Perform NT user Authentication from JDK 1.2.2
[URGENT]
Is there any module or plugin that supports the captioned function for JDK 1.2.2? Is there any similar product like JAAS for JDK 1.3? Code sample would be helpful.
Thx,
Kenneth
There is a tool called JCom/JIntegra that has a java implementation of DCOM that allows a very simple way to authenticate. Like this:
NTLMAuthenticate.validate(controllerHostName,domain,user,password);
If you are using BEA WebLogic then this is shipped as part of the product.
Very useful for any type of multi-platform integration.
--C
Similar Messages
-
CM User authentication from OID
Folks,
I like to authenticate users from OID.
That being the case, when I add users from the cm admin interface, would it add the users both in the cm schema tables and also in the OID, or just in OID?
Conversely, if add users into OID using say some ldap client, will the users show up on the cmsdk admin screen?
In case the user entries must be duplicated in both schema and OID, what is an elegant way to sync both? Can someone give any pointers to any available literature or samples in this regard?
Thanks in advance,
Bala.Hi
If you are using 10g then you can use the OID Credential Manager Agent. Have a look in Appendix C of the CMSDK 10g Adminstrators guide.
Regards -
ISE - Machine + user authentication
I've searched forum, community but I couldn't find exactly what I need:
I have a client that want's to use two step authentication on wireless: first machine authentication to make sure that device is on the domain and then username/password authentication.
Now, I've read about MAR, EAP chaining, and I understood it all, only thing I didn't understand is:
If I configure ISE to authenticate machine, it will allow limited access to DC (for example).
Then, after that AuthZ profile is applied, what will do new authorization? My understanding is once MAR is done, AuthZ profileis applied and authorization is finished.
Now, I am not asking about turning on laptop, getting PC on the network, then logging in and then providing the user/credentials, etc. I am asking for this scenario:
How ISE policy and AuthZ profile should look like, for example, I come in the office, my wireless card is disabled, I login to my laptop, then I notice that my wireless card is disabled and now I enable it. I need to have Machine authentciation happening at that point + prompting user for username/password to complete registration on wireless.
NAM is already refused by client, so I need something that will work on plain Windows 7.
Thanks.Hello Align-
In your post you are referring to two completely separate and independent solutions:
1. MAR
2. EAP-Chaining
MAR only happens when the machine first boots up and the host presents its machine domain credentials. Then the machine MAC address is saved in ISE. The MAC is preserved in ISE as long as configured in the machine timer. Keep in mind that if let's say a computer was booted while connected on the wired network, only that MAC address will be authenticated. If the user moves to wireless, the connection will be denied as ISE will not have any records of the wireless MAC. Along with all of that, you will need another method (usually PEAP) to perform the user authentication. Usually this method is not a very good one to implement due to the issues listed
EAP-Chaining on the other hand utilizes EAP-FAST and it s a multi-phase method during which both machine and user information is passed in a secured TLS tunnel. For that you need to implement Cisco AnyConnect as it is the only software supplicant that supports it at the moment. For more info you might wanna look into Cisco's TrustSec guide:
http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_80_eapchaining_deployment.pdf
I hope this helps!
Thank you for rating! -
User domain\SPFservice is not authorized to perform request using authentication type Negotiate
Hi,
I have installed WAP/SPF in the same domain via express installation. The SPF domain service account is sysadmin on the SPF database. The SPF domain service account is running as identity in IIS application pool. I have registered SPF in
WAP via SPFcomputeraccount\LocalSPFaccount. The LocalSPFaccount is member of the 4 local groups created by the SPF setup. The domain SPF service account is member of the VMM administrators.
When a new tenant want to subscribe to a hosting plan I get an error "One or more errors occurred while contacting the underlying resource providers. The operation may be partially completed. Details: Failed to create subscription".
When I look in the eventviewer of the SPF server in ManagementODataService, I can see "User domain\SPFservice is not authorized to perform request using authentication type Negotiate".
SPF/VMM are both on the latest update rollup. The VMM console is also updated on the SPF server.
I can successfully reproduce the troubleshooting steps from http://blogs.technet.com/b/privatecloud/archive/2013/11/08/troubleshooting-windows-azure-pack-spf-amp-vmm.aspx.Hi,
During the install it is also asking you to specify groups during the installation (4 x) Is the user you specified als spf runas account also member of those group in the AD?
So you have 4 groups created on the local box by the installation. But also 4 specified during the installation. Check if the account is member of those group(s) as well, reboot the spf and you should be up and running.
Best regards, Mark Scholman. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. -
Performing User authentication with php server
How to perform user authentication and keep track of logged
in users ? I have the login form saved in one AIR page. I could do
an ajax request to authenticate the user. However, how to keep
track of the user after being logged in, so that when moving to
other pages, he doesn't need to login again ?Hi,
Cookies work in an Adobe AIR HTML application. You can use
cookies to track your session. -
Retrieve authenticated user name from environment
Hi All,
I'm connecting to Oracle from C++ using OCCI API. At the same time, the database authentication is based on secure Oracle Wallet feature.
conn = env->createConnection("","",connection_string);
Now, after I've created connection can I retrieve user name from the environment or connection object without querying database?
Thank you.Hi Patrick,
I'm just trying your code example in Eclipse but it gives me plenty of errors so I guess I'm not importing the right libraries or so.
My goal was to write just a simple response.write of the userID stored in the cookie...
The first error appears in the "ticket.setCertificates(this.certificates);" line, saying that "certificates cannot be resolved"..
