Performing User authentication with php server

How to perform user authentication and keep track of logged
in users ? I have the login form saved in one AIR page. I could do
an ajax request to authenticate the user. However, how to keep
track of the user after being logged in, so that when moving to
other pages, he doesn't need to login again ?

Hi,
Cookies work in an Adobe AIR HTML application. You can use
cookies to track your session.

Similar Messages

  • Error in authentication with ldap server with certificate

    Hi,
    i have a problem in authentication with ldap server with certificate.
    here i am using java API to authenticate.
    Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed.
    I issued the new certificate which is having the up to 5 years valid time.
    is java will authenticate up to one year only?
    Can any body help on this issue...
    Regards
    Ranga

    sorry i am gettting ythe same error
    javax.naming.CommunicationException: simple bind failed: servername:636 exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed]
    here when i am using the old certificate and changing the system date means i can get the authentication.
    can you tell where we can concentrate and solve the issue..
    where is the issue
    1. need to check with the ldap server only
    2. problem in java code only.
    thanks in advance

  • Howmany oracle user connect with oracle server.

    hi all
    howmany oracle user connect with oracle server.
    i want query for above sentance.

    Robert,
    This query will show us the username who are connect to a particular database. If OP wants that how many overall users are connected to his/her oracle server (which is having more than one db) then please tell us. Suppose 10 users are connected with db1 and 20 users are connected with db2.. like that.
    Regards
    Girish Sharma

  • Microsoft SQL Server 2012 Performance Dashboard compatible with windows server 2012?

    Is Microsoft SQL Server 2012 Performance Dashboard compatible with Windows Server 2012? I only see Windows Server 2008r2 as the most recent version in the System Requirements list. Thanks!

    Is Microsoft SQL Server 2012 Performance Dashboard compatible with Windows Server 2012? I only see Windows Server 2008r2 as the most recent version in the System Requirements list. Thanks!
    As per download documents supported windows versions are
    Windows 7, Windows Server 2008 R2, Windows Server 2008 Service Pack 2, Windows Vista Service Pack 2.
    I cannot see any mention of Windows server 2012 in system requirements
    See System Requirements 
    Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it
    My Technet Wiki Article
    MVP

  • ASA Remote Access Authentication with LDAP Server

    Thank you in advance for your help.
    I am configuring an ASA to authenticate with a ldap server for ipsec vpn access.  My customer has 3 networks that are to be accessed by remote users.  However they want to be able to say that one user can get to 2 of the networks and not the 3rd.  So basically they want control over what network behind the firewall each user can access.  This seems doable from my reading and I had planned to creating a group for each network that needs accessible and either do attribute maps to each group with a separate group created on the ldap server for authentication.  Basically a ldap group on the ldap server that will have the users name in the group in order for access.  I can restrict access via acl's or filtering to force my group to only be allowed access to a specific network.  Here is the problem I am having now.
    The ldap server has been created and seems to be working fine.  I have created my AAA groups and servers and I have done the ldap test with a test user vpntest and a password on the ldap server.  When I run the authentication test from the ADSM or command line I get a good authentication successful message.  So I configured a vpn client remotely and attempted to authenticate to this group and it says there is no user by that name.  Below is a paste of the debug.  The second part is when I did a successful test from the ASDM or CLI and it worked great.  The first part is when I attempted from the vpn client.  It all looks the same from the search criteria.  What am I missing here or does anyone more knowledgeable see anything that I am doing wrong.  Can this be done this way or should I try radius.  The customer was just adament about using ldap.
    extvpnasa5510#
    [243] Session Start
    [243] New request Session, context 0xd5713fe0, reqType = 1
    [243] Fiber started
    [243] Creating LDAP context with uri=ldaps://130.18.22.44:636
    [243] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
    [243] supportedLDAPVersion: value = 2
    [243] supportedLDAPVersion: value = 3
    [243] No Login DN configured for server 130.18.22.44
    [243] Binding as administrator
    [243] Performing Simple authentication for  to 130.18.22.44
    [243] LDAP Search:
            Base DN = [ou=employees,o=msues]
            Filter  = [uid=vpntest]
            Scope   = [SUBTREE]
    [243] User DN = [uid=vpntest,ou=employees,o=msues]
    [243] Talking to iPlanet server 130.18.22.44
    [243] No results returned for iPlanet global password policy
    [243] Fiber exit Tx=386 bytes Rx=414 bytes, status=-1
    [243] Session End
    extvpnasa5510#
    [244] Session Start
    [244] New request Session, context 0xd5713fe0, reqType = 1
    [244] Fiber started
    [244] Creating LDAP context with uri=ldaps://130.18.22.44:636
    [244] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
    [244] supportedLDAPVersion: value = 2
    [244] supportedLDAPVersion: value = 3
    [244] No Login DN configured for server 130.18.22.44
    [244] Binding as administrator
    [244] Performing Simple authentication for  to 130.18.22.44
    [244] LDAP Search:
            Base DN = [ou=employees,o=msues]
            Filter  = [uid=vpntest]
            Scope   = [SUBTREE]
    [244] User DN = [uid=vpntest,ou=employees,o=msues]
    [244] Talking to iPlanet server 130.18.22.44
    [244] Binding as user
    [244] Performing Simple authentication for vpntest to 130.18.22.44
    [244] Processing LDAP response for user vpntest
    [244] Authentication successful for vpntest to 130.18.22.44
    [244] Retrieved User Attributes:
    [244]   sn: value = test user
    [244]   givenName: value = vpn
    [244]   uid: value = vpntest
    [244]   cn: value = vpn test user
    [244]   objectClass: value = top
    [244]   objectClass: value = person
    [244]   objectClass: value = organizationalPerson
    [244]   objectClass: value = inetOrgPerson
    [244] Fiber exit Tx=284 bytes Rx=414 bytes, status=1
    [244] Session End

