Simple Authentication Problem

Similar Messages

• Webservice authentication problem

  Web Service Authentication problem
  Posted: Jun 17, 2005 3:32 PM        Reply      E-mail this post 
  Hi
  I have created a portal service and exposed this service as a webservice. I am consuming this webservice in webdynpro. Portal service contains 2 simple methods putdata() and getdatat().
  When i access the webservice i am getting the following error.
  "javax.xml.rpc.soap.SOAPFaultException: The User Authentification is not correct to access to the Portal Service com.sap.portal.prt.soap.GlobalData or the service was not found"
  My Enterprise portal server is configured for SSO to back end R/3 system. I have checked for portal service availability and it is fine.
  My Webdynpro and Portal are running on different machines. EP is running on AIX with SP11.
  Any help please.
  Regards
  NagaKishore V

  Hi Shahab,
  Can you reproduce the issue if you create 2 applications. One that exposes a secured web service and the other one the one, consumes the web service? This would help to isolate the issue and move forward in case is a bug.
  Thanks,
  Juan Camilo

• Simple authentication and authorization with a servlet and a filter

  Could somebody point me to code example that do simple authentication/authorization using one servlet and one filter? (without Spring, Struts, JSF or any framework)
  I’m having a lot of problems with that, apparently, easy task.
  These are the rules:
  - A simple login page
  - Two roles (admin, registered).
  - If the user loged is an admin, redirect to his entry page (private/admin/index.jsp).
  - If the user loged is of role registered, redirect him to his entry page (private/registered/index.jsp).
  - If it’s not a valid user, redirect again to login page.
  - Admin’s users cannot go to private/registered/ area.
  - Registered users cannot go to private/admin/ area.
  - Non authenticated user cannot go to private/ area
  Thanks a lot in advance!
  Edited by: JLuis on 25-ago-2010 15:27

