Simple http username-password authentication
I want to achieve a simple authentication process. When a user wants to access the internet, he/she would have to enter username/password combination. The platform is 1721 or 1841 router.
I tried to use authentication-proxy, but it turns out IOS 12.3 doesn't support Windows RADIUS server.
Is there a way to use authproxy with a windows-based solution?
If not, what else can I use besides authproxy IOS feature?
Thanks
To use auth proxy you need a RADIUS server, this should work if you have ACS server.
Similar Messages
-
WSDL security policy username & password authentication
Hi,
I am creating a WS policies in WSDL for username & password authentication , below is what I am using:-
<wsdl:service name="echoService">
<wsdl:port name="echoPort" binding="tns:echoBinding">
<soap:address location="http://pponnala-tecra-xp.stc.com:18181/
echoService/echoPort"/>
<wsp:PolicyReference URI="#HttpBasicAuthBindingBindingPolicy"/>
</wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="HttpBasicAuthBindingBindingPolicy">
<mysp:MustSupportBasicAuthentication on="true">
<mysp:BasicAuthenticationDetail>
<mysp:WssTokenCompare/>
</mysp:BasicAuthenticationDetail>
</mysp:MustSupportBasicAuthentication>
<mysp:UsernameToken mysp:IncludeToken="http://schemas.xmlsoap.org/ws/
2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10>bobby</sp:WssUsernameToken10>
<sp:WssPassword>${pass_token}</sp:WssPassword>
</wsp:Policy>
</mysp:UsernameToken>
</wsp:Policy>
Here I need to pass the <Wsspassword> in the respective placeholder from the application. How we can pass
the respective password to the <sp:WssPassword>${pass_token}</sp:WssPassword>? I have hardcoded with some
valid password. But it is not working. What I am doing wrong here? Is there any way we can validate the authentication
in a better way in WSDL? Also clarify now we can pass the password in the respective pass_token placeholder?
Please clarify.
Thanks.If you want the script to check whether the user successfully logged in. Go to tester's perspective, click on the POST request of the login and view HTML page response. There you should be able to see the page after successful login. Search and select an element that only appears after successful login, right click the test and create a variable. Use that variable to create a check after the POST request to let the script know whether it should continue or fail the script.
-
Logon failure with username/password authentication in WLE 5.1
Hi,
I have WLE 5.1 configured and running on a Win2K system. I am able to
build and run the simpapp sample program. I am also able to build the
interceptor_cxx sample and run with all interceptors other than the
security interceptor. What I realised in this case was that the
PersonQueryClient did not perform any login of a user from which the
security interceptor could extract user ID information (have I missed
something? I am a WLE and CORBA newbie) so I modified the ubb config
file to define SECURITY as USER_AUTH and add the AUTHSVC, modified
personqueryclientc.cpp to get access to the SecurityLevel2 principal
authenticator, built the app, created a user with the tpussradd command,
and ran the app (the AUTHSVC successfully starts).
The Tobj::AuthType returned by the get_auth_type method of the
PrincipalAuthenticator is Tobj::TOBJ_APPAUTH as I expect. I call the
logon method with the parameters (user_name, argv[0], sys_password,
password, 0) where user_name is the same as the user I created with the
tpusradd command, argv[0] is personqueryclient (I've tried tpusradd'ing
the user both with the "-c personqueryclient" argument and without),
sys_password is the password I specified when tmloadcf was run against
the modified ubb config file, password is the password I specified when
I ran tpusradd. The logon always fails returning
Security::SecAuthFailure. In the ULOGxxxx file the following message is
displayed:
181605.NUMBAT!TMSYSEVT.2180: LIBTUX_CAT:1484: WARN: .SysClientSecurity:
User tbartley on SITE1 authentication failure
I've tried running in the following manners all with the same result:
1. With or without the security_cxx interceptor registered
2. With the user in or not in a group
3. With the the user created using the "-c personqueryclient" arg to
tpusradd or not
If I change the security level down to APP_PW then everything works and
the security_cxx interceptor sees a client name of personqueryclient and
a username of personqueryclient. The logon fails if I use a sys_password
other than the one specified to tmloadcf and succeeds if I use the
correct password.
Can anyone tell me what I might be doing wrong in the username/password
authentication case?
