Security Issue httpOnlyCookies="true" is not working with production environment

Similar Messages

• Functions (back & stop ) are not working in production environment

  Hi All ...
  Some functions (back and stop) are not working in production environment, where as those functions are working in QA testing environement..please answer.. what could be the reasons for not working some functions
  in production environement.
  Regards,,
  Krishna

  Hi,
  Based on the error message, it is related to the item in your production environment, then the workflow will occur exception.
  As your workflow worked perfectly in your other environments, I suggest you can check if some item has is valid in the document library.
  You can try to use Fiddler to track the web request and find in which item the workflow occurs exception.
  Here are some detailed articles for your reference:
  https://msdn.microsoft.com/en-us/library/vstudio/ee231573(v=vs.100).aspx
  http://www.andrewconnell.com/blog/SP2013-Workflow-Advanced-Workflow-Debugging-with-Fiddler
  Thanks
  Best Regards
  Jerry Guo
  TechNet Community Support

• Push notifications not working with production (apnagent nodes Js)

  Hi,
  When we tested the push notification in sandbox using apnagent node JS it worked well. But when we switch the sandbox to production it is not working. When we debug the server side we are not getting any errors also in production, but push notifications are delivered to the devices.
  First we thought it is a certificate issues and then revoked all the certificates in the portal and created new certificates still no luck.
  Can any one tell me why push notifications are not working in production.
  Thanks in advance!

  You're welcome. The request has been sent in. I first saw your post in the Using Apple Support Communities Forum, now I see it's been moved to the iPod Forum, hopefully it will get moved again.
  iIt's been moved.

• The "Adobe Reader 11.0.08 security update - All languages" is not working with "Adobe Reader 11.0 - Multilingual (MUI) installer" using msiexec when creating an msi package. is there going to be a release of Adobe Reader 11.0.08 update - Multilingual (MUI

  Is it possible to create an msi package if the product you are upgrading is Multilingual (MUI) and the update(msp) you are applying is not Multilingual (MUI) but "All languages"?

  Please download the latest Adobe Reader patch from the below mentioned location, it will work with MUI installer.
  ftp://ftp.adobe.com/pub/adobe/reader/
  ~Deepak

• Ovs-makerepo / ovs-onlinerepo not working with multipath environment

  Using /usr/lib/ovs/ovs-onlinerepo does not work within a multipath environment.
  Configured on my SAN device are two LUNs, each visible over multiple paths to
  the two HBAs of the server.
  Trying to create a cluster root repository (or any other repository) fails:
  mount.ocfs2: Device or resource busy while mounting /dev/sdi1 on /OVS. Check 'dmesg' for more information on this error.
  I tracked this down as something in /usr/lib/ovs/ovs-repo-common, where the
  real "mount" is done. Mounting is with option "-U", which mounts by using
  a UUID. As multipathing is enabled, the partition with that specific UUID is
  seen via multiple pathes -- and the mount fails.
  Has anybody an idea if there is a correct(ed) version of repository scripts around
  or can direct me to a clue how to correct that script accordingly?
  BTW: you get that ominous UUID by issuing:
  /lib/udev/vol_id -u /dev/mapper/mpath2p1
  Edited by: djahnke on 06.01.2009 05:11