  AccessControl.java:
  package com.tlsformacion.security;
  import java.io.IOException;
  import javax.servlet.RequestDispatcher;
  import javax.servlet.ServletConfig;
  import javax.servlet.ServletException;
  import javax.servlet.http.HttpServlet;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import com.tlsformacion.utils.Log;
  public final class AccessControl extends HttpServlet {
       private static final long serialVersionUID = 5741058615983779764L;
       private static final String USERNAME_ATTR = "username";
       private static final String PWD_ATTR = "password";
       private static final String LOGIN_PAGE_ATTR = "login_page";
       private static final String ROL_ATTR = "role";     
       private boolean isAuthentic = false;
       private String role = null;
       private String loginPage = null;
       public AccessControl() {
          super();
       public void init(ServletConfig config) throws ServletException {
            loginPage = config.getInitParameter(LOGIN_PAGE_ATTR);
       protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doGet");
            doAccessControl(request, response);
       protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doPost");
            doAccessControl(request, response);
       private void doAccessControl (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside doAccessControl");
            doAuthentication(request, response);     
            if (isAuthentic) { //Authentic user
                 doAuthorization(request, response);                         
            } else { //User NOT authentic
                 doRejection(request, response);
       private void doAuthentication(HttpServletRequest request, HttpServletResponse response) {     
            debug("Inside doAuthentication");                         
          String requestedURI = request.getRequestURI();
          if (requestedURI.contains("/AccessControl")) { //Comes from login page           
               debug("Comes from login page");
                String username = request.getParameter(USERNAME_ATTR);
              String pwd = request.getParameter(PWD_ATTR);   
               role = getRole(username, pwd);
               if (role != null) {
                    isAuthentic = true;
                    request.getSession().setAttribute(ROL_ATTR, role);
          } else { //Doesn't comes from login page
               debug("Doesn't comes from login page");
               if (isInSession(request)) {
                    debug("Rol is in session");               
                    isAuthentic = true;
               } else {
                    debug("Rol is NOT in session");
       private void doAuthorization(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {          
            debug("Inside doAuthorization");
            String requestedURI = request.getRequestURI();
            debug("requestedURI: " + requestedURI);
            if (requestedURI.contains("/AccessControl")) { //Comes from login page                                                                 
                 goHomePage(request, response);
            } else if (requestedURI.contains("/private/" + role)) { //Trying to access his private area
                 goRequestedPage(request, response);
            } else { //Trying to access other roles private area
                 goLoginPage(request, response);
      private void doRejection(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {          
           debug("Inside goRejection");
           role = null;
            goLoginPage(request, response);         
       private void goHomePage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goHomePage");     
            String homePage = "private/" + role + "/index.jsp";
            goPage(request, response, homePage);
       private void goLoginPage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goLoginPage");
            goPage(request, response, loginPage);
       private void goRequestedPage(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
            debug("Inside goRequestedPage");
            String contextPath = request.getContextPath();          
            debug("contextPath: " + contextPath);
            String requestedPage = request.getRequestURI().replace(contextPath + "/", "");
            goPage(request, response, requestedPage);
       private void goPage(HttpServletRequest request, HttpServletResponse response, String page) throws IOException, ServletException {
            debug("Inside goPage ...trying to go to: " + page);
            //Option A
            response.sendRedirect(page);
            //Option B
            //RequestDispatcher requestDispatcher = request.getRequestDispatcher(page);
            //requestDispatcher.forward(request, response);                  
       private boolean isInSession(HttpServletRequest httpRequest) {
           boolean inSession = false;
            role = (String)httpRequest.getSession().getAttribute(ROL_ATTR);
            if (role != null && !role.equals("")) {
                 inSession = true;
           return inSession;
      //PENDIENTE: mock method!
      private String getRole(String username, String pwd) {         
           String role = null;
           if (username.equals("admin") && pwd.equals("admin")) {
                role = "administrator";
           } else if (username.equals("regis") && pwd.equals("regis")) {
                role = "registered";
           return role;
      private void debug(String msg) {
           Log.debug(msg);
  }Proyect Folder Structure:
  WebContent
       login.html
       private
            administrator
                 index.jsp
            registered
                 index.jspBasically, the problem is that if you try to log as admin/admin (for example) the servlet AccessControl executes infinitely
  Edited by: JLuis on 26-ago-2010 8:04