Here's the code I inserted to personqueryc.cpp to perform the logon:
// Get SecurityCurrent object
CORBA::Object_var var_security_current_oref
= bootstrap.resolve_initial_references("SecurityCurrent");
SecurityLevel2::Current_var var_security_current_ref =
SecurityLevel2::Current::_narrow(var_security_current_oref.in());
// Get the principal authenticator
SecurityLevel2::PrincipalAuthenticator_var
var_principal_authenticator_oref =
var_security_current_ref->principal_authenticator();
char user_name[100] = "";
char password[100] = "";
char sys_password[100] = "";
// Narrow to a BEA Principal Authenticator
Tobj::PrincipalAuthenticator_var v_bea_pa =
Tobj::PrincipalAuthenticator::_narrow(var_principal_authenticator_oref.in());
// See what level of logon has been turned on
Tobj::AuthType auth_type = v_bea_pa->get_auth_type();
cout << "Auth type: ";
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: cout << "TOBJ_APPAUTH"; break;
case Tobj::TOBJ_SYSAUTH: cout << "TOBJ_SYSAUTH"; password[0] = '\0';
break;
case Tobj::TOBJ_NOAUTH: cout << "TOBJ_NOAUTH"; break;
default: cout << "TOBJ_<unknown>"; break;
cout << endl;
cout << "Username: ";
cin >> user_name;
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: {
cout << "User password: ";
cin >> password;
// fall through
case Tobj::TOBJ_SYSAUTH: {
cout << "App password: "; cin >> sys_password;
break;
default: {
break;
// now that we've got all the data necessary, logon
Security::AuthenticationStatus status =
v_bea_pa->logon(user_name,
argv[0],
sys_password,
password,
0); // user data
cout << "Logon result: ";
switch (status) {
case Security::SecAuthSuccess: cout << "SecAuthSuccess"; break;
case Security::SecAuthFailure: cout << "SecAuthFailure"; break;
case Security::SecAuthContinue: cout << "SecAuthContinue"; break;
case Security::SecAuthExpired: cout << "SecAuthExpired"; break;
default: cout << "SecAuth<unknown>"; break;
cout << endl;
if (status != Security::SecAuthSuccess) {
cerr << "Invalid password." << endl;
exit(1);
Here are the entries I added to the ubb config file:
*RESOURCES
SECURITY USER_AUTH
AUTHSVC AUTHSVR
*SERVERS
AUTHSVR SRVGRP=SYS_GRP SRVID=6 RESTART=Y GRACE=600 MAXGEN=2 CLOPT="-A"
I do not have the WLE Security Services installed (i.e. the package
that provides SSL and crypto). Is this required? It's not clear to me
from the documentation if this is required for username/password based
authentication or not.
Thanks for any help,
Tim BartleyHi Michael
I am using SSL in my application. So that it asks for the certificate username
and password while startup. But now i want to mention the username and password
in weblogic.properties file itself. So that the client need not have to provide
the username and password everytime. I am using weblogic server 5.1 version.
How do i do this?
Hope my question is clear. Please help.
with regds
siva
Michael Young <[email protected]> wrote:
Hi.
It's not 100% clear to me what you are asking for. Do you want authentication
turned off for
your application? That will certainly turn off prompting for authentication
information. You
can set your ACL for your application (in your properties file) to allow
everyone to execute
it. Something like:
weblogic.allow.execute.<myApplication>=everyone
But maybe you want some kind of silent authentication so that not everyone
can execute your
app? I suppose you could pass authentication info in a cookie. I really
don't know enough
about your application, though.
I suggest you post this question in weblogic.developer.interest.security
- you have a better
chance of getting an answer there for security related questions.
Hope this helps.
Michael
siva wrote:
Hi all,
I have the following requirements. I have an application which asksfor the authentication
information like username and password at first. The application isrunning in
weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
the username and password so that the application will not ask forin the browser.
please help. It's urgent.
with regds
siva--
Developer Relations Engineer
BEA Support -
I want to pass a username and password for testing if the account works
!code!
Function Test-ADAuthentication {
param(
[string]$username = $(throw "-username is required."),
[string]$password = $(throw "Input password, please" )
(new-object directoryservices.directoryentry "",$username,$password).psbase.name -ne $null
Test-ADAuthentication "-username", $1 "-password", $2
!code end!
it works if i call the function manually but i want to just call the script with the inputs $1 $2
what have i done wrong here, tell me where i'm being stupidIf you just want to call the script and pass the info, then remove the function and just add the params to the script
param(
[string]$username = $(throw "-username is required."),
[string]$password = $(throw "Input password, please" )
(new-object directoryservices.directoryentry "",$username,$password).psbase.name -ne $null
Then you can just call the script like so
.\MyScript.ps1 -username user -password "Sup3rS3cr3t"
Also with the params you can do it like this instead of having the default values to throw an error
param(
[parameter(Mandatory=$true)]
[string]$username,
[parameter(Mandatory=$true)]
[string]$password
That will cause an error if the parameters are not supplied when the script is called.
