Sharepoint URLs redirect to wrong AAM with WAP/ADFS

Similar Messages

• Opening a document from a SharePoint URL

  Using the SDK's instructions on how to open a file, I cannot find the right way to open a file from a SharePoint URL
  I understand it relates to the ASFileSys, and I thought ASGetDefaultFileSysForPath would give me the right type, but I cannot figure the right combination of pathType to get the right ASFileSys.
  Whatever I try, I get the below error
  Code below:
  ASAtom pathType = ASAtomFromString("CString");
  ASText titleText = ASTextNew();
  ASTextSetPDText(titleText, "This PDF was opened by using the Acrobat SDK");
  ASFileSys fileSys = ASGetDefaultFileSysForPath(pathType, sharePointUrl);
  ASPathName pathName = ASFileSysCreatePathName(fileSys, pathType, sharePointUrl, NULL);
  AVDoc myDoc = AVDocOpenFromFile(pathName, fileSys, titleText);
  Anyone able to give me a push in the right direction?

  Are you able to open a sharepoint URL at all (i.e. with the UI, somehow)? If so, you may be able to write some test code in a plugin that looks up the code for the relevant ASFileSys. I have a feeling that ASGetDefaultFileSysForPath serves a very special and limited purpose.

• WLC url-redirect

  Using FreeRadius to do Mac authentication Bypass with External URL redirect.  I have confirmed that I'm sending cisco AV-pair for url-redirect, and the WLC shows the client having that url applied(along with the url-redirect-acl that I've applied)
  My issue, the URL presented to the client doesn't have the action_URL appended when I apply it via 802.1x.  If I change the SSID and force external webauth I get a good URL to the client(generally http://<SITE>?action_URL=http://1.1.1.1/login.html or something similar).  How can I use url-redirect to force authentication with the proper action_URL appended?
  WLC 5508 with 7.2 code
  FreeRadius running on CentOS

  Hello Jeremy,
  As per your query i can suggest you the following solution-
  Configure WLC Splash Page Redirect with the information to configure the features described.
  Complete these steps in order to configure the devices to use the splash page redirect feature:
  1.Configure the WLC for RADIUS authentication through the Cisco Secure ACS server.
  2.Configure the WLANs for the Admin and Operations departments.
  3.Configure the Cisco Secure ACS to support the splash page redirect feature.
  For more reference refer to the link-
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080956185.shtml#conf
  Hope this will help you.

• Issues getting url-redirect working with Cisco ISE

  Hi,
  I am currently doing a Proof of Concept using Cisco's new ISE product. I am having issues getting the url-redirect raidus attribute working. I have read the troubleshooting document and everything in it points to it should be working. By debuging the radius information on the switch I can see that its passing the url-redirect to the switch  which in my case is was https://DEVLABISE01.devlab.local:8443/guestportal/gateway?sessionId=0A00020A0000001604D3F5BE&action=cwa. Now to remove DNS issues etc from the equasion if I copy and paste this URL into the client browser it takes me to the correct place, and I can login and it changes VLAN's accordingly. Now as far as I know the client should automatticaly be redirected to this URL which is not working. Below I have included one of the debugs to show that the epm is in place.
  DEVLABSW01#show epm session ip 10.0.1.104
      Admission feature:  DOT1X
                ACS ACL:  xACSACLx-IP-PRE-POSTURE-ACL-4de86e6c
       URL Redirect ACL:  ACL-WEBAUTH-REDIRECT
           URL Redirect:  https://DEVLABISE01.devlab.local:8443/guestportal/gateway?sessionId=0A00020A0000001604D3F5BE&action=cwa
  I have also attached my switch config. Any help would be greatly appreciated.
  Dan

