OIF redirection on login failure

Similar Messages

• OIF redirect on login failure

  We have a requirement where the customer wants the user to be redirected to another page if the user record does not exist in our database. Currently, if the user record exists in our database, their federated id is created in OID when they login for the first time. Is there a way to redirect the user to another page if their user record does not exist in our database?

  the strength of the encryption is inversely proportional to the strength of the password
  protecting it.
  The problem with file vault is the password cannot be cut and pasted, so the strongest
  practical password is the strongest one that you can constantly live with typing it in by
  hand every time it is asked for.
  In my world, that would mean a very weak password. I'm not going to try to manage a
  monster password from memory.
  I use a truecrypt container instead to keep the important stuff safe. I use a thumb drive
  (IronKey) to store the monster password and the keyfiles on for the truecrypt container.
  After login, I mount the truecrypt container using the password and keyfiles stored on the
  IronKey.
  You can create an applescript or bash script to read the password file and save it to the
  clipboard, then paste it in the truecrypt login window.
  The terminal command:
  cat /Path/to/passwordfile | pbcopy
  (replace "/Path/to/passwordfile" with the proper file path on the thumb drive)
  will read the password and copy it to the clipboard. Password will not be echoed
  for the world to see either. DO NOT FAIL to clear the clipboard though, copy
  something else unimportant to it afterwards.
  An automator script or an applescript or a bash script or the CLIX program could be used
  to automate the "monster password to clipboard" chore.
  If you would rather use an encrypted sparse bundle instead with a monster password
  securing it, simply use terminal to mount it instead of clicking it. You can paste in a monster
  password to open an encrypted sparse bundle using terminal.
  in terminal;
  at the prompt:
  hdiutil attach /Path/to/sparsebundle
  When terminal asks for the password, paste it in, press return.

• Session Time Out and Redirect to login page - urgent

  My problem is I want to display alert message and redirect to the home page when session expires.
  Iam using TimeOutListener in my application as follows.
  public PhaseId getPhaseId() {
  return PhaseId.ANY_PHASE;
  public void beforePhase(PhaseEvent phaseEvent) {
       FacesContext facesContext = phaseEvent.getFacesContext();
  HttpSession sessionx = (HttpSession)facesContext.getExternalContext().getSession(false);
  if(sessionx == null) {
       FacesUtils.sessionCheck = true;
  String ampee = (String)((HttpServletRequest)FacesContext.getCurrentInstance().getExternalContext().getRequest()).getAttribute("ampee");
  if(ampee != null && ampee.equals("ampee")) FacesUtils.sessionCheck = false;
  if(phaseEvent.getPhaseId() == PhaseId.RENDER_RESPONSE) {
       if(FacesUtils.sessionCheck){
       facesContext.getApplication().getNavigationHandler().handleNavigation(facesContext, "", "sessionExpired" );
       FacesUtils.sessionCheck = false;
  ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
            HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
            HttpSession session = request.getSession();
            if (session.isNew()) {
                 try {
                 String errorPageURL = externalContext.getRequestContextPath() +
                 "/index.jsf?errorpage=true";
                 externalContext.redirect(errorPageURL);
                 }catch(Exception e){
                      e.printStackTrace();
  here i have appended param errorPage=true...
  in jsp page i have used following code to get the param<% if(request.getParameter(errorPage)!=null && request.getParameter(errorPage).equals("true")){%>
  <script>alert("session expired");</script>
  <%
  %>
  Can any one help me how to Implement this?
  Do u know another way pls let me know...

  Consider using the Javascript setTimeout() function in conjunction with HttpSession#getMaxInactiveInterval(). The HttpSession#getMaxInactiveInterval() returns the remaining seconds of the session lifetime.
  Basic example:<script>
      setTimeout("alert('The session will timeout after one minute.')", <%= (session.getMaxInactiveInterval() * 1000) - 60000 %>);
  </script>I've given the client one minute (60000ms) extra time space to respond accordingly.
  Use this in combination with the following head:
  <meta http-equiv="refresh" content="<%= session.getMaxInactiveInterval() %>;url=login.jsf">which will redirect to login.jsf if the session is timed out. You can also redirect to another page of your taste, e.g. error.jsf or so.

