Proxy authentication services down
Hi,
Recently installed a new server into the tree and implemented NMAS for the
first time for the purposes of universal password access for CIFS to this
new server.
I now notice that our BM 3.8 (pre-existing) server is outputing this error
on console:
"NMAS launch failed, proxy authentication services down"
Not sure why this is occuring. Any suggestions are much appreciated.
Thanks
In article <hxdPi.11362$[email protected]>, David wrote:
> Just found the fix to this in another post. LPO needed an NDS login
> sequence :)
>
In case others are looking here...
This error can also come up if the BMgr server cannot access the
security container, due to replica/server placement. However, it
doesn't mean proxy won't work (unless you have proxy configured to
require NMAS access).
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***
Similar Messages
-
Proxy Authentication Error in Web Service with SAAJ on Weblogic 9.2 MP3
Hi,
I have encountered a problem with proxy authentication in SAAJ web service (WS) calls on Weblogic 9.2 MP3.
My WS client (which uses SAAJ's SOAP classes) should use a proxy that requires authentication to call the external web services.
However, it does not perform the authentication and receives HTTP Error 407 - Unauthorized.
The reason seems to be that Weblogic's Http Handler (weblogic.net.http.Handler) ignores the proxy authentication.
I was able to work around it by setting sun's http handler explicitly in the WS endpoint URL. Sun's handler (sun.net.www.protocol.http.Handler) makes use of the Authenticator class I provided.
1. Please see my code below and let me know if this is the only solution or if I'm doing something wrong. While testing on Tomcat I did not have to set the handler.
2. I have seen that there are also System properties for http.proxyUser and http.proxyPasword, however if I use these and ommit setting the SimpleAuthenticator, it also fails (with either handler!). An explanation of that is welcome.
Thanks in advance.
Code:
===========================================================
System.setProperty("http.proxySet", "true");
System.setProperty("http.proxyHost", "localhost");
System.setProperty("http.proxyPort", "808");
//System.setProperty("http.proxyUser", "myuser");
//System.setProperty("http.proxyPassword", "mypw");
Authenticator.setDefault(new SimpleAuthenticator("myuser", "mypw"));
String urlString = "http://someurl:8080/webservice..";
URL endpoint1 = new URL(urlString);
URL endpoint2 = new URL(null, urlString, new sun.net.www.protocol.http.Handler());
SOAPConnectionFactory soapfactory = SOAPConnectionFactory.newInstance();
SOAPConnection connection = soapfactory.createConnection();
connection.call(message, endpoint1); // Gives Exception with HTTP Error 407
connection.call(message, endpoint2); // Works and uses the proxy
For reference:
===========================================================
public class SimpleAuthenticator extends Authenticator {
private String username, password;
public SimpleAuthenticator(String username, String password) {
this.username = username;
this.password = password;
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(username, password.toCharArray());
}Sorry for the 3 posts.
Administrator, delete this thread please!! -
Hi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
ThanksHi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
Thanks -
Calling external web service - Proxy Authentication error
Using Developer 10.1.3.3 and following OTN example http://www.oracle.com/technology/products/forms/htdocs/10gr2/howto/webservicefromforms/ws_10_1_3_from_forms.html.
I have followed the above example and am trying to test the SendServiceSoapClient.java in JDeveloper. The class compiles ok but when I run it I receive the following error in the log window :
HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required
As I was able to create the proxy with no problems, the proxy settings in Tools->Preferences are valid. I don't understand at what point it is failing as I am able to access the wsdl in the example from JDeveloper. I have checked the system settings for the proxy (username/pwd/host etc) at run time and they are as expected.
Can anyone make any suggestions? I have had my user details checked on our proxy server and it is not blocked from performing any actions. Is the message indicating I am being blocked from accessing the service from the suppliers end?I have a solution for the problem I encountered.
My collegues who look after the proxy server and network first tried to bypass authentication for the web site www.esendex.com (where the service resides). The same error occurred when trying to call the service.
They then set up a route on the network to send the request straight to www.esendex.com and a rule on the firewall to allow the request 'out'. This has done the trick and the request passes through!
Unfortunately, I am not much clearer as to why our proxy server is configured to block this message type and how come it can't be changed! Hey ho, I have a solution for now! -
ASA - cut through proxy authentication for RDP?
I know how to set this up on a router (dynamic access-list - lock and key)... But, I'm having trouble understanding how to setup OUTSIDE to INSIDE cut through proxy authentication for RDP.
OUTSIDE to INSIDE RDP is currently working.
I have 2 servers I want RDP open for..
[*]OUTSIDE 1.1.1.1 to INSIDE 10.10.70.100
[*]OUTSIDE 1.1.1.2 to INSIDE 10.10.50.200
What's required for OUTSIDE users to authenticate on the ASA before allowing port 3389 opens? I was hoping for is a way to SSH into this ASA, login with a special user, then have the ASA add a dynamic ACE on the OUTSISE interface to open 3389 for a designated time limit. Is this possible?
Here is my current config.