• Email authentication problem on only some of Verizon's servers

  I use Eudora 6.2.4 on an iMac Core 2 Duo 2.0 20" (Al) Macintosh running OX 10.5.5.  Like many others (see one thread each under FiOS Internet and High Speed Internet and Dialup), since about mid-November, I have been receiving intermittent (about 10% of the time) authentication errors when Eudora checks for new mail.  I have 3 VZ e-mail accounts and one at my employer; the errors occur only on the VZ accounts.
  I've used the freeware app Eavesdrop (http://code.google.com/p/eavesdrop/) to observe the TCP conversations between Eudora and the server. The VZ server offers SASL CRAM-MD5 PLAIN, and Eudora uses CRAM-MD5.  I see the challenge from the server, Eudora's response, and the server's authentication-failure response.  Since the response is hashed, I have no way of telling if Eudora is sending the correct response, but it works most of the time.  (After it fails, Eudora then assumes its stored password is NG, discards it, and prompts me for it on the next mail-check, which is just a bit annoying.)
  Here is an example of a successful mail-check:
  +OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.2-6.01 (built Apr  3 2006)) <[email protected]>
  CAPA
  +OK list follows
  TOP
  PIPELINING
  UIDL
  RESP-CODES
  AUTH-RESP-CODE
  USER
  SASL PLAIN CRAM-MD5
  IMPLEMENTATION MMP-6.2p6.01 Apr  3 2006
  auth CRAM-MD5
  + PDQ5MzU1ZWY3LmRlZWZlMEB2bXMxMDkubWFpbHNydmNzLm5ldD4=
  amp3b2xmOSA3MDA0MmE5YWQwYzEzOWRkYjE5NDk0OWZjYjY1NzBmMg==
  +OK Maildrop ready
  STAT
  +OK 0 0
  QUIT
  And here's a failure:
  +OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) <[email protected]>
  CAPA
  +OK list follows
  TOP
  PIPELINING
  UIDL
  RESP-CODES
  AUTH-RESP-CODE
  USER
  SASL CRAM-MD5 PLAIN
  IMPLEMENTATION MMP-6.3p7.04 Sep 26 2008
  auth CRAM-MD5
  + PGZjMDAxY2M0ZjZlNDAyNjM3ZTI1MTVmMGU1MWEyYzVjQHZtczE3MTAxMy5tYWlsc3J2Y3MubmV0Pg==
  amp3b2xmOSA1NWNmNzJhYzRhZDdlMmE1ZGExZmIwZDVkMzA3NTc5OQ==
  -ERR [AUTH] Authentication failed
  You'll notice that the VZ server identifies itself at the onset of each conversation, including a build ID and date, followed by a timestamp and a server ID (e.g., vms109.mailsrvcs.net).  I'm in eastern Massachusetts, and when my client connects to incoming.verizon.net, one of a pool of V servers responds.  I've observed about 15 different servers, of which two (vms171011 and vms171013) show "6.3-7.04 (built Sep 26 2008)" and all the others show "6.2-6.01 (built Apr  3 2006)".  Furthermore, I observe that vms171011 and vms171013 consistently give this authentication failure for CRAM-MD5, but all the others (with the older build) consistently succeed in authenticating my accounts.
  I called FiOS Support, and the CSR took down took down some relevant info, said she'd pass it on the the e-mail folks.  Within 2 hours I got a call from a Verizon tech.  He said they "knew" about it and that it was a Mac problem.  It wasn't specific to VZ, and it occurred only on Macs.   He had no explanation for my observation that mail-check authentication works with 13 of VZ's servers and consistently fails with two which have a later build version/date, but he believed it was consistent with it being an Apple problem.  So naturally he was off the hook.
  He referred me to an Apple Support Forum discussion to back up his position.  I hadn't seen (or thought of looking in) the Apple forums, so I had a look and found a total of 5 threads under "Mail and Address Book".  Of course, these deal with Mail.app, .  Comcast as well as VZ.  This is the lengthiest of them:
    http://discussions.apple.com/message.jspa?messageID=8478765#8478765 
  These Apple discussion threads and the two Verizon Forum threads all mention Macintoshes, which lends credence to the tech's assertion that it's a Mac problem, not Verizon's.  I've found one that seems to depict the same thing on a PC (http://groups.google.com/group/comp.mail.eudora.ms-windows/browse_thread/thread/b426c0ca59841ca9), but it's not conclusive. 
  I don't know what PeeCee users use for a mail client or what method they use for authentication (the POP3 protocol, as amended,has several possibilities).  My Eudora app has settings for "Password", "Kerberos", and "APOP", but VZ doesn't offer Kerberos, and Eudora seems to ignore the APOP setting, so it uses only the CRAM-MD5 method, so I'm stuck.  I can't disprove that this is a Mac-only problem, but I can't understand why the CRAM-MD5 authentication always works with 13 of VZ's servers and always fails with 2 others (which happen to have a different build version/date).
  Solved!
  Go to Solution.

