe the reason lies elsewhere.
Please check it and try to produce a solution for it.
Thanks
Maybe you are looking for
-
Oracle8i (8.1.6.0.0) Installation Problem on Win2000 server
Dear All I am trying to install Oracle8i Enterprise Edition on Windows 2000 server it gives me following Error Message after choosing Enterprice Edition (Typical) clicking next: "Not all the dependencies for the component Assistant Common Files 8.1.6
-
Fring and Skype don't working at the same time in ...
Hello there, I have a problem in my E-72 (white) software version 071.004 I have installed fring and it is working perfectly but when I tried to install Skype I found that both of them not working. must be one of them installed to work perfectly but
-
Hi All, My customer has created Asset as an item with Purchase, Sales and Fixed asset check box ticked. They had made GRPO with excisable tax code.at the time of doing incoming excise invoice system is giving error G/L account missing. I have given G
-
I just got a new iMac with Leopard OS (10.5.5) and I cannot get my Palm T/X to synchronize with it. The HotSync Manager will come up and will start the synchronization, but it will cut off in the middle (while syncing Tasks). This happens everytime
-
Hi, files having .xlsm extansion cant be opened through portal km. When it's clicked to open, dialog window shows the file as xlsx although it's xlsm (macro enabled Excel file). Any idea?