  Hi,
  the order is important...
  -> disable the mulitpath again
  # vi /etc/multipath.conf
  -> commend again the comlete "blacklist"
  -> reboot XEN server
  -> -> so you see only the physically devices.
  the follow instructions:
  Requirements to be able to enable HA:
  =================================
  a) have more then one XEN server in the server pool
  -> you have.
  b) have the single XEN servers attached with a shared disk system ( e.g. SAN -> OCFS2 )
  -> you have.
  c) Create OCFS2 disk:
  # fdisk /dev/sda
  # mkfs.ocfs2 -L xenrbg -b 4k -C 4k -J size=64M -N 16 /dev/sda1
  -> think you have
  d) Create REPO ( must executed on POOL MASTER SERVER ):
  # /usr/lib/ovs/ovs-cluster-configure
  # /usr/lib/ovs/ovs-makerepo /dev/sda1 C "cluster root"
  -> think you have
  -> -> that was the original docu...
  -> -> now also my problem started ;-)
  Sullution was:
  ======================
  f) edit /etc/sysconfig/o2cb
  30000
  2000
  2000
  -> setup the timings in that order
  -> copy the file to the other node
  g) copy repository file
  copy the file /etc/ovs/repositories to the other node
  ( make sure, that the device name in that file is the same like on your source )
  ( you also have the change to setup multipath later on )
  h) check and may be edit file:
  #vi /etc/ocfs2/cluster.conf
  node:
  ip_port = 7777
  ip_address = <IP-ADR of your first server>
  number = 0
  name = <hostname of your first server - short>
  cluster = ocfs2
  node:
  ip_port = 7777
  ip_address = <IP-ADR of your second server>
  number = 1
  name = <hostname of your second server - short>
  cluster = ocfs2
  cluster:
  node_count = 2
  name = ocfs2
  ## file end ###
  -> here i had only one node specified on my second node
  -> copy then the file to the other node
  Then, enable multipath again - # vi /etc/mulitpath.conf
  -> uncomment blacklist
  -> reboot
  -> -> check: multipath -ll
  then edit /etc/ovs/repositories
  -> change here again to your /dev/mapper/mpath0p1
  -> deploy the file on all XEN servers
  -> reboot them
  -> -> now it should work ;-)
  bye eike

• OSB 10gR3 - Process WS-Security flag not working with PasswordDigest

  Hi,
  By Oracle documentation when you set the "process ws-security header" in security section of a proxy service, the proxy service act as an active intermediary and consume the ws-security header received in inbound messages. This feature works fine when you call the proxy service using WS-Security Username Token Profile PasswordText, but when you send Username Token with PasswordDigest I got the following error: +"weblogic.xml.crypto.wss.WSSecurityException: Unable to validate identity assertions"+
  I am using SoapUi to call the proxy with passwordDigest, WSS-Password Type option set to PasswordDigest.
  Proxy configured with:
  General tab -> WSDL based proxy service, this wsdl doesn't have ws-policy definitions inside.
  Transport tab -> Get all headers = Yes
  HTTP Transport tab -> HTTPS Required = No / Authentication = Basic
  Operation tab -> Enforce WS-I Compliance = not checked / Selection Algorithm = SOAP Body Type
  Message Content tab -> default settings
  Policy -> Added Auth.xml(predefined) policy to request policies.
  Security tab -> Process WS-Security header = Yes / Custom Authentication settings = none
  Error --->
  +<01/12/2009 09h34min55s BRST> <Error> <OSB Security> <BEA-387022> <An error ocurred during web service security inbound request processing [error-code: Fault, message-id: 6198860737666014185--de42214.12549f82d66.-7fdb, proxy: AlphaTests/MyProxy/Proxy/MyLogProxy, operation: null]+
  --- Error message:
  +<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>wsse:InvalidSecurity</faultcode>*<faultstring>Unable to validate identity assertions.</faultstring>*</env:Fault></env:Body></env:Envelope>+
  weblogic.xml.crypto.wss.WSSecurityException: Unable to validate identity assertions.
  +     at weblogic.wsee.security.wss.SecurityPolicyValidator.processIdentity(SecurityPolicyValidator.java:133)+
  +     at weblogic.wsee.security.wss.SecurityPolicyValidator.processInbound(SecurityPolicyValidator.java:77)+
  +     at weblogic.wsee.security.WssServerPolicyHandler.processInbound(WssServerPolicyHandler.java:54)+
  +     at weblogic.wsee.security.WssServerPolicyHandler.processRequest(WssServerPolicyHandler.java:30)+
  +     at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:74)+
  +     at com.bea.wli.sb.security.wss.WssInboundHandler.processRequest(WssInboundHandler.java:155)+
  +     at com.bea.wli.sb.security.wss.WssHandlerImpl.doInboundRequest(WssHandlerImpl.java:201)+
  +     at com.bea.wli.sb.context.BindingLayerImpl.addRequest(BindingLayerImpl.java:257)+
  +     at com.bea.wli.sb.pipeline.MessageProcessor.processRequest(MessageProcessor.java:66)+
  +     at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:508)+
  +     at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:506)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)+
  +     at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:505)+
  +     at com.bea.wli.sb.transports.TransportManagerImpl.receiveMessage(TransportManagerImpl.java:371)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper$1.run(HttpTransportServlet.java:279)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper$1.run(HttpTransportServlet.java:277)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper.securedInvoke(HttpTransportServlet.java:276)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper.service(HttpTransportServlet.java:237)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet.service(HttpTransportServlet.java:133)+
  +     at weblogic.servlet.FutureResponseServlet.service(FutureResponseServlet.java:24)+
  +     at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)+
  +     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)+
  +     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)+
  +     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)+
  +     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)+
  +     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3498)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)+
  +     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)+
  +     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)+
  +     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)+
  +     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)+