Here's what I used :
import com.sapportals.portal.prt.component.*;
import com.sap.security.*;
public class cookie extends AbstractPortalComponent
public void doContent(IPortalComponentRequest request, IPortalComponentResponse response)
try
com.sap.security.core.ticket.imp.Ticket ticket = new com.sap.security.core.ticket.imp.Ticket();
ticket.setCertificates(this.certificates);
ticket.setTicket(base64Value);
String vali = ticket.toString();
ticket.verify();
if (ticket.isValid())
info = new SAPTicketInfo(ticket.getUser(),ticket.getSystemID(),ticket.getSystemClient(),ticket.getExpirationDate(),ticket.getCodepage());
response.write (info);
else
throw new TicketVerifierException("Ticket is invalid ");
catch (Exception ex)
throw new TicketVerifierException("Error in verifying ticket "+ex.getMessage(),ex);
What am I missing ? -
Authenticated users sending from blacklisted IP's
Hi Guys,
I've read quite a few posts here about allowing 'good users' send from blacklisted IP's. Most of the solutions involve creating a rule for the ip and user.
I'm just wondering is there a more elegant catch all solution. The scenario we are in is as follows.
Our organisation sees a lot of our members travelling and sending mail from hotels, road side cafés, or USB 3G dongles (mobile devices). Some also live abroad and work from home.
At any one time there could be 40-50 users off site at conferences or in transit to or from various seminars.
As a consequence quite a few of them cannot send mails as they inevitably find themselves trying to send from blacklisted IP's.
I have the SBRS set to block from -10 to -6. I don't think this is overly aggressive, and I'm not keen on relaxing this any further than it already is.
It's not an option to constantly add IP's and users to and from rules as most of my day would be filled with requests just for this.
Is it a just matter of changing Connection Behaviour from 'Reject' to 'Continue' for the Blocked Mail Flow Policy?
I feel I'm missing something simple here :oops:
R.Hi Guys
I finally have a resolution to this problem, which was provided by IronPort support.
The sender will be classified into the appropriate HAT sender group based on SBRS as normal and will be subject to any mail flow rate limiting that has been set up. This can not be avoided unless you want to set up a new listener and/or interface specifically for SMTP Auth traffic.
However, if a sending host matches the Blacklist and the sender is using SMTP Auth, there is a way to still allow them to send the message. To do this you can enable the Delayed HAT rejection on the listener. This delays the normal rejection due to the Blacklist until the sender has a chance to authenticate. Then they can send their message.
To enable this, log into the CLI and run the listenerconfig command then choose setup. You can press Enter to accept the current value for each choice until you see the setting:
'By default connections with a HAT REJECT policy will be closed with a banner message at the start of the SMTP conversation. Would you like to do the rejection at the message recipient level instead for more detailed logging of rejected mail? [N]>'. Choose Y for this. Press Enter the rest of the way through until you return to the main command prompt. Then type commit to save the change.
I can confirm that I have tested this and it has resolved the issue. :D
Matt -
Logging out Users authenticated thru a Directory service froma web app
I would like to know how to log out users authenticated thru a Glassfish web server to a Directory service can be logged out and their associated session ended on the web app. My application logs in users successfully but it been problematic logging them out. each time i use the Session.Invalidate method and i navigate backward with the browser button, a new session is created and the getPrincipalUser is still available to the page. I would appreciate contributions. thxs.
it says address already in use.
another process is using port 7101: java.net.BindException: Address already in use: JVM_Bind.> go to taks manager.. kill any java.exe process and try again.. it should work.. -
User authentication for webservices
Hi,
I am using Oracle R12.
I want to know how oracle handles user authentication when calling custom APIs through Integrated SOA Gateway.
I know that we are using security headers to do this. The header part is given below.
<soapenv:Header>
<xx:SOAHeader>
<xx:Responsibility>INVENTORY_VISION_OPERATIONS</xx:Responsibility>
<xx:RespApplication>INV</xx:RespApplication>
<xx:SecurityGroup>STANDARD</xx:SecurityGroup>
<xx:NLSLanguage>AMERICAN</xx:NLSLanguage>
<xx:Org_Id>204</xx:Org_Id>
</xx:SOAHeader>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>uname</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rerr6et6eHFV</wsse:Nonce>
<wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
But when a person is simply logging in to the application how can we choose a responsibility without know what responsibilities a person has?
The <xx:SOAHeader></xx:SOAHeader> is not mandatory. So can i simply not pass this header? Or is there a default responsibility that can be specified for all users?
Also in what scenarios is the <wsse:Security> header not required? I recently checked and found that even without providing the Security header, it is possible to execute service in ISG. Hence the question.
Thanks,
AnoopHi,
Ok, so you want to know for an user , what responsibility you should use in order to be able to perform the invocation?
Here is an example for Sysadmin user
Select usr.user_name,usr.user_id, resp.RESPONSIBILITY_NAME ,
resp.RESPONSIBILITY_KEY, grp.SECURITY_GROUP_KEY, grp.SECURITY_GROUP_ID,
APP.APPLICATION_SHORT_NAME ,APP.APPLICATION_ID
From FND_USER_RESP_GROUPS furg, FND_USER usr, fnd_responsibility_vl
resp,FND_SECURITY_GROUPS grp,FND_APPLICATION APP
where furg.user_id=usr.user_id
and furg.RESPONSIBILITY_ID=resp.RESPONSIBILITY_ID
and furg.SECURITY_GROUP_ID=grp.SECURITY_GROUP_ID
and furg.RESPONSIBILITY_APPLICATION_ID=APP.APPLICATION_ID
and usr.user_name='SYSADMIN'
regards
Mihai -
Regression in 7u55+ prompts for authentication dialogs (JDK-8046211)
I'm tracking issue JDK-8046211 and noticed today it was resolved as "won't
fix" without any comment
Our situation: We have a Java applet consisting of 4 jar files and a JNLP
file. These files are served over HTTPS from a public webserver (no
authentication required). The applet contains an up-to-date manifest with
all the entries required since the new Java security baseline. The
applet/JNLP file is accessed from a web application using Javascript
(deployJava.js). All interaction with the applet is through Javascript.