[code]
ASA Version 8.2(5)
hostname ASA5505
names
name 10.10.0.0 LANTraffic
name 10.10.30.0 SALES
name 10.10.40.0 FoodServices
name 10.10.99.0 Management
name 10.10.20.0 Office
name 10.10.80.0 Printshop
name 10.10.60.0 Regional
name 10.10.70.0 Servers
name 10.10.50.0 ShoreTel
name 10.10.100.0 Surveillance
name 10.10.90.0 Wireless
interface Ethernet0/0
description TO INTERNET
switchport access vlan 11
interface Ethernet0/1
description TO INSIDE 3560X
switchport access vlan 10
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
shutdown
interface Vlan1
no nameif
security-level 50
no ip address
interface Vlan10
description Cisco 3560x
nameif INSIDE
security-level 100
ip address 10.10.1.1 255.255.255.252
interface Vlan11
description Internet Interface
nameif OUTSIDE
security-level 0
ip address 1.1.1.1 255.255.255.224
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup OUTSIDE
dns server-group DefaultDNS
name-server 8.8.8.8
name-server 4.2.2.2
domain-name test.local
access-list RDP-INBOUND extended permit tcp any host 1.1.1.1 eq 3389
access-list RDP-INBOUND extended permit tcp any host 1.1.1.2 eq 3389
pager lines 24
logging enable
logging timestamp
logging trap warnings
logging device-id hostname
logging host INSIDE 10.10.70.100
mtu INSIDE 1500
mtu OUTSIDE 1500
ip verify reverse-path interface OUTSIDE
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-645.bin
no asdm history enable
arp timeout 14400
global (OUTSIDE) 1 interface
nat (INSIDE) 1 LANTraffic 255.255.0.0
static (INSIDE,OUTSIDE) tcp interface 3389 10.10.70.100 3389 netmask 255.255.255.255
static (INSIDE,OUTSIDE) tcp 1.1.1.2 3389 10.10.50.200 3389 netmask 255.255.255.255
access-group RDP-INBOUND in interface OUTSIDE
route OUTSIDE 0.0.0.0 0.0.0.0 1.1.1.1 1
route INSIDE LANTraffic 255.255.0.0 10.10.1.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http Management 255.255.255.0 INSIDE
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 10.10.70.100 255.255.255.255 INSIDE
ssh Management 255.255.255.0 INSIDE
ssh 0.0.0.0 0.0.0.0 OUTSIDE
ssh timeout 5
ssh version 2
console timeout 0
threat-detection basic-threat
threat-detection scanning-threat shun
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
webvpn
username scott password CNjeKgq88PLZXETE encrypted privilege 15
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:1e9d278ce656f22829809f4c46b04a07
: end
[/code]You're running ASA 8.2(5). In 8.4(2) Cisco added support for what they call Identity Firewall rules. That is, you can make access-lists entries specific to users (or object groups containing users).
There's an overview document on this posted here. It's a bit dated but I believe the only change is that Cisco is now preferring use of the more current Context Directory Agent (CDA) - a free VM they provide - vs. the deprecated AD agent (software service that runs on your DC). -
Safari, Proxy Authentication, and Certificate Authorities ( for https )
A recent update to Safari has caused it to not work with our proxy authentication. It will not provide authentication details when looking up SSL certificate authorities, causing certificate errors on all https:// websites. All other traffic (http, https if certificate is bypassed, plugins, etc.) seem to work just fine. Is anyone else having this problem? If so, is there a fix?
It occurs on Mac and PC. I am using SquidGuard with NTLM authentication. All other browsers on our system (IE x.x, FireFox, Chrome, Opera ) don't have this issue.I have the same problem and it's frustrating as can be.
What happens to me is that When I bring my laptop to work, and put it on the work network and launch Safari, Safari informs me that each of my plugins is invalid and then uninstalls them - I'm effectively not able to use any plug ins at work, and I have to go hunt them down when I get back home (for reference, The extensions are still physically in \users\me\Library\Safari\Extensions - so when I get home I can just double click on all of them)
I opened a case with apple and I encourage you to do the same. Perhaps if enough users complain they will find a gentler way to work with it.
They had me do a capture and after analyzing it said it was an issue with the work network and not being able to valdate the extensions.
It sounds like the same issue you have - as my work network uses a proxy as well.
The rep suggested that I use a different browser at work, but I'm so used to clicking safari, that I do it out of habit.
I really like Safari, and hope they get it fixed - Safari may not get respect in the windows world, but it's really a great browser - especially on a laptop where screen real estate is limited (where I often hit command-shift-\ to hide the address bar to see more of the page)
-Jack -
Webservice Proxy authentication
Hi,
My system is behind a firewall... and am tryin to access google webservice.. I went to services -> Applications.-> and set the proxy host and port .
For proxy basic authentication i had entered the password..
For username i gave domainname\username..I restarted the server after this ,!
I am getting this error
Error : nullcom.sap.engine.services.webservices.jaxm.soap.accessor.NestedSOAPException: Problem in server response: [Proxy authentication required].
(Hey ppl .. any suggestions ! )
Regards
Bharathwaj
Message was edited by: Bharathwaj RHello,
because you say that your Account is domainname\username I think that the Proxy is a Microsoft ISA Server. So I also think that the server uses NTLM authentication. I think you should ask the ISA Administrator to provide unrestricted Access to the Internet for the IP of the Portal server without authentication.
Regards
Gregor -
Invoking secure proxy from service callout or route actions in OSB
Secure proxy is the one which uses WS-Security Username token for authentication before request is processed. Is there any way we can call secure proxy from non-secure proxy. While calling secure-proxy (during service callout or route), I assume header and body will be passed to the secure proxy before secure proxy verifies the user from wsse:security element. While calling secure proxy, I am receiving an error that "General outbound security error. BEA-386400". Is any example that you can show of calling secure-proxy from service callout or route actions
I am preparing the following header in non-secure proxy message flow diagram before invoking secure proxy.
