Password Authentication System through VoiceXML
I would like to write a program for password authentication through VoiceXML, may I know how to get start?
The username and password has been stored on a SQL server. Please help! My boss gave me a new task but just got limited time to complete. Thanks in advance.
You probably want to try the Cisco Developer forum for this.
Similar Messages
-
I cannot access IDisc on my MacBook. The Apple ID & password I already have with Apple.com is not recognized by the Webdav authentication system. What can I do?
This has nothing to do with an Mac, please post your post in either the IOS forums or a iPad forum. This forum is for Mac Mini's !!
-
Logon failure with username/password authentication in WLE 5.1
Hi,
I have WLE 5.1 configured and running on a Win2K system. I am able to
build and run the simpapp sample program. I am also able to build the
interceptor_cxx sample and run with all interceptors other than the
security interceptor. What I realised in this case was that the
PersonQueryClient did not perform any login of a user from which the
security interceptor could extract user ID information (have I missed
something? I am a WLE and CORBA newbie) so I modified the ubb config
file to define SECURITY as USER_AUTH and add the AUTHSVC, modified
personqueryclientc.cpp to get access to the SecurityLevel2 principal
authenticator, built the app, created a user with the tpussradd command,
and ran the app (the AUTHSVC successfully starts).
The Tobj::AuthType returned by the get_auth_type method of the
PrincipalAuthenticator is Tobj::TOBJ_APPAUTH as I expect. I call the
logon method with the parameters (user_name, argv[0], sys_password,
password, 0) where user_name is the same as the user I created with the
tpusradd command, argv[0] is personqueryclient (I've tried tpusradd'ing
the user both with the "-c personqueryclient" argument and without),
sys_password is the password I specified when tmloadcf was run against
the modified ubb config file, password is the password I specified when
I ran tpusradd. The logon always fails returning
Security::SecAuthFailure. In the ULOGxxxx file the following message is
displayed:
181605.NUMBAT!TMSYSEVT.2180: LIBTUX_CAT:1484: WARN: .SysClientSecurity:
User tbartley on SITE1 authentication failure
I've tried running in the following manners all with the same result:
1. With or without the security_cxx interceptor registered
2. With the user in or not in a group
3. With the the user created using the "-c personqueryclient" arg to
tpusradd or not
If I change the security level down to APP_PW then everything works and
the security_cxx interceptor sees a client name of personqueryclient and
a username of personqueryclient. The logon fails if I use a sys_password
other than the one specified to tmloadcf and succeeds if I use the
correct password.
Can anyone tell me what I might be doing wrong in the username/password
authentication case?
Here's the code I inserted to personqueryc.cpp to perform the logon:
// Get SecurityCurrent object
CORBA::Object_var var_security_current_oref
= bootstrap.resolve_initial_references("SecurityCurrent");
SecurityLevel2::Current_var var_security_current_ref =
SecurityLevel2::Current::_narrow(var_security_current_oref.in());
// Get the principal authenticator
SecurityLevel2::PrincipalAuthenticator_var
var_principal_authenticator_oref =
var_security_current_ref->principal_authenticator();
char user_name[100] = "";
char password[100] = "";
char sys_password[100] = "";
// Narrow to a BEA Principal Authenticator
Tobj::PrincipalAuthenticator_var v_bea_pa =
Tobj::PrincipalAuthenticator::_narrow(var_principal_authenticator_oref.in());
// See what level of logon has been turned on
Tobj::AuthType auth_type = v_bea_pa->get_auth_type();
cout << "Auth type: ";
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: cout << "TOBJ_APPAUTH"; break;
case Tobj::TOBJ_SYSAUTH: cout << "TOBJ_SYSAUTH"; password[0] = '\0';
break;
case Tobj::TOBJ_NOAUTH: cout << "TOBJ_NOAUTH"; break;
default: cout << "TOBJ_<unknown>"; break;
cout << endl;
cout << "Username: ";
cin >> user_name;
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: {
cout << "User password: ";
cin >> password;
// fall through
case Tobj::TOBJ_SYSAUTH: {
cout << "App password: "; cin >> sys_password;
break;
default: {
break;
// now that we've got all the data necessary, logon
Security::AuthenticationStatus status =
v_bea_pa->logon(user_name,
argv[0],
sys_password,
password,
0); // user data
cout << "Logon result: ";
switch (status) {
case Security::SecAuthSuccess: cout << "SecAuthSuccess"; break;
case Security::SecAuthFailure: cout << "SecAuthFailure"; break;
case Security::SecAuthContinue: cout << "SecAuthContinue"; break;
case Security::SecAuthExpired: cout << "SecAuthExpired"; break;
default: cout << "SecAuth<unknown>"; break;
cout << endl;
if (status != Security::SecAuthSuccess) {
cerr << "Invalid password." << endl;
exit(1);
Here are the entries I added to the ubb config file:
*RESOURCES
SECURITY USER_AUTH
AUTHSVC AUTHSVR
*SERVERS
AUTHSVR SRVGRP=SYS_GRP SRVID=6 RESTART=Y GRACE=600 MAXGEN=2 CLOPT="-A"
I do not have the WLE Security Services installed (i.e. the package
that provides SSL and crypto). Is this required? It's not clear to me
from the documentation if this is required for username/password based
authentication or not.