The web application itself runs on a different server and is protected
using client certificates (2-way SSL) and basic authentication.
Now until Java 7u55 everything worked fine. When loading the applet only
one popup was displayed asking the user to trust the applet (which is
properly signed) and that was all.
However since 7u55 (also 7u60) things have changed: the applet loads fine
but as soon as we call a method on the applet (though LiveConnect) the Java
VM displays a popup asking the user to select a client certificate and
thereafter asks the user to authenticate using BasicAuth.
Important note: the user doesn't actually has to select a valid certificate
or enter any credentials. If the user cancels any of the dialogs the applet
continues to function properly. Logging shows the applet is using the same
cookie as the browser so authentication against the server isn't actually
taking place. Basically the Java VM is prompting for authentication dialogs
for no good reason because the user is already authenticated with a browser
cookie.
Prior to 7u55 we didn't experience this issue (we have users with 7u40,
7u45 and 7u51). Altogether it appears we encountered JDK-8046211, which has
the characteristics of a regression issue.
I'm curious if more people have experienced these issues (I know applets aren't the hottest tech out there....)Yes the problem is due to an extra HTTP call fired from the Java plugin (only under IE, no issues in Firefox) to the page that embeds the applet. So it's different from JDK-8046211 although the result is the same.
We eventually implemented a workaround: we intercept the extra HTTP request in our frontend proxy server (Apache) and always return 200 OK prior to doing BasicAuth. Here's our mod_rewrite config implementing this workaround:
RewriteEngine On
RewriteLog /var/log/apache2/java_issue_rewrite.log
RewriteLogLevel 0
RewriteCond %{REQUEST_METHOD} =GET
RewriteCond %{HTTP_USER_AGENT} Java/1.[7-8]
RewriteRule ^/path/to/page/embedding/java/applet /dummy.html [R=200,L] -
Performing form based authentication with entities
Hey everyone,
Im in a major dilemma.Im trying to perform form-based authentication using entities.I have created the entity class from the database,and I used a SLSB to access the bean method via JNDI(when I tried using dependency injection,there was an exception).I also cannot use hibernate as a persistent provider.I used toplink since it is the default in netbeans 5.5.1 and it did not raise any issues.But then,I noticed that toplink is most compatible with the oracle application server,and I use sun java system application server 9.1.I have not been able to successfully perform the authentication.
here's the code:note,there are still bugs as ive been going back and forth trying to find a solution and also because Ive been working with preexisting code.
model:
SLSB
* userValidationBean.java
* Created on 26 March 2008, 18:25
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import javax.ejb.Stateless;
import javax.ejb.Remote;
import java.util.List;
import javax.persistence.PersistenceContext;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import Entities.UserTable;
import javax.transaction.UserTransaction;
import javax.annotation.Resource;
//the reason for the many comments is that im still debugging and there are still some bugs.Ive also been trying to go back and forth just
//to get a solution.
//the other accompanying classes had preexisting code i wrote earlier.
* @author Ayo
@Stateless
@Remote(userValidationRemote.class)
public class userValidationBean implements Entities.userValidationRemote {
@PersistenceContext private EntityManager manager;
@Resource private javax.transaction.UserTransaction tran;
/** Creates a new instance of userValidationBean */
public userValidationBean() {
//"SELECT u.username,u.password FROM UserTable u WHERE u.username =?1 and u.password=?2"
public boolean checkUser()
try
tran.begin();
UserTable user=new UserTable();
Query query=manager.createQuery("select u.username,u.password from u.user_table where u.username=:username and u.password=:password");
/*query.set("username",user.getUsername());
query.setParameter("password",user.getPassword());*/
query.setParameter("username",user.getUsername());
query.setParameter("password",user.getPassword());
userValidationBean ubean=(userValidationBean)query.getSingleResult();
boolean result=ubean==null?true:false;
tran.commit();
catch(Exception e)
System.out.println("Error:"+e);
// boolean result=ubean==null?true:false;
return result;
remote interface
package Entities;
import javax.ejb.Remote;
import Entities.UserTable;
* This is the business interface for userValidation enterprise bean.
@Remote
public interface userValidationRemote {
public boolean checkUser();
controller:servlet
* userCheck.java
* Created on 15 March 2008, 22:41
package servlets;
import Entities.UserTable;
import Entities.userValidationBean;
import javax.annotation.*;
import Entities.userValidationRemote;
import java.io.*;
import java.net.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.ejb.*;
import javax.naming.*;
import javax.persistence.*;
* @author Ayo
* @version
public class userCheck extends HttpServlet {
//@EJB userValidationRemote userRemote;
boolean checkUser;
String username,password;
/** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*con=null;
ps=null;
rs=null;
s=null;
*/response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
username=request.getParameter("username");
password=request.getParameter("password");
if(username==""||password=="")
//RequestDispatcher de=request.getRequestDispatcher("admin_error.jsp");
//de.forward(request,response);
//showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Context ctx=new InitialContext();
userValidationRemote userRemote=(userValidationRemote)ctx.lookup("Entities.userValidationRemote");
checkUser= userRemote.checkUser();
//checkUser= userRemote.checkUser();
//return;
//checkUser(UserTable user);
catch(Exception e)
out.println("Error:"+e);
//userValidation.checkUser(UserTable user);
if(checkUser==true)
RequestDispatcher d=request.getRequestDispatcher("blah.jsp");
d.forward(request,response);
else if(checkUser==false)
// RequestDispatcher d=request.getRequestDispatcher("admin_error.jsp");
//d.forward(request,response);
showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
//call bean(stateless or stateful)which access method on entity that validates.