<soap-env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Timestamp>
<wsu:Created>2012-03-31T18:34:53.081-05:00</wsu:Created>
<wsu:Expires>2012-04-25T23:34:53.081-05:00</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>Testuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testpassword</wsse:Password>
<wsse:Nonce>7hoJIy00p+hwk/QiWpxT+Ndpr+4=</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/></wsse:UsernameToken>
</wsse:Security>
</soap-env:Header>Go back to
compare Routing action versus Service Callout action versus Publish action? -
Toplink Proxy Authentication with 10.1.3 problem
Hi,
I'm are using Toplink Proxy Authentication in a JSF application with SessionFacade pattern and have implemented a preLogin() method of oracle.itech.pil.utils.PILSessionEventManager (which implements SessionEventListener) as described in
http://www.oracle.com/technology/products/ias/toplink/doc/1013/main/_html/dblgcfg008.htm. Due to Class Loader problem while loading of SessionEventManager, I'm explicitly loading the Class by doing this:
try {
Thread.currentThread().getContextClassLoader().loadClass("oracle.itech.pil.utils.PILSessionEventManager");
catch(Exception exp) {
System.out.println("Exception while loading class oracle.itech.pil.utils.PILSessionEventManager "+exp.toString());
The SessionEventManager is loaded by doing this:
session.getEventManager().addListener(new PILSessionEventManager());
(Encountered while using <event-listener-class>oracle.itech.pil.events.PILSessionEventManager</event-listener-class> in sessions.xml file, so removed and added the same using session.getEventManager().addListener(new PILSessionEventManager()) )
But now, I'm encountering ClassCastException during the login to my application
The below pasted exception (oracle.oc4j.rmi.OracleRemoteException: java.lang.ClassCastException: oracle.itech.pil.utils.PILSessionEventManager) is coming when invoking line (Login)session.readObject(oracle.itech.pil.model.Login.class, expression);
Code :
XMLSessionConfigLoader xmlLoader =
new XMLSessionConfigLoader("META-INF/sessions.xml");
SessionManager sessionMgr = SessionManager.getManager();
DatabaseSession session =
(DatabaseSession)sessionMgr.getSession(xmlLoader, "serverSession",
SessionFacadeEJBBean.class.getClassLoader());
// Set Listener through Java code
//session.getEventManager().addListener(new PILSessionEventManager());
new PILSessionEventManager();
System.out.println("I am at getLoginDetails after the listner...>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>");
Login login = null;
LoggedInBB loggedIn = null;
ExpressionBuilder builder = new ExpressionBuilder();
Expression expression = null;
// If username is not null
System.out.println("The _uname is "+_uname);
if (_uname != null) {
expression = builder.get("uname").equalsIgnoreCase(_uname).and(builder.get("empno").equalsIgnoreCase(_empNo));
if (expression != null) {
System.out.println("expression != null >>>>>>>>>>>>>>");
//login = (Login)session.readObject(oracle.itech.pil.model.Login.class, expression);
login =(oracle.itech.pil.model.Login) (session.readAllObjects(oracle.itech.pil.model.Login.class, expression)).get(0);
System.out.println("Login Object is "+login);
Exception:
[TopLink Info]: 2006.05.02 05:04:18.703--ServerSession(21707422)--TopLink, version: Oracle TopLink - 10g Release 3 (10.1.3.0.0) (Build 060118)
[TopLink Info]: 2006.05.02 05:04:22.619--ServerSession(21707422)--serverSession login successful
06/05/02 17:04:22 I am at getLoginDetails after the listner............>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
06/05/02 17:04:22 The _uname is admin
06/05/02 17:04:22 expression != null >>>>>>>>>>>>>>
[TopLink Warning]: 2006.05.02 05:04:22.639--ServerSession(21707422)--java.lang.ClassCastException: oracle.itech.pil.utils.PILSessionEventManager
oracle.oc4j.rmi.OracleRemoteException: java.lang.ClassCastException: oracle.itech.pil.utils.PILSessionEventManager
at com.evermind.server.ejb.EJBUtils.getUserException(EJBUtils.java:333)
at com.evermind.server.ejb.interceptor.system.AbstractTxInterceptor.convertAndHandleMethodException(AbstractTxInterceptor.java:69)
at com.evermind.server.ejb.interceptor.system.TxSupportsInterceptor.invoke(TxSupportsInterceptor.java:39)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:86)
at SessionFacadeEJB_StatelessSessionBeanWrapper2.getLoginDetails(SessionFacadeEJB_StatelessSessionBeanWrapper2.java:172)
at oracle.itech.pil.backing.LoginBB.LoginButton_action(LoginBB.java:182)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:126)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
at oracle.adf.view.faces.component.UIXCommand.broadcast(UIXCommand.java:211)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:267)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:381)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:75)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:90)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._invokeDoFilter(AdfFacesFilterImpl.java:367)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._doFilterImpl(AdfFacesFilterImpl.java:336)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl.doFilter(AdfFacesFilterImpl.java:196)
at oracle.adf.view.faces.webapp.AdfFacesFilter.doFilter(AdfFacesFilter.java:87)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)
at oracle.itech.pil.utils.PILFilter.doFilter(PILFilter.java:124)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:627)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:376)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:870)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:451)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:299)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:187)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
Nested exception is:
java.lang.ClassCastException: oracle.itech.pil.utils.PILSessionEventManager
at oracle.toplink.sessions.SessionEventManager.preExecuteQuery(SessionEventManager.java:508)
at oracle.toplink.publicinterface.Session.executeQuery(Session.java:976)
at oracle.toplink.publicinterface.Session.executeQuery(Session.java:938)
at oracle.toplink.publicinterface.Session.readAllObjects(Session.java:2458)
at oracle.itech.pil.ejb.SessionFacadeEJBBean.getLoginDetails(SessionFacadeEJBBean.java:399)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.interceptor.system.TxSupportsInterceptor.invoke(TxSupportsInterceptor.java:37)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
at com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:69)
at com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:86)
at SessionFacadeEJB_StatelessSessionBeanWrapper2.getLoginDetails(SessionFacadeEJB_StatelessSessionBeanWrapper2.java:172)
at oracle.itech.pil.backing.LoginBB.LoginButton_action(LoginBB.java:182)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:126)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
at oracle.adf.view.faces.component.UIXCommand.broadcast(UIXCommand.java:211)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:267)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:381)
at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:75)
at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:90)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:197)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._invokeDoFilter(AdfFacesFilterImpl.java:367)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._doFilterImpl(AdfFacesFilterImpl.java:336)
at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl.doFilter(AdfFacesFilterImpl.java:196)
at oracle.adf.view.faces.webapp.AdfFacesFilter.doFilter(AdfFacesFilter.java:87)
at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)
at oracle.itech.pil.utils.PILFilter.doFilter(PILFilter.java:124)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:627)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:376)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:870)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:451)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:299)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:187)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
Any clue why this error, which i am facing since 10 days to complete my task
Thanks In Advance
PrashantJames, what Venkat and Prashant are trying to do is something like this...