  With the help of a Windows-using friend, I have additional evidence that the mail-check authentication problem is NOT Mac-specific, but also can be shown to occur with a POP3 client (the final version, Eudora 7.1.0.9) using a secure authentication method (APOP) on Windows (XP Home, SP 3).  He had been observing no authentication problems, but investigation showed that his authentication setting was for "Password", which uses the basic (and very insecure) USER/PASS messages.  His Eudora does not allow CRAM-MD5, but it does have APOP authentication, which is another secure method that also uses the MD5 algorithm to encrypt the password.
  When he changed the setting to use APOP authentication, he observed the same behavior that I've reported above:
     - with most of the VZ servers (e.g., vms095.mailsrvcs.net, vms104.mailsrvcs.net) that show "6.2-6.01 (built Apr  3 2006)", the authentication succeeds
     - with vms171011.mailsrvcs.net and vms171013.mailsrvcs.net, which show "6.3-7.04 (built Sep 26 2008)", the authentication fails.
  See examples below.
  Here's a successful mail-check (these excerpts are from the Eudora log; I've edited his username):
  3244    64:13.20 Rcvd: "+OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.2-6.01 (built Apr  3 2006)) <[email protected]> [ISafe POP3 Proxy] \r\n"
  3244    32:13.20 Sent: "CAPA\r\n"
  3244    64:13.20 Rcvd: "+OK list follows\r\n"
  3244    64:13.20 Rcvd: "TOP\r\n"
  3244    64:13.20 Rcvd: "PIPELINING\r\n"
  3244    64:13.20 Rcvd: "UIDL\r\n"
  3244    64:13.20 Rcvd: "RESP-CODES\r\n"
  3244    64:13.20 Rcvd: "AUTH-RESP-CODE\r\n"
  3244    64:13.20 Rcvd: "USER\r\n"
  3244    64:13.20 Rcvd: "SASL PLAIN CRAM-MD5\r\n"
  3244    64:13.20 Rcvd: "IMPLEMENTATION MMP-6.2p6.01 Apr  3 2006\r\n"
  3244    64:13.20 Rcvd: ".\r\n"
  3244    32:13.20 Sent: "APOP XXXXX 8a45b60f3f4a52a472937e86edbfda70\r\n"
  3244    64:13.21 Rcvd: "+OK Maildrop ready\r\n"
  3244    32:13.21 Sent: "STAT\r\n"
  3244    64:13.21 Rcvd: "+OK 0 0\r\n"
  3244    32:13.21 Sent: "QUIT\r\n"
  3244    64:13.21 Rcvd: "+OK\r\n"
  And here's one that fails; note the different server build-date:
  460     64:13.23 Rcvd: "+OK Messaging Multiplexor (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) <[email protected]> [ISafe POP3 Proxy] \r\n"
  460     32:13.23 Sent: "CAPA\r\n"
  460     64:13.23 Rcvd: "+OK list follows\r\n"
  460     64:13.23 Rcvd: "TOP\r\n"
  460     64:13.23 Rcvd: "PIPELINING\r\n"
  460     64:13.23 Rcvd: "UIDL\r\n"
  460     64:13.23 Rcvd: "RESP-CODES\r\n"
  460     64:13.23 Rcvd: "AUTH-RESP-CODE\r\n"
  460     64:13.23 Rcvd: "USER\r\n"
  460     64:13.23 Rcvd: "SASL CRAM-MD5 PLAIN\r\n"
  460     64:13.23 Rcvd: "IMPLEMENTATION MMP-6.3p7.04 Sep 26 2008\r\n"
  460     64:13.23 Rcvd: ".\r\n"
  460     32:13.23 Sent: "APOP XXXXX ab2dde7d89cbbf0bf9cd409dce02e5a8\r\n"
  460     64:13.27 Rcvd: "-ERR [AUTH] Authentication failed\r\n"
  IMHO all this evidence validates my original hypothesis, that two (or more) of VZ's mail servers, which have server builds "6.3-7.04 (built Sep 26 2008)", advertise secure CRAM-MD5 and APOP authentication capabilities, but consistently fail such authentication attempts.  All the other servers with builds "6.2-6.01 (built Apr  3 2006)" handle these authentications correctly.  This has been shown to be the case on both Mac and Windows POP3 email clients.  Email clients that use the simpler and unsecure USER/PASS and AUTH PLAIN methods apparently see no authentication errors on any of the VZ servers.  This strongly points to this being a Verizon problem specific to two of the servers that we see here in eastern Massachusetts.  Others have also observed the same server-specificity; see for example http://eudorabb.qualcomm.com/showthread.php?t=13802 .  This problem has been reported since about mid-November.
  Verizon, the ball is in your court.  Find the problem and fix it!

• SQLNET authentication problem!