    Hi Larry,
    You can map AD group memberships to specific group policies on the ASA, you can find that configuration here:
    - http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html
    Let me know if further assistance is required!
    Please proceed to rate and mark as correct the helpful Post!
    David Castro,
    Regards,

  • User authentication with NT

    I am having a problem when trying to connect to an Oracle8i
    Enterprise Server running on a WinNT machine.
    When I connect from inside the server all works fine, Oracle
    looks for the user info in NT, and I can login without having to
    provide a username/password.
    But, when trying to do the same from some Win95 clients with
    have, all attempts fail, returning the error "ORA 12638:
    Credential retrieval failed".
    If I change the sqlnet.ora file in the clients, commenting out
    the line "SQLNET.AUTHENTICATION_SERVICES = (NTS)", I can login in
    the database form the clients, but only as users that are NOT in
    the NT user base (such as SYS or SYSTEM, which work fine without
    the (NTS) option ).
    Is this a configuration problem (I really don't think so) or a
    problem with authentication from a Win95 client in the NT domain
    (I think this is most probable)? Unfortunately, I don't have a NT
    4 Workstation around to test this issue...
    Thanks for any help! (And yes, I tried every step I could find in
    the documentation, and got no results...)
    null

    Notice the error:
    Login failed for user 'Domain\ReplicationUser'. Reason: Attempting to use an NT account name with SQL Server Authentication.
    When you setup your agent security, in the section "Connect to the Publisher and Distributor", you selected the option "Using the following SQL Server login", however, you entered a Windows login and password.
    You need to fix your agent security and specify "By impersonating the process account" if you plan on running under the context of the process account (Windows account), or, specify "Using the following SQL Server login" and enter a valid SQL login.
    Brandon Williams (blog |
    linkedin)

  • End-to-End user authentication with XI

    Dear community,
    we sit in a situation where the customer wants to have an end-to-end-authentication throughout an integration process.
    The setup is as follows: a dialog-user in a legacy system uses an application that triggers an integration process through XI into SAP ERP. The dialog-user in the legacy system must be used for authentication in XI as well as SAP ERP.
    To avoid having to re-create all users in XI and SAP ERP, ideally an LDAP instance would be used for authentication.
    Based on my knowledge, the above scenario is not possible with XI and there is a 2 year old thread discussing the same without any positive outcome:
    XI and user authentication VS R/3 systems
    Nevertheless I consider this requirement as a pretty standard one. Has there been any development in this area - or how have similar customer requirements been met ?
    Thanks a lot in advance !
    Jochen