// checkUser(request,response);
/* TODO output your page here
out.println("<html>");
out.println("<head>");
out.println("<title>Servlet userCheck</title>");
out.println("</head>");
out.println("<body>");
out.println("<h1>Servlet userCheck at " + request.getContextPath () + "</h1>");
out.println("</body>");
out.println("</html>");
//out.close();
/* public synchronized void checkUser(HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
if(username==""&&password=="")
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select username,password from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
user=rs.getString(1);
pass=rs.getString(2);
//check user type,wether super admin,user or the other subadmins or a regular user.
checkType(request,response);
else
//redirect to admin error page,then close the connection.
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
con.close();
catch(Exception e)
private synchronized void checkType(HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select user_type,user_id,access_level from user_table where username=? and password=?");
ps.setString(1,user);
ps.setString(2,pass);
rs=ps.executeQuery();
if(rs.next())
user_type=rs.getString(1);
user_id=""+rs.getInt(2);
access_level=rs.getString(3);
if(user_type.equals("super")&&(access_level.equals("all")))
//create admin user session,add to the username and the user_id.
//redirect to super admin page,with access rights to create
//health admin,insurance admin and HMO admin.
//pretty cool stuff!
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_user_page.jsp");
dispatcher.forward(request,response);
//session.setAttribute(user_id);
//remember to create a hidden field if you need to pass this information
//to another page and retrieve the super admin id to track his activities.
else if(user_type.equals("health administrator")&&(access_level.equals("Health")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher des=request.getRequestDispatcher("health_admin_user_page.jsp");
des.forward(request,response);
//check for other user types,health admin,hmo admin and insurance admin.
else if(user_type.equals("hmo administrator")&&(access_level.equals("HMO")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher d=request.getRequestDispatcher("hmo_admin_user_page.jsp");
d.forward(request,response);
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else if(user_type.equals("insurance administrator")&&(access_level.equals("insurance")))
HttpSession session=request.getSession(true);
session.setAttribute("user",user);
session.setAttribute("user_id",user_id);
RequestDispatcher de=request.getRequestDispatcher("insurance_admin_user_page.jsp");
de.forward(request,response);
else if(user_type.equals("user")&&(access_level.equals("health")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from health_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from health staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
//redirect to user page.
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else if(user_type.equals("user")&&(access_level.equals("HMO")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from hmo_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from HMO staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else if(user_type.equals("user")&&(access_level.equals("insurance")))
try
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql:http://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select staff_id from user_table where username=?and password=?");
ps.setString(1,username);
ps.setString(2,password);
rs=ps.executeQuery();
if(rs.next())
String staff_id=""+rs.getInt(1);
Class.forName("com.mysql.jdbc.Driver");
con=DriverManager.getConnection("jdbc:mysql://localhost:3306/Health_Management_System","root","");
ps=con.prepareStatement("select * from insurance_staff_table where staff_id=?");
ps.setString(1,staff_id);
rs=ps.executeQuery();
if(rs.next())
//retrieve the values from insurance staff and store them in variables.
//store important variables in user sessions e.g.staff_id,username,place of work for display in the web page.
//redirect to required page.
String first_name=rs.getString("first_name");
String last_name=rs.getString("last_name");
String work_place=rs.getString("place_of_work");
HttpSession session=request.getSession(true);
session.setAttribute("first_name",first_name);
session.setAttribute("last_name",last_name);
session.setAttribute("work_place",work_place);
session.setAttribute("staff_id",staff_id);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
else
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
//catch exception and redirect to page.
else
//invalid login details.After all else fails.
showError("<b><font color=\"red\">Invalid Login details.</font></b>",request,response);
catch(Exception e)
private void showError(String errorMsg,HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
request.setAttribute("error_msg",errorMsg);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_error.jsp");
dispatcher.forward(request,response);
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/** Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Returns a short description of the servlet.
public String getServletInfo() {
return "Short description";
// </editor-fold>
view
<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
<style type="text/css">
<!--
.style3 { color: #000000;
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
.style1 {color: #0000FF}
.style4 {
color: #0000FF;
font-size: 12px;
.style5 {
font-size: 12px
.style6 {
color: #FF0000;
font-size: 12px;
.style7 {
font-size: 36px
.style8 {color: #000000}
-->
</style>
</head>
<body>
<table width="564" border="0" align="center">
<tr>
<td width="558" bgcolor="#CCCCCC" class="style1"><div align="center">
<p> </p>
<h1 class="style7">Welcome to HealthPort</h1>
<p>HealthPort Login</p>
<p><span class="style8">Today's date is:<%= new java.util.Date() %></span></p>
<form id="form1" name="form1" method="post" action="userCheck">
<p align="right" class="style3">Username
<label></label>
<input type="text" name="username" id="username" />
</p>
<p align="right" class="style3">Password
<input type="password" name="password" id="password" />
</p>
<p align="right" class="style3">
<span class="style6">
<label></label>
<label></label>
</span>
<span class="style5">
<label></label>
</span>
<label>
<input type="submit" name="button" id="button" value="Login" />
</label>
</p>
<div align="right">
</div></form>
<div align="right"><div align="left"><p align="right"> </p>
</div></div></div></td>
</tr>
<tr>
<td bgcolor="#CCCCCC" class="style1"> </td>
</tr>
</table>
</body>
</html>
so,that's about it.I'd appreciate it.I know this is a lot.I'm grateful
Ayo.Hi.Im still having issues trying to perform form based authenticatin with entities.I tried this method but im getting errors on the marked lines.
