Secure and non secure hotspots

Similar Messages

• Flash causes "page contains secure and non-secure..."

  Hi All,
  I have a flash menu on my web store .php pages and am getting
  a "this page contains secure and non-secure items..." in IE7 in
  Vista. I think this is because of the Flash menus, but thought I
  had taken care of this by making the codebase embedding to
  "https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0"
  Any suggestions on how to deal with this?
  Thanks, Scott

  Thanks so much ShadowKnyte for the reply. Turns out it wasn't
  the Flash menu, after all, as it did have the embedding links set
  to https. In fact, it was my Google analytics call at the end of
  the page. It needed to be changed to:
  <script src="https://ssl.google-analytics.com/urchin.js"
  type="text/javascript"></script>
  In case that helps anyone else out.
  Cheers, Scott

• Secure and non-secure access to the web application in one war

  Say we have one web application (in one war) which includes JSP, servlets and the security intercepter. There is one business requirement to have most of the JSP(s) accessed via HTTPS, but a few JSP(S) accessed via HTTP.
  My questions are:
  a. Is this possible, or a reasonable requirement or a good practice?
  b. if yes, what can we do to make it happen in the security intercepter implementation?
  c. If not, what is the technical reasons?
  Thanks much.

  a) Yes its is reasonable and good practive, there is an overhead using https, so you should only encrypt file you need to. When you use an online store, only account details / payments are https, the shop itself is http
  b) I dont really understand your difficulty. You can define a folder as 'secure' and put all your secure pages in this folder, leaving non secure files in a different folder. Whenever a page in the secure folder is accessed, https is automatically invoked.

• Problem with automatic logout between secure and non-secure urls

  On my business catalyst page the user login page is located on a non secure url (our site's domain and not worldsecuresystems). When a user is logged in and then views a page on a secure url (i.e. a page to purchase a subscription to a secure zone) it does not retain their login cookie and it appears they have been logged out. This also creates a problem where I cannot pre populate the secure zone purchase form with a user's information based on their account details. Is there a way to retain have both domains recognize the user is logged in to allow the user to freely pass between these domains without having to login twice? I was considering putting the login page on the secure domain and using relative urls for all my links but for some reason some of my pages appear corrupt when viewed on the worldsecuresystems domain so I'd like to avoid this method. Any help would be appreciated.

  Make sure the referrer paramter is correctly set on the form.
  This is the default BC action. But remember the {module_siteurl} will return the host they are currently on. So if this is used on a secure page you'll need to use {module_sitehost} instead
  action="{module_secureurl}/ZoneProcess.aspx?ZoneID=-1&amp;Referrer={module_siteUrl,true,true}&amp;OID={module_oid}&amp;OTYPE={module_otype}">

• Secure and Non-secure Items

  Is anyone else getting a "secure"/"non-secure" items warning when iTunes is being launched from a webpage?
  The page with the problem lives on "https://deimos.apple.com". I don't think that I can fix the problem locally, but the warning stops iTunes from launching and some of my users are getting upset.
  It looks like the solution could be a quick fix, the address to the .css file, and some of the images is "http://deimos.apple.com" (NO "S" in the httpS://deimos...).
  How can I report this type of problem? Who do I send the issue to?

  I think this is your web browser warning you that the web page you are view has https and http URLs. Its not directly an iTunes U issue.

• Ajax Login both secure and non secure url

  Does anyone know if there is a way to use ajax to log a user in for both the non secure and secure url. Normally if you're submitting a log in form over the secure url with the non secure url in the referrer parameter it will log you in on both domains but not via ajax. Anyone have a good work around?

  Here’s the code I’ve used…
  {% if Settings.Site_Live -%}
  {% assign redirectHTTP = "" -%}
  {% assign redirectDOMAIN = Settings.Site_URL -%}
  {% assign redirectEXTEND = "" -%}
  {% else -%}
  {% assign redirectHTTP = "http%3a%2f%2f" -%}
  {% assign redirectDOMAIN = Settings.System_Name -%}
  {% assign redirectEXTEND = ".fueldesign.co.nz" -%}
  {% endif -%}
  {% capture redirectURL -%}{{redirectHTTP}}{{redirectDOMAIN}}{{redirectEXTEND}}{% endcapture -%}
  <form class="form--box escapeWorldSecureSystems" method="post" action="https://{{Settings.System_Name}}.worldsecuresystems.com/ZoneProcess.aspx?ZoneID=51&amp;Referrer={{ redirectURL}}&amp;OID=&amp;OTYPE=" data-parsley-validate>
  Note: I have a Settings collection that has a lot of data from a Settings web app that controls a lot of settings for the website, such as “Site_Live” checkbox etc. this allows my sign-ins to be generic and editable site to site.
  And here’s the development URL where I’m working on this. (don’t just my site during development stage lol)
  http://astrolift.fueldesign.co.nz/ <http://astrolift.fueldesign.co.nz/>
  username: dev
  password: dev123
  Hopt this gives you some inspiration.
  Let us know if you get the ajax working.
  Cheers guys