If you find that my post has answered your question, please mark it as the answer. If you find my post to be helpful in anyway, please click vote as helpful.
Don't Retire Technet -
OATS - Load testing username/password Authentication
Hi Guys ,
I have recorded a load script - HTTP and in the URL when i give the username and password and click on submit it works fine. however when i give a wrong password , it works too.
Now , how do i validate the authentication . the script , when given the wrong password should fail but it passes.
Note : I have researched the Issue and Could not find the answer .
Below is the Code.
import oracle.oats.scripting.modules.basic.api.internal.*;
import oracle.oats.scripting.modules.basic.api.*;
import oracle.oats.scripting.modules.http.api.*;
import oracle.oats.scripting.modules.http.api.HTTPService.*;
import oracle.oats.scripting.modules.utilities.api.*;
import oracle.oats.scripting.modules.utilities.api.sql.*;
import oracle.oats.scripting.modules.utilities.api.xml.*;
import oracle.oats.scripting.modules.utilities.api.file.*;
public class script extends IteratingVUserScript {
@ScriptService oracle.oats.scripting.modules.utilities.api.UtilitiesService utilities;
@ScriptService oracle.oats.scripting.modules.http.api.HTTPService http;
public void initialize() throws Exception {
http.setUserAgent("Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)");
http.setAcceptLanguage("en-US");
* Add code to be executed each iteration for this virtual user.
public void run() throws Exception {
http.get(
2,
"http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/AppsLocalLogin.jsp",
null, null, true, "UTF8", "UTF8");
http.solveXPath("web.framesrc.pprIFrame",
".//IFRAME[@name='_pprIFrame']/@src",
"/OA_HTML/cabo/images/swan/t.htm", 0, EncodeOptions.None);
http.solveXPath("web.framesrc.formsLauncher",
".//IFRAME[@name='formsLauncher']/@src",
"http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html",
0, EncodeOptions.None);
http.solveRefererHeader(
"referer.httpwkdevvebs3waukwmscom80_1",
"/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US¶ms=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..");
http.solveXPath(
"web.formaction.DefaultFormName",
".//FORM[@name='DefaultFormName']/@action",
"/OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=2020957545&language_code=US&requestUrl=&oapc=2&oas=svdc_F8auGyQo_Ra9wFgAg..",
0, EncodeOptions.None);
http.solveXPath("web.input.AMTXIDFIELD",
".//INPUT[@name='_AM_TX_ID_FIELD']/@value", "1ujSEi0jV", 0,
EncodeOptions.None);
http.solveXPath("web.input.FORM", ".//INPUT[@name='_FORM']/@value",
"DefaultFormNameAx9rQiPG", 0, EncodeOptions.None);
http.solveXPath("web.option.None",
".//OPTION[text()='None']/@value", "Noa1lYfKg", 0,
EncodeOptions.None);
http.solveXPath("web.input.SubmitButtonunvalidated",
".//INPUT[@name='SubmitButton$$unvalidated']/@value",
"falseOlawF-M6", 0, EncodeOptions.None);
http.solveXPath("web.input.SubmitButtonserverUnvalida",
".//INPUT[@name='SubmitButton$$serverUnvalidated']/@value",
"false7FkgC9gT", 0, EncodeOptions.None);
http.solveXPath(
"web.input.SubmitButtonprocessFormDat",
".//INPUT[@name='SubmitButton$$processFormDataCalled']/@value",
"trueLKXNumu1", 0, EncodeOptions.None);
http.solveXPath("web.input.Cancelunvalidated",
".//INPUT[@name='Cancel$$unvalidated']/@value",
"truejE_ESnr4", 0, EncodeOptions.None);
http.solveXPath("web.input.CancelserverUnvalidated",
".//INPUT[@name='Cancel$$serverUnvalidated']/@value",
"truelS8G9ye6", 0, EncodeOptions.None);
http.solveXPath("web.input.CancelprocessFormDataCalle",
".//INPUT[@name='Cancel$$processFormDataCalled']/@value",
"trueAtyF7R1u", 0, EncodeOptions.None);
http.solveXPath(
"web.input.FORMMACLIST",
".//INPUT[@name='FORM_MAC_LIST']/@value",
"Cancel$$serverUnvalidated^Accessibility^SubmitButton$$processFormDataCalled^_FORM_SUBMIT_BUTTON^_ssoLangCode^evtSrcRowId^_AM_TX_ID_FIELD^Cancel$$processFormDataCalled^Cancel$$unvalidated^evtSrcRowIdx^SubmitButton$$unvalidated^SubmitButton$$serverUnvalidated^_FORM^serverValidate^_FORMEVENT***@@@FORM_MAC_LIST***@@@event^passwordField^usernameField^FORM_MAC_LISTHAm6l5q6NRKVuTJZ4jGPfg..",
