OS Authentication uses ProcessUser instead of Thread?!

Similar Messages

• OS Authentication uses ProcessUser instead of ThreadUser!?

  We are having a problem with OS authentication on Oracle - the connection request is going out using the identity of the process instead of the thread. I think the problem lies with Net8 client software, because all ODBC/OLEDB providers behave the same and I tested 3 different ones. Also they would not probably mess with connection string anyway. User name goes to Oracle in clear text.
  Here's the likely scenario of what happens:
  ADO passes "/" as the user name, this goes through all the layers to the Net8 dll, which does OpenProcessToken() to get the identity of the user. If it did OpenThreadToken() instead, everything would work, because the thread is impersonating the remote user.
  Can somebody please confirm that this is true and what can be done here? This is a separate track from configuring Kerberos on the Oracle side.
  thanks a lot
  dmitry.

  Have you tried contacting Oracle support on this? I suspect they're more likely to have this sort of information than is anyone in this group.
  Justin

• Web Authentication on HTTP Instead of HTTPS in WLC 5700 and WS-C3650-48PD (IOS XE)

  Hello,
  I have configured a Guest SSID with web authentication (captive portal).
  wlan XXXXXXX 2 Guest
   aaa-override
   client vlan YYYYYYYYY
   no exclusionlist
   ip access-group ACL-Usuarios-WIFI
   ip flow monitor wireless-avc-basic input
   ip flow monitor wireless-avc-basic output
   mobility anchor 10.181.8.219
   no security wpa
   no security wpa akm dot1x
   no security wpa wpa2
   no security wpa wpa2 ciphers aes
   security web-auth
   security web-auth parameter-map global
   session-timeout 65535
   no shutdown
  The configuration of webauth parameter map  is :
  service-template webauth-global-inactive
   inactivity-timer 3600 
  service-template DEFAULT_CRITICAL_VOICE_TEMPLATE
   voice vlan
  parameter-map type webauth global
   type webauth
   virtual-ip ipv4 1.1.1.1
   redirect on-success http://www.google.es
  I need to  login on web authentication on HTTP instead of HTTPS.
  If I  login on HTTP, I will not receive certificate alerts that prevent the users connections.
  I saw how to configure it with 7.x relesae but I have IOS XE Version 03.03.05SE and I don´t know how to configure it.
  Web Authentication on HTTP Instead of HTTPS
  You can login on web authentication on HTTP instead of HTTPS. If you login on HTTP, you do not receive certificate alerts.
  For earlier than WLC Release 7.2 code, you must disable HTTPS management of the WLC and leave HTTP management. However, this only allows the web management of the WLC over HTTP.
  For WLC Release 7.2 code, use the config network web-auth secureweb disable command to disable. This only disables HTTPS for the web authentication and not the management. Note that this requires a reboot of the controller !
  On WLC Release 7.3 and later code, you can enable/disable HTTPS for WebAuth only via GUI and CLI.
  Can anyone tell me how to configure web authentication on HTTP instead of HTTPS with IOS XE?
  Thanks in advance.
  Regards.

  The documentation doesn't provide very clear direction, does it?
  To download the WLC's default webauth page, browse to the controller's Security > Web Login Page. Make sure the web authentication type is Internal (Default). Hit the Preview button. Then use your browser's File > Save As... menu item to save the HTML into a file. Edit this to your liking and bundle it and any graphics images up into a TAR archive, then upload via the controller's COMMAND page.

• I just found my old ipod touch (i think 1st generation) and would like to let my toddler use it instead of my phone.  I am trying to download apps but it say I need to update to 4.3 but it won't let me update.  I have the most recent itunes. any idea why?

  I just found my old ipod touch (i think 1st generation) and would like to let my toddler use it instead of my phone.  I am trying to download apps but it say I need to update to 4.3 but it won't let me update.  I have the most recent itunes. any idea why? I saw a thread saying to purchase the newest software (that was posted a few years ago) I paid 4.95 for the software and it's still saying it can't be updated.  Am I just SOL??

