Smart card authentication for IOS device

Similar Messages

• ISE 802.1x EAP-TLS machine and smart card authentication

  I suspect I know the answer to this, but thought that I would throw it out there anway...
  With Cisco ISE 1.2 is it possible to enable 802.1x machine AND user smart card  authentication simultaneously for wired/wireless clients (specifically  Windows 7/8, but Linux or OSX would also be good).  I can find plenty of  information regarding 802.1x machine authentication (EAP-TLS) and user  password authentication (PEAP), but none about dual EAP-TLS  authentication using certificates for machines and users at the same time.  I think I can figure out how to configure such a policy in ISE, but options seem to be lacking on the client end.  For example, the Windows 7 supplicant seems only able to present either a machine or user smart card certificate, not one then the other.  Plus, I am not sure how the client would know which certificate to present, or if the type can be specified from the authenticator.

  Hope this video link will help you
  http://www.labminutes.com/sec0045_ise_1_1_wired_dot1x_machine_auth_eap-tls

• Smart card required for interactive logon

  Hi ,
  what is the meaning of these in AD. These options are available in user properties in the Account TAb.
  1-Smart card required for interactive logon.
  2-Account is trusted for delegation
  3-Account is senstive cant be delegated
  4-Use kerberos DES
  5-Dont Require Kerberos
  Regards
  Anil

  Hello,
  You will have to logon to domain using a Smart Card. Interactive logon: Require smart card
  Allows a service running under this account to perform operations on behalf of other user accounts on the network. A service running under a user account (otherwise known as a service account) that is trusted for delegation can impersonate a client to gain
  access to resources on the computer where the service is running or to resources on other computers
  You can use this option if the account, for example a Guest or temporary account, cannot be assigned for delegation by another account.
  Provides support for the Data Encryption Standard (DES). DES supports multiple levels of encryption.
  Provides support for alternative implementations of the Kerberos protocol.
  For a full explanation refer to below links:
  Understanding User Accounts
  Delegating authentication
  Regards.
  Mahdi Tehrani   |  
    |  
  www.mahditehrani.ir
  Please click on Propose As Answer or to mark this post as
  and helpful for other people.
  This posting is provided AS-IS with no warranties, and confers no rights.
  How to query members of 'Local Administrators' group in all computers?

• Smart Card login for ordinary folk

  Hi,
  I used to use the OpenSC project for Smart Card login, but I believe that with changes in OS X 10.8 it's no longer an option.
  What affordable solutions are there for genuine Smart Card login for OS X 10.8?  YubiKey doesn't support anything more than entering a static password pre-stored on the device, and when I last tried Rohos it was abysmal.

  I'm guessing that since you are not entering a password, the sparse bundle is not being unlocked. I don't know of a way to tie it to the smart card login. It sounds similar to when you put a different password on your default keychain. It won't unlock on login because you are not entering its password.

• File.upload on Air SDK for iOS devices failed to send http request to server.