  Eduardo,
  Yes, but the flag "Process WS-Security header" needs to be set to 'No' and I included a delete node to remove the wsse:Security element from header. Attaching Auth.xml predefined policy to my request operation, causes OSB to include the policy directive in my WSDL, but the PasswordText(see below).
  In Oracle security guide we have steps to configure PasswordDigest in the Oracle Service Bus Security Configuration using the WLS Console http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/security/model.html#wp1062542
  My doubt is: Is this a bug? "Process WS-Security header" flag is supposed to work with PasswordDigest?
  My WSDL with WS-Policy statements after Auth.xml policy was configured.
  <?xml version="1.0" encoding="UTF-8"?>
  <s2:definitions targetNamespace="http://alpha.tests.org" xmlns:s0="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:s1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:s2="http://schemas.xmlsoap.org/wsdl/" xmlns:s3="http://alpha.tests.org" xmlns:s4="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
  <s0:Policy s1:Id="encrypt-custom-body-element-and-username-token">
  <wssp:Identity xmlns:wssp="http://www.bea.com/wls90/security/policy">
  <wssp:SupportedTokens>
  <wssp:SecurityToken TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
  <wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"/>
  </wssp:SecurityToken>
  </wssp:SupportedTokens>
  </wssp:Identity>
  </s0:Policy>
  <wsp:UsingPolicy s2:Required="true"/>
  <s2:types>
  <xsd:schema elementFormDefault="qualified" targetNamespace="http://alpha.tests.org" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:impl="http://alpha.tests.org" xmlns:s0="http://schemas.xmlsoap.org/wsdl/" xmlns:s1="http://alpha.tests.org" xmlns:s2="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <xsd:element name="EchoRequest">
  <xsd:complexType>
  <xsd:sequence>
  <xsd:element name="send" type="xsd:string"/>
  </xsd:sequence>
  </xsd:complexType>
  </xsd:element>
  <xsd:element name="EchoResponse">
  <xsd:complexType>
  <xsd:sequence>
  <xsd:element name="response" type="xsd:string"/>
  </xsd:sequence>
  </xsd:complexType>
  </xsd:element>
  </xsd:schema>
  </s2:types>
  <s2:message name="echoRequest">
  <s2:part element="s3:EchoRequest" name="echoPartReq"/>
  </s2:message>
  <s2:message name="echoResponse">
  <s2:part element="s3:EchoResponse" name="echoPartResp"/>
  </s2:message>
  <s2:portType name="MyAlphaPort">
  <s2:operation name="echo">
  <s2:input message="s3:echoRequest" name="echoRequest"/>
  <s2:output message="s3:echoResponse" name="echoResponse"/>
  </s2:operation>
  </s2:portType>
  <s2:binding name="MyAlphaBinding" type="s3:MyAlphaPort">
  <s4:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
  <s2:operation name="echo">
  <s2:input name="echoRequest">
  <s4:body use="literal"/>
  <wsp:Policy>
  <wsp:PolicyReference URI="#encrypt-custom-body-element-and-username-token"/>
  </wsp:Policy>
  </s2:input>
  <s2:output name="echoResponse">
  <s4:body use="literal"/>
  </s2:output>
  </s2:operation>
  </s2:binding>
  <s2:service name="MyAlphaBindingQSService">
  <s2:port binding="s3:MyAlphaBinding" name="MyAlphaBindingQSPort">
  <s4:address location="http://CLXSP0272:7001/MyAlphaService"/>
  </s2:port>
  </s2:service>
  </s2:definitions>

• Safari is asking us to call 1-866 782-**** because of a security issue. Safari is not currently working. What is this all about?

