OS5 Security: Log out required to refresh?

Similar Messages

• ADF Security Log Out issue

  Hi,
  We have implemented ADF security and using form based authentication. The problem we are facing is during logout, in IE we see a NullPointerException, before the login page is displayed. Please note that this functionality works fine in Firefox and Chrome. Also this happens only in standalone weblogic server. It works perfectly fine in a cluster. The logout link is command link which goes to logout.jspx. The implementation in logout.jspx is as follows
  <?xml version='1.0' encoding='windows-1252'?>
  <jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1">
  <jsp:directive.page contentType="text/html;charset=windows-1252"/>
  <jsp:forward page="/adfAuthentication">
  <jsp:param name="logout" value="true"/>
  <jsp:param name="end_url" value="#{initParam.loginURL}"/>
  </jsp:forward>
  </jsp:root>
  the loginURL is configured in web.xml as */faces/login.jspx.*
  The exception stack trace is .
  <Dec 10, 2012 7:44:44 AM UTC> <Notice> <WebLogicServer> <BEA-000360> <Server
  started in RUNNING mode>
  <Dec 10, 2012 7:45:51 AM UTC> <Warning> <oracle.adf.share.ADFContext>
  <BEA-000000> <Automatically initializing a DefaultContext for getCurrent.
  Caller should ensure that a DefaultContext is proper for this use.
  Memory leaks and/or unexpected behaviour may occur if the automatic
  initialization is performed improperly.
  This message may be avoided by performing initADFContext before using
  getCurrent().
  For more information please enable logging for oracle.adf.share.ADFContext at
  FINEST level.>
  <Dec 10, 2012 7:45:51 AM UTC> <Error>
  <oracle.adf.controller.internal.binding.TaskFlowRegionModel> <BEA-000000>
  <1i9kmqwku_121>
  <Dec 10, 2012 7:45:51 AM UTC> <Warning>
  <oracle.adf.view.rich.component.fragment.UIXRegion> <ADF_FACES-00009> <Error
  processing viewId: /InventoryUIShell URI:
  /oracle/communications/inventory/ui/framework/templates/InventoryUIShell.jspx
  actual-URI: /oracle/communications/platform/cui/fragments/mainArea.jsff.
  oracle.adf.controller.internal.InvalidViewPortIdException: ADFC-14000: View
  port ID '1i9kmqwku_33' is invalid.
  at
  oracle.adfinternal.controller.state.ControllerState.setCurrentViewPort(Control
  lerState.java:1319)
  at
  oracle.adfinternal.controller.ControllerContextImpl.setCurrentViewPort(Control
  lerContextImpl.java:135)
  at
  oracle.adfinternal.controller.ControllerContextImpl.setCurrentViewPort(Control
  lerContextImpl.java:52)
  at
  oracle.adf.controller.internal.binding.TaskFlowRegionModel.doProcessEndRegion(
  TaskFlowRegionModel.java:320)
  at
  oracle.adf.controller.internal.binding.TaskFlowRegionModel.processEndRegion(Ta
  skFlowRegionModel.java:237)
  at
  oracle.adf.view.rich.component.fragment.UIXRegion$RegionContextChange.undoChan
  geImpl(UIXRegion.java:1209)
  at
  oracle.adf.view.rich.context.DoableContextChange.suspend(DoableContextChange.j
  ava:49)
  at
  oracle.adf.view.rich.context.DoableContextChange.undoChange(DoableContextChang
  e.java:103)
  at
  oracle.adf.view.rich.component.fragment.UIXRegion._endInterruptibleRegion(UIXR
  egion.java:726)
  at
  oracle.adf.view.rich.component.fragment.UIXRegion.decodeChildrenImpl(UIXRegion
  .java:576)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXSwitcher.processDecodes(UIXSwitcher.j
  ava:88)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXSwitcher.processDecodes(UIXSwitcher.j
  ava:88)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  oracle.adf.view.rich.component.fragment.UIXRegion.decodeChildrenImpl(UIXRegion
  .java:565)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.processDecodes(UIXCompo
  nentBase.java:797)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildrenImpl(UIXC
  omponentBase.java:986)
  at
  org.apache.myfaces.trinidad.component.UIXComponentBase.decodeChildren(UIXCompo
  nentBase.java:972)
  Any pointers to resolve this would be helpful.
  Thanks,

  Hi,
  Check these
  http://tompeez.wordpress.com/2010/07/26/logout-with-confirmation-dialog/
  http://www.oracle.com/technetwork/developer-tools/adf/learnmore/jan2011-otn-harvest-300940.pdf

• How do I log out imessage if I didn't use my personal mac, how do I log out imessage if I didn't use my personal mac

  how do I log out imessage and facetime if I did not use my own personal MacBook.

  you could try to login to icloud.com and in settings Advanced Data & Security log out of all browsers. Or you could just 'phone' your 'friend' and tell them to log out?