1. If I connect to the DB using scott/tiger then in the preLogin method of the Toplink Session Listener class, the proxy user will connect using something like admin/welcome1 and in the database audit view, the name that shows up SHOULD BE that of admin and NOT of scott. This is called proxy authentication if it works fine.
We developed the above scenario but in the audit logs, we still see scott instead of admin as the user who connected.
2. This feature is available in the DB but our objective is to use it through TopLink
Also see Toplink Proxy Authentication Not Working
I hope I was able to explain the scenario clearly.
Any help will be appreciated
Regards,
Amit -
Proxy Authentication required(Acess denied)
I created simple java web service (java class with single method it takes two arguments) with SAOP messgae format as document/wrapped using JDeveloper 10.1.3.1.
I created one ESB project in ESB for this same application.
In ESB project i created one Routing service here i givven physical path of WSDL file.
And also i created one SOAP service here i given URL of WSDl file.
After that I register that web service in ESB.Registration was done successfully.
After that I log in to OC4J console, here i able to find my web service under webservices tab.
Now i tested this webservice ,but it is giving some exception proxy Authentication required(Acess denied).
this is Exception
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><faultcode>env:Server</faultcode><faultstring>oracle.tip.esb.server.common.exceptions.BusinessEventRetriableException: An unhandled exception has been thrown in the ESB system. The exception reported is: "oracle.tip.esb.server.common.exceptions.BusinessEventRetriableException: An unhandled exception has been thrown in the ESB system. The exception reported is: "org.collaxa.thirdparty.apache.wsif.WSIFException: exception on JaxRpc invoke: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required ( Access is denied. )
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeOperation(WSIFOperation_JaxRpc.java:1714)
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeRequestResponseOperation(WSIFOperation_JaxRpc.java:1460)
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.executeRequestResponseOperation(WSIFOperation_JaxRpc.java:1182)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.executeOperation(Unknown Source)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(Unknown Source)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(Unknown Source)
at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.nextService(Unknown Source)
at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.processBusinessEvent(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatchNonRoutingService(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(Unknown Source)
at oracle.tip.esb.server.dispatch.BusinessEvent.raise(Unknown Source)
at oracle.tip.esb.utils.EventUtils.raiseBusinessEvent(Unknown Source)
at oracle.tip.esb.server.service.EsbRouterSubscription.onBusinessEvent(Unknown Source)
at oracle.tip.esb.server.dispatch.EventDispatcher.executeSubscription(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.processSubscription(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.processSubscriptions(Unknown Source)
at oracle.tip.esb.server.dispatch.EventDispatcher.dispatchRoutingService(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(Unknown Source)
at oracle.tip.esb.server.dispatch.BusinessEvent.raise(Unknown Source)
at oracle.tip.esb.server.service.impl.soap.EventOracleSoapProvider.raiseEvent(Unknown Source)
at oracle.tip.esb.server.service.impl.soap.EventOracleSoapProvider.processMessage(Unknown Source)
at oracle.j2ee.ws.server.provider.ProviderProcessor.doEndpointProcessing(ProviderProcessor.java:869)
at oracle.j2ee.ws.server.WebServiceProcessor.invokeEndpointImplementation(WebServiceProcessor.java:349)
at oracle.j2ee.ws.server.provider.ProviderProcessor.doRequestProcessing(ProviderProcessor.java:460)
at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:114)
at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:96)
at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:177)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:711)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.executeOperation(Unknown Source)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(Unknown Source)
at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(Unknown Source)
at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.nextService(Unknown Source)
at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.processBusinessEvent(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatchNonRoutingService(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(Unknown Source)
at oracle.tip.esb.server.dispatch.BusinessEvent.raise(Unknown Source)
at oracle.tip.esb.utils.EventUtils.raiseBusinessEvent(Unknown Source)
at oracle.tip.esb.server.service.EsbRouterSubscription.onBusinessEvent(Unknown Source)
at oracle.tip.esb.server.dispatch.EventDispatcher.executeSubscription(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.processSubscription(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.processSubscriptions(Unknown Source)
at oracle.tip.esb.server.dispatch.EventDispatcher.dispatchRoutingService(Unknown Source)
at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(Unknown Source)
at oracle.tip.esb.server.dispatch.BusinessEvent.raise(Unknown Source)
at oracle.tip.esb.server.service.impl.soap.EventOracleSoapProvider.raiseEvent(Unknown Source)
at oracle.tip.esb.server.service.impl.soap.EventOracleSoapProvider.processMessage(Unknown Source)
at oracle.j2ee.ws.server.provider.ProviderProcessor.doEndpointProcessing(ProviderProcessor.java:869)
at oracle.j2ee.ws.server.WebServiceProcessor.invokeEndpointImplementation(WebServiceProcessor.java:349)
at oracle.j2ee.ws.server.provider.ProviderProcessor.doRequestProcessing(ProviderProcessor.java:460)
at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:114)
at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:96)
at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:177)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:711)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
Caused by: org.collaxa.thirdparty.apache.wsif.WSIFException: exception on JaxRpc invoke: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required ( Access is denied. )
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeOperation(WSIFOperation_JaxRpc.java:1714)
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeRequestResponseOperation(WSIFOperation_JaxRpc.java:1460)
at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.executeRequestResponseOperation(WSIFOperation_JaxRpc.java:1182)
... 39 more
</faultstring><faultactor></faultactor></env:Fault></env:Body></env:Envelope>
can any one help me in this case please.