  Safari is asking us to call 1-866 782-**** because of a security issue. Safari is not currently working. What is this all about?
  <Post Edited By Host>

  Sorry for the second same words reply but I want people to see this is a scam thank you
  this conversation has help me, today I had the same pop up scam announcement, I was searching in you tube yahoo and google about this no one apparently had this issue before, first I was going to call the original apple phone number because to me this pop seem awkward but the announcement had the apple name I gave it a try but using the call app phone booth just to see if it was the official apple phone number and if it was not who ever was asking me to call wont get my actual phone number, to my surprise it wasn't apple official phone number because I have called the apple official # and is nothing a like, I hung up all worried and sad with only one option in my mind called the apple support number, then I stop and thought for a minute and one clever thought came to my head that is brain lol, the clever thought was this "let me put this phone number in the web to see if it takes me to the official apple website" so I did it and the first pop up search was this article this conversation of you guys read it and follow the instructions they were very successful fix my issue, thank you so much guys, keep up the great work.
  Edit

• I just downloaded Firefox 5 and it said that my Yahoo toolbar will not work with it. Is this true? If so I will not use this new version and will switch to another browser if Firefox stops supporting the Yahoo toolbar. Thank you.

  I just downloaded Firefox 5 and it said that my Yahoo toolbar will not work with it. Is this true? If so I will not use this new version and will switch to another browser if Firefox stops supporting the Yahoo toolbar. Thank you.

  Add-ons contain a range of compatible Firefox versions, and Firefox honors the listed range by disabling the add-on if you are trying to run it on an unlisted version.
  I'm sure Yahoo! will update its toolbar eventually, but not every add-on maker supports beta versions of software.

• Fast dial (visual bookmarks) does not work with the new 5.0 upgrade. How do I correct this issue

  fast dial (visual bookmarks) does not work with the new 5.0 upgrade. How do I correct this issue Asked this question yesterday. I desperately need info, will I ever be able to use fast dial again?

  I tried it and it WORKED....I even tried the other version BEFORE this one and it didn't work so I tried yours and it worked like a charm so THANKS brother....

• I am running 10.8 and I am trying to get a E-mu 1x1 midi/usb connector to work with my keyboards. It's not working with any keyboard at all. I believe it is a Mainstage/Mac issue. Mainstage can recognize the the interface but it won't work.

  I am running 10.8 and I am trying to get a E-mu 1x1 midi/usb connector to work with my keyboards. It's not working with any keyboard at all. I believe it is a Mainstage/Mac issue. Mainstage can recognize the the interface but it won't work.

  Here are two screen shots to show you what I am seeing.  The first screen shot shows it allowing me to select (highlighted in blue) my admin user (which is what I am locced in as).  The second screen shot shows it allowing me to select the "Guest" user (highlighted in blue).  However when I click on the user "Orion" nothing happens.  It will not change to highlight that user.

• Secure boot not working with MSI Z77a-G45 And system reserve not showing

  Ok so i re did my windows after i did a zero fill on my hard drive as it was showing a corrupted sector on my disk that seemed to fix it for now, until it comes back if it does crossing my fingers it gone for good. But now i can't seem to get Secure boot to work i mean i did not have it before as i just slapped the motherboard in with a existing windows, that was to be expected but this is a clean install of windows 8.1 and i even have secure boot on but its not working and reports as off in windows.  Is it because i have my bios set to legacy+UEFI??? would that make secure boot not work??. i even went as far as turning it off and back on again the secure boot setting nothing made a difference.  I mean its not a big deal bit would be nice to know why its not working, also another wired thing and i will post pictures of it, as i cant see my system reserved partition in disk management but diskpart says it there, i will post those pictures any ideas??. 

  fixed it is my legacy+uefi another forum got back to me.