0, EncodeOptions.None);
http.solveGroupJavaScript(http.javaScriptPath(
"web.jscript.httpwkdevvebs3waukw_37", 1, 17, 3, 0));
http.addCookie(
"oracle.uix=0^^GMT-6:00^p; domain=wkdevvebs3.wauk.wms.com; path=/",
null);
http.get(
9,
"http://wkdevvebs3.wauk.wms.com:8021{{web.framesrc.pprIFrame,/OA_HTML/cabo/images/swan/t.htm}}",
null, null, true, "UTF8", "ASCII");
http.get(
13,
"{{web.framesrc.formsLauncher,http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html}}",
null,
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_1,/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US¶ms=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..}}",
Header.HeaderAction.Modify)), true, "UTF8",
"ASCII");
http.get(17, "http://wkdevvebs3.wauk.wms.com:8021/favicon.ico", null,
null, true, "ISO8859_1", "ISO8859_1");
http.post(
21,
"http://wkdevvebs3.wauk.wms.com:8021{{web.formaction.DefaultFormName,/OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=2020957545&language_code=US&requestUrl=&oapc=2&oas=svdc_F8auGyQo_Ra9wFgAg..}}",
null,
http.postdata(
http.param("_AM_TX_ID_FIELD",
"{{web.input.AMTXIDFIELD,1ujSEi0jV}}"),
http.param("_FORM",
"{{web.input.FORM,DefaultFormNameAx9rQiPG}}"),
http.param("usernameField", "sbindingnavile"),
http.param("passwordField", "welcome7"),
http.param("Accessibility",
"{{web.option.None,Noa1lYfKg}}"),
http.param("SubmitButton$$unvalidated",
"{{web.input.SubmitButtonunvalidated,falseOlawF-M6}}"),
http.param("SubmitButton$$serverUnvalidated",
"{{web.input.SubmitButtonserverUnvalida,false7FkgC9gT}}"),
http.param("SubmitButton$$processFormDataCalled",
"{{web.input.SubmitButtonprocessFormDat,trueLKXNumu1}}"),
http.param("Cancel$$unvalidated",
"{{web.input.Cancelunvalidated,truejE_ESnr4}}"),
http.param("Cancel$$serverUnvalidated",
"{{web.input.CancelserverUnvalidated,truelS8G9ye6}}"),
http.param("Cancel$$processFormDataCalled",
"{{web.input.CancelprocessFormDataCalle,trueAtyF7R1u}}"),
http.param(
"FORM_MAC_LIST",
"{{web.input.FORMMACLIST,Cancel$$serverUnvalidated^Accessibility^SubmitButton$$processFormDataCalled^_FORM_SUBMIT_BUTTON^_ssoLangCode^evtSrcRowId^_AM_TX_ID_FIELD^Cancel$$processFormDataCalled^Cancel$$unvalidated^evtSrcRowIdx^SubmitButton$$unvalidated^SubmitButton$$serverUnvalidated^_FORM^serverValidate^_FORMEVENT***@@@FORM_MAC_LIST***@@@event^passwordField^usernameField^FORM_MAC_LISTHAm6l5q6NRKVuTJZ4jGPfg..}}"),
http.param("_FORMEVENT", ""),
http.param("serverValidate", ""),
http.param("evtSrcRowIdx", ""),
http.param("evtSrcRowId", ""),
http.param("_FORM_SUBMIT_BUTTON",
"{{web.jscript.httpwkdevvebs3waukw_37,SubmitButtonGNaB_JYN}}"),
http.param("event", ""), http.param("source", ""), http
.param("_ssoLangCode", "")),
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_1,/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US¶ms=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..}}",
Header.HeaderAction.Modify)), true, "UTF8",
"UTF8");
http.solveRefererHeader("referer.httpwkdevvebs3waukwmscom80_6",
"/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE");
http.get(
27,
"http://wkdevvebs3.wauk.wms.com:8021{{web.framesrc.pprIFrame,/OA_HTML/cabo/images/swan/t.htm}}",
null, null, true, "UTF8", "ASCII");
http.get(
31,
"{{web.framesrc.formsLauncher,http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html}}",
null,
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_6,/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE}}",
Header.HeaderAction.Modify)), true, "UTF8",
"ASCII");
http.get(35, "http://wkdevvebs3.wauk.wms.com:8021/favicon.ico", null,
null, true, "ISO8859_1", "ISO8859_1");
public void finish() throws Exception {If you want the script to check whether the user successfully logged in. Go to tester's perspective, click on the POST request of the login and view HTML page response. There you should be able to see the page after successful login. Search and select an element that only appears after successful login, right click the test and create a variable. Use that variable to create a check after the POST request to let the script know whether it should continue or fail the script.