  Hi,
  We have a setup in which the database server is running on a 'XXX' domain and all the clients are running in domain 'YYY'.
  On the client, if following is the setup, then the clients face ORA-03113 after around 45 to 90 minutes of idle time.
  SQLNET.ORA
  NAMES.DEFAULT_DOMAIN=YYY
  TNSNames.ORA
  DBName.YYY = (..........
  Note: This is not happening with all the clients in 'YYY' domain.
  Now, we thought this was a domain authentication problem and removed the DEFAULT_DOMAIN setup from the client. Still the client faces ORA-03113.
  As a part of trial, we moved one of the machines which was facing the problem to the domain of the database server and the error is gone.
  But, due to obvious reasons, it is not possible to move all the clients to the domain of database server.
  Is there any way to get around this problem?
  Why is it that only some of the clients are facing this problem?
  Why is it that the error occurs only after idle time and not during work?
  Do we need to set NAMES.DEFAULT_DOMAIN=XXX at client? (I apologize for this question but I am really confused with the matters now)
  Addition info: The database server is Oracle 10.1.0.2.0 and clients are ranging from Oracle 8.1.6 to Oracle 10.1.0. And the errors occur on clients with any version of Oracle.
  Please help us out in this regard.
  Thanks in advance,
  Satish

  I have gone thorugh the Action suggested for this oracle error.
  If problematic machine is shifted to the domain XXX, error is gone,Do you shift physically to some other network?? if yes then there might be a problem with your network. The machines which are disconnected, might be on the same network channel or switch which is creating some problem in your network. this is only luck that your failure occur when there is no activity from that client which is disconnected.
  Shift the places of problem facing client and non-problem facing client with each other and then check. It will clear the mind about the netrowk problem
  Regards

• Real simple xslt problem/question

  Hi, i have a real simple xslt problem but i just cant figure out how to do it by looking at various examples on the net. i have a xml document and in it are some elements with a "result" tag name. i want to use xslt to reproduce exactly the same xml document except with an attribute called "id" added to those elements with a "result" tag name. i'm sure that theres a simple solution to it but i just cant figure it out. any helps greatly appreciated, thanks

  Start with the XSLT identity transform (I don't have it handy and it's fairly long, but you should be able to google it up). Add this:<xsl:template match="result">
    <result id="">
      <xsl:apply-templates>
    </result>
  </xsl:template>

• JDeveloper IDE simple setting problem

  Hi,
  Recently we switched to JDeveloper from Visual Cafe .I have a simple setting problem.How can I set the options so that IDE gives, the core java classes and packages,and our application classes and packeges, prompts in imports as well as in code.Where to set the options.
  eg: when I write
  import java. it should prompt all the pakages.
  Thanks in advance.
  -Gopal
  null

  I am not sure I understand what you are requesting, but ...
  You can configure JDeveloper projects to include various libraries by default.
  This is done by selecting menu Tools | Default Project Properties.../ Libraries tab.
  You should define a library for your classes.
  You can import any of the packages / classes from all the libraries which your project includes.
  It would be incorrect for a tool to automatically add a bunch of import lines at the top of every file because each file should import what it needs and just as importantly, not import what it does not need depending on the component type (e.g. a servlet should not include javax.swing.* ).
  An easy way to import elements into JDeveloper is to type in something like:
  import java.
  // and then type in Ctrl Space
  and this launches the package browser, you can select packages or classes to import.
  You can also do this at the variable declaratiton point such as typing in:
  foo() {
  Frame x
  // Press Control Alt Space
  and this will correctly change the type (Frame) to the type you select in the package browser and add the import statement.
  -John
  null

• Authentication problem - solved, but maybe a bug in Mac OS X?

