Remoting security/authentication
Hi all CF developers,
I'm starting my journey with ColdFusion 9. I'm Flex developer and I would like to implement authorization mechanism for my Flex app in CF.
I'm interested in implementing user authentication, roles(authorization) and session management in Flex context, using remoting services.
Do you know any useful resources and/or examples?
Regards,
Adrian
Hi Zonski,
That sounds like a great idea. I have a similar setup with a current live application written in JavaFx (Script) 1.3 and Java, which will need to be converted across to the latest JavaFX (perhaps Visage) next year. Similar but not exactly the same. The application uses Spring remoting and also Spring Security, with XML for configuration. For the ORM Cayenne is used.
~ Chris
Similar Messages
-
I know there are loads of posts with same issue and most of them were related to proxy and connectivity .
This was case for me as well (few months back). Now the same error is back. But I've confirmed that FW ports and proxy are fine this time around.
server is configured on http port 80
ERROR
Sync failed: UssCommunicationError: WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid
according to the validation procedure.~~at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request). Source: Microsoft.SystemsManagementServer.SoftwareUpdatesManagement.WSyncAction.WSyncAction.SyncWSUS
I've checked proxy server connectivity. I'm able browse following site from WSUS server
http://catalog.update.microsoft.com/v7/site/Home.aspx?sku=wsus&version=3.2.7600.226&protocol=1.8
I did telnet proxy server on the particular port (8080) and that is also fine.
I've doubt on certificates, any idea which are the certificates which we need to look? And if certificate is expired then (my guess) we won't be able open the above mentioned windows update catalog site?
Any tips appreciated !
Anoop C Nair (My Blog www.AnoopCNair.com)
- Twitter @anoopmannur -
FaceBook Forum For SCCMHi Lawrence ! - Many thanks for looking into this thread and replying. Appreciate your help.
Your reply ("SSL is enabled/configured, and the certificate being used is invalid
(or the cert does not exist or cannot be obtained), or the SSL connection could not be established.") is very helpful.
I've already tested CONTENT DOWNLOAD and it's working fine. WSUS Sync was also working fine for years with proxy server configured on port (8080) and WSUS server on port 80.
My Guess (this is my best guess ;)) is this something to do with Firewall or Proxy side configuration rather than WSUS. However, I'm not finding a way to prove this to proxy/firewall team. From their perspective all the required port communication open and
proxy server is also reachable. More over we're able to access internet (Microsoft Update Catalog site) over same port (8080).
Any other hints where I can prove them it's a sure shot problem from their side.
Thanks again !!
Anoop C Nair (My Blog www.AnoopCNair.com)
- Twitter @anoopmannur -
FaceBook Forum For SCCM -
Acrobat Pro 9 SharePoint PDF Review Remote Service Authentication
I am using Adobe Acrobat Pro Extended 9.4.3 (as part of the Technical Communication Suite 2.5). I am hosting PDF reviews on our company SharePoint server. In the past, I haven't had any problems doing this.
However today I cannot connect, and a "Remote Service Authentication" dialog box (see below) appears everytime I try to connect to a PDF review. This is the same for both reviews I have started, or for reviews others have started. Also, I have full permissions for the SharePoint Document Library.
I entered my credentials, then clicked OK. The dialog box just reappears over... and over... and over.
It doesn't seem to matter which program the PDF documents were created with (same dialog for documents generated from MS Word and Framemaker). And a co-worker was able to connect without a problem and enter comments (of course, I can't see his comments since I cannot connect to the server). This leads me to believe that it is a problem on my machine.
Any ideas?Yes, I initiated the review. When I initiated the review, I saw a different dialog for entering my username and password. That took my credentials and uploaded the PDF to SharePoint.
I don't remember seeing RSA dialog (see the image I attached to the first post) when I created the review, only when I opened the PDF after the review was generated. At that point, I did select to save the credentials, but it didn't seem to save them (since everytime the dialog appears it is blank).
I had another one of our tech writers test it before sending it to the rest of the team, and he was able to access the review and put in test comments. He never saw the dialog. At that point, I looked at other reviews that I had initiated in the past, and was unable to add comments to those either (at least for the ones that didn't have a deadline). So I am pretty sure it is something that has changed on my system in the last few weeks. Perhaps a Microsoft Security update? -
How is this done? when the value of remote_os_authent is set to true, i assume the authentication is done on the client side, right? but no matter what kind of setup I do on init*.ora files on combination of client/server, i just get authentication failed error. Is there a faq or guide for remote os authentication? basically, i want to connect to server from designated client without having to check the password.
Thanks in advance..
(oracle 8.1.5.0.2 on RedHat 6.1)I am a little shocked. http://download.oracle.com/docs/cd/B28359_01/license.111/b28287.pdf page 1-8 only a portion of the features are an extra cost.
"PKI credentials and transparent data encryption master keys."
I take it PKI credentials aren't required to mimick what remote_os_authentication provided? -
Weblogic security authentication; question to interact with the realm
Hi, I have a quick question about weblogic security authentication....
We are using weblogic 81sp3. We have user-group info in an Novell eDirectory LDAP server.