-
SOAP Header based user/password authentication in OSB 11g Proxy Service
Hi,
I have implemented SOAP Header based authentication in my OSB 11g Proxy Service.
In the Security settings of my AnySOAP(Soap 1.1) HTTP Proxy service, I have amde the following changes:
1.
In Transport Access Control link, i selected the User predicate, and provided an user already existing on weblogic server with following roles(AppTesters, Monitors, Operators).
The AuthorizationProvider was XACMLAuthorizer
2.
Under Custom Authentication, I selected the Custom User Name and Password option, and provided the below mentiioned xpaths
User Name XPath: ./*/*:Username/text()
User Password XPath: ./*/*:Password/text()
3.
In Message Access Control link, i selected the User predicate with the same user as mentioned in Transport Access Control link.
Now, when I am testing this service from OSB Test Console, I am providing the following input.
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/">
<soap:Header>
<AuthHeader>
<N1:Username>userXYZ</N1:Username>
<N1:Password>passXYZ</N1:Password>
</AuthHeader>
</soap:Header>
<soap:Body>
<!-- body payload -->
</soap:Body>
</soap:Envelope>
The response is "The invocation resulted in an error: ."
The OSB server logs show the below error:
####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0
)>
####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException
com.bea.wli.sb.security.AccessNotAllowedException
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Please suggest where I am going wrong in this. I have cross checked the user/pass credentials with what I am giving in the input, and it is perfectly fine.I have added the Username and Password as follows, since the namespace declaration was required due to the namespace prefix 'N1' in the XPath
declare namespace N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Username/text()
declare namespace N1="http://abcdp.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Password/text()
I have removed the Message Access Control conditions, have only kept Transport Access Control conditions.
If i keep the condition in Transport Access Control as "Allow access to everyone", and test with proper credentials in the Username/Password tags in SOAP Header, then it works fine. However, if I try to give an incorrect password in the SOAP Header, it denies the access. So that means the XPaths given for Username/Password are working fine. The OSB logs show the below message
+####<Feb 10, 2011 12:59:21 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000ef2> <1297322961536> <BEA-386008> <Message level username/password authentication failed: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied>+
However if i add the condition with predicate as "User" and user name argument as "weblogic", and try to pass the same in the SOAP Header as well with the correct password, it denies the access with below message in the logs.
+####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0+
+)>+
+####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException+
com.bea.wli.sb.security.AccessNotAllowedException
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) -
Problem while setting username password to router
Hi,
i am trying to connect to router using java program. i am connecting with out any problem.
while giving the credentials like username and password i can't placing the original username
password.instead some thing is setted.
here is my code
public class ConnectRouter
public static void main(String[] args) throws Exception {
try
if (args.length != 2) {
System.err.println("Usage: java router username and password");
System.exit(1);
String password = URLEncoder.encode(args[0], "US-ASCII");
String username=URLEncoder.encode(args[1],"US-ASCII");
URL url = new URL("http://192.168.0.75:23");
URLConnection connection = url.openConnection();
connection.setDoOutput(true);
System.out.println("connection obj got");
PrintWriter out = new PrintWriter(connection.getOutputStream());
out.println(username);----------------------------------------------------------------------------------------------->passing username
out.println(password);------------------------------------------------------------------------------------------------>passing password
Process p = Runtime.getRuntime().exec("cmd /c perl C:\\perlsrc\\uname.pl");
// out.println(args[0]);
System.out.println("-----------connected---------------");
out.close();
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}catch(Exception e){e.printStackTrace();}
}output is as follows:
connection obj got
-----------connected---------------
ÿûÿûÿýÿý
User Access Verification
Username: POST / HTTP/1.1--------------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Host: 192.168.0.75:23--------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Connection: keep-alive
Password:
% Authentication failed.