• SSL VPN Login failure issue

  Hello,
  I am having an issue with some users trying to login to our SSL VPN (Anyconnect) via ASA5505 8.2(1).  Authentication is done via AD.  From the same computer, the client finds the DNS name and unlocks the login username and password.  When I enter a username and password and click connect, it is instantly rejected with login failure with the following event log:
  Function: ConnectMgr::setPromptAttributes
  File: .\ConnectMgr.cpp
  Line: 2657
  Invoked Function: setPromptAttributes
  Return Code: -33554423 (0xFE000009)
  Description: GLOBAL_ERROR_UNEXPECTED
  Error text:
  Login failed.
  If I change the user account to another user (from the same PC), login works perfectly fine - this is only happening with 3 or 4 users - I have compared the user accounts of a failing account and a successful account and they are identical in AD. 
  This has been driving me crazy - as a work around for the failing users, I just created a temporary account which works perfectly fine.  The request doesn't even seem to hit the ASA (there is nothing in the logs that show a failed attempt).  Still troubleshooting and looking at certificate's at this point.  Any help/suggestions would be greatly appreciated!!  Thanks.
  Regards.
  After a little more testing, seems somehow related to users being in to many groups in AD.      
  Message was edited by: Rich Viola

  Hello,
  If the website is unavailable or in this case, the website is missing several characters(charts, canvas, etc or some other objects), usually could be an issue with the rewrite engine.
  Solution (workaround):
  You may use smart tunnel for this website, so the rewrite engine will not override any content, and it will display the website as it should.
  You can implement it as follow:
  Add a Bookmark
  Bookmark for the service and clicking the Enable Smart Tunnel option in the Add or Edit Bookmark dialog box.
  For further information you can find it here:
  http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/configuration/guide/config/webvpn.html#wp1272236
  Let me know how tit works out!
  Please don't forget to rate and mark as correct the helpful Post!
  David Castro,
  Regards,

• When atemping to use wifi hotspots FireFox does not redirect to login page.

  when trying to use a hot spot like in a hotel or airport (tmoble for one) will not redirect to login page. Nor can it find the page when I enter the DNS name. If I enter the IP address of the long in page then it can find it but not the subsequent pages that it calls by DNS.
  == URL of affected sites ==
  http://

  I am a Hotspot ISP and I am having this issue with Firefox on Linux devices. We use Colubris MSC-3300 as access controllers tied to a RADIUS server. Have tested all other browsers on Windows and Linux and they seem to work correctly, problem seems to be tied to Firefox on Linux (testing with Ubuntu 11.04). When I open Firefox the redirect to captive portal page works correcty. I enter my username and password and when it tries to send this information back to the controller I get a "connection was interrupted" error. I have gone into Preferences and turned everything off and/or on and still can't get this device to log in.

• After creating a contained database, getting a login failure error while trying to connect to it.

  After creating a contained database and a user with passowrd under the same database, I tried connecting to the contained database. I entered the server name, login credentials and went to the connection properties tab to select the contained database using
  <browse server> option under "connect to database". Here I get the login failure error.
  TITLE: Browse Server for Database
  Failed to connect to server <servername>\<login>. (Microsoft.SqlServer.ConnectionInfo)
  But when I manually enter the Database name instead of selecting from the <browse server> option the connection gets through.
  Is this a Bug ? Has anyone else faced this error?

  Hello,
  Is this a Bug ? Has anyone else faced this error?
  It's not a bug, it's working as intended. Contained users don't have instance level permissions and cannot "login" to the instance (which is what the "browse" button is attempting). In order for it to work, the database name must be in the connection string
  (which with the browse button, it will not be).
  Welcome to contained users, they aren't for everyone.
  Sean Gallardy | Blog | Microsoft Certified Master

• Can`t Login to WAS/NWA (always redirected to login screen)

  Dear Gurus,
                     We tried to implement SSO logon Tickets following [steps|https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/a0042af5-5406-2c10-f689-fcc3b2d13d2f], and now we can`t login to any netweaber tool (NWA, User Admin, etc).
  The user/password validation is OK but always we are redirected to login screen.
  We didn't find any errors on trace files (dev_icm, dev_wX).
  We found this message on ../j2ee/cluster/server0/log/system/security.0.log after trying to login:
  User: J2EE_ADMIN
  Authentication Stack: ticket
  Login Module                                                               Flag        Initialize  Login      Commit     Abort      Details
  1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule             SUFFICIENT  ok          true       true                 
  2. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule   REQUISITE   ok                     true                 
  3. com.sap.security.core.server.jaas.CreateTicketLoginModule               OPTIONAL    ok                     false                
  Central Checks                                                                                true                  #
  <snip>
  And this message on HTTP log at ICM Monitor:
  <snip>
  I hope you can help us!!
  Thanks in advance.
  Federico.
  Edited by: Julius Bussche on Jun 4, 2009 10:57 PM
  Edited by: Julius Bussche on Jun 4, 2009 11:05 PM
  Edited by: Julius Bussche on Jun 5, 2009 2:44 PM

