Simple Authentication and Security Layer

Similar Messages

• Simple authentication and authorization with a servlet and a filter

  Could somebody point me to code example that do simple authentication/authorization using one servlet and one filter? (without Spring, Struts, JSF or any framework)
  I’m having a lot of problems with that, apparently, easy task.
  These are the rules:
  - A simple login page
  - Two roles (admin, registered).
  - If the user loged is an admin, redirect to his entry page (private/admin/index.jsp).
  - If the user loged is of role registered, redirect him to his entry page (private/registered/index.jsp).
  - If it’s not a valid user, redirect again to login page.
  - Admin’s users cannot go to private/registered/ area.
  - Registered users cannot go to private/admin/ area.
  - Non authenticated user cannot go to private/ area
  Thanks a lot in advance!
  Edited by: JLuis on 25-ago-2010 15:27

  AccessControl.java:
  package com.tlsformacion.security;
  import java.io.IOException;
  import javax.servlet.RequestDispatcher;
  import javax.servlet.ServletConfig;
  import javax.servlet.ServletException;
  import javax.servlet.http.HttpServlet;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import com.tlsformacion.utils.Log;
  public final class AccessControl extends HttpServlet {
       private static final long serialVersionUID = 5741058615983779764L;
       private static final String USERNAME_ATTR = "username";
       private static final String PWD_ATTR = "password";
       private static final String LOGIN_PAGE_ATTR = "login_page";
       private static final String ROL_ATTR = "role";     
       private boolean isAuthentic = false;
       private String role = null;
       private String loginPage = null;
       public AccessControl() {
          super();
       public void init(ServletConfig config) throws ServletException {
            loginPage = config.getInitParameter(LOGIN_PAGE_ATTR);
       protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doGet");
            doAccessControl(request, response);
       protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doPost");
            doAccessControl(request, response);
       private void doAccessControl (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doAccessControl");
            doAuthentication(request, response);     
            if (isAuthentic) { //Authentic user
                 doAuthorization(request, response);                         
            } else { //User NOT authentic
                 doRejection(request, response);
       private void doAuthentication(HttpServletRequest request, HttpServletResponse response) {     
            debug("Inside doAuthentication");                         
          String requestedURI = request.getRequestURI();
          if (requestedURI.contains("/AccessControl")) { //Comes from login page           
               debug("Comes from login page");
                String username = request.getParameter(USERNAME_ATTR);
              String pwd = request.getParameter(PWD_ATTR);   
               role = getRole(username, pwd);
               if (role != null) {
                    isAuthentic = true;
                    request.getSession().setAttribute(ROL_ATTR, role);
          } else { //Doesn't comes from login page
               debug("Doesn't comes from login page");
               if (isInSession(request)) {
                    debug("Rol is in session");               
                    isAuthentic = true;
               } else {
                    debug("Rol is NOT in session");
       private void doAuthorization(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {          
            debug("Inside doAuthorization");
            String requestedURI = request.getRequestURI();
            debug("requestedURI: " + requestedURI);
            if (requestedURI.contains("/AccessControl")) { //Comes from login page                                                                 
                 goHomePage(request, response);
            } else if (requestedURI.contains("/private/" + role)) { //Trying to access his private area
                 goRequestedPage(request, response);
            } else { //Trying to access other roles private area
                 goLoginPage(request, response);
      private void doRejection(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {          
           debug("Inside goRejection");
           role = null;
            goLoginPage(request, response);         
       private void goHomePage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goHomePage");     
            String homePage = "private/" + role + "/index.jsp";
            goPage(request, response, homePage);
       private void goLoginPage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goLoginPage");
            goPage(request, response, loginPage);
       private void goRequestedPage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goRequestedPage");
            String contextPath = request.getContextPath();          
            debug("contextPath: " + contextPath);
            String requestedPage = request.getRequestURI().replace(contextPath + "/", "");
            goPage(request, response, requestedPage);
       private void goPage(HttpServletRequest request, HttpServletResponse response, String page) throws IOException, ServletException {
            debug("Inside goPage ...trying to go to: " + page);
            //Option A
            response.sendRedirect(page);
            //Option B
            //RequestDispatcher requestDispatcher = request.getRequestDispatcher(page);
            //requestDispatcher.forward(request, response);                  
       private boolean isInSession(HttpServletRequest httpRequest) {
           boolean inSession = false;
            role = (String)httpRequest.getSession().getAttribute(ROL_ATTR);
            if (role != null && !role.equals("")) {
                 inSession = true;
           return inSession;
      //PENDIENTE: mock method!
      private String getRole(String username, String pwd) {         
           String role = null;
           if (username.equals("admin") && pwd.equals("admin")) {
                role = "administrator";
           } else if (username.equals("regis") && pwd.equals("regis")) {
                role = "registered";
           return role;
      private void debug(String msg) {
           Log.debug(msg);
  }Proyect Folder Structure:
  WebContent
       login.html
       private
            administrator
                 index.jsp
            registered
                 index.jspBasically, the problem is that if you try to log as admin/admin (for example) the servlet AccessControl executes infinitely
  Edited by: JLuis on 26-ago-2010 8:04