Thanks for any help,
Tim BartleyHi Michael
I am using SSL in my application. So that it asks for the certificate username
and password while startup. But now i want to mention the username and password
in weblogic.properties file itself. So that the client need not have to provide
the username and password everytime. I am using weblogic server 5.1 version.
How do i do this?
Hope my question is clear. Please help.
with regds
siva
Michael Young <[email protected]> wrote:
Hi.
It's not 100% clear to me what you are asking for. Do you want authentication
turned off for
your application? That will certainly turn off prompting for authentication
information. You
can set your ACL for your application (in your properties file) to allow
everyone to execute
it. Something like:
weblogic.allow.execute.<myApplication>=everyone
But maybe you want some kind of silent authentication so that not everyone
can execute your
app? I suppose you could pass authentication info in a cookie. I really
don't know enough
about your application, though.
I suggest you post this question in weblogic.developer.interest.security
- you have a better
chance of getting an answer there for security related questions.
Hope this helps.
Michael
siva wrote:
Hi all,
I have the following requirements. I have an application which asksfor the authentication
information like username and password at first. The application isrunning in
weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
the username and password so that the application will not ask forin the browser.
please help. It's urgent.
with regds
siva--
Developer Relations Engineer
BEA Support -
Os authentication vs password authentication
In my database server remote_login_passwordfile parameter showing in exclusive mode. But i am connecting to the server through telnet as sqlplus "/as sysdba".
Actually in exclusive mode we need to login as a password authentication( connect sys/password as sysdba).
Why it is accepting ? can any body explain this one?
Regards,
RajeshREMOTE_LOGIN_PASSWORDFILE specifies whether Oracle checks for a password file and how many databases can use the password file.It can have values NONE/SHARED or EXCLUSIVE
NONE
Oracle ignores any password file. Therefore, privileged users must be authenticated by the operating system.
SHARED
More than one database can use a password file. However, the only user recognized by the password file is SYS.
EXCLUSIVE
The password file can be used by only one database and the password file can contain names other than SYS.
REMOTE_OS_AUTHENT specifies whether remote clients will be authenticated with the value of the OS_AUTHENT_PREFIX parameter.
OS_AUTHENT_PREFIX specifies a prefix that Oracle uses to authenticate users attempting to connect to the server. Oracle concatenates the value of this parameter to the beginning of the user's operating system account name and password. When a connection request is attempted, Oracle compares the prefixed username with Oracle usernames in the database.
The default value of this parameter is OPS$
Hope this answers all your questions. -
Trouble sending email with password authentication in 10.5.6
I just replaced two macs running 10.4.11 with two running 10.5.6. I am now unable to send email through an SMTP server that requires password authentication. I am able to send email if I switch to a server not requiring authentication, but the authenticating server is preferred.
I migrated both systems using Migration Assistant, so hopefully that copied everything correctly, but I have subsequently retyped the name and password several times to be sure.
If I setup a 10.4.11 machine beside its 10.5.6 inheritor, the mail preferences look identical to me (modulo changes in layout between the two versions). If I use Connection Doctor, the 10.4.11 machine quickly gives the server a green light while the 10.5.6 machine spins for a while and finally assigns a red light.