  If you are presented repeatedly with the logon page without a message such  'user authentication failed' or similiar, despite the fact that the entered
  credentials were correct (you can check this by logging onto the ABAP stack with the same credentials), then the problem possibly lies in the ticket creation or evaluation and/or misconfiguration of the ticket login module stack.
  The attached log shows successful authentication by J2EE_ADMIN with an already existing logon ticket, not an authentication attempt with userID and password so this is not the most relevant trace entry for your problem with logging on wiith userID and password. It does show however at the time this trace entry was written that the 'ticket' login module stack was configured correctly and evaluation of tickets was working without problem at that time
  Are you sure these trace entries are from the time of the last logon attempt?
  Instead of looking in the security log, look in the servers defaultTrace file for traces written during the failed logon by userid and password. If you are comfortable with adjusting trace severities, follow note 701205 section "Logging and Tracing" and set the trace locations mentioned there to ALL before reproducing the failed logon for more debug info. Remember to set them back to default levels afterwards
  You can check in the Visual Administrator, that the ticket login module stack includes the following modules in this order, with these flags, and at least these options.
  EvaluateTicketLoginModule  SUFFICIENT   {ume.configuration.active=true, *}
  BasicPasswordLoginModule   REQUISITE
  CreateTicketLoginModule    OPTIONAL     {ume.configuration.active=true}
  list of additional ACL parameters such as trusteddn etc
  Sorry about the format of this reply, not sure how to correct it, in preview the formatting is fine
  Edited by: Patrick Whitty on Jun 5, 2009 12:05 PM

• SQL Server 2012 syspolicy_purge_history job causes cross-instance login failures w. EraseSystemHealthPhantomRecords

  I have unique service accounts set up for multiple instances on the same SQL Server 2012.
  When step 3 of the inbuilt syspolicy_purge_history job(Erase Phantom System Health Records) runs, it appears to attempt to run against every instance on the server despite being passed the instance path!
  The SQLServer's powershell script call:
  if ('$(ESCAPE_SQUOTE(INST))' -eq 'MSSQLSERVER') {$a = '\DEFAULT'} ELSE {$a = ''};
  (Get-Item SQLSERVER:\SQLPolicy\$(ESCAPE_NONE(SRVR))$a).EraseSystemHealthPhantomRecords()
  so with instances SERVER\X this runs as...
  (Get-Item SQLSERVER:\SQLPolicy\SERVER\X).EraseSystemHealthPhantomRecords()
  SERVER\X's job will run and I will see login failures in the error logs of SERVER\Y and SERVER\Z for the service account set up for instance X.
  It seems Microsoft's only 'accepted solution' to this problem is for me to compromise my security by escalating the access of these service accounts?
  Has anyone else run into and corrected this failure?

  Hi Atombath,
  When you install multiple instances on one Server, and  the SQL Server’s powershell scripts are the same in inbuilt syspolicy_purge_history job steps. However, when you start PowerShell by right clicking
   syspolicy_purge_history job, you will find it will point to their own instance. I do a test in my SQL Server 2012,
   it will not across instance to collect the error logs. So I recommend you use its original powershell scripts for the syspolicy_purge_history job.
  Sometimes, if you run the syspolicy_purge_history job on a clustered instance, the syspolicy_purge_history SQL Server Agent job may fail due to using the computer node name instead of the virtual server name. For more information, see:
  http://support.microsoft.com/kb/955726/en-us
  In addition, you can use different service account for your multiple SQL Server instances on the same Server. And make sure the accounts that you created get added to the sysadmin fixed server role, the accounts are also set in the three Agent roles (SqlAgentUserRole,
  SqlAgentReaderRole, and SqlAgentOperatorRole).
  Regards,
  Sofiya Li
  Sofiya Li
  TechNet Community Support

• Historical Reporting Client Login Failure - UCCX 7.0(1)