• 802.1x multipoint authenticator and security issue

  Hi everybody
  Let say we have following set up:
  host1
  host2   ) ----------------hub------ f1/0-switch( authenticator)-------------------------Radius server.
  host3
  The switch is configured as follows.
  Switch(config)#interface FastEthernet 1/0
  Switch(config-if)#dot1x port-control auto
  Switch(config-if)#dot1x host-mode multi-host
  Let  say only host1 has valid credentials and the rest hosts i.e h2,h3 are  rogue hosts.  host1 sends authentication request and successfully  authenticated and switch transition its port to an authorized state.  But does it not mean  the other hosts h2 and h3 which were not  authenticated but yet are able to access network ?
  thanks and have a great weekend.

  This board is more for Wireless Security not LAN. but I would think it's because you are connecting through a hub instead of a switch. Hubs share the data, so when the switch gets the auth for the valid client it turns that port as it should.
  Now an invalid client connects and because the port is already thinking the client is valid, it passes all the traffic.
  Make sense?
  Steve
  Sent from Cisco Technical Support iPhone App

• OSB: The different between transportation layer and security layer

  Dear All,
  Do you have any idea for compare about security on service bus between transportation layer and message layer?
  Which one is better? And do you have any factor to consider which one I should use?
  Best REgards,

  If you are working with OSB 11g, please refer -
  http://download.oracle.com/docs/cd/E17904_01/doc.1111/e15866/part_sg.htm#sthref1029
  Ofcourse you would like to have both of them if you want a healthy system. If your OSB services are internet facing then it is a sensible decision to have both transport (a bare minimum) & message security. If your services are exposed to a LAN/WAN then you may have either or both of them. Remember, securitiy processing is always an overhaed to the performance so should be used as and when required only.
  Regards,
  Anuj

• Oracle externally-authenticated and security

  Hi,
  I work on security project and i want to know if create an externally user is good in a security context.
  Thanks

  External authentication comes in the category of the security loophole since anyone who can access the system , can come in the system. That said, you should check Pete Finnigan's notes about security and also check his website, www.petefinnigan.com .
  HTH
  Aman....

• Simple Public and Private Security Authentication Authorisation

  Simple question:
  I have an application with public access (No Authentication)
  I want to Authenticate just one administration page with a logon screen. What do I need to do?
  Do I use Page Authentication or Page Authorization on the restricted page?
  Please spell out the steps in clear detail.
  Also what is the difference between Application Authentication and Application level Authorization. They seem identical in function to me.
  regards
  Paul P

  Paul - Building on what Jos said, you might have an application that used SSO for authentication and for which you wanted to block access to certain classes of users during certain time periods. For this, an application-level authorization scheme could be useful, checking the authenticated user's organizational role/job code and the other criteria dictating the application availability.
  For your case, I recommend that you make the application use an authentication scheme that is suitable for controlling access to the admin page(s) and then set the Security (Authentication) attribute of every other page to 'Page Is Public'.
  Scott

• Simple Plug and Play Secure Wireless?