  So im also doing ISE for the first time and i knew it may have been a bit tough however i didnt forsee my following issue.
  everything is working as expected other than every now and then (intermittent) the ISE Central Portal does not display on any device -android, windows, etc..... i checked and checked the configs, had probably about 10 TAC cases open..... this weekend i ripped out the main components, setup in the offfice and tried to replicate the issue....i could...what i noticed is that without Internet the ISE Portal didnt actually display....it sounds weird but thats what im seeing.....As soon as i plug into Internet Link into the equation, the portal page comes up.....im able to replicate it every time... Currently, i placed back into the customer network and im now looking down at the routing/firewall......
  my issue is that i cant really explain why the Internet affects the Central Auth Page.... In any event. im working backwards, tomorrow im bringing in a second link and doing NAT on a cisco router to bypass the checkpoint firewall....ill know if its checkpoint or if im barking up the wrong tree....
  if anyone can explain why, it would help out a great deal..
  My setup BTW is
  1. WLC 5760 - Not latest code but latest stable (recommended by the TAC Engineer)
  2. ISE 1.2 - Doing simple Wireless only implementation
  3. 3650 - Just acting like a switch - no ACLs etc - just a switch
  4. Integrated into AD
  Ill post back with any findings if i make any headway - BTW, i didnt like this at all as other solutions are so much simpler, BUT, i can now see how powerful this could potentially be for the right type of customer...
  thanks again how i can get some feedback

• Need help with URL Redirect in Sun Web Server 7 u5

  All I am trying to do is redirect to a static URL and for the life of me I can not get it to behave the way I would expect. I am new to Sun Web Server so I am just trying to use the Admin Console to set this up.
  Here is what I'm trying to do:
  Redirect from - http://www.oldsite.com/store/store.html?store_id=2154
  To - http://www.newsite.com/Stores/StoreFront.aspx?StoreId=2154
  Here's what I tried in the console.
  Added a new URL Redirect
  Set the Source to be Condition and set it to: '^/store_id=2154$' (quotes included)
  Then set the Target to: http://www.newsite.com/Stores/StoreFront.aspx?StoreId=2154
  Then for the URL Type I checked Fixed URL
  When I tested with: http://www.oldsite.com/store/store.html?store_id=2154 it did redirect as desired
  BUT
  When I tested with: "http://www.oldsite.com/store/store.html?store_id=5555" it too got redirected to the Target and I can't figure out how this second URL can satisfy the condition to get redirected.
  Any help is most appreciated.

  thanks for choosing sun web server 7
  it is simpler if you just edit the configuration files manually
  cd <ws7-install-root>/https-<hostname>/config/
  edit obj.conf or <hostname>-obj.conf (if there is one for you depending on your configuration so that it look something like)
  <Object name="default">
  AuthTrans..
  #add the folllowing line here
  <If defined $query>
  <If $urlhost =~ "/oldsite.com" and
  $uri =~ "/store/store.html" and
  $query =~ "store_id=2154" >
  NameTrans fn="redirect" from="/" http://www.newsite.com/Stores/StoreFront.aspx?StoreId=2154
  </If>
  </If>
  ..rest of the existing obj.conf. continues
  NameTrans...
  now, you can either do <ws7-install-root>/https-<hostname>/bin/reconfig -> to reload your configuration without any server downtime or <ws7-install-root>/https-<hostname>/bin/restart -> to restart the server
  if it did work out for your, you will need to run the following so that admin server is aware of what you just did
  <ws7-install-root>/bin/wadm pull-config user=admin config=<hostname> <hostname.domainname>
  hope this helps

• Does using self-signed cert. on ISE server has anthing to do with url redirect being not working

  Hi,
  I am setting up wired ISE environment. Everything is going fine, except url redirect is not working.
  I just wondering, if using self-signed certificate on ISE server has anothing to do with the problem ?.
  Appreciate your input.
  Thanks

  Hi,
  As long as you have not changed the hostname or the domain name (and dns is accurate). You should only receive the certificate warning but still get redirected without any issues.
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• Region Buttons with Optional URL redirect?

  Hi there,
  Is there anyway to have a button that is created using
  "Create a button displayed among this region's items"
  but that also can have an Optional URL redirect?
  Why is this option not available for these types of buttons?
  Thanks in advance!

  Hello but that also can have an Optional URL redirect?Why is this option not available for these types of buttons? That's just how it is. The action taken by a button of the kind that is shown amongst the region's items is not usefully configurable. What I generally do when I need a button to align with a page item is to simply stick some HTML into the 'Post Element Text' of the item after which I need a button to show up. Something along the lines of <input type=button value='Redirect' onClick=doRedirect()>
  varad

• Working with url redirects

  I have a html region with the following code:
  <html>
  <head>
  <title>Report</title>
  </head>
  <SCRIPT language="JavaScript1.2">
  function items()
  $s=('BINDTEST1');
  function popon(url)
  window.open (url, "EasyReportWriter",
  "location=1,status=1,scrollbars=1,width=1000,height=700, resizable");
  </SCRIPT>
  I have a text box item "BINDTEST" that has html element set to:
  onchange="items();"
  I have a button with a url redirect of:
  javascript:popon('http://test/' + items());
  When I click on the button, popup window opens with test url but bindtest1 variable is not appended. What am I missing?
  Thanks,
  Brett
  Edited by: 794218 on Sep 12, 2010 8:20 AM