What am I missing?Here is my output -- I have removed personal info
CONNECTED Mar 26 14:00:20.859 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
READ Mar 26 14:00:20.877 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
220 removed.removed.com ESMTP Service (The Blue Window 8.0.022) ready
WROTE Mar 26 14:00:21.125 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bc63a10 -- thread:0x17700350
EHLO [IP address removed]
READ Mar 26 14:00:21.247 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bc63a10 -- thread:0x17700350
250-swh1.sellwebhost.com Hello [IP address removed] [IP address removed]
250-SIZE 52428800
250-AUTH PLAIN LOGIN
250 XXXA
WROTE Mar 26 14:00:21.293 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bc63a10 -- thread:0x17700350
READ Mar 26 14:00:21.412 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bc63a10 -- thread:0x17700350
235 Authentication succeeded
WROTE Mar 26 14:00:21.458 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bc63a10 -- thread:0x17700350
QUIT
WROTE Mar 26 14:00:25.897 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
EHLO [IP address removed]
READ Mar 26 14:00:25.918 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
250-removed.removed.com
250-8BITMIME
250-PIPELINING
250-HELP
250-AUTH=LOGIN
250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN
250 SIZE 26214400
WROTE Mar 26 14:00:25.940 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
AUTH LOGIN
READ Mar 26 14:00:25.966 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
334 VXNlcm5hbWU6
WROTE Mar 26 14:00:25.989 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
a2FyaW0uYWxp
READ Mar 26 14:00:26.012 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
334 UGFzc3dvcmQ6
WROTE Mar 26 14:00:26.044 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
READ Mar 26 14:00:26.481 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
235 LOGIN authentication successful
WROTE Mar 26 14:00:26.508 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x1b918cd0 -- thread:0x1bc96d20
QUIT
CONNECTED Mar 26 14:00:52.900 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
READ Mar 26 14:00:53.116 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
220-**********************************************************************
220-*******************************************************************
220 *****************
CONNECTED Mar 26 14:00:57.733 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
READ Mar 26 14:00:57.773 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
220 removed.removed.com ESMTP Service (The Blue Window 8.0.022) ready
WROTE Mar 26 14:00:58.169 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
EHLO [IP address removed]
WROTE Mar 26 14:01:02.802 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
EHLO [IP address removed]
READ Mar 26 14:01:02.828 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
250-removed.removed.ch
250-8BITMIME
250-PIPELINING
250-HELP
250-AUTH=LOGIN
250-AUTH CRAM-MD5 DIGEST-MD5 LOGIN
250 SIZE 26214400
WROTE Mar 26 14:01:02.852 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
AUTH LOGIN
READ Mar 26 14:01:02.875 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
334 VXNlcm5hbWU6
WROTE Mar 26 14:01:02.901 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
a2FyaW0uYWxp
READ Mar 26 14:01:02.924 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
334 UGFzc3dvcmQ6
WROTE Mar 26 14:01:02.948 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
READ Mar 26 14:01:02.973 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
235 LOGIN authentication successful
WROTE Mar 26 14:01:02.996 [kCFStreamSocketSecurityLevelNone] -- host:smtpauth.private1.ch -- port:587 -- socket:0x179edaf0 -- thread:0x179d4150
QUIT
READ Mar 26 14:01:14.882 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
250-removed.removed.com Hello [IP address removed] [IP address removed]
250-SIZE 52428800
250-AUTH PLAIN LOGIN
250 XXXA
WROTE Mar 26 14:01:14.934 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
READ Mar 26 14:01:15.049 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
235 Authentication succeeded
WROTE Mar 26 14:01:15.120 [kCFStreamSocketSecurityLevelNone] -- host:mail.private2.com -- port:25 -- socket:0x1bcecfb0 -- thread:0x1bc4d330
QUIT -
I have 3rd party software wirelessly injected and used on my iphone with a cryptographic authentication system without my consent (seems to be new technology developed by stanford and apple security is not updated for this technology) obtaining ownership of my iPhone 4s software and controlling it with remote device to jail breaking my phone, adding and removing software, changing settings all from a remotely controled device from different location (I have a Mac address I'd of this device to know for sure). Almost undetectable. When I look at the legal section of my phone it shows a list of all the unauthorized 3rd party software "as is" copyright encrypted on the phone. This is the most basic way to legally steal software of any kind. Because of this legalality 3rd party ownership have total