controller servlet
* userCheck.java
* Created on 15 March 2008, 22:41
package servlets;
import Entities.UserTable;
import Entities.userValidationBean;
import javax.annotation.*;
import Entities.userValidationRemote;
import java.io.*;
import java.net.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.ejb.*;
import javax.naming.*;
import javax.persistence.*;
* @author Ayo
* @version
public class userCheck extends HttpServlet {
//@EJB userValidationRemote userRemote;
boolean checkUser;
String username,password;
/** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*con=null;
ps=null;
rs=null;
s=null;
*/response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
username=request.getParameter("username");
password=request.getParameter("password");
if(username==""||password=="")
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
try
Context ctx=new InitialContext();
userValidationRemote userRemote=(userValidationRemote)ctx.lookup("Entities.userValidationRemote");
(error on this line-saying ')' expected and no matter if i add ) there is still erro)userRemote.authenticate(String p_user,String p_password);
catch(Exception e)
out.println("Error:"+e);
if(checkUser==true)
RequestDispatcher d=request.getRequestDispatcher("blah.jsp");
d.forward(request,response);
else if(checkUser==false)
showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
private void showError(String errorMsg,HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
request.setAttribute("error_msg",errorMsg);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_error.jsp");
dispatcher.forward(request,response);
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/** Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Returns a short description of the servlet.
public String getServletInfo() {
return "Short description";
// </editor-fold>
view
<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login</title>
<style type="text/css">
<!--
.style3 { color: #000000;
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
.style1 {color: #0000FF}
.style4 {
color: #0000FF;
font-size: 12px;
.style5 {
font-size: 12px
.style6 {
color: #FF0000;
font-size: 12px;
.style7 {
font-size: 36px
.style8 {color: #000000}
-->
</style>
</head>
<body>
<table width="564" border="0" align="center">
<tr>
<td width="558" bgcolor="#9DACBF" class="style1"><div align="center">
<p> </p>
<h1 class="style7">Welcome to HealthPort</h1>
<p>HealthPort Login</p>
<p><span class="style8">Today's date is:<%= new java.util.Date() %></span></p>
<form id="form1" name="form1" method="post" action="userCheck">
<p align="right" class="style3">Username
<label></label>
<input type="text" name="username" id="username" />
</p>
<p align="right" class="style3">Password
<input type="password" name="password" id="password" />
</p>
<p align="right" class="style3">
<span class="style6">
<label></label>
<label></label>
</span>
<span class="style5">
<label></label>
</span>
<label>
<input type="submit" name="button" id="button" value="Login" />
</label>
</p>
<div align="right">
</div></form>
<div align="right"><div align="left"><p align="right"> </p>
</div></div></div></td>
</tr>
<tr>
<td bgcolor="#CCCCCC" class="style1"> </td>
</tr>
</table>
</body>
</html>
SLSB (implements userValidationRemote)
* userValidationBean.java
* Created on 26 March 2008, 18:25
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import javax.ejb.Stateless;
import javax.ejb.Remote;
import javax.persistence.PersistenceContext;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import Entities.UserTable;
import javax.annotation.*;
//import javax.transaction.UserTransaction;
* @author Ayo
@Stateless(mappedName="ejb/facade/userValidationBean")
@Remote(userValidationRemote.class)
(error on this line saying can't find class TransactionManagement)@TransactionManagement(value=TransactionManagementType.CONTAINER)
public class userValidationBean implements Entities.userValidationRemote {
@PersistenceContext(unitName="HealthInsuranceApp-ejbPU") private EntityManager manager;
/** Creates a new instance of userValidationBean */
public userValidationBean() {
//"SELECT u.username,u.password FROM UserTable u WHERE u.username =?1 and u.password=?2"
public boolean authenticate(String p_user,String p_password)
UserTable m_user=manager.find(UserTable.class,p_user);
if(m_user!=null)
return m_user.getPassword().equals(p_password);
return false;
Entity
* UserTable.java
* Created on 29 March 2008, 13:24
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import java.io.Serializable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
* Entity class UserTable
* @author Ayo
@Entity(name="qs_UserPwd")
@Table(name = "user_table")
public class UserTable implements Serializable {
@Id
@Column(name = "user_id", nullable = false)
private Integer userId;
@Column(name = "username")
private String username;
@Column(name = "password")
private String password;
@Column(name = "user_type")
private String userType;
@Column(name = "access_level")
private String accessLevel;
@Column(name = "staff_id")
private Integer staffId;
@Column(name = "staff_type", nullable = false)
private String staffType;
@Column(name = "time_created")
private String timeCreated;
@Column(name = "time_modified")
private String timeModified;
@Column(name = "time_logged_in")
private String timeLoggedIn;
@Column(name = "time_logged_out")
private String timeLoggedOut;
@Column(name = "created_by")
private String createdBy;
/** Creates a new instance of UserTable */
public UserTable() {
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
public UserTable(Integer userId) {
this.userId = userId;
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
* @param staffType the staffType of the UserTable
public UserTable(Integer userId, String staffType) {
this.userId = userId;
this.staffType = staffType;
public UserTable(String p_user,String p_password)
setUsername(p_user);
setPassword(p_password);
* Gets the userId of this UserTable.
* @return the userId
public Integer getUserId() {
return this.userId;
* Sets the userId of this UserTable to the specified value.
* @param userId the new userId
public void setUserId(Integer userId) {
this.userId = userId;
* Gets the username of this UserTable.
* @return the username
public String getUsername() {
return this.username;
* Sets the username of this UserTable to the specified value.
* @param username the new username
public void setUsername(String p_user) {
p_user = username;
* Gets the password of this UserTable.
* @return the password
public String getPassword() {
return this.password;
* Sets the password of this UserTable to the specified value.
* @param password the new password
public void setPassword(String p_password) {
p_password=password;
* Gets the userType of this UserTable.