• Is it true that keep options is not working with paragraph span? (CS5)

  Hi all,
  Just wanted to confiem that keep options does not work with Paragraph span.
  thanks,
  shlomit

  That's correct for now. Perhaps in CS6....

• Home sharing does not work with new mountain lion update.

  home sharing does not work with new mountain lion update. Does anyone else have the same issue. Updated all computers in my home, deauthorized and reauthorized each computer. turn off home sharing and turned it back on. don't know what else to do..please help...

  Our Apple TVs continue to lose connection ever since installing Mountain Lion on the host computer. The only thing that fixes them is to quit and relaunch iTunes, which only works unti the ATV goes to sleep. If a movie is paused for more than a few minutes and the ATV goes to sleep, pressing play again on the remote is greeted with "There are no movies on this computer" or "Turn on Home Sharing."
  If we stop a video on one ATV and attempt to resume it in another room, the error begins again. The other ATV can't connect until iTunes is relaunched.
  My guess is that it has something to do with the new [annoying] security settings. But I still haven't found a fix other than restarting iTunes everytime we want to watch something from our downloads. Fail.

• Applets not working with Java 1.7.0_51 in MII 14.0 SP4 Patch 5

  Hi,
  I'm currently evaluating the migration of our MII 12.0 developments to MII 14.
  But I'm running in several issues just trying to use simple things like a SQL query template with an iGrid Display template in test mode.
  Used versions are: MII 14.0 SP4 Patch 5 and on client side the latest Mozilla Firefox with Java 1.7.0_51
  At first I always get a java security warning when the applet is being loaded about unsigned applications.
  At second the applet itself is not running. It always shows "No data available" and the java console shows the following errors (iResult is the id of the applet):
  iResult [ERROR] - Couldn't set query template: No Query Defined
  iResult [ERROR] - Couldn't set display template: null
  iResult [ERROR] - Couldn't set display template: null
  Is this perhaps a general problem, that the MII applets are not working with Java 1.7.x versions?
  If I call the same MII page from a client with Java 1.6.x it is working without errors.
  Do you have some suggestions for me?
  Regards Timo

  please clear your JAVA Cache. that should solve the JRE issue. thanks

• AX will not work with WPA

  My AX worked successfully with WPA security for several months, then stopped. I reset it, hard and soft, used factory default, but it would not work with WPA. Changed the security to WEP 128 and it worked fine. But now my Macbook Pro won't connect automatically. I have to run diagnostics to reconnect every time I started the computer.
  Went back to WPA, now my Macbook Pro connects fine again, but the AX won't won't connect. Airport utility recognizes it when I reset it, but when I go thru the configuring process with Airport Utility, AX always fails on the last step, saying it could not join the network after it restarted.
  Does this make any sense to anyone?

  Henry,
  Thank you for explaining Duane's approach. Immensely helpful! And, of course, in retrospect, makes complete sense. I'm sure there is a kb article on this somewhere....... ?
  Which brings me to something in your post:
  "do a hard reset of the Airport Express and use the Airport Setup Assistant to reconfigure it from scratch"
  Am I missing something here because after installing Leopard, Airport Utility is the only Airport app I have in my Utilities Folder? I do remember Airport Setup Assistant being part of Tiger (but that disappeared as did the functionality of several other Airport apps (Airport Admin, etc.) after upgrading to Leopard.
  So, IS there an equivalent in Leopard of the Airport Setup Assistant? Or do I use the Network app in Sys Prefs to Join an already existing network (going the route of a hard reset of AX)?
  Usually, David Pogue's MM book on OS X is helpful in filling in the gaps, but his new Leopard book seems a bit sketchy this time on setting up a wireless network. I think this subject (setting up a wireless network, etc.) could almost get a MM of it's own!
  If I may, can I address a related issue? Previously, in setting up the AEBS and AX to work together you do end up with what LOOKS like TWO networks (both have their own Apple network numbers and letters) even though they are working in tandem as 1 network, right?
  I bought the AX to extend the range of my network because it seemed the signal from the AEBS was not quite strong enough. I set it up to be a "remote" to the AEBS's "main." I also use the AX to stream iTunes to my living room's sound system.
  Again, many thanks for your help.
  Message was edited by: WildBill