  I am trying to setup a simple way to have wireless users on our network be able to connect to our access points, authenticate to our ACS Server (Cisco Hardware ACS applicance) but without having to go through special configurations on the client. This needs to be secure too and not easily broken. We are using Cisco 1200 and 1300 802.11G AP's and the clients vary from having integrated wireless NIC's to running Cisco Wireless cards, to running other branded cards. We are currently using PEAP, but it is time consuming to configure and sometimes confusing to the users. I was thinking of switching to open authentication on a isolated subnet and using a Cisco BBSM (Building Broadband Service Manager) to securely connect to our network, but Cisco just made this device end of sale, end of life, so I'm hesitant to go this route. WPA/WPA2 or some of the other PEAP/EAP/LEAP are configuration intensive too. Any suggestions? Does cisco have anything to replace the BBSM? What about PPOE? Would this be an alternative? Can I use a router or firewall to terminate these connections or would I need a specialized server or other device? I really need a simple way to securly connect end users to our wireless network without any undue configuration on their end.

  Probably the easiest would be to keep the wireless communications open, and use a VPN concentrator running to an SSL VPN client on the laptops/pcs.
  All they'd have to do is aim their browser that the VPN gateway, and allow the SSL client to be downstreamed to their computer.
  Beyond that, use your BBSM proxy or provide user auth at the VPN concentrator.
  Leave the SSID in broadcast mode ("guest").
  With this system, most clients can find the wireless system (SSID broadcast), the encryption via the SSL VPN is very strong, and there'd be no real configuration for the clients. Just aim the browesr at the VPN gateway/concentrator and enter the username and password.
  Also, make sure you enable "Public Secure Packet Forwarding" (PSPF) to prevent one client from attacking other clients on te wireless LAN.
  Users that use the system on a regular basis could get / use certificates for authentication. If they're on the system a lot, then the minor grief of setup would be worth it.
  The SSL client uses Java, I believe, so it should be fairly universal (i.e., not platform specific). I haven't tried te SSL client n any system other than MS Windows so I can't really comment on *nix or Mac.
  The SSL gate ( 3000 series) that we use for our Lab access seems to work pretty well.
  Good Luck
  Scott

• Simple Authentication with SMP 10.1 and FMS 3.5

  Good day all,
  I am looking to add simple authentication to the SMP player for use with FMS 3.5. I recently came across a technical paper published by Adobe titled, "Video content protection measures enabled by Adobe Flash Media Interactive Server 3.5". Within this document are three examples of user authentication with code samples. I am starting with the "simple" client verification using a unique token authentication key method first.
  I've noticed that SMP doesn't have any FMS security mechanisms built-in at least that I've been able to identify in the documentation or feature specs. Did I miss something? I am looking for assistance in getting started with adding this feature to SMP. So my question is where could I add the client side Actionscript within the SMP structure?
  I'd very much like to hear about others' experiences with adding security mechanisms to SMP used with FMS.
  Thank you.

  Andrian - Thank you for the quick reply. I'm gald SMP has support for the playback of protected content. Is there more documentation than this demo on this topic?
  I'll explain what I'm doing. I am implementing SMP as the default video player application used in online courses at the Savannah College of Art and Design. Identifying the player and implementing its use in our production workflow is the first step in a strategy to deliver a better video experience and leverage the scalibility and flexibility of SMP. On the back end integration with our FMS I have been asked to implement some user authentication. We don't need to re-auth the students as they have already been authenticated through our LMS. What is desired is each player instance authenticates with our server to prevent stream ripping.
  The simple user token authentication key example from the linked document seems to best suit this intial need.

• DS 5.2: Plugin to force SSL/TLS and simple authentication available!

  Hi,
  for privacy and security reasons I had to enforce TLS for simple authentication
  in my organisation on all client connections to our directory servers.
  As it turned out in thread
  http://forum.java.sun.com/thread.jspa?threadID=5239916
  there is no easy possibility to do this. Even though there seems to be a
  way by using the directory proxy server (looks very complicated), described
  in thread
  http://forum.java.sun.com/thread.jspa?threadID=5240537,
  I finally decided to write a plugin. To let you know what the plug-in does
  exactly I paste the description here in:
  DESCRIPTION
  The plug-in checks every client connection if it is encrypted or not.
  If the connection is encrypted, it accepts the connection.
  If not, it rejects the connection.
  It is possible to configure the plug-in to accept unencrypted
  connections from certain IPs. With this feature enabled, you may
  allow unencrypted connections from 127.0.0.1 or similar.
  Additionally, this feature helps you to deploy the plug-in in
  a production environment.
  Another configuration option allows a dry-run of the plug-in.
  This means, that the plug-in only logs (in the error log), but accepts
  unsecured connections.
  The configuration of the plug-in may be stored in an arbitrary DN of
  your DIT. This way you are allowed to change the configuration
  parameters without restarting the directory server.
  By replicating the configuration entry you may enable and disable
  the dry-run mode for all your replicas by one click. Adding IPs,
  from where clients are allowed to connect unencrypted is also
  configurable for all replicas at once.
  END OF DESCRIPTION
  In the source code there are also detailed installation instructions
  and a configurable Makefile is also provided.
  I brute-force tested the plugin and it causes no memory leaks or similar issues.
  Now I want to publish the code, since I am sure, that other people may need it to!
  Unfortunately there is no public code repository or similar for directory server
  plugins. So if anyone is interested in the plugin, I will put the source code online.
  best regards
  Harald Strack