• Automatic Log-out while iTunes is playing

  For a long time neither I nor Apple technical representatives were able to figure out why my system would automatically log out after some time when its only activity was playing something in iTunes.
  Finally I figured out that playing something in iTunes disables automatic sleep settings, but it does not disable automatic log-out in System Preferences > Security > "Log out after _ minutes of inactivity". In order to prevent automatic log-out, you have to disable this setting.
  I wonder if this is an oversight in the iTunes program, because other programs (e.g. Pages, Numbers) cancel this automatic log-out if there is an unsaved document open. Having something playing in iTunes really should do this as well.

  Thanks so much for posting this solution. Was driving me nuts. Using Airtunes to provide party music was consistently getting embarrassing just as we were sitting down to dinner and I had to excuse myself to get up to log-in on the computer again.... ridiculous... can't thank you enough for pointing to the solution.

• Firefox browser must be refreshed to log into and log out of Simple Machine Forum. No other browser does this.

  I run a Simple Machines Forum (SMF) Whenever I log in or out of my forum using Firefox (Ver 4.0.1) my browser gets "hung up." As soon as I type username, password, and hit enter the forum goes to a white screen that just sits there. To force the page to load I have to hit refresh in my browser. The page then loads and I'm able to go on as usual. The same exact scenario happens when I try to log out of my forum. I hit logout and the page goes to the white screen. It sits there until I hit refresh in the browser and then it will log me out. This does not happen with logging in or out of the forum with any other browser. I've tested this issue in Internet Explorer, Safari, and Chrome. Logs me in and out with no issues. With Firefox I get stuck. Asked for help on the SMF forum. Other users have reported having this issue as well. Was advised to rename the forum cookie. Did that and it has not helped. I do believe the issue is with my particular install of Firefox. Any help would be appreciated.

  You can check for problems with preferences.
  Rename or delete the prefs.js file and possible numbered prefs-##.js files and a possible user.js file to reset all prefs to the default value.
  *http://kb.mozillazine.org/Preferences_not_saved
  You can use this button to go to the Firefox profile folder:
  *Help > Troubleshooting Information > Profile Directory: Show Folder (Linux: Open Directory; Mac: Show in Finder)
  Create a new profile as a test to check if your current profile is causing the problems.
  See "Creating a profile":
  *https://support.mozilla.org/kb/profile-manager-create-and-remove-firefox-profiles
  *http://kb.mozillazine.org/Standard_diagnostic_-_Firefox#Profile_issues
  If the new profile works then you can transfer some files from an existing profile to the new profile, but be cautious not to copy corrupted files to avoid carrying over the problem.
  *http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Firefox
  Also make sure that your security software isn't blocking JavaScript.

• I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

  I have created my site with Muse and have uploaded to an external ftp hosting, now my secure log in will not work because I am not using BC. Is there a way to create a secure log in that will work with out being forced to use BC?

  Hi
  Secure Zone login feature will only work if you host your website with Business catalyst.
  Please take a look to this as an alternative
  Password Protect Pages Widget for Adobe Muse
  Also, check this thread,
  Re: Can I create a login/password protection in Muse for a HTML5 page or two?

• Log out of a secured realm?

  I am hosting a website on my server and have protected a folder using the Realms feature. I am successfully able to add users and log in, but have not found a way to log out. It seems that the only way for the user to log out is to quit his/her browser. I'm wondering if there is a way to add a button or link that would allow users to log out.
  Thanks in advance.

  That's pretty much the way realms work - there was never any consideration for logging out.
  There are some hacks (see about) that reset the login, essentially by sending the browser a 'not authorized' response which makes it think its current login is no longer valid, and that's about the best you can do with realms.
  If you need fine-grained control then you shouldn't be using realms anyway. It would be better to implement a cookie-based system since you can set a cookie with an explicit timeout as well as reset/clear its value whenever you like.
  This is, of course, more complex since it requires coding setup on a login page to set the cookie, and checks on each page to make sure the cookie is set. For scripting languages such as PHP this can be done via an include statement at the top of each page which reduces the implementation workload.
  It's all a trade-off between ease of setup (realms) and functionality (per-page coding).