  We're experiencing intermittent login failures with the Historical Reporting Client, extract from the log file below:
  1: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK: Error # 35761 ,Description= Request timed out ,LastDllError= 0
  2: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://<ip address>/histRepWebSrvrComp/histRepClientsServlet)
  3: 28/04/2010 11:58:25 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  4: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Authentication response was NOT received from (http://ip address/histRepWebSrvrComp/histRepClientsServlet)
  5: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  6: 28/04/2010 11:58:30 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
  7: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Connection to web server failed due to: 12017 : Operation cancelled
  8: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Failed to load authentication response due to empty XML buffer from authentication servlet)
  9: 28/04/2010 11:59:05 %CHC-LOG_SUBFAC-3-UNK:Login Error | Invalid server name or IP address. Check the server name or IP address and login again.
  Does anyone know why this may be happening as it's driving the customer mad. User can usually login after a few attempts.
  The authentication timeout is set to 15 seconds, surely this is more than enough time or should we increase the timer?
  Any advice much appreciated.

  Hi Robert
  Thanks for the response and all very good suggestions which should help Chris narrow down his particular issue.
  It's been about a year since we last looked at this so I'd quite forgotten most of the diagnostics we'd done however we did go through most of the same diagnostics ourselves but the resolution was hampered due to the fact we support the telephony/WAN and another third party supports the desktops and LAN infrastructure so after months of to and fro with the customer and their third party (and many, many man hours) we eventually left the risk with the customer and investigations never progressed any further.
  1.) Upgrade to UCCX 7.0SR5.  This is a very stable release of code with few open bugs or caveats against it.
              - Agreed. We also ran into other bugs which required an upgrade.
  2.) Verify that the active NIC is indeed at the top of the bindings order.  Just having it active isn't enough, there needs to be the further test of moving to the top of the bindings order.
              - We did check this.
  3.) Verify that the hosts file on the UCCX server(s) has the external IP and hostname of the server in it.
              - Did this too.
  4.) Check the remote locations to verify that the network is correctly configured, there are no line errors on the WAN circuits, no misconfiguration on the switch/router ports and that QOS is in place across the network.
              - This part of the investigation stalled due to another 3rd party supporting the onsite network however no WAN issues were found.
  5.) Try to take a test system that is on the same network as the one having HRC errors.  See if it's seeing the issues.  If not, progressively move out to other offices/locations until you replicate the issue and then see what has changed.  Something there should hopefully point to the cause of the error.
              - We did this also, using my laptop I connected from various locations and even when using the same network connection as the end user had no problems, we did note the successful connection attempts used a slightly different network route/DNS/WINS however again got nowhere with the third party supporting this aspect of the network.
  6.) Finally, you may want to consider creating external data warehouse servers so that your UCCX servers aren't serving up the HRC data.
              - Not an option for this customer, again this aspect of the service is a different third party on their own network and customer not willing to pay for additional servers for the telephony estate to provide this functionality when they only have a few CCX users.
  Regards
  June

• How to see / limit consecutive login failures?

  Hi, our server is running 10.4.7 server.
  In terms of hardening the machine against attacks, is there be default a limit to the number of failed logins that occur before an account is locked in some way?
  If not, is there a way to turn ON that security feaure?
  Where are login failures logged?
  Thanks!

  Yes, you can set a limit to login failures. The following assumes that you are using Open Directory and that your users are authenticating against the server's Open Directory database.
  For global policies =
  Open Server Admin > for the proper server select Open Directory > select Policy > select Passwords > adjust settings
  For a single user = this will override global policies listed above
  Open Workgroup Manager > browse users > select the account you wish to manage > Select the Advanced user settings > select Options > dialog box gives ability to limit access in a variety of ways.
  Authentication is logged =
  Server Admin > Open Directory > Logs > Password service server log

• SP15 in Java engine failed, "Login Failure: all modules ignored"