  The 1G iPod can only go as high as 3.1.3. The 1G does not have an internal speaker or volume buttons on the upper left edge.
  Identifying iPod models
  To more easily find compatible apps:
  iOSSearch - search the iTunes store for compatible apps.
  Apple Club - filter apps by iOS version.

• ISE 1.2, Patch 7: "NAK requesting to use PEAP instead"

  We're experiencing seemingly random occurrences of users failing authentication because they're trying PEAP vs EAP. Does anyone know if it is possible to force the Windows supplicant to use EAP only?
  For what it's worth, the user can fail authentication for hours and I can either allow open authentication on the port for a bit, or the user can leave for the day and come back tomorrow and authentication will succeed. I'm not sure if it's an ISE problem or a supplicant problem, but I'm leaning towards supplicant.
  Personas:
  Administration
  Role:
  PRIMARY(A)
  System Time:
  Apr 24 2014 08:26:58 AM America/New_York
  FIPS Mode:
  Disabled
  Version:
  1.2.0.899
  Patch Information:
  7,1,3
  11001
  Received RADIUS Access-Request
  11017
  RADIUS created a new session
  15049
  Evaluating Policy Group
  15008
  Evaluating Service Selection Policy
  15048
  Queried PIP
  15048
  Queried PIP
  15004
  Matched rule
  11507
  Extracted EAP-Response/Identity
  12500
  Prepared EAP-Request proposing EAP-TLS with challenge
  12625
  Valid EAP-Key-Name attribute received
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12301
  Extracted EAP-Response/NAK requesting to use PEAP instead
  12300
  Prepared EAP-Request proposing PEAP with challenge
  12625
  Valid EAP-Key-Name attribute received
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12302
  Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
  12318
  Successfully negotiated PEAP version 0
  12800
  Extracted first TLS record; TLS handshake started
  12805
  Extracted TLS ClientHello message
  12806
  Prepared TLS ServerHello message
  12807
  Prepared TLS Certificate message
  12810
  Prepared TLS ServerDone message
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12318
  Successfully negotiated PEAP version 0
  12812
  Extracted TLS ClientKeyExchange message
  12804
  Extracted TLS Finished message
  12801
  Prepared TLS ChangeCipherSpec message
  12802
  Prepared TLS Finished message
  12816
  TLS handshake succeeded
  12310
  PEAP full handshake finished successfully
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  12313
  PEAP inner method started
  11521
  Prepared EAP-Request/Identity for inner EAP method
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  11522
  Extracted EAP-Response/Identity for inner EAP method
  11806
  Prepared EAP-Request for inner method proposing EAP-MSCHAP with challenge
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  11808
  Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
  15041
  Evaluating Identity Policy
  15006
  Matched Default Rule
  15013
  Selected Identity Source - *****
  24431
  Authenticating machine against Active Directory
  24470
  Machine authentication against Active Directory is successful
  22037
  Authentication Passed
  11824
  EAP-MSCHAP authentication attempt passed
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  11810
  Extracted EAP-Response for inner method containing MSCHAP challenge-response
  11814
  Inner EAP-MSCHAP authentication succeeded
  11519
  Prepared EAP-Success for inner EAP method
  12314
  PEAP inner method finished successfully
  12305
  Prepared EAP-Request with another PEAP challenge
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12304
  Extracted EAP-Response containing PEAP challenge-response
  15036
  Evaluating Authorization Policy
  24433
  Looking up machine in Active Directory - host/*****
  24435
  Machine Groups retrieval from Active Directory succeeded
  15048
  Queried PIP
  15048
  Queried PIP
  15048
  Queried PIP
  15048
  Queried PIP
  15048
  Queried PIP
  15004
  Matched rule - Default
  15016
  Selected Authorization Profile - DenyAccess
  15039
  Rejected per authorization profile
  12306
  PEAP authentication succeeded
  11503
  Prepared EAP-Success
  11003
  Returned RADIUS Access-Reject 