Any help is highly appreciableI got the same issue : runs fine via web test, doesn't work via generated Jdevelopers proxy class. Both machines are within same local network. Tried setting uid/pwd same as oc4j admin crendentials - didn't work :
WARNING: Unable to connect to URL: http://10.75.0.122:8888/ws_1-context-root/WebService1SoapHttpPort due to java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required
java.rmi.RemoteException: ; nested exception is:
HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required
at ws_1.proxy.runtime.WebService1SoapHttp_Stub.echo(WebService1SoapHttp_Stub.java:94)
at ws_1.WebService1SoapHttpPortClient.echo(WebService1SoapHttpPortClient.java:45)
at ws_1.WebService1SoapHttpPortClient.main(WebService1SoapHttpPortClient.java:33)
Caused by: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 407 Proxy Authentication Required
at oracle.j2ee.ws.client.http.HttpClientTransport.invokeImpl(HttpClientTransport.java:172)
at oracle.j2ee.ws.client.http.HttpClientTransport.invoke(HttpClientTransport.java:148)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:175)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
at ws_1.proxy.runtime.WebService1SoapHttp_Stub.echo(WebService1SoapHttp_Stub.java:78)
Thank you!
V. -
Weblogic 8.1 Webservice Client Proxy Authentication not working
We have a desktop console based Weblogic webservices client application that uses client stubs to establish the connection and communicate with the server where the WSDL was hosted.
We are facing a problem in authenticating the Proxy user with valid credentials.
We are using the following code to set the system properties and Authenticator class to authenticate the proxy user.
//Code Segment #1
Code:
System.setProperty("http.proxyHost", proxyHost);System.setProperty("https.proxyHost", proxyHost);
System.setProperty("weblogic.webservice.transport.http.proxy.host",proxyHost);
System.setProperty("weblogic.webservice.transport.https.proxy.host",proxyHost);
System.setProperty("http.proxyPort", proxyPort);
System.setProperty("https.proxyPort", proxyPort);
System.setProperty("weblogic.webservice.transport.http.proxy.port",proxyPort);
System.setProperty("weblogic.webservice.transport.https.proxy.port",proxyPort);
//System.setProperty("http.proxyType", "basic");
//System.setProperty("https.proxyType", "basic");
//System.setProperty("http.proxy.auth.type" ,"ntlm"); //This is not showing any impact
System.setProperty("http.proxyUser", "bsil\\ashok.kumar");
System.setProperty("https.proxyUser", "bsil\\ashok.kumar");
System.setProperty("http.proxyPassword", " xyzddd");
System.setProperty("https.proxyPassword", "xyzddd");
Authenticator.setDefault(new MyAuthenticator());
//Inner class
public static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
String username = System.getProperty("http.proxyUser");
String password = System.getProperty("http.proxyPassword");
return new PasswordAuthentication(username, password.toCharArray());
We are using following code initialize the stubs (Which internally opens a connection to the given endpoint base URL)
//Code Segment #2
Code:
SessionService_Impl sessionService = new SessionService_Impl(getEndPointURL(SessionServicePort.class));
port = sessionService.getSessionServicePort();
return port;
Using above code it always throws the following exception:
Code:
weblogic.webservice.tools.wsdlp.WSDLParseException: Failed to retrieve WSDL from https://apiclienttest.intralinks.com:443/webservices51/SessionService?WSDL. Please check the URL and make sure that it is a valid XML file [java.io.IOException: Proxy authenticator failed: java.lang.ClassNotFoundException: ]
if i replace the above code (Code Segment #2) to as bellow with Code Segment #3 then its working as expected. But we have been told that the Code Segment #2 is required as shwon above for the Weblogic ClientTimeout seconds feature so we cant replace the Code Segment #2 with Code Segment #3 since we don?t want to miss the ClientTimeout seconds feature for the application.
//Code Segment #3
Code:
SessionService_Impl sessionService = new SessionService_Impl();
SessionServicePort sessionServicePort = sessionService.getSessionServicePort();
((SessionServicePort_Stub) sessionServicePort)._setProperty("javax.xml.rpc.service.endpoint.address", endPointBaseURL+"SessionService");
return sessionServicePort ;
why the Proxy authentication is failing with the Code Segment #2 and why it is passing in case of Code Segment #3
The endpoint base URL we are hitting is hosted on Weblogic server 9.0 (which is hosted at client side in US so it is behind our firewall).
Is some thing more do we need to do in Authenticator class???
Please help me if any one has worked on proxy server authenticator in java.We have a desktop console based Weblogic webservices client application that uses client stubs to establish the connection and communicate with the server where the WSDL was hosted.
We are facing a problem in authenticating the Proxy user with valid credentials.
We are using the following code to set the system properties and Authenticator class to authenticate the proxy user.