  I am trying to use ActionScript's File.upload to upload a file on Air SDK for iOS8 environment, but the File.upload does not work properly. No handler about the file upload is executed after File.upload is invoked, and no exception is caught. When I check the network traffic of the server side, I found that no http request even hit the server after File.upload is executed. The code snippet here is very simple.
    private var file:File;
    private var dir:File;
    //This method is executed to create a file and upload it when the Upload Button is pressed.
    protected function OnUploadButtonPressed(event:MouseEvent):void{
    var str:String = 'This is test';
    var imageBytes:ByteArray = new ByteArray();
    for ( var i:int = 0; i < str.length; i++ ) {
    imageBytes.writeByte( str.charCodeAt(i) );
    try{
    dir = File.applicationStorageDirectory
    var now:Date = new Date();
    var filename:String = "test" + now.seconds + now.milliseconds + ".txt";
    file = dir.resolvePath( filename );
    var stream:FileStream = new FileStream();
    stream.open( file, FileMode.WRITE );
    stream.writeBytes( imageBytes );
    stream.close();
    file.addEventListener( Event.COMPLETE, uploadComplete );
    file.addEventListener( IOErrorEvent.IO_ERROR, ioError );
    file.addEventListener( SecurityErrorEvent.SECURITY_ERROR, securityError );
    file.addEventListener(ErrorEvent.ERROR, someError);
    file.addEventListener(ProgressEvent.PROGRESS, onProgress);
    file.upload( new URLRequest("http://10.60.99.31/MyPath/fileUploadTest.do"));//This line does not work. No handler is executed. No http request hit the server side.
    } catch( e:Error ) {
    trace( e );
    //Complete Handler
    private function uploadComplete( event:Event ):void
    trace( "Upload successful." );
    //IOError handler
    private function ioError( error:IOErrorEvent ):void
    trace( "Upload failed: " + error.text );
    //SecurityError handler
    private function securityError(error:SecurityErrorEvent):void{
    trace( "Security error:" + error.text );
    //Other handler
    private function someError(error:ErrorEvent):void{
    trace("some error" + error.text);
    //Progress handler
    private function onProgress(event:ProgressEvent):void{
    trace("progressHandler");
  When executed on Air Simulator, it works fine as expected, and the file is successfully uploaded to the server. But When executed on iOS devices(in my case, iPad), as I explain early, no handler about the file upload is executed, and no the http request even hit the server. So I think the problem may be in the client side. It seems that the Air SDK for iOS just failed to send the http request for some reason.
  To make my problem more clear, I list my environment below:
  Development Environment:  Windows7 (64bit)  / Mac os 10.9.4 (Tested on  OS platforms.)
  IDE: Flash Builder 4.7
  Air SDK:  3.8 / 16.0.0 (After I updated to the lastest Air SDK 16.0.0 , the problem still exists.)
  Application Server:  Tomcat7 + Spring
  Target OS: iOS 8
  I have been struggling for this for days. So I really appreciate it if anyone has any idea about this.
  Thanks in advance.

  Hi bluewindice ,
  As you have quoted ( ActionScript's File.upload does not work on Air SDK for iOS devices ) , this issue has been replicated at our end, and our team will be working on it.
  Thanks,
  Tushar

• AAA authentication for networking devices using ACS 4.1 SE

  Hi!!!
  I want to perform AAA authentication for networking devices using ACS 4.1 SE.
  I do have Cisco 4500, 6500,2960, 3750, 3560, ASA, CSMARS, routers (2821) etc in my network. I want to have radius based authentication for the same.
  I want telnet, ssh has,console attempt to be verified by radius server & if ACS goes down then it will be via local enable passwordf.
  For all users i need to have different privilege levels based upon which access will be granted.
  could u plz send me the config that is required to be done in the active devices as well as ACS!!!!

  Pradeep,
  Are you planning MAC authentication for some users while using EAP for others?
  For MAC authentication, just use the following in your AP.
  aaa authentication login mac_methods group radius
  In your AP, select the radius server for mac authentication. You must have already defined your ACS as a radius server.
  In your SSID configuration, under client authentication settings,
  check "open authentication" and also select "MAC Authentication" from the drop-down list.
  If you want both MAC or EAP, then select "MAC Authentication or EAP" from the dropdown.
  Define the mac address as the username and password in ACS. Make sure the format of the mac is without any spaces.
  You will not need to change anything in XP.
  NOTE: XP normally does not require user authentication if machine has already authenticated but it might behave differently. If it does, I can let you know the registry settings to force the behaviour change.
  HTH

• How to integrate flash media server 4.0 live streaming for iOS devices ?

  Hi All,
  I have website which has live streaming module its working fine, same module i want to integrate for iOS devices. For live video streaming we are using FMS 4.0. So please let me know how we can integrate this for iOS devices using flash media server 4.0.
  Thanks in Adavnce
  Mohammad Sharique

  You need to place the crossdomain.xml in the webroot folder. Create a text file in the webroot folder using notepad, and call it crossdomain.xml. The text below will give you a wide open access policy, which is fine for testing.
  <?xml version="1.0"?>
  <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
  <cross-domain-policy>
            <allow-access-from domain="*" />
  </cross-domain-policy>
  For debugging HTTP streaming I recommend you get hold of something like Charles or Fiddler. These will greatly assist in pinpointing any issues.

• No,I recently buy an android device which is running ver 4.0 and has flash player.So please make Adobe Flash Player for IOS devices pls!pls  .

  No,I recently buy an android device which is running ver 4.0 and has flash player.So please make Adobe Flash Player for IOS devices pls!pls  .