• Issue with logging out in adf security

  I have three pages. Login, error and welcome.
  The first page visible during runtime is login.
  I have username, password fields and login button in it.
  the action of login button is mapped to this :
  public String doLogin() {
          byte[] pw = getSPassword().getBytes();
          FacesContext ctx = FacesContext.getCurrentInstance();
          HttpServletRequest request =
              (HttpServletRequest)ctx.getExternalContext().getRequest();
          CallbackHandler handler =
              new SimpleCallbackHandler(getSUserName(), pw);
          try {
              Subject mySubject = Authentication.login(handler);
              ServletAuthentication.runAs(mySubject, request);
              ServletAuthentication.generateNewSessionID(request);
              String loginUrl =
                  "/adfAuthentication?success_url=/faces" + "/Welcome.jspx";
              HttpServletResponse response =
                  (HttpServletResponse)ctx.getExternalContext().getResponse();
              sendForward(request, response, loginUrl);
          } catch (FailedLoginException fle) {
              FacesMessage msg =
                  new FacesMessage(FacesMessage.SEVERITY_ERROR, "Incorrect Username or Password",
                                   "An incorrect Username or Password" +
                                   " was specified");
              ctx.addMessage(null, msg);
          } catch (LoginException le) {
              reportUnexpectedLoginError("LoginException", le);
          return null;
      }This takes me to welcome page.
  I have a golink control in this page.
  The destination of golink is:
  "#{securityContext.authenticated ? "/adfAuthentication?logout=true&end_url=/faces/Error.jspx"
  : "/adfAuthentication?success_url=/faces/Login.jspx"} "
  (I dont know what this el means. i believe it sets logout to false)
  It takes me to error page.
  I believe I should be logged out now. But when I press back in browser it takes me back to welcome page.
  I put an af:output text with value security.authenticated and it shows true.
  So created a servlet
  public class LogoutServlet extends HttpServlet {
      public void init(ServletConfig config) throws ServletException {
          super.init(config);
      public void doGet(HttpServletRequest request,
                        HttpServletResponse response) throws ServletException,
                                                             IOException {
          request.getSession(true).invalidate();       
          response.sendRedirect("faces/Error.jspx");
      public void doPost(HttpServletRequest request,
                         HttpServletResponse response) throws ServletException,
                                                              IOException {
          doGet(request, response);
  }registerd it in web.xml as url pattern logout.
  Set the destination of golink as logout.
  But still the same results.
  Where did i go wrong?
  the role of welcome.jspx is authenticated-role
  Edited by: josetuttu on Jul 7, 2011 2:17 AM

  Hi , your problem is arising when user presses the back button of the browser , web browser shows the page from its cache. If you want that
  on pressing the back button users should not view the previous pages you must stop web browser from caching the page to its local memory.
  It can be done by adding the following code in the jsp:root tag of jsf (.jspx) page.
    <jsp:scriptlet>
    // Set to expire far in the past.
        response.setDateHeader("Expires", 0);
    // Set standard HTTP/1.1 no-cache headers.
       response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
    // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
       response.addHeader("Cache-Control", "post-check=0, pre-check=0");
    // Set standard HTTP/1.0 no-cache header.
       response.setHeader("Pragma", "no-cache");
  </jsp:scriptlet>Now when ever page is loaded the web browser will never cache the local copy of web pages and hence users will not be allowed to view previous pages when clicking back button
  on browser .
  Hope this helps.

• I just upgraded to Mavericks and find that I'm being logged out after 15 mins even though I have set security

  I just upgraded my IMac to OS X MAVERICKS and find that I'm being prematurely logged out after 15 mins of inactivity even though my Privacy & Security settings are set to 1 hour.  Any suggestions on how to correct this problem? 

  I just upgraded my IMac to OS X MAVERICKS and find that I'm being prematurely logged out after 15 mins of inactivity even though my Privacy & Security settings are set to 1 hour.  Any suggestions on how to correct this problem? 

• Repeated logging out of secure site when trying to navigate around the site

  When signed into a particular secure web site summary page a click to redirect to a subsidiary page causes log out with error message on the site not to use back button - which I'm not.

  Many site issues can be caused by corrupt cookies or cache.
  * Clear the Cache
  Firefox/Tools > Options > Advanced > Network > Cached Web Content: "Clear Now"
  and
  * Remove Cookies
  '''''Warning ! ! '' This will log you out of all sites you're logged in to.'''
  Press the '''Alt''' or '''F10''' key to bring up the tool bar.
  Followed by;
  Windows; '''Tools > Options'''
  Linux; '''Edit > Preferences'''
  Mac; ''application name'' '''> Preferences'''
  Then '''Privacy.'''
  Under '''History''', select Firefox will '''Use Custom Settings'''.
  There is a button on the right side called '''Show Cookies'''.
  If there is still a problem,
  '''[https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-mode Start Firefox in Safe Mode]''' {web link}
  While you are in safe mode;
  Press the '''Alt''' or '''F10''' key to bring up the tool bar.
  Followed by;
  Windows; '''Tools > Options'''
  Linux; '''Edit > Preferences'''
  Mac; ''application name'' '''> Preferences'''
  Then '''Advanced > General.'''
  Look for and turn off '''Use Hardware Acceleration'''.
  Poke around safe web sites. Are there any problems?. Then restart.