//Code Segment #1
Code:
System.setProperty("http.proxyHost", proxyHost);System.setProperty("https.proxyHost", proxyHost);
System.setProperty("weblogic.webservice.transport.http.proxy.host",proxyHost);
System.setProperty("weblogic.webservice.transport.https.proxy.host",proxyHost);
System.setProperty("http.proxyPort", proxyPort);
System.setProperty("https.proxyPort", proxyPort);
System.setProperty("weblogic.webservice.transport.http.proxy.port",proxyPort);
System.setProperty("weblogic.webservice.transport.https.proxy.port",proxyPort);
//System.setProperty("http.proxyType", "basic");
//System.setProperty("https.proxyType", "basic");
//System.setProperty("http.proxy.auth.type" ,"ntlm"); //This is not showing any impact
System.setProperty("http.proxyUser", "bsil\\ashok.kumar");
System.setProperty("https.proxyUser", "bsil\\ashok.kumar");
System.setProperty("http.proxyPassword", " xyzddd");
System.setProperty("https.proxyPassword", "xyzddd");
Authenticator.setDefault(new MyAuthenticator());
//Inner class
public static class MyAuthenticator extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
String username = System.getProperty("http.proxyUser");
String password = System.getProperty("http.proxyPassword");
return new PasswordAuthentication(username, password.toCharArray());
We are using following code initialize the stubs (Which internally opens a connection to the given endpoint base URL)
//Code Segment #2
Code:
SessionService_Impl sessionService = new SessionService_Impl(getEndPointURL(SessionServicePort.class));
port = sessionService.getSessionServicePort();
return port;
Using above code it always throws the following exception:
Code:
weblogic.webservice.tools.wsdlp.WSDLParseException: Failed to retrieve WSDL from https://apiclienttest.intralinks.com:443/webservices51/SessionService?WSDL. Please check the URL and make sure that it is a valid XML file [java.io.IOException: Proxy authenticator failed: java.lang.ClassNotFoundException: ]
if i replace the above code (Code Segment #2) to as bellow with Code Segment #3 then its working as expected. But we have been told that the Code Segment #2 is required as shwon above for the Weblogic ClientTimeout seconds feature so we cant replace the Code Segment #2 with Code Segment #3 since we don?t want to miss the ClientTimeout seconds feature for the application.
//Code Segment #3
Code:
SessionService_Impl sessionService = new SessionService_Impl();
SessionServicePort sessionServicePort = sessionService.getSessionServicePort();
((SessionServicePort_Stub) sessionServicePort)._setProperty("javax.xml.rpc.service.endpoint.address", endPointBaseURL+"SessionService");
return sessionServicePort ;
why the Proxy authentication is failing with the Code Segment #2 and why it is passing in case of Code Segment #3
The endpoint base URL we are hitting is hosted on Weblogic server 9.0 (which is hosted at client side in US so it is behind our firewall).
Is some thing more do we need to do in Authenticator class???
Please help me if any one has worked on proxy server authenticator in java. -
Invalid Response Code: (407) Proxy Authentication Required
Hi all,
I have created a EJB that will access an external webservice to receive data and will display it in a jsp. But when i call it, i get the folllowing error-
com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeExcpetion: Invalid Response Code: (407) Proxy
Authentication Required (The ISA Server requires authorization to fulfill the request. Access to the Web Proxy is denied)
I have already set the proxy user name and password in <i>visual admin</i> under <i>destinations</i> and also under <i>Web Services Container->Runtime->Settings</i>. Still i get this error. I checked a couple of threads here, that answer to my problem, but none helped! Am i missing something?
Thanks in advance,
SwarnaHi Swarna
What is the patch level that you are running on?
May be the "auth-scheme" element required by the HTTP specification is missing in the "Proxy-Authorization" HTTP header.
I think that the solution is there in the new support packages or the patch update.
Please check out the latest support packages and apply them.
This should solve your problem.
Regards
Sumit Jain
**Reward with points if useful -
IAS 9i, JAAS and Proxy Authentication
Hi
I'm trying to use proxy authentication for a web application hosted on IAS. The 'Oracle 9i Application Server Security guide' states that proxy authentication is supported using JDBC, but I can't find instructions on how to use this approach. Is this feature configurable, or it must be hand coded in the web application.
Ideally, I'd like to establish the lightweight session using the credentials used to perform a JAAS authentication.
I've seen an example for a similar situation linking JAAS authentication to VPDs setting up the application context for the database connection, but the example was tied to BC4J. I'd like to use a more general approach, for example to use this feature with BI Beans.
I think this is not an unusual setup, but I can't find clear instructions on how to make the pieces work together.
FernandoThanks,
Any additional recommendations are welcome. We plan to use forms and reports service with SSL. -
17:06:13 Synchronizer Version 14.0.6123
17:06:13 Synchronizing Mailbox '[email protected]'
17:06:13 Synchronizing Hierarchy
17:06:13 4 folder(s) added to online store
17:06:13 1 folder(s) updated in online store
17:06:13 Synchronizing local changes in folder 'Inbox'
17:06:13 Error synchronizing folder
17:06:13 [80041004-0-0-430]
17:06:13 Error with Send/Receive.
17:06:13 There was an error synchronizing your folder hierarchy. Error : 80041004.