  salodh,
  Thank you for your response. Below is the authorization policy it should hit. The trouble is the workstation wants to use PEAP for some reason but we don't want PEAP because we're certificate-based. I understand what you're saying, and it's because I didn't word my question correctly. 
  12500
  Prepared EAP-Request proposing EAP-TLS with challenge
  12625
  Valid EAP-Key-Name attribute received
  11006
  Returned RADIUS Access-Challenge
  11001
  Received RADIUS Access-Request
  11018
  RADIUS is re-using an existing session
  12301
  Extracted EAP-Response/NAK requesting to use PEAP instead 
  If the NAK would not request PEAP, it would continue on to the following Authorization Policy (and succeed):
  Name
  Wired-******-PC
   Conditions
  Radius:Service-Type EQUALS Framed
  AND
  Radius:NAS-Port-Type EQUALS Ethernet
  AND
  *******:ExternalGroups EQUALS **********/Users/Domain Computers
  AND
  Network Access:EapAuthentication EQUALS EAP-TLS
  Again, this PEAP request only happens occasionally. This same workstation will work at other days/times. If I could figure out why some workstations randomly request PEAP (or find a way to force EAP only) I think that would take care of it.
  Thanks again, sir.
  Andrew

• HTTPS authentication using SSL in SOAP Sender adapter

  Hi,
  We are currently doing a SOAP to RFC synchronous scenario in PI 7.0. Our client wants to ensure that the data security is maintained at the transport level. So, we have planned to implement the HTTPS without client authentication using SSL certificates. Our Basis team has promised us that they will take care of the cerficate generation and installation part in the server. Now i am confused at the PI communication channel setup level.
  1) Do i have to specify the certificate installed path in the channel or in any other object ? If so, where do i have to configure the path ?
  2) What is the exact path that has to be carried by a PI developer once the certificates are installed in the server ?
  I have attached my communnication channel screenshot below,
  http://i41.tinypic.com/mk49h.jpg
  Please let me know what i have to configure in the Sender SOAP channel to receive data securely once the certificates are installed in the system.
  Thanks & Regards,
  Sherin Jose P

  Hi,
  1.for transport level security you should assign the HTTPS connection created in SM59 to the SOAP communication channel.
  The HTTPS connection should use the certificates imported in t-code STRUST.
  have you seen below thread,
  SSL / X.509 In SOAP Sender/Receiver Adapter
  Please go through below blog,
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/b2e7020d-0d01-0010-269c-a98d3fb5d16c?overridelayout=true
  http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/60ff2883-70c5-2c10-f090-a744def2ba66?QuickLink=index&overridelayout=true
  http://help.sap.com/saphelp_nwpi71/helpdata/de/14/ef2940cbf2195de10000000a1550b0/content.htm
  2. you nedd to check the message flow between the sender and receiver through PI .
  regards,
  ganesh.

• Oracle 9i/10G DB authentication using Active Directory (with out OID)

  Hello All,
  We want to use a Single-Password authentication scheme using the Active
  Directory as the primary source for userId/Password.
  We don't want to use the Active Directory and OID bridge.
  As we have many databases and would like to configure all Databases to use Active
  Directory for Authentication. Our goal is to have single id/password across all
  the databases and any user should be able to login from any computer using their
  windows id/password, note that we don't want to use the OSAuthentication.
  We have read the documents provided by oracle for authentication using Active
  Directory, we were able to create Oracle Schema in Active Directory and were
  also able to register a DB with Active Directory and then created user as global
  user in Oracle Database and provided the DN of the user. When we tried
  authenticate with all this setup it comes back and says invalid ID/Password !!!
  And with 10G database we get the Oracle Error ORA-03113: end-of-file on communication channel !!
  Has any one tried or have information on Integrating Oracle to Auth against Active Directory?
  Envoirnment:
  Oracle DB Version: 9.2.0 and also tried on 10.0.1 with same results
  Operating System: Windows 2000/ Windows 2000 Server
  Constraint: We don't want to user OID ( as we don't have license for this
  product ! )