Currently, a Novell Authenticator provider is configured under : Security > Realms > myRealm > Providers > Authentication This tells Weblogic from where to get the user and groups. Weblogic caches this information of the logged on users for certain time ( example : 60 secs ) after which it cleans the cache for all inactive users. We want to interact with the Weblogic cache. Add more user profile information to this cache and use it in our application .
Does somebody know how to programmatically interact with Weblogic user-group cache - read , write , update and delete user-group info in cache and control time to live for the cache ?already checked
TTLCache class which weblogic provides. But they seem to depracetd it
help ? -
Security Authentication in LDAP
Hi Chris/Raj/All,
We have one more generic issue. Please help us if possible.
I am connecting to LDAP Server(Microsoft ADS) from my weblogic workshop 8.1.We are using DirContext and InitialDirContext(java api) Through the java program I am able to connect to the port 389 by means of simple security authentication.
Our requirement is for SSL security authentication ie to connect ot port 636.
From our side we have done the following
1.We have installed the public certicate in the jre environment(lib/security in both the cacerts and jssecacerts)
2.We have also installed the cetificate in the ADS Server and enabled the SSL.
When we try to connect to port 636 with simple authentication we get Communication Exception
When we try to connect to port 636 with ssl authentication we get AuthenticationNotSupportedException
We also would like to know whether there is any Authentication Process like password encryption and so on.... to be followed.
Thanks & Regards,
Christoper.Hi Christoper,
Based on your description, this seems to be more of a security related question than a workshop one.
Please post to the security newsgroup at http://forums.bea.com/bea/category.jspa?categoryID=2011
with information on service pack installed
Thanks
Raj -
Flex mobile connect to remote secure server!!
Hi guys
I'm a beginner with flex mobile.
i'm trying to create an appllication flex mobile. and i have to connect to remote secured server (apache) to get some services deployed.
i did it and when i try with emulator from flash builderit's worked, a pop up window started to enter a login and password for connect to the remote server. it's okay, i get a result.
but now when i try this application with my mobile phone, application launched correctly but i can't connect to remte server ( i dont have anythig like a popup to enter the login and pssword).
i need your help.
thanksDid you ever figure this out? I'm having the same issue.
-
Simple Public and Private Security Authentication Authorisation
Simple question:
I have an application with public access (No Authentication)
I want to Authenticate just one administration page with a logon screen. What do I need to do?
Do I use Page Authentication or Page Authorization on the restricted page?
Please spell out the steps in clear detail.
Also what is the difference between Application Authentication and Application level Authorization. They seem identical in function to me.
regards
Paul PPaul - Building on what Jos said, you might have an application that used SSO for authentication and for which you wanted to block access to certain classes of users during certain time periods. For this, an application-level authorization scheme could be useful, checking the authenticated user's organizational role/job code and the other criteria dictating the application availability.
For your case, I recommend that you make the application use an authentication scheme that is suitable for controlling access to the admin page(s) and then set the Security (Authentication) attribute of every other page to 'Page Is Public'.
Scott -
How to verify "security authentication failure rate" command
i type "security authentication failure rate 2 log" in global configuration mode,then login authentication failed many times but no the 15-second delay.
why?Thanks.Steven,
This command did NOT come in play till 12.3.1
Command History
Release
Modification
12.3(1)
This command was introduced.
12.2(27)SBC
This command was integrated into Cisco IOS Release 12.2(27)SBC.
12.3(7)T
The range of the threshold-rate value was changed from 1 through 1024 to 2 through 1024.
Usage Guidelines
The security authentication failure rate command provides enhanced security access to the router by generating syslog messages after the number of unsuccessful login attempts exceeds the configured threshold rate. This command ensures that there are not any continuous failures to access the router.
Regards,
Alex.
Please rate useful posts. -
ArchSentrix - remote security monitoring solution
What ArchSentrix is.
A free software based platform for remote security monitoring enabling the integration of video surveillance with networking and telephone technology.
Built on Arch Linux, a lightweight and flexible i686 optimized linux distribution.
Video monitoring, recording, motion detection and remote access is handled by ZoneMinder, an integrated set of applications built on LAMP.
Telephone capabilities are provided by Asterisk, allowing use of both voip and analog (POTS) technology.
A livecd / liveusb installer solution that can be customized endlessly to suit the needs of users or their clients.
Post installation configuration, maintainance, and user access can preferably be done remotely using a web browser interface. However a lightweight graphical desktop user environment is provided making the system self contained if needed.
http://www.ctu-web.com/archsentrix/
http://www.ctu-web.com/archsentrix/iso/ … .1.iso.md5
http://www.ctu-web.com/archsentrix/iso/ … ix-0.1.isoDoes ZoneMinder work with IP cameras?
Yes indeed. Axis cameras are very well supported, including PTZ features. -
Security authentication failure error
Dear All:
I have a FDM application load data to HFM. Sometimes, when I try to login to the FDM web application, I gor error says "FDM security authentication failture".
I have to go to the FDM application server and restart the IIS Admin Service or reboot the FDM application server. Then I can login. I wonder why I have to do that. Any help is really appreciated.Dear Hyperion experts:
I also get the following error when I try to login to FDM web application
Application
Error
Description: An exception occurred during the execution of the current
web request. Please contact the administrator to review the stack trace in the
event log for more information about the error.