Process exited with exit code 0.
please explain me where i am missing???
Regards,
NagarajuHi ejp,
i done as follows even i am getting same problem
please help me
public class ConnectRouter extends Authenticator
static String username,password;
public static void main(String[] args) throws Exception
Authenticator.setDefault(new ConnectRouter());
try
if (args.length != 2) {
System.err.println("Usage: java router username and password");
System.exit(1);
password = URLEncoder.encode(args[0], "US-ASCII");
username=URLEncoder.encode(args[1],"US-ASCII");
URL url = new URL("http://192.168.0.75:23");
URLConnection connection = url.openConnection();
connection.setDoOutput(true);
System.out.println("connection obj got");
PrintWriter out = new PrintWriter(connection.getOutputStream());
out.println(username);
out.println(password);
Process p = Runtime.getRuntime().exec("cmd /c perl C:\\perlsrc\\uname.pl");
// out.println(args[0]);
System.out.println("-----------connected---------------");
out.close();
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null)
System.out.println(inputLine);
in.close();
}catch(Exception e){e.printStackTrace();}
//@ovverriding the getPasswordAuhtentication method
protected PasswordAuthentication getPasswordAuthentication()
System.out.println("int the password authentication method");
return new PasswordAuthentication(username,password.toCharArray());
}output::
connection obj got
-----------connected---------------
ÿûÿûÿýÿý
User Access Verification
Username: POST / HTTP/1.1--------------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Host: 192.168.0.75:23--------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Connection: keep-alive
Password:
% Authentication failed.
Process exited with exit code 0.
please explain me where i am missing again???
Thanks in advance,
Nagaraju. -
"ORA-01017 invalid username/password: logon" --- Help Please !!!
Hello Peter,
Sorry for sending an unexpected mail.
I am stuck and really want your help. I have seen your email address on OTM website.
Aim: To run the JAVA code samples provided in Oracle 9i DATA MINING suite
on windows 2000.
I have installed Oracle 9i enterprise edition and
also Oracle 9i Data mining (ODM).
I have lot of problems in username/password authentication.
everytime I run the ODM setup, irrespective of the default
name/password
which is ODM/odmpw it says "ORA-01017 invalid username/password: logon"
I was just working on the Oracle 9i DataMining installation and found something really interesting
I was wondering if you can solve this:
1. I created user SCOTT and ODM using SQL Plus queries by logging system/manager.
and when I typed "select username from dba_names" it gave me ODM and SCOTT as
users and hence I was happy.
2. Then I uninstalled DATA MINING suite and reinstall it thinking this time it should
get ODM/odmpw as username and password as and DBA user/password being
system/manager. When uninstalling DATA MINING suite ODM user gets dropped
and when reinstalling ODM suite, it never make ODM user back in Oracle 9i database.
Hence it is not finding ODM user anymore and hence "ORA-01017 invalid username/password: logon"
error occurs.
Now can you tell me what can be done in order to make the ODM recreate when installing
DATA MINING suite.
Please reply me as I am badly stuck.
I at least know why problem is occurring now looking for solution.
Thanks
NishantI was reading on gogole
i have set
alter system set SEC_CASE_SENSITIVE_LOGON=false scope=spfile;
now i can connect from sqlplus
sqlplus SYSTEM/password
also
sqlplus SYSTEM/password@localhost:1521/XE
also :
From GUI i can connect to oracle db from http by port 8080
but its seems like oracle VM manager does not connect ...
example
Would you like to install Oracle Database 11g Express Edition (XE) or connect to an existing Oracle database?
1: Install Oracle Database 11g XE
2: Use an existing Oracle database
Select Number (1-2): 2
Enter the Oracle Database hostname [localhost]:
Enter the Oracle Database System ID (SID) [XE]:
Enter the Oracle Database SYSTEM password:
Enter the Oracle Database listener port [1521]:
Enter the Oracle VM Manager database schema [ovs]:
Enter the Oracle VM Manager database schema password:
Enter the Oracle VM Manager database schema password (confirm):
Oracle Weblogic Server 11g
==========================
Enter the Oracle WebLogic Server 11g user [weblogic]:
Enter the Oracle WebLogic Server 11g user password:
Enter the Oracle WebLogic Server 11g user password (confirm):
Oracle VM Manager application
=============================
Enter the username for the Oracle VM Manager administration user [admin]:
Enter the admin user password:
Enter the admin user password (confirm):
Verifying configuration ...
The database could not be reached using the provided connection info.