  I have a thread started similar to your request.
  OS Authenication on Windows
  Somewhere I read this. It works on Oracle 9i on Linux, but I have not tried it with Oracle 9i on Windows.
  SHOW PARAMETER OS_AUTHENT_PREFIX;
  SHOW PARAMETER REMOTE_OS_AUTHENT;
  CREATE USER OPS$SOMEUSER IDENTIFIED EXTERNALLY;
  GRANT CREATE SESSION TO OPS$SOMEUSER;
  For the username, I wonder if we are supposed to put the Windows Domain name as part of the username? Such as, for a Windows domain user MyDomain\SomeUser
  CREATE USER OPS$MYDOMAIN\SOMEUSER IDENTIFIED EXTERNALLY;
  I really wish Oracle or somebody created a guide or book on how to do this.

• Trusted Authentication using QUERY_STRING

  Hi All,
  We are trying to configure the Trusted Authentication using Query_String in XIR3.1
  We have customer portal ,where in login to custom web page and click on the link which routes to Infoview.We are configuring sso to bypass the credentials from webportal to Infoview home page.
  We have created a paramerter to pass the user information.We have made all the required changes for configuring trusted authentication,like:
  1) Enable Trusted Authentication in cmc.Enter shared secret in cmc
  2) Make changes to the web.xml file
  3) Create TrustedPrincipal.conf file
  In web.xml file we gave "trusted.auth.user.retrieval" as "QUERY_STRING" & "trusted.auth.user.param" as the parameter value we are using to pass the user information.
  If the parameter we are using is "MyUser" to pass the user information ,After configuring, we noticed that ,when we launch the url, "http://host:8080/InfoViewApp/logon/logon.do?MyUser=<username>"  we can directly login to Infoview without giving any credentials.We are not sure if we are moving in right direction? Is this how the QUERY_STRING work?
  We also noticed that,instead of giving any username if we give any other value the infoview home page opens up with Guest account?
  Thank you,
  Bill

  You should disable guest when using any method of SSO. Then anything placed in the URL other than a proper user would fail. And yes this is exactly how query string works (the username must be supplied in the URL). If looking for a more dynamic/secure method you will need to combine with a front end authenticator such as IIS, siteminder, etc and use one of our other methods such as remote_user, http_header, etc
  Regards,
  Tim

• Native Supplicant "NAK requesting to use PEAP instead"

  Hello,
  We have a Cisco ISE infrastructure in place and we're experiencing seemingly random occurrences of users failing authentication because they're trying PEAP vs EAP. Does anyone know if it is possible to force the native Windows supplicant to use EAP only?
  "Microsoft: Smart Card or other certificate" is selected under network authentication method, by group policy, and I thought that wouldn't allow PEAP, but our ISE logs show "NAK requesting to use PEAP instead", after which authorization
  fails because we're not using PEAP.
  For what it's worth, the user can fail authentication for hours and I can either allow open authentication on the port for a bit, or the user can leave for the day and come back tomorrow and authentication will succeed. I'm not sure if it's an ISE problem or
  a supplicant problem, but I'm leaning towards supplicant.
  Thanks,
  Andrew

  Hi,
  About this issue, please contact Cisco Tech Support for help.
  Karen Hu
  TechNet Community Support
  I've already been in contact with them and they've verified our configuration. All that can be done on the Cisco side is to "propose" the client to go through EAP-TLS as the first option, which we are doing. This will not block any clients trying to connect
  using other protocols, and, though this will propose EAP-TLS, there is now way to enforce it at the supplicant level. This will be a client decision always. From Cisco: 
  Please monitor this after the  change we applied,   but if the issue persists,   since we are dealing with windows supplicant,   it would be a good idea to involve the native supplicant support.