17:06:13 Synchronizing server changes in folder 'Calendar'
17:06:13 Synchronizing server changes in folder 'Contacts'
17:06:13
17:06:13
*Request*
17:06:13 17:06:13:0590
17:06:13 POST
17:06:13 http://
17:06:13 contacts.msn.com
17:06:13 /ABService/ABService.asmx
17:06:13
17:06:13 <ABFindAll xmlns="http://www.msn.com/webservices/AddressBook"> <abId>00000000-0000-0000-0000-000000000000</abId><abView>Full</abView><deltasOnly>false</deltasOnly></ABFindAll>
17:06:13
*Response*
17:06:13 17:06:13:0870
17:06:13 HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
Via: 1.1 TMG
Proxy-Authenticate: Negotiate
Proxy-Authenticate: Kerberos
Proxy-Authenticate: NTLM
Connection: close
Proxy-Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 707
17:06:13
17:06:13
17:06:13
17:06:13 Error with Send/Receive.
17:06:13 There was an error synchronizing a contacts folder. Error : 80004005.
17:06:13 Synchronizing server changes in folder 'Drafts'
17:06:13 Synchronizing local changes in folder 'Inbox'
17:06:13 Error synchronizing folder
17:06:13 [80041004-0-0-430]
17:06:13 Synchronizing server changes in folder 'Sent Items'
17:06:13 Synchronizing server changes in folder 'Deleted Items'
17:06:13 Synchronizing server changes in folder 'Junk E-mail'
17:06:13 Done
17:06:13
17:06:13
*Request*
17:06:13 17:06:13:0870
17:06:13 POST
17:06:13 http://
17:06:13 mail.services.live.com
17:06:13 /DeltaSync_v2.0.0/Settings.aspx
17:06:13
17:06:13 <?xml version="1.0" encoding="utf-8"?><Settings xmlns="HMSETTINGS:"><ServiceSettings><SafetySchemaVersion>1</SafetySchemaVersion><SafetyLevelRules><GetVersion/></SafetyLevelRules><SafetyActions><GetVersion/></SafetyActions><Properties><Get/></Properties></ServiceSettings><AccountSettings><Get><Options/><Properties/></Get></AccountSettings></Settings>
17:06:13
*Response*
17:06:13 17:06:13:0870
17:06:13 HTTP/1.1 407 Proxy Authentication Required ( Forefront TMG requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
Via: 1.1 TMG
Proxy-Authenticate: Negotiate
Proxy-Authenticate: Kerberos
Proxy-Authenticate: NTLM
Connection: close
Proxy-Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 707
17:06:13
17:06:13Hi,
According to the log, it seems that TMG firewall denied the request and replied with an HTTP 407 response, indicating that proxy authentication was required. This was done because the Forefront TMG firewall did not have any access rules which would allow
the anonymous request. Please check if you have configured related access rules.
When did you recieve this log? Is there anyting wrong? Which authentication method you have used, Kerberos, NTLM or other?
It seems that each time a web proxy client requests a resource through a Forefront TMG firewall that requires NTLM authentication the client is actually denied twice during the transaction before being successfully authenticated and allowed access. When
the Forefront TMG firewall is configured to use Kerberos there is only a single denied request and HTTP 407 response and then contact a domain controller and obtain a Kerberos ticket to present to the TMG firewall to gain access to the resource.
If you configured the TMG clients with a certain proxy name, please make sure you typed the TMG's domain computer name only (not IP address nor alias).
Best regards,
Susie -
TopLink Proxy authentication issue
Hello all,
I tried to use proxy authentication for TopLink for connecting to a database via TopLink in a J2EE application deployed on an Oracle iAS 10.1.2. For doing that, I tried to follow the steps described in the TopLink documentation (http://www.oracle.com/technology/products/ias/toplink/doc/1013/main/_html/dblgcfg008.htm#BABDABCF) with the last scenario, "Server Session uses Proxy Connection".
According to the previously mentioned documentation, I created a session event handler for the preLoginEvent session event, the preLogin(SessionEvent event) method that I copied below.
The issue with this is that, when I try to run a TopLink query in a Java DAO class, I obtained some exceptions. There are two cases here:
1-If the code preLogin(SessionEvent event) is exactly as below, it seems that the queried views/tables cannot be seen. The exception obtained is:
Exception [TOPLINK-4002] (Oracle TopLink - 10g Release 3 (10.1.3.0.0) (Build 060118)): oracle.toplink.exceptions.DatabaseException
Internal Exception: java.sql.SQLException: ORA-00942: table or view does not exist
Error Code: 942
Call:SELECT count(*) FROM CIFHUB.SCQA_TEMPLATE
Query:DataReadQuery()
at oracle.toplink.exceptions.DatabaseException.sqlException(DatabaseException.java:290)
at oracle.toplink.internal.databaseaccess.DatabaseAccessor.basicExecuteCall(DatabaseAccessor.java:570)
at oracle.toplink.internal.databaseaccess.DatabaseAccessor.executeCall(DatabaseAccessor.java:442)
at oracle.toplink.threetier.ServerSession.executeCall(ServerSession.java:453)
at oracle.toplink.internal.queryframework.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:117)
at oracle.toplink.internal.queryframework.DatasourceCallQueryMechanism.executeCall(DatasourceCallQueryMechanism.java:103)
at oracle.toplink.internal.queryframework.DatasourceCallQueryMechanism.executeSelectCall(DatasourceCallQueryMechanism.java:174)
at oracle.toplink.internal.queryframework.DatasourceCallQueryMechanism.executeSelect(DatasourceCallQueryMechanism.java:156)
at oracle.toplink.queryframework.DataReadQuery.executeNonCursor(DataReadQuery.java:118)
at oracle.toplink.queryframework.DataReadQuery.executeDatabaseQuery(DataReadQuery.java:110)
at oracle.toplink.queryframework.DatabaseQuery.execute(DatabaseQuery.java:603)
at oracle.toplink.queryframework.DataReadQuery.execute(DataReadQuery.java:96)
at oracle.toplink.publicinterface.Session.internalExecuteQuery(Session.java:2062)
at oracle.toplink.publicinterface.Session.executeQuery(Session.java:981)
at oracle.toplink.publicinterface.Session.executeQuery(Session.java:938)
at oracle.toplink.publicinterface.Session.executeSelectingCall(Session.java:1027)
at oracle.service.infra.myservlet.ACSProxyTestServlet.callTopLinkQuery3(ACSProxyTestServlet.java:138)
at oracle.service.infra.myservlet.ACSProxyTestServlet.doGet(ACSProxyTestServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
at oracle.service.infra.servlets.SecurityFilter.doFilter(SecurityFilter.java:105)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:663)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:830)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:224)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:133)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
2 - If in the preLogin(SessionEvent event) code, the line login.setProperty("proxytype", Integer.toString(OracleConnection.PROXYTYPE_USER_NAME)); is uncommented, then another exception is obtained. In this case another exception is obtained: an Invalid User/Password exception is thrown. If I comment this line, the login is successfull, but I obtain the exception at section 1.