control of certain software correlated with hardware use including visualization technology, etc. most people luckily will never have this happen to them so it's unlikely many readers have not a clue of what I'm saying currently. Either way, without needing to obtain specific warranty of any kind "as is" copyright control makes system restores not a solution because the source code is not directly encrypted on the actual hardware device only a copy right notice must appear on the specific device 3rd party software validation making it extremely difficult for me to take control of the situation. Apple claims their iOS technology prevents this type copyright obstruction from being possible, however, according to my phone a new form of technology was used developed by Tom wu of Stanford university called the STANFORD SRP AUTHENTICATION TECHNOLOGY which uses Some form of cryptographic authentication system and uses quote "secure remote password" which seems to suceed in hacking iOS apple technology apple claims is not possible to jailbreak an unstolen phone or without the owners consent As well as loading the device with 3rd party copyright Notices to make all of this legalized. My phone shows atleast 30 pages worth of legalized 3rd party copyright permissions! Yesterday my apple care provider labeled me a jailbreaker and refused to look at my legal documented proof which completely blew my mind because it voides my apple care contract I spent 100 on. This employee did not take all factors into consideration and made quick assumptions as well as verbally speaking to me as I'm an automatic criminal. I left the store yesterday with no payed insurance help on a problem I had no control over and couldn't prevent, leaving with voided contracts. This is an apple users worst nightmare and I have spent days researching all of this like i am some kind of lawyer only to be able to use my phone the way it should and spent alot of money on. I can legally backup any claim I have just wrote above currently and have a large source of data collected to prove apple is wrong in voiding insurance support on this issue. The problem lies in apple avoiding and not wanting to believe their software can legally be obtained ot "hacked". Yet still labeled a jailbreaker basically.. What should I do????? Been to local apple store 3 times and rebooted my phone as well sprint service restore 4 times and spoke with reps twiice on the phone. Spoke with my phone provider who said apple has full control over these matters so they can't help me. My case is according to apple "still open"...Anyone else heard of this or of Stanford's office of technology licensing? Maybe I need to buy a blackberry again or just use a landline so I can stop being my own lawyer and focus on other productive areas in life instead of this horrible mess. I shouldn't have to prove to apple I not a jailbreaker they should have to prove I'm one before voiding support I desperately need!!
Mullaly75 wrote:
I assume u guys don't understand what open source software is
Yes, I think most of us do understand what open source software is. It sounds as if you don't. Here's some information:
Open-source software (OSS) is computer software that is available in source code form: the source code and certain other rights normally reserved forcopyright holders are provided under an open-source license that permits users to study, change, improve and at times also to distribute the software.
Open source software is very often developed in a public, collaborative manner. Open-source software is the most prominent example of open-sourcedevelopment and often compared to (technically defined) user-generated content or (legally defined) open content movements.
from http://en.wikipedia.org/wiki/Open_source_software
Yes, Tom Wu of Stanford wrote a paper on something called Secure Remote Access Protocol. It's a form of Asymetric Key Exchange and has nothing to do with hacking anything. It's actually intended to protect data. -
Unable to reset password of user through IDM UI (IDM 7.1)
Hello,
We are unable to reset password of users in SAP Backend System through IDM UI.
The moment we enter new password and submit, we are getting below dump.
Any idea???
java.lang.NullPointerException
at com.sap.idm.wd.wf.task.TaskCompView.onActionSave(TaskCompView.java:172)
at com.sap.idm.wd.wf.task.wdp.InternalTaskCompView.wdInvokeEventHandler(InternalTaskCompView.java:223)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.invokeEventHandler(DelegatingView.java:87)
at com.sap.tc.webdynpro.progmodel.controller.Action.fire(Action.java:67)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doHandleActionEvent(WindowPhaseModel.java:420)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:132)
at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
Thanks
AditiHello Aditi,
In AS Java 7.1 and higher you go to short link /nwa and navigate
to Configuration -> Infrastructure -> Java System Properties – Switch to
application tab in second section (Details about <InstanceName>) ->
search for tc~idm~jmx~app.