  This worked perfectly!
  Thanks. One question, what Oracle documentation contains the details such as: document.getElementById
  for one to reference? I thought I used to see a Apex developer manual in previous releases and no longer see it with the recent releases. Please clue me in on what Oracle manual/documentation exists for such programming details.
  Thanks,
  Brett

• Can URL redirects be configured with XE and what is the HTTP Server

  I would like to be able to URL redirects. I'm running XE with Application Express 2.1.0.00.39.
  I want to be able to have a URL like www.schoolwebsite.com and when the user hits it - have it redirect to the Apex page for the application. I was thinking that I needed to use a redirect in the HTTP config file, and that XE used Oracle_HTTP and I could configure in that manner.
  But, I can't find an Apache directory.
  1. What HTTP server is used with XE and Application Express 2.1.0.00.39?
  2. Can I configure for this type of redirect?
  3. Do I need to install an HTTP server to accomplish this?
  Thanks,
  Stephen

  Hi Steven,
  search for "proxy" in this forum.
  It explains how to configure a plain Apache http server as a proxy to XE. Then you can use the default mechanisms to rewrite an url.
  Here is an example (save the file as XE.conf and store it in the Apache conf directory (file httpd.conf is there).
  The following instructions are valid for Apache2.
  # Activate the following modules in httpd.conf:
  #LoadModule proxy_module modules/mod_proxy.so
  #LoadModule proxy_connect_module modules/mod_proxy_connect.so
  #LoadModule proxy_http_module modules/mod_proxy_http.so
  #LoadModule rewrite_module modules/mod_rewrite.so
  #LoadModule headers_module modules/mod_headers.so
  # include the XE configuration (this file XE.conf) in httpd.conf:
  #include "conf/XE.conf"
  # XE listener is buggy, thus downgrade to http 1.0
  SetEnv force-proxy-request-1.0 1
  RewriteEngine On
  RewriteLog "D:\Programme\Apache Group\Apache2\logs\rewrite.log"
  RewriteLogLevel 0
  ## Rewrite requests /apex, /i, /public, /sys to locally installed XE
  RewriteCond %{REQUEST_URI} /(([^/]+)(/.*)*)$
  RewriteCond %2 =apex [OR]
  RewriteCond %2 =i [OR]
  RewriteCond %2 =public [OR]
  RewriteCond %2 =sys
  RewriteRule ^/(.*) http://%{SERVER_NAME}:8080/%1 [P]
  ## Rewrite main page
    RewriteEngine On
    RewriteRule ^/$       http://%{SERVER_NAME}/apex/f?p=107:1 [R]
    RewriteRule ^/index.html$       http://%{SERVER_NAME}/apex/f?p=107:1 [R]
  ## Rewrite /app1
    RewriteRule ^/app1$      http://%{SERVER_NAME}/apex/f?p=107:1:0 [R=303]Regards,
  ~Dietmar.
  Edited by: Dietmar Aust on Oct 14, 2008 1:16 AM

• How to do auto URL redirect in sun web server ?

  Hi, i need to do auto url redirect in my sun web server. Currently i'm setup some rules for the reverse proxy in obj.conf file and the syntax looks like:
  <Object name="reverse-proxy-/test">
  <If $internal and $uri =~ "index.html">
  NameTrans fn="redirect" from="/" uri="/examples/abc.html"
  </If>
  Route fn="set-origin-server" server="http://localhost:8989"
  </Object>
  The situation is:
  1) When users browse "*http://localhost/examples/abc.html*" it will redirect to abc.html
  2) When users browse "*http://localhost/test*" it will redirect to the localhost admin GUI (http://localhost:8989/admingui/admingui/serverTaskGeneral)
  My desire output should be whenever users browse the "*http://localhost/test*" , it will redirect to abc.html page.
  the syntax might be wrong. So, anyone knows how to fix this? I'm keep trying but nothing worked. Please help me.

  Moderator action: Moved from Servers General Discussion.
  db

• Is there a way to create a popup to a page in URL Redirect ?