* @return the userType
public String getUserType() {
return this.userType;
* Sets the userType of this UserTable to the specified value.
* @param userType the new userType
public void setUserType(String userType) {
this.userType = userType;
* Gets the accessLevel of this UserTable.
* @return the accessLevel
public String getAccessLevel() {
return this.accessLevel;
* Sets the accessLevel of this UserTable to the specified value.
* @param accessLevel the new accessLevel
public void setAccessLevel(String accessLevel) {
this.accessLevel = accessLevel;
* Gets the staffId of this UserTable.
* @return the staffId
public Integer getStaffId() {
return this.staffId;
* Sets the staffId of this UserTable to the specified value.
* @param staffId the new staffId
public void setStaffId(Integer staffId) {
this.staffId = staffId;
* Gets the staffType of this UserTable.
* @return the staffType
public String getStaffType() {
return this.staffType;
* Sets the staffType of this UserTable to the specified value.
* @param staffType the new staffType
public void setStaffType(String staffType) {
this.staffType = staffType;
* Gets the timeCreated of this UserTable.
* @return the timeCreated
public String getTimeCreated() {
return this.timeCreated;
* Sets the timeCreated of this UserTable to the specified value.
* @param timeCreated the new timeCreated
public void setTimeCreated(String timeCreated) {
this.timeCreated = timeCreated;
* Gets the timeModified of this UserTable.
* @return the timeModified
public String getTimeModified() {
return this.timeModified;
* Sets the timeModified of this UserTable to the specified value.
* @param timeModified the new timeModified
public void setTimeModified(String timeModified) {
this.timeModified = timeModified;
* Gets the timeLoggedIn of this UserTable.
* @return the timeLoggedIn
public String getTimeLoggedIn() {
return this.timeLoggedIn;
* Sets the timeLoggedIn of this UserTable to the specified value.
* @param timeLoggedIn the new timeLoggedIn
public void setTimeLoggedIn(String timeLoggedIn) {
this.timeLoggedIn = timeLoggedIn;
* Gets the timeLoggedOut of this UserTable.
* @return the timeLoggedOut
public String getTimeLoggedOut() {
return this.timeLoggedOut;
* Sets the timeLoggedOut of this UserTable to the specified value.
* @param timeLoggedOut the new timeLoggedOut
public void setTimeLoggedOut(String timeLoggedOut) {
this.timeLoggedOut = timeLoggedOut;
* Gets the createdBy of this UserTable.
* @return the createdBy
public String getCreatedBy() {
return this.createdBy;
* Sets the createdBy of this UserTable to the specified value.
* @param createdBy the new createdBy
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
* Returns a hash code value for the object. This implementation computes
* a hash code value based on the id fields in this object.
* @return a hash code value for this object.
@Override
public int hashCode() {
int hash = 0;
hash += (this.userId != null ? this.userId.hashCode() : 0);
return hash;
* Determines whether another object is equal to this UserTable. The result is
* <code>true</code> if and only if the argument is not null and is a UserTable object that
* has the same id field values as this object.
* @param object the reference object with which to compare
* @return <code>true</code> if this object is the same as the argument;
* <code>false</code> otherwise.
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof UserTable)) {
return false;
UserTable other = (UserTable)object;
if (this.userId != other.userId && (this.userId == null || !this.userId.equals(other.userId))) return false;
return true;
* Returns a string representation of the object. This implementation constructs
* that representation based on the id fields.
* @return a string representation of the object.
@Override
public String toString() {
return "Entities.UserTable[userId=" + userId + "]";
please what do I do? or is there a better way? seems like my appserver(sun java system app server 9.1)doesnt support dependency injection as
there's always an exception in the server log when i try it.i use the default transaction provider toplink because use of any of the others raises an exception and my application index page never shows. please i need help? I want to be able to succesfully perform this authentication as its the only way i can move to the next level
Ayo. -
OAS v10.1.2.3 REP-51018: Need database user authentication
Hi all,
I have an Forms/Reports 10g application, and when I call a report, I always get the "REP-51018: Need database user authentication" when using IE8. It works fine with version 19, 20 and 21 of Firefox. As IE8 is the corporate browser, calling reports need to work within IE8.
First, some pertinent information:
Server:
- Windows Server 2003 Standard Edition with SP2
- OAS v10.1.2.0.2 upgraded to v10.1.2.3
=> Of note, reports did work with JInitiator on v10.1.2.0.2, but for several reasons, we need to move to v10.1.2.3 and use JPI.
- Server is a VM created by VMWare.
Client:
- Windows XP Pro v2002 with SP3 (moving to Windows 7 soon)
- IE8
- Firefox (for developers)
I have applied several ideas from several threads within this forums and documentation from other sites (Oracle being one of them), but to no avail. Here is a list of a couple of them that were pertinent to my problem:
need java been frmrwinteg.jar (especially the sections from Francois Degrelle and Steve Cosner)
10.1.2.3 problem with frmrwinteg.jar
Upgrade to patchset 3 10.1.2.3 from 10.1.2.0.2 causes Java errors (I have used this thread to fix the Java issues that I had initially)
https://support.oracle.com/epmos/faces/ui/km/SearchDocDisplay.jspx?returnToSrId=&_afrLoop=483184561714826&srnum=&type=DO… (Doc Id. 564522.1) (I have tried Option 2 only as the FrmReportsInteg.java is not provided.)
https://support.oracle.com/epmos/faces/ui/km/SearchDocDisplay.jspx?_afrLoop=483273286061582&_afrWindowMode=0&_adf.ctrl-s…
http://www.oracle.com/technetwork/developer-tools/forms/documentation/frmwebshowdoc-rep-10gr2-1-128932.pdf
It is getting very frustrating! I have performed this same upgrade, on different platforms, between 10 and 12 times with no issues what-so-ever! The strange part is that, for this upgrade (that I'm having difficulties with), I needed to sign the frmwebutil.jar and frmrwinteg.jar files; I never needed to do this for the other upgrades, except for the jacob.jar file, of course!