    Hi Jochen,
    i've heard rumours saying that credential forwarding will be incorporated in the next XI release as it is a rather frequent requirement by customers and will make live much easier.
    Maybe you can get a statement through your clients SAP account representative on the release date and the planned feature.
    Regards
    Christine

  • Proxy User Authentication with SQL Developer

    Hello,
    I realized that there are 2 methods for configuring SQL Developer to user Proxy User Authentication.
    1) one-session method with Syntax:
    personaluser[appuser]
    2) two session-method with dialog "Proxy Connection"
    For me it is unclear, why anybody would want to use the two-session-method.
    a. you need username/password for both user acocunts (personaluser and appuser)
    b. it is unclear which operations in SQL Developer are using the personaluser account. It seems that the SQL Window is only using appuser account.
    What was the motivation to implement Two Session Method?
    Best regards,
    Martin

    I found the possibility that proxy authentication of both accounts can be enforced:
    SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
    I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
    Regards,
    Martin

  • Machine Authentication and User Authentication with ACS v5.1... how?

    Hi!
    I'm having trouble setting up Machine Authentication and User Authentication on ACS v5.1 using WinXP SP3 (or SP2) as supplicant.
    This is the goal:
    On wireless (preferably on wired too) networks, get the WinXP to machine authenticate against AD using certificates so the machine is possible to reach via for example ping, and it can also get GPO Updates.
    Then, when the user actually logs in, I need User Authentication, so we can run startup scripts, map the Home Directory and so on.
    I have set up a Windows Sertificate server, and the client (WinXP) are recieving both machine and user certificates just fine.
    I have also managed to set up so Machine Authenticaton works, by setting up a policy rule that checks on certificate only:
    "Certificate Dictionary:Common Name contains .admin.testdomain.lan"
    But to achieve that, I had to set EAP Type in WinXP to Smart Card or other Certificate, and then no PEAP authentication occurs, which I assume I need for User Authentication? Or is that possible by using Certificates too?
    I just don't know how to do this, so is there a detailed guide out there for this? I would assume that this is something that all administrators using wireless and WinXP would like to achieve.
    Thank you.

    Hello again.
    I found out how to do this now..
    What I needed to do was to add a new Certificate Authentication Profile that checks against Subject Alternative Name, because that was the only thing I could find that was the same in both user certificate and machine certificate.
    After adding that profile to the Identity Store Sequences, and making tthe appropriate rule in the policy, it works.
    You must also remember to change the AuthMode option in Windows XP Registry to "1".
    What I really wanted to do was to use the "Was Machine Authenticated" condition in the policies, but I have never gotten that conditon to work, unfortunately.
    That would have plugged a few security holes for me.