  I have a button (also with a report link column) that is doing a URL Redirect to another page in my app. This works fine.
  However, some pages I branch to are small forms and a popup of that form would be more appropriate.
  Is there any way to create a URL Redirect that redirects as a popup rather than a page navigation? Similarly, can you branch to a popup page with a report link column?
  Thanks,
  Reid
  Edited by: reidster on Jul 30, 2009 7:10 PM

  With your help, I was able to create a popup on a report link column using this:
  I just added an "a href" around it.
  Thanks again!
  Edited by: reidster on Jul 30, 2009 10:18 PM
  Edited by: reidster on Jul 30, 2009 10:18 PM

• Set item value at other page via URL-redirect

  Hi, I have a button and I want to open a new window with it using an url-target.
  </br>
  </br>
  javascript:window.open ('f?p=&APP_ID.:143:&SESSION.::NO:143:P143_KDT_ID,P143_MESSAGE:&P140_KDT_ID.,&P140_MESSAGE.') </br>
  </br>
  When I use branching I get an error that there is no page to branch to. I don't understand why. As a workaround I use an url-redirect when the button is pressed, but I'm stuck on getting the current item value into the target page. I tried using $v('P140_MESSAGE') but I can't get the url valid.

  Jacob,
  The problem was that when the HTML for the button is rendered, the value of P1_ITEM from session state was "glued in" to the generated URL at that time. If you then entered a value for the iterm, even though your onChange AJAX technique changed the value in session state it was too late to change the already generated HTML for the button, specifically the URL target for the button.
  I created a Set Item2 button on your page with this for the URL attribute:
  javascript:window.open('f?p=&APP_ID.:2:&SESSION.::NO::P2_ITEM:' + document.getElementById('P1_ITEM').value);
  Let me know if that does what you need.
  There is another problem and I don't know the cause. When you click the button, it opens the new window properly but leaves the original page in an error state of some kind. I could not reproduce this in my application using the same js, so I'll be interested in how you solve that.
  Scott

• URL redirection config in PI SOAP receiver communication channel

  Hi,
  I am working on a similar scenario where I my consuming an external web service using https protocol from PI.
  I have configured a soap receiver channel to call the target url of this web service as https://portal.xyz.org.uk/webservice_alt.
  I am getting an error HTTP 302 suggesting that PI is not able to follow the re-direction to the target URL as the service resides not on that URL but on https://portal1.xyz.org.uk/webservice_alt or https://portal2.xyz.org.uk/webservice_alt.
  This is their server fail over handling mechanism which is very common. But PI 7.0 is not able to handle this.
  So if I change the target URL on the SOAP receiver channel to  https://portal1.xyz.org.uk/web service  or  https://portal2.xyz.org.uk/webservice_alt , PI works fine without errors . But this is not the right approach because, every time the web service provider takes one of these systems down for upgrade/patching etc, they inform us and then I manually go and change the target URL to the available server on my production PI system config.
  My problem is I want to resolve this redirection error in PI. I have tried raising a call with SAP itself and they pointed out to use Axis adapter which is still not working.
  So I am here asking for help. any suggestions please from the experts?
  Thanks
  Jhansi.

  Hi guys,
  I am sorry if I have not been clear so far!!
  What I am talking about is a URL redirection capability of PI. what i mean is , when you call any service in general using a browser/soap ui etc, it pings that url and follows the redirection.
  For example when i try to test this external web service directly using soap ui tool, it also returns HTTP 302 error. But when I set the 'Follow redirect' property to 'true' , it follows the redirection and calls the service on 'portal1' or 'portal2' .
  You assume PI is a test tool like SOAPUI. When the address or URL changed in WSDL and if you load the latest WSDL in soapUI it post the request to the latest URL. YOu import WSDL only in ESR not in IR. Dont forget it. Though WSDL has soap address location, it will not impact the wsdl changes directly in ID.
  It makes no sense to complain regarding the behaviour of PI when the reason for the problem is outside (WS provider).
  please note that the target url is fixed which is  https://portal.xyz.org.uk/webservice_alt.
  so we are not talking here about the service provider altering the service and sending us new wsdl's etc.
  All users of this webservice have been non-sap users so far and consumers use java, .net etc platforms and are easily able to handle the redirection.because this redirection is a part of failover mechanism.
  I hope i am able to picture my problem.
  thanks
  Jhansi.