I have to tell you in both cases the parameters of the Data source are properly set. I tested the datasource in another servlet where I created directly the connection based on the same datasource taken from the application server's JNDI.
Do you have any hint or idea about this issue?
Thanks a lot in advance!
Regards,
Marinel
public void preLogin(SessionEvent event)
DatabaseLogin login = event.getSession().getLogin();
// Make sure that external connection pooling is used
login.setUsesExternalConnectionPooling(true);
// Custom code to get the connector
try
login.setConnector(new OracleJDBC10_1_0_2ProxyConnector("jdbc/acs_proxyDS"));
} catch (Exception ex)
ex.printStackTrace();
// End of custom code to get connector
// login.setProperty("proxytype", Integer.toString(OracleConnection.PROXYTYPE_USER_NAME));
login.setProperty(OracleConnection.PROXY_USER_NAME, "[email protected]");
login.setProperty(OracleConnection.PROXY_DISTINGUISHED_NAME, "cn=my_name,l=emea,dc=oracle,dc=com");
String[] roles = new String[1];
roles[0] = "Manager";
login.setProperty(OracleConnection.PROXY_ROLES, roles);
}Hi, I am also working on proxy authentication and am having the same problem as Marinel.
If I use a normal jdbc proxy connection, I can access the table just fine, and using a direct Toplink connection works fine.However, when i try and use proxy authentication via Toplink, i do not have permissions on the table.
From your last update,it seems that if I want to use DISTINGUISED NAME authentication, I should set "proxytype" to OracleConnection.PROXYTYPE_DISTINGUISHED_NAME, and set OracleConnection.PROXY_DISTINGUISHED_NAME to the full user distinguised name.
I have temporarily altered my preLogin Event as below to show these two scenarios, to access the table via normal jdbc proxy connection (and this part works), and then below that I try and set up the Toplink proxy session(which fails).
public void preLogin(SessionEvent event) {
DatabaseLogin login = event.getSession().getLogin();
// Make sure that external connection pooling is used
login.setUsesExternalConnectionPooling(true);
String urlThin =
"<jdbc_url>";
OracleDataSource ds;
OracleConnection oc = null;
try {
// Part 1 - Setup and access the PROXYDUMMY1 table using jdbc proxy sessions
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
ds = new OracleDataSource();
ds.setURL(urlThin);
Properties props = new java.util.Properties();
props.put(OracleConnection.PROXY_DISTINGUISHED_NAME,
"cn=firstname_lastname,l=emea,dc=oracle,dc=com"); props.put("proxytype",OracleConnection.PROXYTYPE_DISTINGUISHED_NAME);
ds.setUser("database_account");
ds.setPassword("database_password");
oc = (OracleConnection)ds.getConnection();
oc.openProxySession (OracleConnection.PROXYTYPE_DISTINGUISHED_NAME, props);
String sql= " SELECT COL1, COL2 FROM PROXYDUMMY1";
Statement stmt = oc.createStatement();
ResultSet rSet = stmt.executeQuery(sql);
System.out.println("==============User requested data=================");
while ( rSet.next() )
System.out.println(rSet.getString(1));
rSet.close();
stmt.close();
//Part 2 - set up the proxy session for use by Toplink
login.setConnector(new OracleJDBC10_1_0_2ProxyConnector(ds));
login.setProperties(props);
} catch (Exception e) {
System.out.println("Exception: ProxyConnection.getConnection: "+e.getMessage());
e.printStackTrace();
}
Maybe you are looking for
-
Hi! I have created a little test swf for my client and I have encountered a wierd problem because the loading percentage text field does not seem to function in IE 6 but the same file works fine when viewed in Firefox and Netscape. When I test the mo
-
(Xperia Ray) Can't install Apps after ICS update !
HI everyone. I bought mine (Xperia Ray) couple of days ago and updated It to ICS with the update service software. now I can't install any apps. when I click the install button (The picture) where It shows the permissions the app needs, nothing happ
-
Pass more parameter to the packaged function with REMAP_DATA in EXPDP
1) can we pass more than one parameter to the packaged function specified in REMAP_DATA during DATA pump export? 2) if yes to point#1 then, how can we pass rownum & some other columns value in the same record passed into the function?
-
Hi just asking as im a WRT54GS UK v4.0 router owner and have been since 2005 but as i ve been updating my NAS's firmware, Motherboard Bios etc, i thought time i look at router. i ve flashed it with the latest on Linksys UK site1.50.6 11/14/2005 but
-
Multiple Artwork When Adding To CD's
Hi, Hope someone can help. When I Import cd's and the artwork is not available from iTunes if I add the artwork (right click-get info and add my artwork to the album).Mutiple copy's of the artwork are in the window pane for each song. Is there a way