Re-start IIS Admin server in FDM server and the error went away. However, it comes back in a few days.
Thank you in advance for any help. -
Interconnect MQSeries adapter exception MQJMS2013: invalid security authentication
Hi,
I get the MQJMS2013: invalid security authentication supplied for
MQQueueManager in my MQ Series adapter for Oracle interconnect. Is there more
specific information about this error. Maybe in an IBM user manual.
Has anybody experience with the IBM MQ Series adapter for Oracle interconnect 9.0.2
ThanxThat's an MQ JMS exception, so the MQ JMS documentation would be the best place to find out what it means.
If I recall correctly, when you're using the MQ JMS API in "bindings" mode -- which is what you're probably doing if your queue manager is on the same machine as WLS -- then MQ does not allow you to supply a username and password. It uses your Unix user ID to authenticate itself to the queue manager in this case. -
JMSSecurityException: MQJMS2013: invalid security authentication supplied f
I had a very strange JMS exception. I was testing MQ and WL integration. The following simple java code segment worked fine if running by itself, but failed if it was running inside a WL JSP page. MQ and WL servers were on the same Solaris box, the user account was valid for MQ.
Is there any security policy that prohibits WL to pass my user id and password in the createQueueConnection method?
QueueConnectionFactory connectionFactory = new com.ibm.mq.jms.MQQueueConnectionFactory();
QueueConnection connection = connectionFactory.createQueueConnection("userid", "password");
connection.close();
javax.jms.JMSSecurityException: MQJMS2013: invalid security authentication supplied for MQQueueManager
at com.ibm.mq.jms.MQQueueConnectionFactory.createQueueConnection(MQQueueConnectionFactory.java:231)
at jsp_servlet.__jmstest._jspService(__jmstest.java:128)
at weblogic.servlet.jsp.JspBase.service(JspBase.java:33)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:996)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:419)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:315)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:6452)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:118)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3661)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2630)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:219)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:178)That's an MQ JMS exception, so the MQ JMS documentation would be the best place to find out what it means.
If I recall correctly, when you're using the MQ JMS API in "bindings" mode -- which is what you're probably doing if your queue manager is on the same machine as WLS -- then MQ does not allow you to supply a username and password. It uses your Unix user ID to authenticate itself to the queue manager in this case. -
Disabling the dbc security authentication
Hi All,
Apps : 11.5.10.2
DB : 9.2.0.8
When i am doing this "Disabling the dbc security authentication", i need to down the application services?is it compulsory to do this?
Enable SECURE authentication
jre oracle.apps.fnd.security.AdminAppServer apps/apps \
AUTHENTICATION OFF DBC=/u01/app/applmgr/11.5/fnd/11.5.0/secure/backendbox_sidname.dbc
And my environment is 5 node env
Do i need to run this command on all the node or any specific node to disable the dbc security.
Please update me ASAP
Thanks a lotCan you pl clarify why you need to set this ? The preferred way of doing this would be via autoconfig - see MOS Doc 293609.1 (APP-FND-01542 when logging directly into forms via the f60cgi in 11.5.10). Stop all apps services, run autoconfig on the dbtier first and then on the apps tier servers.
HTH
Srini -
Com.bea.p13n.security.Authentication
can anyone tell me which jar file i have to download to get the following class
file
com.bea.p13n.security.Authentication
thanx
charithAlso, p13n_system.jar should be on the system classpath (i.e. -classpath
of the java weblogic.Service call). Portal domains (from the config
wizard) are already setup that way (since wps_system.jar is the system
classpath, and it has a Manifest Class-Path entry to p13n_system.jar).
Greg
Subbu Allamaraju wrote:
This class is part p13n_system.jar.
Subbu
charith Fernando said the following on 10/20/2003 05:39 AM:
can anyone tell me which jar file i have to download to get the
following class
file
com.bea.p13n.security.Authentication
thanx
charith
Maybe you are looking for
-
Select Query with minimum values
Table name: employess_inout Column name: employee_code number(data type) IN_Time date(data type) Out_time date(data type) i want to select only in_time coloumn data with min intime as in one date A employee have more then 2 times in_time entry exampl
-
I am trying to debug a ASP.Net web application within visual studio 2010 using Firefox. I am able to set breakpoints in my C# code and they work but if I set a breakpoint in a javascript file then these do not work when using Firefox. Is there any wa
-
How to fix "iPad is disabled" on home screen
How to fix iPad is disabled screen?
-
ALC-UPG-221-002: Errors while migrating archive session Ids.
I am doing an out of place upgrade from ES2 to ES4. I have run the Turnkey ES4 upgrade, installed SP1, copied the GDS from the old location to the new location and run Configuration Manager. When I get to the "Perform critical tasks before componen
-
SAP Retail Store: Negative sign in Condition (sign inversion)
Hello, For a customer I developed a function in SAP Retail Store Sales Order (WCSO) to receive a header condition. The header condition will be set by using the standard function module CSO_P_CONDS_SET. The condition type is set as positive (A) in th