• SSL - Secure and non secure objects

  Hello to all!
  A box of donuts to anyone who knows how to handle this one! Using Portal 5.03 in an Internet setting (City home page) and we use the "Hosted Display Mode" to serve some of our vendor applications (such as online class registration) through the gateway so that it comes up inside the portal.This works fine until you get to a page being served via SSL. What happens is that many of the objects on the pages (images, javascript, etc) are being called via http instead of https. Some of the items come from the application itself, but a great number of these references come straight from the portal (things like helper javascript such as PTUtil.js)So my question becomes, is there anyway that the gateway can force every URL coming through to write out as https?
  ~Kevin.

  Hello to all!
  A box of donuts to anyone who knows how to handle this one! Using Portal 5.03 in an Internet setting (City home page) and we use the "Hosted Display Mode" to serve some of our vendor applications (such as online class registration) through the gateway so that it comes up inside the portal.This works fine until you get to a page being served via SSL. What happens is that many of the objects on the pages (images, javascript, etc) are being called via http instead of https. Some of the items come from the application itself, but a great number of these references come straight from the portal (things like helper javascript such as PTUtil.js)So my question becomes, is there anyway that the gateway can force every URL coming through to write out as https?
  ~Kevin.

• Disable Security  Alert while redirecting for secure to non secure mode.

  Hi Experts,
  I am new to the portal and came accross a very different kind of requirement for which i need you advice.
  On pressing the Logout button on the portal, the navigation/control is redirecting to the non secure Http website. My portal is on Https site. Now the issue is upon logging out I am getting the security Alert " You are about to direct to a connection that is non secure. Do you want to continue? "
  Now I have a requirement to suppress or remove this pop up. I do understand that this is the IE functionality to show the pop message and I have already uncheck the check box under Internet Options -> Advanced -> miscellaneous -> Warn if changiung between Secure to non secure.
  Please suggest !
  Thanks
  Shobhit Taggar

  Shobhit,
  Which version of IE?
  Regards,
  Sandeep Tudumu

• Disable security Alert while redirecting from secure to non secure mode

  Hi Experts,
  I am new to the portal and came accross a very different kind of requirement for which i need you advice.
  On pressing the Logout button on the portal, the navigation/control is redirecting to the non secure Http website. My portal is on Https site. Now the issue is upon logging out I am getting the security Alert " You are about to direct to a connection that is non secure. Do you want to continue? "
  Now I have a requirement to suppress or remove this pop up. I do understand that this is the IE functionality to show the pop message and I have already uncheck the check box under Internet Options -> Advanced -> miscellaneous -> Warn if changiung between Secure to non secure.
  Please suggest !
  Thanks
  Shobhit Taggar

  Shobhit,
  Which version of IE?
  Regards,
  Sandeep Tudumu

• Even after set Mo:Security and HR:Security,user not able to restrict require Inventory Org.

  Hi All,
  Even after set Mo:Security and HR:Security,user not able to restrict require Inventory Org.
  Both the profile option have set at responsibility level.
  Reagrds,
  Sandesh

  2785222 wrote:
  Hi All,
  Even after set Mo:Security and HR:Security,user not able to restrict require Inventory Org.
  Both the profile option have set at responsibility level.
  Reagrds,
  Sandesh
  Hi Sandesh,
  First note that HR:Security Is for HRMS module for restricting data for respective OUs
  MO:Security is for other Modules such as Inv, PO, AR, AP etc., for restricting data
  Change the inventory Org to the one you want and then query data...
  Hope it helps.
  Regards,
  Shahzad.H.Magsi

• Security pane in preferences is missing cookies, databases and non-secure forms options?  Also Privacy Pane is totally blank?

  I wanted to delete some cookies.  But when I went to the Security Pane in Safari Preferences, it does not show any of the following categories/settings option:  nothing for cookes (nothing for accept or show or anything else about cookies), nothing for databases, and nothing for non-secure forms.  No controls for these are showing in the Security pane.  Also, the Privacy Pane in Safari preferenes is totally blank--I can't set anything on that.  Where are these controls/settings options, why can't I see them?  I am using OSX 10.6.8 and Safari Version 5.1.9, I have a Mac Book Pro 3.06 Intel. Thanks. 

  Uninstall SIMBL as follows. Back up all data before making any changes.
  Triple-click the line below to select it, then copy the text to the Clipboard (command-C):
  /Library
  In the Finder, select
  Go ▹ Go to Folder...
  from the menu bar, paste into the box that opens (command-V), and press return. A folder will open. From that folder, delete the items listed below (some may be absent.) You may be prompted for your administrator login password.
  Application Support/SIMBL
  InputManagers/SIMBL.bundle
  LaunchAgents/net.culater.SIMBL.Agent.plist
  ScriptingAdditions/SIMBL.osax
  Log out and log back in.
  Make sure you never reinstall SIMBL. It’s likely to come bundled with another third-party system modfication that depends on it. If you want trouble-free computing, avoid software that makes miraculous changes to other software, especially built-in applications. The only real exception to that rule is Safari extensions, which are mostly safe, and are easy to get rid of when they don’t work. SIMBL and its dependents are not Safari extensions.