  Hi Harald:
  I'm interested in looking at the code of your plugin. Could you please share the source code to us.
  Thanks-

• Do I need and how to secure the Unix/Linux agents authentication and communication to RMS?

  Hi everybody
  We have an environment including SCOM 2012 SP1, 10 windows server, 40 linux servers and 10 HP-UX servers. all of them are joined a trusted domain. I know the authentication method between windows agents and management server is kerberos. but not for linux and
  HP-UX servers.
  Now I want to secure the Unix/Linux agents authentication and communication to RMS. some questions:
  1- how much secure and credible is current authentication method? and in a high secure environment can I trust SCOM self signed Certificates?
  2- Considering this point that Unix/linux computers are joined to active directory domain and are using Kerberos to authenticate, can I use this
  authentication method between RMS and linux Agents? 
  3- if I make a decision to use certificates should I use gateway server? (considering all servers and RMS are in same trusted domain)
  any other suggestion?
  Thanks in advance

  nothing?

• What's the difference between "login block-for X attempts X within X" and "security authentication failure rate X"?

  What's the difference between, just for example, "login block-for 100 attempts 15 within 100" and "security authentication failure rate 3"?
  Please ignore the numbers, I need to know what the differences are in commands and what they do, what they affect.

  security authentication failure rate number_of_failed_attempts : A global configuration mode command used to specify the maximum number of failed attempts (in the range of 2 to 1024) before introducing a 15-second delay
  login block-for 100 attempts 15 within 100 : Block all access after 15 failed login attempts within 100 Secs for the period of 100Secounds (1.40 Minutes).
  The Cisco IOS Login Enhancements (Login Block) feature allows users to enhance the security of a router by configuring options to automatically block further login attempts when a possible denial-of-service (DoS) attack is detected.
  The login block and login delay options introduced by this feature can be configured for Telnet or SSH virtual connections. By enabling this feature, you can slow down "dictionary attacks" by enforcing a "quiet period" if multiple failed connection attempts are detected, thereby protecting the routing device from a type of denial-of-service attack.

• Simple inquiries regarding keylock and security.

  Hi,
  I recently bought a Nokia phone, I first read the whole manual which comes with the product 3 times and I’m still discovering the phone but I still have few inquiries regarding keylock and security which the showroom didn’t mention.
  To lock the keypad to prevent accidental or unwanted keypresses, I select Menu key then *, while for unlocking, the same step is required along with providing the lockcode which I already set in Menu > Settings > Phone > Security keyguard. Nothing easy then this :robothappy:
  Here are detailed questions as per guidelines.
  A) Question here is: what are the differences between “Menu > Settings > Phone > Security keyguard” and “Menu > Settings > Security > Access codes > Change security code”??
  after reading the manual, I now know that “phone > Security keyguard” is to simply lock the keypad with a security code decided here too, but what about “access codes > Change Security Code”? is it the same as “Security keyguard” (i.e. lock keypad with a code)? are they of any relation to each others?
  In other words: I know when “Security keyguard” is required (lock keypad with a code), but what are the cases when “security code” is required?
  B) in “Security keyguard”, each time (that’s always) when we want to lock the phone (i.e set Security keyguard to ON) we are automatically prompted to set a password to be able to lock the phone (I’m 100% sure of this). So what is code 12345 useful for while we are always prompted to type a password each time we set the keyguard on! I’m afraid it’s not that clear in the manual. In other words When might this 12345 be used?
  Is it used to unlock keypad for example, maybe no! because as I said each time we want to lock the phone with keyguard we’re prompted to set a code.
  oh and how to change 12345 that’s if it’s of any use anyway?
  I’m a newbie in mobile phones’ matters, so bare with my silly questions but I really don’t want to deteriorate the mobile phone now in holidays when careline is out of service.
  ..who wants kudos
  guidelines for Nokia discussion forums are here: http://discussions.europe.nokia.com/discussions/board/message?board.id=guidelines&thread.id=2
  Solved!
  Go to Solution.