• Benefit of using BizTalk instead of SSIS/ETL

  Hello!
  I would like to know which tool is better to use, BizTalk ? or SSIS/ETL ?
  What is the benefit of using BizTalk instead of SSIS/ETL ?

  There is old blog of mine on this topic and following is extract from it. Also anothere thread in this BizTalk forum on this same topic shall also help you.
  https://social.msdn.microsoft.com/Forums/en-US/a53f5d8c-d619-4ff6-ae54-2533bf7ad054/is-this-project-a-good-candidate-for-biztalk?forum=biztalkgeneral
  https://social.msdn.microsoft.com/Forums/en-US/0abc5f59-cffa-4316-a5d3-7774c46b61d5/best-way-to-trigger-dtsx-package-from-biztalk?forum=biztalkgeneral
  Extract from my old blog ....
  BizTalk and SSIS are different tools and fit different scenarios.
  SSIS is designed to move and manipulate very large amount of data over extremely high performance batch processing where BizTalk has been designed to move, process, validate, transform, and route low rate of
  transactions consisting of tiny amounts of business data
  Use SSIS for:
  Large ETL processes like de-batching the large CSV file into SQL database, or cleansing the large record before inserting in to database.
  Batch Oriented Scenarios i.e. when the files need to be processed in specific time of the day as opposed to file needs to be processed as and when the files are available.
  Use BizTalk:
  When you have to do the Business Process Management (BPM). i.e. some business processes.
  Near real-time scenarios i.e. as and when the files are available and it has to be processed.
  SSIS and BizTalk can work together:
  Though SSIS and BizTalk are used in different place depends on the scenario, it’s important to note that we can use SSIS with BizTalk. They can work together. For Example we have a project that would receive
  a batch of data once a day - containing 1000s of records. SSIS would receive the data, and then scrub the data (or validate the format). Once the data was acceptable, BizTalk would pick up each record and do the business processing.
  BizTalk can do SQL-BULK insert but..
  For bulk data processing we can use “SQL Bulk Load adapter ” available from
  http://www.biztalkgurus.com/blogs/biztalksyn/archive/2005/10/23/Processing-a-Large-Flat-File-Message-with-BizTalk-and-the-SqlBulkInsert-Adapter.aspx
  which can efficiently insert a large amount of data into SQL you are still stuck with the issues of transmitting the MessageBox database and the memory issues of dealing with really large messages.
  http://indway-is.blogspot.co.uk/2010/09/which-to-use-biztalk-or-sql-integration.html
  Regards,
  M.R.Ashwin Prabhu
  If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply.

• How do I make KDE use smartdimmer instead of ... ?

  Hi!
  I have KDE 4.3 installed on my laptop and the power management options don't work when it comes to dimming my screen. I have just installed smartdimmer, which does work for my screen and I'm wondering how I can tell KDE to use that instead.
  Thanks
  Last edited by steven (2009-10-24 02:10:50)

  There are two different settings involved:
  '''Address Bar Autofill'''
  If you have used HTTPS on a site before, Firefox's address bar autofill feature will prefer the HTTPS address. If you don't mind selecting from the drop-down instead, or simply typing the whole address, you can turn off the address bar autofill. Here's how:
  (1) In a new tab, type or paste '''about:config''' in the address bar and press Enter. Click the button promising to be careful.
  (2) In the filter box, type or paste '''autofill''' and pause while the list is filtered
  (3) Double-click '''browser.urlbar.autoFill''' to toggle it from true to false.
  '''Address Bar Search'''
  Regarding address bar search, you can change the URL used by the "keyword" service. Please see this thread for links: [https://support.mozilla.org/en-US/questions/955363 Unable to connect to proxy due to automatic https].
  Does that solve it?