ORA-01017: invalid username/password; logon denied
Configuration verification failed ...
can any one please help me -
Passing username and password while calling the simple HTTP API
Hi,
I want to execute a graph by calling the http api from a java code. However, this gives me a 401 unauthorized http error as I am not passing the username and password to the clover http url.
The following is the format of the constructed url. - http://<host>:<port>/clover/simpleHttpApi/graph_run?sandbox=<sandboxname>&graphID=graph/Baseline.grf&verbose=FULL
Can anyone suggest how to pass user credentials to this url.
ThanksBrett,
Thanks for the response.
The idea is to run the baseline graph using the simple http api and get the run id of the job. Then I plan to call
this url - http://<host>:<port>/clover/simpleHttpApi/graph_status?runID=1310924&returnType=STATUS_TEXT&waitForStatus=FINISHED_OK by passing the obtained run ID of the previous job dynamically to this url. This status has to be read and printed on the screen. Now all this is easy to write using java and executing the java class using the JAVA EXECUTE component of Integrator ETL 3.1. My only problem is how do I pass the user credentials.
Thanks -
HTTPS over a Proxy!! Set up of username/password
I am transferring over https to a receving servlet over a Proxy.
How do I specify the username and password for the Proxy in my
application ,if the proxy server supports this.
I have configured my application to send it over a Proxy with:
https.proxyHost = <Proxy Host>
https.proxyPort = 0000
or
System.setProperty("https.proxyHost","Proxy Host");
System.setProperty("https.proxyPort","8080");
How can I set the Property for Username and Password too?
Please does any one know this?
ajay
[email protected]Or you could use the Authenticator class
in JDK.
class MyAuth extends Authenticator {
protected PasswordAuthentication getPasswordAuthentication() {
System.out.println("The realm '" + getRequestingPrompt() +
"' at '" + getRequestingHost() + ":" + getRequestingPort() +
"'\n" + "using " + getRequestingProtocol() + " is requesting " +
getRequestingScheme().toUpperCase() + " authentication.");
System.out.println("");
System.out.println("What should we send them? Let's send them ...");
System.out.println("");
return new PasswordAuthentication("username", "password".toCharArray());
// set to the authenticator you want to use.
Authenticator.setDefault(new myAuth());
URL url =
new URL("http://www.some.com/something_protected/index.htm"); -
Invalid username/password in case of oracle os authentication
Hi,
I am trying to connect to database using oracle local os authentication. REMOTE_OS_AUTHENT = false
I am using oracle 11g.
here is the code
I am trying in two ways :-
1. OracleDataSource
OracleDataSource ods = new OracleDataSource();
String url = "jdbc:oracle:oci:@";
ods.setURL(url);
ods.setDatabaseName("oradg");
Connection conn = ods.getConnection();
In this case it always connects to the default ORACLE_SID which is set in the environment.
2. Simple JDBC connection
String url = "jdbc:oracle:oci:@oradg";
Connection con = Drivermanager.getconnection(url,props);
in this case it always says "invalid username/password"
Please help me to resolve the problem.
Thanksuser10839503 wrote:
2 using the oracle account for this is a VERY BAD IDEA
i have another os user called demo which has the same issue.
REMOTE_OS_AUTHENT any way i dont want to use.
3 always connecting to the database server is a VERY BAD IDEA
i am not very clear on this can u please elaborate it?
I dont want to use any username and password for os authentication in the code.
The problem is if ORACLE_SID is set in the environment then code works fine. But I want to set the sid in the code itself.
Because if i set in the environment then at a time only one sid will be used.
But why you want to hard code the SID in the first place anywhere? Why not to use the Services ?
Aman.... -
Authentication Scheme with Username / Password stored in App Table
Hi all,
Up to now all of our applications have used SSO authentication, but I now need to step away from this to allow users from outside our organisation (and therefore not in our OID system) to use one specific application.
I therefore have a table in my application that stores username and password. I have a function that compares the entered username and password to this table and returns a boolean result. This function is then registered in my Authentication Scheme as the Authentication function.
All this works well and is causing no problems. The problem is that the password is stored and checked in plain text - obviuosly not very good.
How do I go about changing the password column in my table, the pages that allow this password to be set and updated and the authentication function that checks the username / password to use some form of encryption?
Also, do I need to be worrying about all the other fields (Page Sentry Function,Session Verify Function, Pre-Authentication Process etc) that the Authentication Scheme offers me - or can I just leave these blank as they are now.