  Hi,
  I've a rather small installation with only a handful of users configured on a Mac mini (Mac OS X Server, 10.6.8). All of them use the mail, calendar and addressbook server on the Mac, nothing more. They use it with Mac, iPhone and iPad. Everything worked fine for months but suddenly all of them were faced authentication problems: it was not possible to login on the imap server, the calendar server, the addressbook server. It was possible to login using the admin account on the server directly. Moreover, all users disappeared from the workgroup manager, however they still were available on the servers LDAP server and findable using ldapsearch.
  First, I used to completely restart the server to solve the problem, but it reappeared after only few hours again.
  Second, after understanding more about the authentication process, I found the "killall DirectoryService" was sufficient to solve the problem, but it still reappeared after few hours.
  Then I found the, once the problem occured, there was nearly no more communication to the local LDAP server on port 389 on localhost. When everything was working fine, the was a lot of such communication, including queries for usernames, when a login attempt was made. I started a "tcpdump -n -i lo0 port 389" and waited for the problem again. After the problem occured, I found in the pcap files that there were a few final query attempts, actually attempts the open a port 389 TCP connection to the slapd running on localhost, which were answered with a TCP RST. Then, no more attempts were made until l restarted the DirectoryService. Using the logfile of the slapd I found that this happened exactly at the time the slapd was stopped and restarted. And - surprisingly for me - stopping and restarting the slapd happened exactly once an hour.
  I then found that it happened exactly at the time the time machine backup process was started and indeed it was possible to trigger the event of restarting the slapd by manually starting a time machine backup.
  (Indeed, I switched my backup strategy from SuperDuper to time machine the other day and maybe that was the time the problem occured for the first time. I know that time machine is not considered as the best backup strategy for a server but I wanted to try on my own.)
  Google helped my to find a hint that time machine will actually stop and restart slapd - which is a generally a good idea, since otherwise a backup from some open database files would be made, which could work but may fail. So, I thing, someone of the developers thought about that problem too and has considered time machine for backups of a server.
  However, a not running slapd can not answer queries from a DirectoryService and a stopping or starting process might indeed end up with TCP SYNs answered with TCP RST.
  My solution was to disable time machine again and from that time the problem does not occur again.
  I'm wondering why the DirectoryService process isn't starting to query the slapd again after a failed connection. Isn't this a bug? After this experience I consider time machine as not only the not preferred backup solution for a server but as completely incompatible with Mac OS X server - although, as I said, it seems that someone thought about backing up the LDAP database using time machine.
  (On a Lion server this problem does not occur, the slapd will not be stopped and restarted when time machine is running. Moreover, I saw a com.apple.slapd.start notification in the slapd.log ... maybe this tells DirectoryService to try again.)
  Cheers,
  Wolfgang

  Another problem I found with the MacOS X key bindings: the 6 key doesn't work!
  In the config that ships with SQL Developer, I found this:
  <Item class="oracle.javatools.util.Pair">
  <first class="java.lang.String">DOCUMENT_6_CMD_ID</first>
  <second class="oracle.ide.keyboard.KeyStrokes">
  <data>
  <Item class="javax.swing.KeyStroke">6</Item>
  </data>
  </second>
  </Item>
  which should be:
  <Item class="oracle.javatools.util.Pair">
  <first class="java.lang.String">DOCUMENT_6_CMD_ID</first>
  <second class="oracle.ide.keyboard.KeyStrokes">
  <data>
  <Item class="javax.swing.KeyStroke">meta 6</Item>
  </data>
  </second>
  </Item>

• Wifi Authentication Problem in Lenovo K900

  Hi,
  I am able to connect to wifi at home network. And when I try it at office it is showing Authentication problem and "Not in Range". The password and everything is correct. All my colleagues are able to connect with the same password. I searched online for the solution and there are many other lenovo tab and phone users facing the same problem and I am unable to find the solution. Can anyone resolve this issue and give appropriate answer for this.

  This is the first time I'm hearing this issue, I'm also an K900 user but this never happmed to me or my other friends.
  Are you sure that's the right password, maybe its case sensitive, because this bug is not present in K900.
  Facebook Profile I'm a carefree type of guy but always there to help, so if you have anything to ask don't hesitate.