• How do I use Tooltip in a thread?

  Hello Everyone.
  I'm trying to use Tooltip in a (added) thread, but I've got IlligalStateException.
  Task task = new Task<Void>() {
      @Override
      protected Void call() throws Exception {
          Tooltip tooltip = new Tooltip();
          return null;
  new Tread(task).start();NetBeans 7.1
  JDK 1.6.0_30
  JavaFX 2.0.1
  I can use other controls (like Button, etc).
  Thank you in advance.

  How do I use Tooltip in a thread? You can only create Tooltips on the JavaFX Application Thread due to this bug: http://javafx-jira.kenai.com/browse/RT-17716

• Exception access violation using jlong instead of jint

  Hi,
  I hope you can help me.
  I'm using Java5 under Windows XP and I'm developing under Eclipse.
  I try to use an "old" c-Application accesed via JNI.
  Status Quo is that, I have access to the c-side, over my JNI-conform DLL. My current task is to translate the c-side structs to java-objects. This also works, but only with limitation.
  Calling methods bidirectional is working, manipulation a java-object is like a walk on an warm and sunny Saturday afternoon.
  But I'm not able to use all possible parameters (for now I have tried to use jobject, jstring, jint, jboolean, jlong).
  The first problem I had, were using Strings as parameters, but this now I deal with the loopway over java/lang/object (using java/lang/String results in an access_violation).
  The next problem, and the harder one, is, that I cannot use the type long or jlong.
  int (jint) is no problem, with int all works fine, but if I change the environment, creating and using long, I allways get an the access_violation shown below.
  Is there anything, I need to know?
  working c-side-code:
  jobject someObject;
  jint anIntegerValue;
  anIntegerValue =5;               
  jmethodID mid3 = (*env)->GetMethodID(env, cl, "initReturnSomeObject", "(ILjava/lang/Object;)Ljava/lang/Object;");
                 if(mid3 == (jmethodID)0) printf("\ndooofes MethodName4!\n");
                           else {
                                const char* myParams;
                                myParams = "ooooohwow!!!";
                                someObject = (*env)->CallObjectMethod(env, jobj, mid3,
                                           anIntegerValue, (*env)->NewStringUTF(env, myParams));
                           }wokring java-side-code
  public Object initReturnSomeObject(int i, Object obj) {
            String s = (String)obj;
            System.out.println("String: "+s+"\nInteger: "+i);
            some = new SomeObject(s,i);
            if(some==null) System.out.println("Some is not yet initialized, FEAR!!!!\n");
            else System.out.println("Yoh, I'm soooo many good!! \nSome:\nString: "+some.getS1()+"\nInt: "+some.getI1()+"\n");
            return (Object)some;
  so, und this code, doesn't work. you can see, the changes are dramatically!! ;)
  sorry for my sarcasm. I do not know, why it doesn't work.
  jlong aLongValue;
  aLongValue = 2;
  jmethodID mid3 = (*env)->GetMethodID(env, cl, "initReturnSomeObject", "(JLjava/lang/Object;)Ljava/lang/Object;");
                 if(mid3 == (jmethodID)0) printf("\ndooofes MethodName4!\n");
                           else {
                                const char* myParams;
                                   myParams = "ooooohwow!!!";
                                someObject = (*env)->CallObjectMethod(env, jobj, mid3,
                                          aLongValue, (*env)->NewStringUTF(env, myParams));
       public Object initReturnSomeObject(long i, Object obj) {
            String s = (String)obj;
            System.out.println("String: "+s+"\nInteger: "+i+"\nLong: ");
            some = new SomeObject(s,(int)i);
            if(some==null) System.out.println("Some is not yet initialized, FEAR!!!!\n");
            else System.out.println("Yoh, I'm soooo many good!! \nSome:\nString: "+some.getS1()+"\nInt: "+some.getI1()+"\n");
            return (Object)some;
  # An unexpected error has been detected by Java Runtime Environment:
  #  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x6d942975, pid=1784, tid=1648
  # Java VM: Java HotSpot(TM) Client VM (1.6.0_03-b05 mixed mode, sharing)
  # Problematic frame:
  # V  [jvm.dll+0x182975]
  # An error report file with more information is saved as hs_err_pid1784.log
  # If you would like to submit a bug report, please visit:
  #   http://java.sun.com/webapps/bugreport/crash.jsp
  #do you need some other informations or details? something out of the log-file? ok, i have to take the bus, so sorry for uncomplete informations or sentences ;)
  till later.