• Webservice get/send securely in non-secure shell?

  Hey all,
  Perhaps I'm btiing off things a bit too complicated for someone who has never used FLEX before, but I've got to do some research and then build a mock sample for the company I work for.
  What we're trying to do is allow users to login via flex to their account w/o ever leaving the current page they're viewing. Currently they are taken to another area and system altogether so as to jump from the non-secure to secure server.
  So the plan is to just click the login button and stay right there the whole time for a seamless experience. I had asked if this was possible at all previously and heard about the SecureHTTPChannel method as well as the SecureAMFChannel one.
  I have gotten Flex to see our wsdl and pull a string of data via the WebService function, throw it in a DataGrid, but honestly have no clue whatsoever where to even start moving towards now in order to get to the intended goal mentioned above.
  Can someone please help point me in a general direction as to what needs to happen and what general methods need to be employed to get there? Thanks for any help!

  This is related to the URL bar autofill feature. Please see these threads:
  * [https://support.mozilla.org/en-US/questions/933563 typing in url for my company website sends it to https index page in Firefox, but not IE or Chrome, and the behavoir is not wanted]
  * [https://support.mozilla.org/en-US/questions/933470 After updating to 14.0.1 Firefox will force https on websites. How do I fix?]

• Shared services security and essbase security

  recently upgraded to sys 9 and now use shared services 931
  we used to have security at essbase level previously and now its all Shared services..
  now i have so many concerns
  Can we automate the security just like I used to automate in essbase earlier...
  or can we automate secuirty in essbase and them sync it to Shared services??
  I know that we change security settings in SS and then sync it to essbase but is the other way around possible???
  IF yes HOW?
  IF NOT - can we automate SS security which reflects to essbase...
  I have to go through the prod doc and I'll do that very soon but any suggestion on this would really help me out..
  Thanks in advance

  Hi,
  can you please write more about which products and version are you using and on which operating system name and version.
  Why do you use Shared Services? Are you using only Essbase server or any other server? If you use only Essbase server there is probably no need of using Shared Services.
  If you need only Essbase you can see my info about installing Essbase without Shared Services: hyperion essbase installation
  Please provide more info, so that we on forum can help you.
  Regards,
  Grofaty

• Securing a non-secure connection

  Hello,
  We have a need to make a secure socket connection to a system without adding to the number of ports that system is listening on. What we'd like to be able to do is have a C++ program listen for a socket connection, accept a new connection, and then read a message saying to secure the connection and start up a particular server program for that connection. That appears to be possible using the OpenSSL C++ functions.
  What we are having a problem with is the Java side. Is there a way to make either an SSLSocket object delay handshaking until we send a message, or create an SSLSocket for an existing Socket connection? Otherwise I don't know how we can send the message to the listener telling it to secure the connection before the connection fails.
  Thanks,
  Robert

  Yes, you can layer an SSLSocket connection over an existing connection. SSLSocketFactory has a method createSocket(Socket s, String host, int port, boolean autoClose). Just pass the existing socket as the first argument (do it on each side of the communication) and you should be all set.

• SSO to ITS through WebSEAL gives secure/non-secure messages

  Hi
  We running the following setup:
  EP6 SP14
  Stand-alone ITS 6.20 patch 18
  4.7 R/3 Enterprise
  TAM/WebSEAL 5.1
  We are running SSO through WebSEAL to the portal and everything seems to be working just fine.
  But when we try to access a transactional iView or an IAC iView running on the ITS server I get a pop-up message saying "This page contains both secure and nonsecure items."
  We are accessing WebSEAL through HTTPS, we are running HTTPS between WebSEAL and the portal and HTTP between WebSEAL and ITS.
  I have tried to access the ITS through WebSEAL without using the portal, and I still get the message. So it must be something between the WebSEAL and the ITS server.
  Does anybody have any ideas what is causing this?
  Cheers,
  Jacob Vennervald

  The "secure and non-secure" message, displayed when accessing ITS through WebSEAL when using IE and HTTPS, is caused by an empty source reference (<IFRAME ... SRC="" ...>) within the ITS menu page (...d_menu.html).
  The integration guide, available on the <a href="http://www-1.ibm.com/support/docview.wss?uid=swg24003605">IBM website</a> and the <a href="http://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/sdn/developerareas/ibm">SAP SDN</a>, contains the information on how to stop the message from appearing.
  The message should not be displayed when accessing ITS through WebSEAL using HTTP.
  Regards,
  Peter Tuton.