For 7.0 you have to do that in Visual Admin but I would need to read docu to know where it is too.
But you can find that all in UI installation guide http://service.sap.com/~sapidb/011000358700001233082010E
Regards
Norman -
Dear all,
I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
I know there are 3 options for digital signature and
System signature with authorization by user ID and password (We use this currently)
Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
User signature without verification
Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
My active directory is based on Windows 2008.
Thanks in advance!!
DheeActually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.
-
Can't login, the system through me back to the login window.
I need help. Once I tried to login under admin account but the system through me out after accepting a psw. It happens like it checks the psw shows the blue screen and then return to the login window. Meantime I can succesfully log in under another user account. I tried to change psw and login but it doesn't help. The system is friendly accepting the admin psw for all the possible aims but not the login. Before that happend the system was blaiming me for overfulled hard drive. Now I cleaned it but that doens't help. What shall I do, in order to log in, what is wrong?
I have a time machine copy but recovery of admin user folder didn't help. Many thanks in advance for your assistance!You can use the install DVD to reset the password, repair the disk and repair permissions. If you don't have the install DVD you could try the following.
Print the following and then follow these instructions very carefully - at each stage wait for processes to complete - spaces are important:
1 - shutdown
2 - start in single user mode by holding command (Apple key) and S while it starts
3 - type the following and hit the return key to repair the disk
/sbin/fsck -fy
4 - type the following and hit the return key
/sbin/mount -uw /
5 - type the following and hit the return key
rm /var/db/.AppleSetupDone
5 - type the following and hit the return key
shutdown -h now
6 - start the Mac
7 - The above tricks the Mac into thinking it is starting for the first time. Follow the various processes as normal but DO NOT use a name that has been used on the Mac before. It will set up a new admin account without removing existing accounts with different names.
8 - Use the new admin account
9 - If necessary enable the root user (see Mac help) to reset passwords on other accounts. -
Connecting to R/3 System through Java Web Dynpro forms.
Hi,
I have a requirement in which I have to send data to R/3
from Java Web Dynpro screens.
I will design the Java Web Dynpro screens and write a RFC Model.
I will write a RFC in se37 which will connect to the RFC Model.
Before creating the RFC in se37, I will create ztables in se11.
I will write a ABAP Report to see that all data enters the ztables.
I need some guidance with regard to this.
Do, the RFC Model have the access of the ECC(R/3) System.
What are tasks to be told the Basis guy so, that RFC being called from through Java Web Dynpro?
Please provide me some documents with regards to this scenario.
Regards
Neha SinghHi Neha,
The steps you provided is clear enough to connect to a R/3 system through the WD forms.
On creating the model you need to give two inputs such as
logical system name for model instance
logical system name for RFC metadata
there will be 2 default values, also you can create your own JCOs in the <servername>:<port>/devinf of the server or u can ask your basis team also.
Before creating the JCO , the SLD (System Landscape Directory) needs to be configures, that your basis team will know.
other than that once you create the functional module in se37 make it RFC enabled , and once you import the RFC model , you can give your ECC system user name and password and search for RFC you have created from the list of RFC.
Regards,
Sam Charles J. -
LV acquire the print information from the embed board with Linux system through serial port
I want to acquire the print information by LV from the embed board with Linux system through serial port, like the window hyperterminal tool?
I try to use VISA serial config function to achieve it ,but lost and prompt that is error like attachment.
I can't sure that my idea is reasonable.
help me
thanks a lot!I ended up finding the answer to my problem. After pointing a client directly at one of the DPS systems, I saw the following error in the logs:
[27/Jul/2009:17:11:47 -0400] - OPERATION - INFO - conn=3688 op=4 BIND RESPONSE err=12 msg="The server is not configured to pass through control 1.3.6.1.4.1.42.2.27.8.5.1" etime=0After adding that control OID to the allowed-ldap-controls, I could login via password auth. Adding this control also allowed for password changes to work from a client system. -
Users unable to change password via system pref's 10.4.10
I am running 1 OD Master and 3 OD Replica's, all servers running 10.4.10, clients running 10.2.8, 10.39 and 10.4.10. All network users can log in with no problems at all, however if a user needs to change their password in System Preferences in 10.4.10, they are unable to do so. The old password field keeps saying "incorrect password" though the password is indeed correct. I have no problems changing any users password on the 10.2.8 and 10.3.9 machines using System Preferences. Any ideas??