From the formsweb.cfg file, here is the configuration area that I'm using:
[VailWUStd]
width=950
height=650
IE=native
HTMLbeforeForm=<SCRIPT>window.onbeforeunload = unloadMess; function unloadMess() {mess = "Clicking 'ok' will terminate all Vailtech applications!"; return mess;}</SCRIPT>
baseHTMLJInitiator=webutiljpi.htm
baseHTMLjpi=webutiljpi.htm
baseHTML=webutilbase.htm
# Used for Sun JRE/JPI Dynamic CLSID
jpi_classid=clsid:CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA
jpi_codebase=/forms/java/jre-6u41-windows-i586.exe
jpi_mimetype=application/x-java-applet;jpi-version=1.6.0_41
jpi_download_page=/forms/java/jre-6u41-windows-i586.exe
form=E:\tax\vailtechMenu.fmx
userid=
archive=frmall.jar,VailtechAppIcons.jar,frmrwinteg.jar
lookAndFeel=oracle
colorScheme=Titanium
imageBase=codebase
networkRetries=5
# Webutil:
WebUtilArchive=frmwebutil.jar,jacob.jar
WebUtilLogging=off
# WebUtilLogging=console
# WebUtilLoggingDetail=detailed
WebUtilLoggingDetail=normal
WebUtilErrorMode=Alert
WebUtilDispatchMonitorInterval=5
WebUtilTrustInternal=true
WebUtilMaxTransferSize=16384
And from the Java Console, here is the section related to the FRMREPORTSINTEG bean:
FrmReportsInteg1: Debugging true
FrmReportsInteg1: Adding new userid string "VAILTECH/*********@taxg2" -- I did hide the password here.
FrmReportsInteg1: Default cookie domain:
FrmReportsInteg1: set RW_AUTH10g
FrmReportsInteg1: Arguments: encryptionKey=reports9i; Reports version=RW10g
FrmReportsInteg1: Cookie value for RW10g is: VAILTECH/M0NKEYS@taxg2;1372248145539:30
FrmReportsInteg1: Encoded cookie value is: d1z0Y+lWJGiRKapq55Lu6X39JxTgt66lxhymsfggYosY5IfpZurc
FrmReportsInteg1: Complete cookie string is: userid=d1z0Y+lWJGiRKapq55Lu6X39JxTgt66lxhymsfggYosY5IfpZurc
FrmReportsInteg1: Added domain " " to cookie
FrmReportsInteg1: Generated Cookie String: userid=d1z0Y+lWJGiRKapq55Lu6X39JxTgt66lxhymsfggYosY5IfpZurc; domain= ; path=/
FrmReportsInteg1: IE Cookie Set
FrmReportsInteg1: Setting domain to city.a.ottawa.ca
FrmReportsInteg1: Domain provided is not empty and is evaluated right now
FrmReportsInteg1: First period found at 4
FrmReportsInteg1: Second period found at 6
FrmReportsInteg1: Cookie domain now is: city.a.ottawa.ca
As you can see, everything looks fine! (well, I think it is!!) I'm just out of ideas! I even re-installed OAS v10.1.2.0.2 and applied the v10.1.2.3 upgrade, TWICE, but again, to no avail!!
Any help would be greatly appreciated!
Thx!
Cheers,
StephHi DB,
I am refering to the thread you had in Re: Help pages problem for Arabic on R12.1.1 could you tell if you fixed this error
Regards
Taher -
User authentication in Cisco ACS by adding external RADIUS database
Hi,
I would like to configure the below setup:
End user client (Cisco Any connect/VPN client) -> ASA 5500 (AAA client) -> ACS server -> External RADIUS database.
Here ACS server would send the authentication requests to External RADIUS server.So, i have added the external user database (RADIUS token server) in
ACS under External databases.I have added AAA client in Network configuration (selected authenticate using RADIUS(VPN 3000/ASA/PIX 7.0) from the drop down.
Here how do i make ASA recognize that it has to send the request to ACS server. Normally when you use ACS as RADIUS server you can add an AAA server in ASA and test it.But here we are using an external RADIUS server which has been configured in ACS, so how do i make ASA to send the requests to ACS server?
Any help on this would be really grateful to me.
Thanks and Regards,
Rahul.Thanks Ajay,
As you said nothing needs to be done on ASA side, if we are using an external user database for authentication.
Im a newbie to ACS and this is the first time i'm trying to perform a two factor authenticaton in Cisco ACS using external user database.
By two factor authentication i mean, username + password serves as first factor (validated by RADIUS server), username + security code (validated by RADIUS server) serves as second factor.So, during user authentication i enter only username in username field and in "password" field i enter both "password + security code". Our RADIUS server has already been configured with AD as user store, so we dont have to specify AD details in ACS. I have done the following in ACS to perform this two factor authentication.
-> In external user databases, i have added a external RADIUS token server.
-> In unknown user policy , i have added the external data base that i configured in ACS into the selected databases list.
-> under network configuration, i have added the Cisco ASA as AAA client (authenticate using RADIUS (Cisco VPN 3000/ASA/PIX 7.x+)).
Just to check whether user authentication is successful, i launched the ACS webVPN using https://IP:2002, it asked me to enter username and password. So, i entered username and in password field i entered "password + security code". But, the page throws an error saying "login failed...Try again".I cant find any logs in external RADIUS server.
Here is what i found in "Failed attempts" logs under Reports and activities.