  thanks to areef_apu i noticed the relation between “Security keyguard” and “Change security code” you said that the “Security code”12345 is used for “Keyguard security”!! wow that’s right. I got this wrong in my question since while I was learning about and activating“Security keyguard” it seems that I was accidentally using the code 12345 without any intention, which made me confused thinking that “security keyguard” code is decided at the same time while setting “security keyguard” while I didn’t know that I was actually telling it the already set security code and not typing a new one here!
  So “Menu > Settings > Phone > Security keyguard” is really related to “Menu > Settings > Security > Access codes > Change security code”. Simply said, for keypad lock, the screen asking us to type a code while activating the “Security keyguard” is Not asking us to decide a New code but it’s actually asking us the code already set in “Access codes > Change security code”. that’s the relation.
  Thanks so much to both cjlim and areef_apu +1 Kudos point each this now makes sense for other newbies reading this since I’m newbie myself.
  ..who wants kudos
  guidelines for Nokia discussion forums are here: http://discussions.europe.nokia.com/discussions/board/message?board.id=guidelines&thread.id=2

• Problems with re authentications in a wireless with WLC working with web authentication and a radius server

  Hi everyone, im having problems in a wireless network, the SSID has security layer 2 WPA, layer 3 web authentication (internal default page), and external RADIUS.
  When a client makes a roaming from one AP to another one or when he has a idle time, he needs to re authenticate in the web login page. Somebody knows a solution to avoid this behavior?. Or somebody has a troubleshooting way to determine why the clients have this problems??

  A few things I can share that might help .. Your actually feet on the ground will be importnat to see this issue for yourself.
  I know when a client or if the AP sends a DEAUTH frame the client will need to reestablish its connection and it will 100% of the time require a new web auth. If a client loses connection while roaming and a DEAUTH is sent on either side you will get the page. If youre client isnt romaing cleanly this can be a problem.
  Another problem is your using EAP. Are you using CCK or a device that supports OKC. What does your radius server say when a client roams ?
  You could also simply your config and then reapply your security and see where it breaks. By this I mean. For testing, create a SSID turn off security and leave layer 3 web auth on. Roam and see what happens. If it works, then start to apply the security and see where it breaks.
  "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
  ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

• JAXWS EJB3.0 Based WebService Authentication and Authorization - Weblogic

  Hi Experts,
  I need to Create a EJB3.0 WS where this Service has static Authentication and Authorization. How can I achieve it, any pointer.
  TIA

  The below sample is for basic authentication and authorization.
  Web service
  ========
  import javax.ejb.Stateless;
  import javax.ejb.TransactionAttribute;
  import javax.ejb.Remote;
  import javax.jws.WebMethod;
  import javax.jws.WebService;
  import javax.annotation.security.RolesAllowed;
  import javax.ejb.SecurityRoles;
  @Stateless(mappedName="com.slsbBean")
  @Remote( { com.bea.Service.class})
  @WebService(name="TransactionPortType", serviceName="TransactionService",
  targetNamespace="http://example.org")
  public class ServiceBean implements Service {
  @WebMethod()
  @RolesAllowed ( {"Admin","Manager"})
  public void testMethod(String s) {
  System.out.println("inside ejb method");
  System.out.println("username : " + weblogic.security.SubjectUtils.getUserPrincipal(weblogic.security.Security.getCurrentSubject()));
  Client
  ====
  import java.util.Map;
  import javax.xml.ws.BindingProvider;
  public class Test {
  public static void main(String[] args) {
  TransactionService simple = new TransactionService();
  TransactionPortType port = simple.getTransactionPortTypePort();
  BindingProvider bindingProvider = (BindingProvider) port;
  Map<String, Object> reqContext = bindingProvider.getRequestContext();
  reqContext.put(BindingProvider.USERNAME_PROPERTY, "XXXXXX");
  reqContext.put(BindingProvider.PASSWORD_PROPERTY, "XXXXXX");
  port.testMethod("hello");
  Regards,
  Sunil P