I'm working through a problem right now where my users were having problems changing their passwords. I'm using network user accounts. I had a password policy configured on the server where users were allowed to change their passwords, and the password had to be changed every 90 days.
Well, the time came when it was time to change the passwords and users were prompted to do so and did. However, afterwards they started receiving Kerberos password prompts, and it wouldn't take their new password. Restarting didn't help either. If I reset the password on the server, the user could login and things would be fine until they tried to change the password in Sys Prefs : Accounts and the problem would repeat itself.
So far, the solution seems to be disabling the password policies in the Open Directory service in Server Admin. I'm going back on-site tomorrow to see what I can find out. You might want to give that a shot. -
TS3899 Outgoing Mail, Password Authentication not stored after upgraded to IOS6
Hi,
After upgraded to IOS6, my email setting failed to store password authentication. Everytime i have to go through the setting to send out email. Is this a bug in IOS6? I do not encounter this when my phone is still on IOS5.1.1
Best regards
NicBest to delete and start over, and again make sure all info is correct. If it doesnt work try doing it under other, but first restart your phone, hold down the home and off button till the apple symbol comes up. Then redo the acount as stated.
-
How to bring 'Firm' Purchase Orders from legacy system through PDOI
Hi
we are interacing the purchase orders from a legacy system through Open Interface i.e PDOI.
Here i have to enable the Firm_Flag for all these PO before converting to oracle. I found that there is a column firm_flag in po_headers_interface table , but when i am populating taht column to 'Y' also, the firm flag at the PO window , by clicking the Terms button, is not reflecting.
Please let me know why PDOI is not picking up the value at the header table. Any help is really helpful.
Thanks
VyaghreshVyaghresh
Can you tell us your version?
Thanks
Nagamohan -
Parallel How many times user can login to the SAP system through ITS
Hello all
We are using the ITS ---620 and following 46D R/3 system
R/3 system details:
Kernal :
kernel release :46D
O/S :SunOS 5.8 Generic_108528-05 sun4us
We would like to now, At a time How many times user can login to the SAP system through ITS
Kindly letus know if any one have idea about parameter which can restrict the end users to u201CNu201D times/ sessions.
Transaction SITSPMON/SMICM are not working in R/3 system as it is 46D.
We found that parameter u201Clogin/disable_multi_gui_loginu201D works with SAPgui logons.
System logons using the Internet Transaction Server (ITS) or Remote Function Call (RFC) are not affected by this Parameter u201Clogin/disable_multi_gui_loginu201D
I need similar parameter u201Clogin/disable_multi_gui_loginu201D for the ITS users.
ThanksI have searched all docs and notes.
Everytime the answer is PArameter for multi_gui_logonis not applicable for SAP Gui for HTML ( Browser )
The functionality does not exist for SAP Gui for HTML.
Regards,
Maybe you are looking for
-
How to use command pattern in grid computing
IS there a more comprehensive command pattern example available ? In a real life command method, execute method will query coherence cache for objects. Does this cause any kind of deadlock issue, i.e., in cases where Command being a coherence cluster
-
Down/upload photos from Fascinate to PC or laptop
Warning - I don't call myself a novice without reason. I have some great pics on my phone from vacation that I want to save on my computer and send to the friends who went with me. When I went to the Verizon store to ask a couple of questions on ho
-
Re: A region with dynamic page def mapping
Dear Friends, We are using Jdeveloper version 11.1.2.3.0. Our requirement is there will be one region(.jsff) , it have a af:table and some input text component, based on some condition it has to be binded withViewObjetct1 or ViewObject2 (both the Vie
-
Steps to copy back the data into newly modified table
Dear Friends, I am working for a client in CANADA...our client has a condition table 501 which has two feilds Dist Channel and Material...now he wants to add a new feild sales org. i copied the table 501 which has about 20000 records to a new table a
-
Is role base security supported by WLS 5.1?
To what extent is role based security supported by servlets under WLS 5.1? Declarative role based security does not seem to be supported? Are any of the following methods supported? HttpServletRequest.isUserInRole()