  • Web authentication with Radius server problem

    Hello,
    I'm having problem to web authenticate users via radius server for one WLC. Here is the outpu from WLC:
    *emWeb: Mar 26 14:17:31.537: 20:7d:xx:xx:d8:f0 Username entry (aaaaaa) created for mobile, length = 7
    *emWeb: Mar 26 14:17:31.537: 20:7d:xx:xx:d8:f0 Username entry (aaaaaa) created in mscb for mobile, length = 7
    *aaaQueueReader: Mar 26 14:17:31.537: Unable to find requested user entry for aaaaaa
    *aaaQueueReader: Mar 26 14:17:31.537: ReProcessAuthentication previous proto 8, next proto 1
    *aaaQueueReader: Mar 26 14:17:31.537: AuthenticationRequest: 0x1e08eb94
    *aaaQueueReader: Mar 26 14:17:31.538:   Callback.....................................0x10908d90
    *aaaQueueReader: Mar 26 14:17:31.538:   protocolType.................................0x00000001
    *aaaQueueReader: Mar 26 14:17:31.538:   proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *aaaQueueReader: Mar 26 14:17:31.538:   Packet contains 11 AVPs (not shown)
    *aaaQueueReader: Mar 26 14:17:31.538: apfVapRadiusInfoGet: WLAN(1) dynamic int attributes srcAddr:0x0, gw:0x0, mask:0x0, vlan:0, dpPort:0, srcPort:0
    *aaaQueueReader: Mar 26 14:17:31.538: 20:7d:xx:xx:d8:f0 Successful transmission of Authentication Packet (id 67) to 10.xx.33.249:1645, proxy state 20:7d:xx:xx:d8:f0-00:01
    *aaaQueueReader: Mar 26 14:17:31.538: 00000000: 01 43 00 8c 48 7c a7 ff  df 06 53 30 c0 be e1 8e  .C..H|....S0....
    *aaaQueueReader: Mar 26 14:17:31.538: 00000010: d7 fd 8b d3 01 09 73 65  66 72 73 76 65 02 12 7b  ......aaaaaa..{
    *aaaQueueReader: Mar 26 14:17:31.538: 00000020: ae 2e f5 eb fa cf f5 cc  3b 08 65 d7 04 0e ba 06  ........;.e.....
    *aaaQueueReader: Mar 26 14:17:31.538: 00000030: 06 00 00 00 01 04 06 0a  2e 09 14 05 06 00 00 00  ................
    *aaaQueueReader: Mar 26 14:17:31.538: 00000040: 0d 20 0d 73 65 76 73 74  2d 6c 77 63 31 30 3d 06  ...xxxxx-lwc10=.
    *aaaQueueReader: Mar 26 14:17:31.538: 00000050: 00 00 00 13 1a 0c 00 00  37 63 01 06 00 00 00 01  ........7c......
    *aaaQueueReader: Mar 26 14:17:31.538: 00000060: 1f 0e 31 39 32 2e 31 36  38 2e 31 2e 36 31 1e 0c  ..192.168.1.61..
    *aaaQueueReader: Mar 26 14:17:31.538: 00000070: 31 30 2e 34 36 2e 39 2e  32 30 50 12 95 11 7c d9  10.xx.9.20P...|.
    *aaaQueueReader: Mar 26 14:17:31.538: 00000080: 75 8e 01 6e bf 62 38 f8  38 ab 68 4a              u..n.b8.8.hJ
    *radiusTransportThread: Mar 26 14:17:31.603: 00000000: 03 43 00 14 e5 8c e7 75  52 04 af e0 07 b7 fb 96  .C.....uR.......
    *radiusTransportThread: Mar 26 14:17:31.603: 00000010: c1 4a fb 40                                       .J.@
    *radiusTransportThread: Mar 26 14:17:31.603: ****Enter processIncomingMessages: response code=3
    *radiusTransportThread: Mar 26 14:17:31.603: ****Enter processRadiusResponse: response code=3
    *radiusTransportThread: Mar 26 14:17:31.603: 20:7d:xx:xx:d8:f0 Access-Reject received from RADIUS server 10.xx.33.249 for mobile 20:7d:xx:xx:d8:f0 receiveId = 0
    *radiusTransportThread: Mar 26 14:17:31.603: ReProcessAuthentication previous proto 1, next proto 2
    *radiusTransportThread: Mar 26 14:17:31.603: AuthenticationRequest: 0x1da9fa4c
    *radiusTransportThread: Mar 26 14:17:31.603:    Callback.....................................0x10908d90
    *radiusTransportThread: Mar 26 14:17:31.603:    protocolType.................................0x00000002