If someone can give me a complete 'out-of-the-box' solution that would be wonderful - otherwise a good hard pusj int he right direction would be much appreciated.
Many thanks,
MartinHello Martin,
If you check out the Discussion Forum application here, you should find the information you need. This app stores an encrypted version of the user's password in the table.
http://www.oracle.com/technology/products/database/application_express/packaged_apps/packaged_apps.html#FORUM
Good luck,
Don.
You can reward this reply by marking it as either Helpful or Correct :) -
Username and Password authentication
Hi,
I am new to both JDBC and MSSQL. I've been connecting to msSQL server without providing username and password (DriverManager.getConnection(String url)). I am wondering how to enforce the username and password authentication so that username and password have to be verified before a connection is made. Thanks in advance.but where can I get the username & password? I can get
the connection even with any username & password, why?Hi WeiHang,
This is regarding the options you have set in the SQL Server. You have to choose from Windows NT authentication and SQL Server Authentication. If you give SQL Server authentication you have mentioned the username and password and you can connect to database simple using DSN(if you are using JDBC-ODBC). However if you choose WindowsNT authentication you donot specify the user name and password there and you have to enter the same at runtime.
Hope this can help you -
Passing username & password in HTTP Header
Hi all,
My 1st query.
I want to access a url which asks for username & password.
how can i put my username & password in the http header so that when i call that url it shouldn't ask for the username & password.can anyone plz show it as a piece of servlet code.
Thanks,
NehaI am uing the HttpUrlConnection and the way I set is using the "setRequestProperty()" method. The follwoing code snippet actually encodes the user + passwd and sets it in the HTTP header.
if(this.user != null) {
BASE64Encoder encoder = new BASE64Encoder();
StringBuffer buf = new StringBuffer(user).append(":").append(this.passwd);
String encoded = encoder.encode(buf.toString().getBytes());
httpCon.setRequestProperty("Authorization", "Basic " + encoded); -
EUS password authentication in sql developer failing with username/password
We have recently changed to use Enterprise User Security (EUS) for our client authentication (password global authentication).
This is working fine but we are encountering an issue with SQL Developer whereby we can't logon using our EUS details, it simply returns the following on the logon screen:
Status : Failure - Test failed: ORA-01017: invalid username/password; logon denied
Logging on via sql plus client and server software and other 3rd party tools like pl/sql developer works correctly.
It appears to be an issue with sql developer itself.
We are using the latest Production release of sql developer 2.1
Does anyone have any ideas?
This is an issue for
Edited by: david butler on Jan 14, 2010 10:45 AMFurther to this, I have now found a suitable resolution to this that doesn't require an external client.
There is a jdbc setting that will allow you to use EUS password authentication.
Add the jdbc line option (below) in the sqldeveloper.conf file (backup the sqldeveloper.conf file first).
AddVMOption -Doracle.jdbc.thinLogonCapability=o3
The sqldeveloper.conf file can be found wherever you have installed sqldeveloper, under <INSTALL_HOME>\sqldeveloper\bin\sqldeveloper.conf.
After you add this option, restart SQL Developer and you should be able to use your EUS username / password to authenticate via SQL Developer.
Maybe you are looking for
-
the Yahoo mail site is colorless, lines through header words, no color. FaceBook, The Sims Resource, Amazon.com, all these sites are colorless, words enclosed in a block form, not all words appear
-
Exception in thread "main" java.lang.NoClassDefFoundError: connect (wrong n
Please Help, I am giving up... My PATH: %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Java\jdk1.6.0_11\bin;C:\Program Files\MySQL\MySQL Server 5.1\bin;C:\JAVA DOCU
-
Scans from HP C4680 are not properly saved after upgrade to OS X 10.9
After upgrade to OS Mavericks all-in-one HP C4680 does print and scan however scans are not properly saved. Saved file in preview shows grey bands; text is not readable. Driver update from HP support didn't resolve the issue, nor any workaround sugge
-
FCP7 - Computer shut down after 5 minutes of importing HDV footage
Hello, I've searched around forums for a couple hours now looking for people with similar problems as mine. I've taken about 10 minutes of 1080i, 24p, footage on my Canon HV40 camera. I'm capturing the footage in HDV-Apple ProRes 422 1080p24 using my
-
Help Viewer prompts AFP search for unfound IP address
When I launch Mac Help on my MacBook Pro (10.4.6) I get an alert that AFP is unable to locate 10.0.1.51 (which was a prior IP address of my desktop Mac when I was using an original AirPort Base Station and I had a PowerBook G4 1GHz from which I migra