  Hi
  During the installation of sp15 (with JSPM) failed, the sdm log shows:
  ERROR: Cannot connect to Host: [hostname] with user name: [J2EE_ADMIN]
  My instance was down so I started but now there is an error, when I try to log on to User management it give me the error: "Login Failure: all modules ignored".
  I checked the logs for the server and found the following:
  #1.5^H#0000000000000067000000250000596D00045A79FA4B224F#1225379843613#com.sap.engine.services.security.resource.ResourceHandl
  eImpl#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.resource.ResourceHandleImpl#J2EE_GUEST#0##n/a##da7
  065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error#1#/System/Security/Audit/J2EE#Java###ACCESS.
  ERROR: Authorization check for caller assignment to J2EE resource [ : : : ].#4#SAP-J2EE-Engine#session-pool#ge
  t_session_pool#ALL#
  #1.5^H#0000000000000067000000260000596D00045A79FA4B32AC#1225379843613#com.sap.engine.services.security.authentication.loginco
  ntext#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.logincontext#J2EE_GUEST#0##n/a##da7
  065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error##Java###Caller not authorized.
  [EXCEPTION]
  #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.
          at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:627)
          at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:513)
          at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)
          at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:119)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getSessionPool(AuthenticationContextImpl.java:39
  5)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContextFactory(AuthenticationContextImpl
  .java:740)
          at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:2
  54)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:324)
          at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72)
          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
          at java.lang.reflect.Method.invoke(Method.java:324)
          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)
          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)
          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)
          at java.security.AccessController.doPrivileged(Native Method)
          at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)
          at javax.security.auth.login.LoginContext.login(LoginContext.java:534)
          at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:146)
          at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.forceLoggedInUser(SAPJ2EEAuthenticator.java:231)
          at com.sap.security.core.admin.ServletAccessToLogic.getActiveUser(ServletAccessToLogic.java:141)
          at com.sap.security.core.admin.UserAdminLogic.executeRequest(UserAdminLogic.java:438)
          at com.sap.security.core.admin.UserAdminServlet.doPost(UserAdminServlet.java:26)
          at com.sap.security.core.admin.UserAdminServlet.doGet(UserAdminServlet.java:19)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
          at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
          at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
          at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
          at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
          at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio
  nMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  I found the SAP Note 971249 but Iu2019m not sure it applies and even I can log on into Visual administrator.
  Log for the Visual Administrator
  <!LOGHEADER[START]/>
  <!HELP[Manual modification of the header may cause parsing problem!]/>
  <!LOGGINGVERSION[1.5.3.7185 - 630]/>
  <!NAME[/usr/sap/SID/DVEBMGS00/j2ee/admin/log/./traces/visual_administration.trc]/>
  <!PATTERN[visual_administration.trc]/>
  <!FORMATTER[com.sap.tc.logging.ListFormatter]/>
  <!ENCODING[UTF8]/>
  <!FILESET[0, 5, 10000000]/>
  <!PREVIOUSFILE[visual_administration.4.trc]/>
  <!NEXTFILE[visual_administration.1.trc]/>
  <!LOGHEADER[END]/>
  #1.5^H#C000AC11873E00000000000100CEC78D00045A541BE7A040#1225217198758#com.sap.engine.services.adminadapter.gui.tasks.LoginTas
  k##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server/VisualA
  dministrationTool#Java###Error while trying to login to host: null
  [EXCEPTION]
  #1#java.lang.NullPointerException
          at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.
  java:72)
          at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextH
  elperImplp4_Skel.java:64)
          at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)
          at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)
          at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)
          at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio
  nMessageListener.java:33)
          at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
          at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
          at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Thank you very much for your help.
  Best Regards

  hi
  we had the same issue some time back when we upgraded to SP15, we opened a OSS message and SAP had to come and fix the issue.
  It was some inconsistencies in -Config DB settings and they made quite a few changes in security/configurations/ticket(config tool)
  also
  one Java parameter was wrong(config tool - server config) :
  -Djava.security.policy=/java.policy  it should be -
  > Djava.security.policy=./java.policy (The DOT was missing)
  thank you
  Jonu Joy

• Unexpected error forwarding or redirecting to login page

  Hello Everybody!!
  I am having problem with JEE 5 update 3.
  after starting the server http://localhost:4848/ fails to open the login page .
  The log in >domain>domain1>log>server shows the following error
  Unexpected error forwarding or redirecting to login page
  java.lang.NoSuchMethodError: javax.servlet.ServletContext.getContextPath()Ljava/lang/String;
  Please help me .I have installed JEE 5 from java_ee_sdk-5_03-windows-nojdk.
  I am working on win XP and have jdk1.6.0 installed.
  please help.I am really getting irritated as i am stuck at this place for very long.
  Thanks in advance.

  Is there any body who can figure it out what i should do.
  Common plz help.