    *radiusTransportThread: Mar 26 14:17:31.603:    proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *radiusTransportThread: Mar 26 14:17:31.603:    Packet contains 11 AVPs (not shown)
    *radiusTransportThread: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Returning AAA Error 'No Server' (-7) for mobile 20:7d:xx:xx:d8:f0
    *radiusTransportThread: Mar 26 14:17:31.605: AuthorizationResponse: 0x2dd03648
    *radiusTransportThread: Mar 26 14:17:31.605:    structureSize................................32
    *radiusTransportThread: Mar 26 14:17:31.605:    resultCode...................................-7
    *radiusTransportThread: Mar 26 14:17:31.605:    protocolUsed.................................0x00000002
    *radiusTransportThread: Mar 26 14:17:31.605:    proxyState...................................20:7D:xx:xx:D8:F0-00:00
    *radiusTransportThread: Mar 26 14:17:31.605:    Packet contains 0 AVPs:
    *emWeb: Mar 26 14:17:31.605: Authentication failed for aaaaaa
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Username entry deleted for mobile
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Plumbing web-auth redirect rule due to user logout
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 192.168.1.61 WEBAUTH_REQD (8) Deleting mobile policy rule 42461
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Adding Web RuleID 42464 for mobile 20:7d:xx:xx:d8:f0
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 Web Authentication failure for station
    *emWeb: Mar 26 14:17:31.605: 20:7d:xx:xx:d8:f0 192.168.1.61 WEBAUTH_REQD (8) Reached ERROR: from line 5069
    That was pretty clear for me that Radius is refusing to give user access.
    Fully-Qualified-User-Name = NMEA\aaaaaa
    NAS-IP-Address = 10.xx.9.20
    NAS-Identifier = xxxxx-lwc10
    Called-Station-Identifier = 10.xx.9.20
    Calling-Station-Identifier = 192.168.1.61
    Client-Friendly-Name = YYY10.xx
    Client-IP-Address = 10.xx.9.20
    NAS-Port-Type = Wireless - IEEE 802.11
    NAS-Port = 13
    Proxy-Policy-Name = Use Windows authentication forall users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = YYYYY Wireless Users
    Authentication-Type = PAP
    EAP-Type = <undetermined>
    Reason-Code = 66
    Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy
    That output is from WLC 5508 version 7.0.235
    What is strange, that user was able to authenticate from other before refresh WLC 4402 ver 4.2.207. I cannot change WLC because of AP which cannot run old version.
    this is output from working client connection from old WLC
    NAS-IP-Address = 10.xx.9.13
    NAS-Identifier = xxxxx-lwc03
    Client-Friendly-Name = YYY10.46
    Client-IP-Address = 10.xx.9.13
    Calling-Station-Identifier = 192.168.19.246
    NAS-Port-Type = <not present>
    NAS-Port = <not present>
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = <undetermined>
    Policy-Name = YYYYY Wireless Guest Access
    Authentication-Type = PAP
    EAP-Type = <undetermined>
    I know there is different Policy Name used, but my question is why it is not using the same as on old WLC when configuration is same.
    Is there any way I can force users to use different policy from WLC or AP configuration or is this solely configuration of Radius?
    Is it maybe problem of version 7.0.235?
    Any toughts would be much appriciated.