• Simple Authentication Problem

  Hi I am using suin direcory server 6.0 with my application. To test my connection I supplied the rootDN, userDN, host, port and password with 'simple' authentication mode but my test fails with following exception on console;
  SunOS-/export/home1/tecapp/TCS/tcserver/directory/INFOBASIC: testLDAP
  com.temenos.tocf.security.TCSecurityException: The authentication mechanism simple not supported by LDAP Server : ldap://hml-newsunt2a:389/uid=myT24,cn=T24,cn=Application,o=temenos,c=ch with user t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch
          at com.temenos.tocf.security.common.LdapUtilities.getDirContext(LdapUtilities.java:447)
          at com.temenos.tocf.security.management.T24User2Directory.connect(T24User2Directory.java:255)
          at com.temenos.tocf.security.management.T24User2Directory.connect(T24User2Directory.java:185)
          at com.temenos.tocf.security.management.T24User2Directory.getSysDNListImpl(T24User2Directory.java:330)
          at com.temenos.tocf.security.management.T24User2Ldap.getSysDNList(T24User2Ldap.java:84)
  ------------- GETSYSDN  -------------------
  Time for call of CALLJ : 4820 [ms]
  20üError connecting LDAP server : The authentication mechanism simple not supported by LDAP Server : ldap://hml-newsunt2a:389/uid=myT24,cn=T24,cn=Application,o=temenos,c=ch with user t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch
  Log File (access) in My LDAP Server recorded following at the same time;_
  [10/Nov/2009:15:35:21 +0000] conn=171 op=-1 msgId=-1 - fd=22 slot=22 LDAP connection from 10.44.5.69:53988 to 10.44.5.69
  [10/Nov/2009:15:35:21 +0000] conn=171 op=0 msgId=1 - BIND dn="" method=128 version=3
  [10/Nov/2009:15:35:21 +0000] conn=171 op=0 msgId=1 - RESULT err=0 tag=97 nentries=0 etime=0 dn=""
  [10/Nov/2009:15:35:21 +0000] conn=171 op=1 msgId=2 - SRCH base="uid=myt24,cn=t24,cn=application,o=temenos,c=ch" scope=0 filter="(obj
  ectClass=*)" attrs="supportedSASLMechanisms"
  [10/Nov/2009:15:35:21 +0000] conn=171 op=1 msgId=2 - RESULT err=0 tag=101 nentries=1 etime=0
  [10/Nov/2009:15:35:21 +0000] conn=171 op=2 msgId=3 - UNBIND
  [10/Nov/2009:15:35:21 +0000] conn=171 op=2 msgId=-1 - closing from 10.44.5.69:53988 - U1 - Connection closed by unbind client -
  [10/Nov/2009:15:35:22 +0000] conn=171 op=-1 msgId=-1 - closed.
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - fd=22 slot=22 LDAP connection from 10.44.5.69:53989 to 10.44.5.69
  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - BIND dn="t24userid=inputter,uid=myT24,cn=T24,cn=Application,o=temenos,c=ch" met
  hod=128 version=3
  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - RESULT err=48 tag=97 nentries=0 etime=0
  [10/Nov/2009:15:35:24 +0000] conn=172 op=1 msgId=0 - RESULT err=80 tag=120 nentries=0 etime=0
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - closing from 10.44.5.69:53989 - A1 - Client aborted connection -
  [10/Nov/2009:15:35:24 +0000] conn=172 op=-1 msgId=-1 - closed.Please help me and suggest a workaround please as I couldn't found any information regrading this on google.
  Thanks
  SJunejo

  [10/Nov/2009:15:35:24 +0000] conn=172 op=0 msgId=1 - RESULT err=48 tag=97 nentries=0 etime=0err=48 is "inappropriate authentication". Maybe you don't have SASL configured properly.
  Please have a read of the admin guide.
  [http://docs.sun.com/app/docs/doc/820-2763/bcave]