  Hi,
  I'm quite sure, the signature is correct. For failure check, yesterday I ran javap to check the signature, but I do also mean, that I changed the signature afterwards for several time. And, it works ;) at least the way, using Integer.
  Trying to use java/lang/String everytime I got the Error, that the method could not be found - this is the part, I was wrong in my description. So the error-Message is a different one.
  Belonging to the question for assumptions I made... it's difficult. I'm quite new to JNI, so, I don't know, what I can assume to do. The Method call seems to be a kind of reflection-mechanism. So I assume that the behaviour is similar. But reflection I'm not very firm, either ^^.
  What I do assume is, that the parameter-value J fits to the java-type jlong. But a work around on this, I will try today. getting the jlong into an char* or using long instead of jlong or using Ljava/lang/Long; or a casted Long as Ljava/lang/Object; ...
  I'm anxious to the ideas, I will have, bypassing this point. if there is no way, I will write a file, send a email or something like this ;)
  Thx for thinking about my problem jschel!! It's great not to be alone.
  John

• How to modify a lookup field-type to use checkbox instead of radiobutton?

  How to modify a lookup field-type to use checkbox instead of radiobutton?
  I would like to modify the behavior for the lookup field.
  Normally you get a screen where it is possible to search through a lookup. The items resulted from the search are listed as radiobutton items. Therefore you can select only one at the time to be added.
  Is it possible to have the items to be listed as checkbox instead? So that you can check multiple items and therefore be able to add multiple items at the time?
  For example:
  To add the user to 10 different groups on MS-AD.
  It is desired to have the ability to check multiple groups to be added instead only one at the time.
  My client would like to use this feature in many other situations.

  Displaying will not be a big deal but with that you have to customize the action class and its working as well.

• Invalid security certificate for my website host-they say the problem is Apple Safari and use Firefox instead

  For the past few days, I keep getting an invalid security certificate in Safari whenever I select Edit My Site from my website homepage (http://annaporterartist.com), or whenever I select anything requiring a secure log in from my website host main page (FASO.com). I have contacted technical support at my website host (fineartstudioonline.com) and they say that this has been an intermittently recurring problem in Safari for years and they recommend that I use Firefox instead. As proof of this they emailed a link to an Apple Support discussion, but it was for Mac OS X Lion v 10.7.4 and Safari 5.1, even though I told them I am using Mac OS X Mountain Lion v 10.8.2 and Safari 6.0.2. I do not get this error message anywhere else on the web using Safari. I did try Firefox and it seems to work fine, but I prefer Safari and I want to know why Safari is not working as it should be. I am concerned that there is a real security problem with my website host and I need someone to explain why I am getting this error message, what it means, and if it is, in fact, a known problem with Safari or is my website host corrupted? Really tired of technical support playing pass the buck or pretending the problem does not exist.
  The specific error message is:
  Their response to my inquiry and my reply is shown below:

  Back up all data.
  Launch the Keychain Access application in any of the following ways:
  ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
  ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
  ☞ Open LaunchPad. Click Utilities, then Keychain Access in the icon grid.
  From the menu bar, select
  Keychain Access ▹ Preferences ▹ Certificates
  There are three menus in the window. What is selected in each of them?