    Scott,
    You are probably right. The condition that is checked for the first policy name (we have 2) is to match
    NAS-Port-Type = Wireless - IEEE 802.11, and this is basically used to differentiate guests from other company users.
    as you can see from the logs the one that is working correctly is not sending NAS-Port-Type. The question is why.
    As I said before.
    WLC 5508 ver. 7.0.235 is sending NAS-Port-Type
    WLC 4402 ver. 4.2.207 is not.
    The same user was working OK on 4402 WLC and after refresh and associating APs to 5508 it all broke, so client did not changed anything on adapter.

  • Error "CONVT_NO_NUMBER" while performing user measurement with USMM

    Hi,
    While running user measurement with USMM I am getting following run
    time error.
    To be specific - After preselections in USMM->system measurement->while
    checking Green Check mark this error is screaming up.
    Ae per Note - 1230640 :- You call transaction USMM and want to cancel
    the user measurement using the cancel button (red 'X') on the dialog
    box of the user measurement. However, the measurement continues and is
    completed as if you had chosen the ok button (green check mark).
    Above note is applied if the problem comes if we check red button
    rather than green check mark.
    Please suggest us the best way to procees.
    ST22 details:-
    Runtime Errors CONVT_NO_NUMBER
    Exception CX_SY_CONVERSION_NO_NUMBER
    Date and Time 09/16/2008 07:42:32
    Short text
    Unable to interpret " 1,410 " as a number.
    What happened?
    Error in the ABAP Application Program
    The current ABAP program "RSUVM001" had to be terminated because
    it has
    come across a statement that unfortunately cannot be executed.
    What can you do?
    Note down which actions and inputs caused the error.
    To process the problem further, contact you SAP system
    administrator.
    Using Transaction ST22 for ABAP Dump Analysis, you can look
    at and manage termination messages, and you can also
    keep them for a long time.
    Error analysis
    An exception occurred that is explained in detail below.
    The exception, which is assigned to
    class 'CX_SY_CONVERSION_NO_NUMBER', was not
    caught and
    therefore caused a runtime error.
    How to correct the error
    Whole numbers are represented in ABAP as a sequence of numbers,
    possibly
    with an algebraic sign.
    The following are the possibilities for the representation of
    floating
    point numbers:
    [mantissa]E[algebraic sign][exponent]
    [whole number part].[fraction part]
    For example, -12E+34, +12E-34, 12E34, 12.34
    If the error occurred in your own ABAP program or in an SAP
    program you modified, try to remove the error.
    If the error occures in a non-modified SAP program, you may be able
    to
    find an interim solution in an SAP Note.
    If you have access to SAP Notes, carry out a search with the
    following
    keywords:
    "CONVT_NO_NUMBER" "CX_SY_CONVERSION_NO_NUMBER"
    "RSUVM001" or "RSUVM001"
    "START-OF-SELECTION"
    If you cannot solve the problem yourself and want to send an error
    notification to SAP, include the following information:
    1. The description of the current problem (short dump)
    Information on where terminated
    Termination occurred in the ABAP program "RSUVM001" - in "START-OF-
    SELECTION".
    The main program was "RSUVM001 ".
    In the source code you have the termination point in line 96
    of the (Include) program "RSUVM001".
    85 * Analyze the user records.
    86 CALL FUNCTION 'SAPGUI_PROGRESS_INDICATOR'
    87 EXPORTING
    88 text = 'Die Benutzerstammsätze werden analysiert.'(002).
    89 * PERFORM analyze_user_records.
    90
    91 CALL FUNCTION 'SLIM_USER_MEASUREMENET'
    92 CHANGING
    93 SLIM_TUREP = LT_TUREP.
    94 .
    95 LOOP AT LT_TUREP INTO LS_TUREP .
    >>>>> MOVE-CORRESPONDING LS_TUREP TO ITUREP.
    97 APPEND ITUREP.
    98 ENDLOOP.
    99
    100 * Submit Application measurements as batch jobs.
    101 * Save additional data about this analysis in the DB.
    102 * we need meas-no ,v-date at the batch
    any ideas?

    Hi Srikanth,
    The below Notes helps you to solve the issue.
    Please review the below Notes.
    Note 1117010 - Runtime error CONVT_NO_NUMBER in RSUVM001
    Note 1115924 - USMM composite SAP Note: Problems after importimg new SPs
    Thanks & Regards,
    Pradeep Srigiri

  • Machine and User authentication with ISE 1.2.1

    Hi ,
    Can any one tell me in machine authentication what access need to be enable DACL for machine logon?
    Can we enable the access on port level ? direct to tcp/udp or ip level what is the best practice.
    Thanks 
    Pranav

    is this what you are looking for EAP Chaining which uses a machine certificate or a machine username / password locked to the device through the Microsoft domain enrollment process. When the device boots, it is authenticated to the network using 802.1X. When the user logs onto the device, the session information from the machine authentication and the user credentials are sent up to the network as part of the same user authentication. The combination of the two indicates that the device belongs to the corporation and the user is an employee.
    http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise/design-zone-security/howto_80_eapchaining_deployment.pdf

  • Perimeter authentication with ISA server and AD

    Hi,
    We have a Microsoft ISA server that does all authentication at the perimeter. I'm trying to set up a WLS 10 that can inspect and pass on the authenticated Subject to the (SQLServer) database when performing searches.
    I have configured the environment according to the steps in [url  http://e-docs.bea.com/wls/docs100/secmanage/sso.html], and I have set up my security realm with an Active Directory Authentication provider and a Negotiate Identity Assertion provider. But soemthing is obviously not working, since I see no signs of the authenitcated subject in the server log, and Security.getCurrentSubject() returns an empty Subject. What am I doing wrong?
    Thanks
    Edited by tdirrenb at 04/18/2008 6:33 AM
    Edited by tdirrenb at 04/18/2008 6:34 AM

    Hi Vinod,
    Looks like this is a AAA issue. Moving this to AAA domain for faster response.
    thanks,
    Vinay