• Boot Camp manager requires log-out/log-in to load

  Every time I restart Windows, Boot Camp manager requires a log-out then log-in to load in the task bar. A few other menu items also require this. Has anyone else experienced this?

  Is it boot camp assistant or is it Windows that is asking you to put in your password upon boot?
  What other menu items require this input?
  Axel F.

• IPhone 4 apps not updating that require wifi. They get only so far and then start over again. Now they won't even attempt to update. Given the 'done' or 'retry' option and they're still unusable. I've tried logging out of app store, rebooting, and reset.

  I have 4 apps that will not update. Im mostly concerned with one, as it has a good amount of in-app purchases. It started to
  Update and got 3/4 done then started over again. now im given the 'done/retry' option shortly after attempting an update. I've rebooted, reset(lost all my phone contacts thanks very much....), logged out of app store....
  Perhaps its the wifi I'm using (cruise ship worker here), and will try again on a land wifi signal before worrying a lot. any help would be great.
  In-store helper had me double click home and clear out all opened apps and that worked then , but not now.

  Also, just as a note, I restored my iphone last night, and it has made no difference.
  One last thing... On itunes, when i click 'info' on apps that are said to be under my friends account (ie they will only update when he is logged in), it says that i purchased them under my account, yet it won't let me update them.

• Why are administrator privileges required to log out of Creative Cloud?

  Hi,
  we are using Creative Cloud for Teams on managed Mac OS X-Clients, which means our users are working on standard user accounts and have no administrator privileges. They are able to sign-in to Creative Cloud with their Adobe ID without problem, but logging off is a different story: its impossible to log out of CC without administrator privileges.
  Any informations regarding this issue?
  Thanks!

  Hi Abhijit,
  CC was distributed to the client computers with CC Packager, where it's recommended NOT to distribute the CC Desktop app if the user has no admin privileges.
  I gave it a try anyway and installed a package including CC Desktop, but it didn't help. When trying to sign out of CC, the user gets an error message, see following screenshot (it's in german, sorry).
  Thanks for your help,
  Tobi

• Keeps Logging out Randomly

  Hey,
  I am having a problem with my computer logging me out randomly. It seems to be that if I am inactive on the computer for a certain period time this happens. I am currently running OS 10.6.2.
  Any help is appreciated,
  Thanks,
  Aidan

  Is it actually logging you out or is it merely locking the screen and asking you to provide your password before it will let you back in?
  In any case, you can check this:
  Open "System Preferences" -> "Security"
  Select the "General" tab (if it isn't already selected)
  Among the various check-boxes on this page, there is one to "Require password <some period of time> after sleep or screen saver begins."
  There is another to "Log out after _ minutes of inactivity."
  Check to see if either of these are enabled and set them according to your preferences.
  Also note that the keyboard shortcut to log out is "Shift + Command + Q" (which is very nearly the same as "Command + Q" used as a shortcut to quit an application). Is it possible you mean to Quit a program but were holding shift and inadvertently logged yourself out?

• Stop user from cliking back button after logging out

  How can I stop the user from clicking the back when they had clicked the log out link...?
  <%@ page language="java" %>
  <html>
  <head>
  <title></title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body>
  </body>
  <script language="JavaScript" type="text/JavaScript">
  function refreshIt() {
  setTimeout('window.parent.location.reload()', 7 * 1000);
  <%
  session.removeAttribute("username");
  session.invalidate();
  response.sendRedirect( response.encodeRedirectUrl("index.jsp?message=You had logged out from the system"));
  %>
  document.onload = refreshIt();
  </script>
  </html>

  You can NOT stop the user from clicking the "back" button.
  However, all is not lost.
  Since you're invalidating the session, simply have every page that requires the user to be logged in check for a valid session before proceeding. Put that code into an "include" file. If the session is invalidated, redirect the user back to the "Please Login" page. Do this IMMEDIATELY before doing ANYTHING.
  Another technique, but is essentially the same thing, is to "logout" to a page with javascript that redirects the user to the "You are Now Logged Out" page, with either a "redirect" or a "window.forward()" call. When the user clicks "back", they'll return to the page with the javascript that redirects the user to the "You are Now Logged Out" page. The only problem with that is that savvy users using IE can click the "history" portion of the "back" button, and go back 2, 3, 4, etc. pages if they want to.
  Therefore, you'll still have to write the code at the beginning of every page that kicks the user back to "Please Login" if the session was invalidated.