Date,Time,Message-Type,User-Name,Group-Name,Caller-ID,Network Access Profile Name,Authen-Failure-Code,Author-Failure-Code,Author-Data,NAS-Port,NAS-IP-Address,Filter Information,PEAP/EAP-FAST-Clear-Name,EAP Type,EAP Type Name,Reason,Access Device,Network Device Group
02/28/2012,00:31:52,Unknown NAS,,,,(Unknown),,,,,10.204.124.71,,,,,,,
02/28/2012,00:41:33,Unknown NAS,,,,(Unknown),,,,,10.204.124.71,,,,,,,
02/28/2012,00:42:18,Unknown NAS,,,,(Unknown),,,,,10.204.124.71,,,,,,,
Filtering is not applied.
Date
Time
Message-Type
User-Name
Group-Name
Caller-ID
Network Access Profile Name
Authen-Failure-Code
Author-Failure-Code
Author-Data
NAS-Port
NAS-IP-Address
Filter Information
PEAP/EAP-FAST-Clear-Name
EAP Type
EAP Type Name
Reason
Access Device
Network Device Group
02/28/2012
00:42:18
Unknown NAS
(Unknown)
10.204.124.71
02/28/2012
00:41:33
Unknown NAS
(Unknown)
10.204.124.71
02/28/2012
00:31:52
Unknown NAS
Am i missing any thing in configuration side with respect to ACS?
Thanks -
User Authentication for subfolder not working in Web Browser
We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
One of the functionalities of the Application is to send emails with attachments.
The logic is that the Application would generate the attachment file on the Application Server.
Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
Exchange and Relay Server is also set in the Application.
The problem is that the folder containing the folder which stores the attachments is having user authentication set.
Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
Alias created in httpd.conf
Alias /int-dir/ "/apps/interface/"
The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
Application Server : 10.12.213.21
Database Server : 10.12.213.22
Email Server : 10.12.213.44
Configuration as per httpd.conf
Alias /int-dir/ "/apps/interface/"
<Location /int-dir/>
AuthName "Interface folder"
AuthType Basic
AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
require user scott
</Location>
<Location /int-dir/email>
Options Indexes Multiviews IncludesNoExec
Order deny,allow
Deny from all
Allow from 10.12.213.21
Allow from 10.12.213.22
Allow from 10.12.213.44
</Location>
Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
However if we use the following URL :
http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
Please help me if you can.
Thanking you in advance,
GLad to give any more information that i can.
dxbrockyThanks for your response. I fixed the problem by selecting "full site" or "full website" at bottom of the web page. After making this selection the zoom function returned. Thanks again for your interest.
-
OAM SSO integration question:How can I get a user identity from ObSSOCookie
We are building an OAM SSO solution. The App server is both on OAS and WLS. My question is that, after I get the ObSSOCookie from httprequest.
I need to verify whether the ObSSOCookie is a valid one, and I also need to get user identity from the cookie and pass it to login module to populate user principal
Of course, one way of doing that is to install access manager SDK and go from there. But we support multiple OS, it's a pain to add Access manager SDK to different installer for different OS.
I am trying to use IdentityXML Functions which is a SOAP based webservice so that I don't need to worry about the OS platform. But I can't find a webService which returns user identity based on a valid ObSSOCookie. It seems that I can invoke webService with valide ObSSOCookie, but there is no way to get the user identity back. Am I missing something?
Hope someone can help me out.
Thanks.
-WeiOk. Sounds like you are a vendor trying to play well in an SSO environment.
Here is what I tell OAM customers when they are evaluating software to see if it will cooperate with a system like OAM.
Can the software's native authentication scheme be explicitly turned off (usually a configuration in a file)?
Can the software be configured to accept a token of identity in the form of a Cookie or HeaderVar (also configurable in a file)?
If the answer to both is yes, then the system is capable of 'third party trust' for authentication.
From your perspective, your logic for login should be something like:
Is my native authN turned off?
If yes, can I find the cookie or header that I should be looking for?
If yes, take the value and proceed to create user session for this identity per usual (except that you never evaluated the authN - you trust that it was done).
If no, present the native AuthN scheme anyway.
If you follow this pattern, you are in the good company of folks like PeopleSoft and Plumtree who had these types of integrations working long ago.
Yes, there are other ways to do this but, in my humble opinion, this remains the most stable and effective pattern we see.
What you ask for as the identity token value is up to you. It is often the login ID value that you would have used in your own authN procedure. There's nothing particularly sensitive about having a webgate set headers - they are only available to the server and not to the client. Cookie of course could be seen but can't be spoofed as the webgate has the final word on it's content.
Mark
Maybe you are looking for
-
Can you compose songs in garageband?
I have used Garageband on the iPad. On that you can actually create your own original songs, create tracks with chords very easily to back the song. But there does't seem to be any way to play chords easily on the Mac version, doesn't have preset rhy
-
Image Preview in Sharepoint 2013 Online Search Results
Hi i am using Sharepoint 2013 online Office 365. In my search page i can view the preview from picture library. But when i am searching document library i can only see the preview of pdf, excel, word etc... not image. Why image file not previewing f
-
Hello Everyone, I am trying to create a outbound delivery against a PO and in the material master the item category group was SERV and I changed that NORM. when I am trying to outbound delivery the error message that I receive is No item category exi
-
Output Changes with respect to change in decimal places in currency
Dear All, We had a requirement to implement 3 and 4 decimal prices in USD and GBP respectively. As per SAP recommendation we created new currencies USD3 and GBP4 and configured other stuffs. Now we are able to enter prices in 3/4 decimals. However th
-
Hello Everybody... Could anyone tell me the prerequisites for the transaction F-04. I have different BDC flow patterns for the same with me and wanted to actually implement the same. Thanks and Regards Manish