• ISE url-redirect CWA to Gig1

  Hello,
  say I want to have five ISE 1.3 nodes behind load balancer, I want only only G0 behind LB, and G1 interfaces will be dedicated for certain things. Specifically I want to use G1 interface for Redirected Web Portal access (could be CWA, device registration, NSP, etc). RADIUS auth will happen through LB on G0 of some specific PSN, and that PSN will url-redirect user to the CWA URL.
  How do I tell ISE to use specifically Gig1's IP address or Gig2's IP address? When I check result authorization profile, there is no option there, it's just ip:port. Obviously, that's not the right place, because which PSN is used to processed the policy is unpredictable.
  So then I go to guest portal, and specifically Self-Registered Guest Portal that I'm using. So here I see Gig0, Gig1, Gig2, and Gig3 listed. My guess is that if I only leave Gig1 selected then I will achieve my goal, is that correct?
  But then, why does it let me choose multiple interfaces, what happens if I select all of them?
  Am I missing another spot in ISE admin where I can control this?
  Additional question. I know that in ISE 1.2 you could configure "ip host" in ISE's CLI, which would force URL-redirect response to be translated to FQDN:port. Is that still the right method in ISE 1.3?
  Thanks!

  Take a look at the following document:
  http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/installation_guide/b_ise_InstallationGuide13.pdf
  Towards the end of the document you will find a section called: "Cisco ISE Infrastructure" and there you will see the following:
  • Cisco ISE management is restricted to Gigabit Ethernet 0.
  • RADIUS listens on all network interface cards (NICs).
  • All NICs can be configured with IP addresses.
  So, you can take an interface, give it an IP address and then assign it to the web portal that you are working with. 
  I hope this helps!
  Thank you for rating helpful posts!

• ISE & Switch URL redirect not working

  Dear team,
  I'm setting up Guest portal for Wired user. Everything seems to be okay, the PC is get MAB authz success, ISE push URL redirect to switch. The only problem is when I open browser, it is not redirected.
  Here is some output from my 3560C:
  Cisco IOS Software, C3560C Software (C3560c405-UNIVERSALK9-M), Version 12.2(55)EX3
  SW3560C-LAB#sh auth sess int f0/3
              Interface:  FastEthernet0/3
            MAC Address:  f0de.f180.13b8
             IP Address:  10.0.93.202
              User-Name:  F0-DE-F1-80-13-B8
                 Status:  Authz Success
                 Domain:  DATA
        Security Policy:  Should Secure
        Security Status:  Unsecure
         Oper host mode:  multi-domain
       Oper control dir:  both
          Authorized By:  Authentication Server
             Vlan Group:  N/A
       URL Redirect ACL:  redirect
           URL Redirect:  https://BYODISE.byod.com:8443/guestportal/gateway?sessionId=0A005DF40000000D0010E23A&action=cwa
        Session timeout:  N/A
           Idle timeout:  N/A
      Common Session ID:  0A005DF40000000D0010E23A
        Acct Session ID:  0x00000011
                 Handle:  0xD700000D
  Runnable methods list:
         Method   State
         mab      Authc Success
  SW3560C-LAB#sh epm sess summary
  EPM Session Information
  Total sessions seen so far : 10
  Total active sessions      : 1
  Interface            IP Address   MAC Address       Audit Session Id:
  FastEthernet0/3       10.0.93.202  f0de.f180.13b8    0A005DF40000000D0010E23A
  Could you please help to explore the problem? Thank you very much.

  With switch IOS version later than 15.0 the default interface ACL is not required. For url redirection the dACL is not required as this ACL is part of traffic restrict for "guest" users.
  In my experiece some users can not get the redirect correctly because anti-spoof ACL on management Vlan or stateful firewall blocks the TCP syn ack.
  It is rare in campus network access layer switches have user SVI configured so the redirect traffic has to be sent from the netman SVI, but trickly the TCP SYN ACK from the HTTP server will be sent back from the netman Vlan without source IP changed. (The switch is spoofing the source IP in my understanding with changing only the MAC address of the packet). In most of the cases there should be a basic ACL resides on the netman SVI on the first hop router, where the TCP SYN ACK may be dropped by the ACL.
  tips:
  1. "debug epm redirect" can make sure your traffic matches the redirect url and will get intercepted by the switch
  2. It will be an ACL or firewall issue if you can see epm is redirecting your http request but can not see the SYN ACK from the requested server.
  Which can win the race: increasing bandwidth with new technologies VS QoS?