• Cisco ACS 4.2.1 authentication problem

  We are using cisco ACS 4.2.1 on windows 2003  to authenticate  with windows 2003 Actice Directory. We have update Active directory server windows 2008 version. We have checked the configuration of ACS on windows database and no problem but we can't see in ACS dynamic user. I have authentication problem ACS 4.2.1 to Windows 2008 R2 active directory.

  Hi there,
  There is a section in the ACS 4.x where you can define if the ACS should show the dynamic users or not, make sure that this option is unchecked, for this go to External User Databases/Unknown User Policy/Configure Caching Unknown Users
  Also if you are facing authentication issues with ACS 4.x and Windows 2008 R2, you may want ready my previous answer.
  Let me know if this helps.

• WLC 5508 WPA Authentication Problems

  Hello,
  We have a WLC 5508 with 7.4.100.0 Firmware.
  We are using 1141 and 1142 APs and we are having authentication problems with clients that are connecting to our WLAN with WPA+AES autentication. The clients receive in her laptop a password error, and we receive the following log in wlc:
  Client Excluded: MACAddress:f8:f1:eb:dd:ff:cd Base Radio MAC :08:ad:dd:76:4d:30 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.1x Authentication failed 3 times. ReasonCode: 4
  The strange thing is that the problem is solved restarting the Access-points.
  Anyone had this problem previusly?
  Thanks in advance.

  I made the configuration using the Cisco Recommended settings, the strange thing its that the users connect normally, until they starts with authentication problems. I restart the access points and the problem its solved.
  Cisco Recommended  and not recommended Authentication Settings
  Security encryption settings need to be identical for WPA and WPA2 for TKIP and AES as shown in this image:
  These images provide examples of incompatible settings for TKIP and AES:
  Note: Be aware that security settings permit unsupported features.
  These images provide examples of compatible settings:

• Simple OOP Problem. Help!

  This is just a simple OOP problem that i cant decide on a best
  implementation for.
  im passing an object to an instance of, 'TabbedFrame', which is just
  a frame with a Tabbed Pane in it that is holding custom panels.
  however, these custom panels need access to the object being
  passed to 'TabbedFrame' and to some methods in it.
  i cant make them static however so how do i gain access to them?
  is my only option to pass the 'TabbedFrame' to each panel?
  like - jtabbedpane.add( "Panel 1", new mypanel1(this));
  here is code:
  new TabbedFrame( DataObject );
  public class TabbedFrame{
  public TabbedFrame(DataObject do){
  this.do = do;
  jtabbedpane.add( "Panel 1", new mypanel1() );
  DataObject do;
  public class mypanel1{
  public mypanel1(){
  // need access to DataObject of the 'TabbedFrame' object that instantiated
  // this 'mypanel1' and to some of its methods
  }i would just pass the DataObject to evey panel (there are 12) but
  i also need to be able to call methods in the 'TabbedFrame'.
  Any help would be appreciated!

  Modify mypanel1's constructor:
  public class mypanel1{
  TabbedFrame tf;
  public mypanel1(TabbedFrame tf){
  this.tf = tf;
  // need access to DataObject of the 'TabbedFrame' object that instantiated
  // this 'mypanel1' and to some of its methods
  DataObject theDo = tf.getDataObject();
  tf.someMethod(); // Call method on the TabbedFrame
  }In TabbedFrame:
  public TabbedFrame(DataObject do){
  this.do = do;
  // Modify call to constructor to pass "this" TabbedFrame.
  jtabbedpane.add( "Panel 1", new mypanel1(this) );
  }