  • Proxy user authentication with BC4J

    On my webapp i have a connections pool and a MyApplicationModule.
    I can obtain a OracleConnection instace by overriding the method prepareSession()
    into the application module.
    I need to associate the OracleConnection with the ApplicationModule object to execute my queries with the application module and the proxy user.
    The application module is created by this code:
    appMod = (MyApplicationModule)Configuration.createRootApplicationModule("xx.xxx.MyApplicationModule", "MyApplicationModuleLocalTest1");
    The prepareSession ovverride is done by this code:
    protected void prepareSession(Session session) {
    Statement st = null;
    try {
    st = getDBTransaction().createPreparedStatement("rollback",0);
    OracleConnection oConn = (OracleConnection)st.getConnection();
    Properties props = new Properties();
    props.put("PROXY_USER_NAME", "USERTEST");
    oConn.openProxySession
    (OracleConnection.PROXYTYPE_USER_NAME,props);
    catch (SQLException s) {
    //ignore
    finally {
    if (st != null) {
    try {
    st.close();
    catch (SQLException s) { }
    super.prepareSession(session);
    Tanks and sorry for my poor english.

    I found the possibility that proxy authentication of both accounts can be enforced:
    SQL> alter user appuser grant connect through personaluser AUTHENTICATION REQUIRED;
    I guess that this is the motivation for implementing the 2-session proxy connection method in SQL Developer.
    Regards,
    Martin

  • Jump in users session with control Server 2008 R2/Windows 7 64 Environment

    For two hours I've searched and searched and can't find MY answer. My goal is to jump in and control workstations of my employees (a bunch of old farts that would blank out if they had to do anything to allow me to do this) without the use of VNCs or third
    party installs. I'm running Active Dir. This is what I've done WITH THE NETWORK FIREWALL OFF:
    installed the mmc Remote Desktop Services Manager
    at root level I can only see my sessions automatically
    I am remoted into Server 2008 R2 using this snap it to remote into Old Lady #1
    I'm a member of:
    --Administrators (for domain)
    --Domain Admins
    --Remote Desktop Users
    When I add a computer to the MMC I get: "The computer can't be reached..."
    Using GP, I pushed out a policy to the computers in that department the 2 firewall changes necessary
    --One about allowing remote access for administration
    --One about allowing remote desktop access
    ----I * the allowed computers until I figure this out, afterwards I will further restrict the "from" computers for security
    I'm inches from thinking that what I want can only be done with VNCs or third party apps. I manage beach houses for a living and don't have time to spend like this on helping my old fogies OR walking all over 2 floors to help someone because the printer
    is only printing black and white or "my mouse is too fast" or "how do find an email that I deleted"...
    Is it possible for me to be all mighty and powerful and take control of my Win7 workstations without them doing anything more than pressing OK when I just in there session?
    I don't like third party. I like everything Microsoft unless 100% unavoidable.
    Thanks,
    charlyRoot

    You should use Remote Assistance and configure GPO for unsolicited access:
    https://4sysops.com/archives/how-to-enable-unsolicited-remote-assistance-in-windows-7-8/
    The Remote Desktop Services Manager is made for RD Session Host servers http://technet.microsoft.com/en-us/library/cc732985.aspx

Maybe you are looking for

  • Can we decrease the datafile size in 8.1.7.4

    Hello All- I have created a sample db with table space with datafile size of 2 GB. I may be needing hundreds of mb only.It is eating up the space on unix box server. Is there any way I can decrease the size of the datafile attached to the tablespace

  • IOS 8, how to rip it apart, anyone? Please?

    How do I get rid of this piece of trash update? Not trying to offend whoever created IOS 8, but it is a piece of trash, i hate it, and its causing my iPad to no longer function properly, such as type lag, app lag, Internet lag( my wifi is good), free

  • How to delete Transaction Logs in SQL database

    Hi, Can any one explain me the process how to delete the transcation logs in SQL database. Thanks Sunil

  • Error when importing audio

    Hi I'm trying to import audio for a slide and as background, but the importing process seems to start and then I get a message saying "Unable to decode and import the selected WAV MP3 file. What could be the problem? Thanks

  • Where are the files for iMovie kept

    HI i I am having trouble locating the stored clips in iMovie...osx meaning i I have a lot of unused clips which I would love to delete... i Have watched countless videos on you tube of how to locate files... i Can some of the events ..created ..but n