• OS X server (10.10.1) Imap Internal login failure

  I have a problem with my main server on a OS X server 10.10.1 (Mac mini)
  Clients cannot log in to the IMAP side of an account on the server.
  So when using the mail client Connection Doctor the SMTP is successful and the IMAP portion not.
  This happens with both accounts Local as with the accounts in the Open Directory service
  The log of the Open Directory service indicates that ist was an successful login.
  The IMAP log shows.
  error Jan 17 18:44:04 imap-login: Info: Internal login failure (pid=93306 id=27) (internal failure, 1 successful auths): user=<test>, method=PLAIN, rip=10.0.0.101, lip=10.0.0.101, mpid=93310, TLS
  The user test is local users.
  The server was up-grade from Maverick to Yosemite a few months ago.
  It runs 10.10.1 and Server 4.0.3
  Any suggestion?
  Thanks and regards,
  Jacob

  The reason that I wanted to use WGM was because it allows you to configure a maximum backup volume size per machine. If you just configure through TM, a single machine could fill the entire volume with backups.
  I know that there's a way to use hdiutil to max the sparsebundle size that is created when you don't use WGM, but lets face it folks - if the option is there, then apple should support it!

• OIF Redirection ISsue after the assertion validation

  Hi All,
  I have configured OIF SP(10g) and OIF IDP(10g) and configured the IDP initiated SSO. Upon the successful federation the OIF redirecting the user to the Web application. If the Assertion sent from the IDP is not matching for any user in the OID it is redirecting to SP side authentication(SSO) page.But I need to redirect to some web page(like www.google.com) in this case.
  Can we configure at any where in OIF SP in such a way that it should redirect to a sample web page(like ww.google.com) instead of redirecting to the SP Authentication Page page in the above case?
  Thanks in Advance,
  NB
  Edited by: user7470167 on Jun 1, 2011 12:10 AM

  Hi Friends,
  I have "protlet A(AcctinfoController.jpf)" & "portlet B(BillinfoController.jpf)", on change of a drop down value present in "portlet A", "portlet B" needs to be refreshed with different data.
  Now the solution i am trying to implement is "portlet A" has a backing file with a custom defined method. A customeEventHandler has been added in "portlet A" which intern invokes custom method defined in backing file, in this method i do fireCustomeEvent("RefreshData".SelectAccount).
  <netuix:portlet asyncContent="ajax"
  backingFile="com.rogers.isp.jpf.order.tacbacking.AccountInfoBacking"
  definitionLabel="acctinfo" title="Account Info">
  <netuix:handlePageFlowEvent action="showAccountDetails" eventLabel="showAccountDetails"
  fromSelfInstanceOnly="true" onlyIfDisplayed="true">
  <netuix:invokeBackingFileMethod method="fireEventOnAcctNoChange"/>
  <netuix:activatePage/>
  </netuix:handlePageFlowEvent>
  <netuix:content>
  <netuix:pageflowContent contentUri="/com/AcctinfoController.jpf"/>
  </netuix:content>
  </netuix:portlet>
  Now in "portlet B" trying to handle that custom event with pageflowAction.
  <netuix:portlet asyncContent="ajax" definitionLabel="billInfo" title="Billinfo">
  <netuix:handleCustomEvent event="refreshBillingInfo" eventLabel="refreshBillingInfo"
  fromSelfInstanceOnly="false" onlyIfDisplayed="false" sourceDefinitionLabels="acctinfo">
  <netuix:invokePageFlowAction action="begin"/>
  <netuix:activatePage/>
  </netuix:handleCustomEvent>
  <netuix:content>
  <netuix:pageflowContent contentUri="/com/BillinfoController.jpf"/>
  </netuix:content>
  </netuix:portlet>
  Problem is , I am able to come to backing file method and fire the event. in "portlet B" not able to invoke pageflowaction.
  I am using Oracle Weblogic 10R3.
  Please help me, urgent
  Thanks - Venki
  Edited by: user8843829 on Jul 20, 2010 2:22 PM

• Workflow Agent login failure

  Hi Everybody,
  I m following KFI process for Invoice Processing.The document image is successfully loaded into UCM and display in IPM search criteria.But the thing is that when ever i m watching Documentrouting in EM ,there is no instance created .
  IPM logs:Workflow Agent login failure
  Please guide me how to solve this one.
  With Regards
  Jyoti

  Hi Everybody,
  Actually imaging.ear was missing.It has solved with the patch installation for soa suite 11.1.1.3 in linux machine.
  Thnx for co-operation.
  With Regards
  Jyoti