• WiFi Authentication problem

  I have an iMac, and iPad, a Blackberry (forgive me) and Airport for my WiFi all of my pieces are working fine with my WiFi.  I had guests over the other day and we could not allow my guests iPads or iPhone to sign onto my network.  I bought my dad a generic tablet to use for solving cross words, etc., and I cannot sign into my own network.  No opportunity exists to put in a password because it just reads "Authentication Problem".
  No opportunity exists, therefore, to enter the password.  Signal strength is excellent, Securty is WPA2 PSK, I touch connect and it says Saved Secured with WPA2 and then goes back to "Authentication Problem."
  I've unplugged (and plugged back in) both the Airport / router and Internet Service provider's modem. I've rebooted my iMac and the new generic pad 3 times each. 
  I had 2 networks one for me and one for guests, can't get into either, identical problem. I can see all of the neighbour's networks and they're all locked and say secured with (various WPA/WPA2, etc., just mine says Authentication Problem.  I plugged the tablet into my iMac and it's functioning well.
  I now deleted the guest network and can't open a new network. 
  I've triple checked my passwords, hand written and in the Key Chain.
  I've checked my Apple ID (I'm able to get into this forum).
  Both my iPad (purchased May 2013) and BlackBerry (received free July 2013) signed in without any problems.
  I cannot see why I can't get into my network ~ any ideas?

  Hello,
  Hmmm..."problem"...pretty hard to understand. Can you provide more details? What exactly do you try? What exactly happens at each step of what you try? What is the exact and complete content of any error messages presented?
  Please remember that we can't see you nor your device. We have only your words to help us understand your situation, and such understanding is the natural prerequisite to providing you with any useful guidance.
  Thanks and let us know.
  Occam's Razor nearly always applies when troubleshooting technology issues!
  If anyone has been helpful to you, please show your appreciation by clicking the button inside of their post. Please click here and read, along with the threads to which it links, for helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions.
  Join our BBM Channels
  BSCF General Channel
  PIN: C0001B7B4   Display/Scan Bar Code
  Knowledge Base Updates
  PIN: C0005A9AA   Display/Scan Bar Code

• Simple Authentication with SMP 10.1 and FMS 3.5

  Good day all,
  I am looking to add simple authentication to the SMP player for use with FMS 3.5. I recently came across a technical paper published by Adobe titled, "Video content protection measures enabled by Adobe Flash Media Interactive Server 3.5". Within this document are three examples of user authentication with code samples. I am starting with the "simple" client verification using a unique token authentication key method first.
  I've noticed that SMP doesn't have any FMS security mechanisms built-in at least that I've been able to identify in the documentation or feature specs. Did I miss something? I am looking for assistance in getting started with adding this feature to SMP. So my question is where could I add the client side Actionscript within the SMP structure?
  I'd very much like to hear about others' experiences with adding security mechanisms to SMP used with FMS.
  Thank you.

  Andrian - Thank you for the quick reply. I'm gald SMP has support for the playback of protected content. Is there more documentation than this demo on this topic?
  I'll explain what I'm doing. I am implementing SMP as the default video player application used in online courses at the Savannah College of Art and Design. Identifying the player and implementing its use in our production workflow is the first step in a strategy to deliver a better video experience and leverage the scalibility and flexibility of SMP. On the back end integration with our FMS I have been asked to implement some user authentication. We don't need to re-auth the students as they have already been authenticated through our LMS. What is desired is each player instance authenticates with our server to prevent stream ripping.
  The simple user token authentication key example from the linked document seems to best suit this intial need.

• Phone won't connect to wifi saying authentication problem

  My phone after being connected to sky wifi from sept 2013, has all of a sudden started hardly connecting, and always says 'authentication problem'. I have my iPad connected to the wifi too, but this has also been connecting fine since sept 2013.The connection to my phone drops a lot, and then when it is connected it is very, very slow. It doesn't drop at all on my iPad.  Please can someone help me. And put it in layman terms please, thank you. EM

  Two things to try. Change the wifi channel on the Sky router/Hub itself, instruction on a post at the top of this forum. And try forgetting the network on the iPhone; Settings->WiFi, and select the network ticked. Select Forget This Network and confirm it. Then reconnect to the Sky router/Hub by selecting the wifi network and entering the password again on the iPhone. Try the latter first, then change the wifi channel on the Sky Hub/router after this step. If you don't have an iPhone, then use the steps appropriate for that phone to basically do the same as above, for forgetting and reconnecting the phone to the wifi network.