  You need to contact the folks at the link below.
  http://www.adobe.com/aboutadobe/contact.html

• F4V player for iOS devices ?

  Hi All, Is there any player to play .f4v file for iOS devices application. (We are using Flash Media Server 4.0).     Thanks In Advance Mohammad Sharique

  You need to contact the folks at the link below.
  http://www.adobe.com/aboutadobe/contact.html

• Lag When Programming For iOS Device With Adobe Flash Professional.

  Hi, I'm trying to make an Application for iOS device, Everything is find, but when i installed it on my iphone 4 and my iPhone 4S my game start lagging, i don't what to do, i tried to simplifed the code but nothing is working i dont know if it's in the rendering or when i'm trying to export, but on my iPhone it's lagging.
  Any Help Please, Solution ?
  Thanks
  Francis

  Target gpu on the device you're testing .. you'll get much better results.
  You can do it on the xml configuration file on <renderMode> or if you're publishing in flash on the settings of renderMode select GPU.
  Also get rid as much as you can from vector graphics and use bitmaps instead.
  You can use Adobe's method of converting a vector in bitmap like this : myMC.cacheAsBitmap = true;
  And also if you're moving an object, scaling or changing it's transparency use myMC.cacheAsBitmapMatrix = new Matrix();
  These are some basic optimization tips.

• Error coming while installing Berkeley database for IOS Device.

  Hi I want to install berkeley db in my MAC. My Xcode version is 4.5.2. I downloaded db-5.3.21(Berkeley) from oracle site.I installed command line tool for xcode. I installed berkeley db in my MAC for iPhoneSimulator. Where as for iPhone device I am unable to install. I am following below link for installing the berkeley db. http://docs.oracle.com/cd/E17076_02/html/installation/build_unix_iphone.html
  When I am installing berkeley db for IOS device it is showing following error.
  checking for arm-apple-darwin11.4.2-sh... no checking for sh... /bin/sh checking for a BSD-compatible install... /usr/bin/install -c checking for arm-apple-darwin11.4.2-cc... /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/usr/bin/gcc checking whether the C compiler works... no configure: error: in /Users/celstra/rajaramesh/db-5.3.21/build_unix': configure: error: C compiler cannot create executables See config.log' for more details
  ............................... The error is telling that C compiler cannot create executables... But for iPhonesimulator it is not showing the error...
  Steps performed for installing Berkeley database for IOS device.
  export DEV_iOS=/Developer/Platforms/iPhoneOS.platform/Developer
  export SDK_iOS=${DEV_iOS}/SDKs/iPhoneOS6.0.sdk
  export COMPILER_iOS=${DEV_iOS}/usr/bin
  export CC=${COMPILER_iOS}/gcc
  export CXX=${COMPILER_iOS}/g++
  export CFLAGS="-arch armv6 -pipe -Os -gdwarf-2\
  -no-cpp-precomp -mthumb -isysroot $SDKROOT "
  export CXXFLAGS="-arch armv6 -pipe -Os -gdwarf-2\
  -no-cpp-precomp -mthumb -isysroot $SDKROOT "
  export CFLAGS=${LDFLAGS}
  export CXXFLAGS=${LDFLAGS}
  //export CPP=”/usr/bin/cpp ${CPPFLAGS}”
  export LD=${COMPILER_iOS}/ld
  export AR=${COMPILER_iOS}/ar
  export AS=${COMPILER_iOS}/as
  export NM=${COMPILER_iOS}/nm
  export RANLIB=${COMPILER_iOS}/ranlib
  ../dist/configure --host=arm-apple-darwin9\
  --prefix=$SDKROOT ...   
  Same steps i performed for iPHONESIMULATOR. But at that time c complier works fine. But while i am try to install for IOS device it is showing above error.
  Can we need any license software for this installation. Could any one please provide exact document regarding installation for IOS device.
  Any advice would be appreciated.
  Edited by: 1000547 on Apr 17, 2013 12:58 AM
  Edited by: 1000547 on Apr 17, 2013 1:03 AM
  Edited by: 1000547 on Apr 17, 2013 2:31 AM

  Thanks for the  reply komal i did that but not cleared..one thing when i create the build from my flash builder the error happens.but the same project i used in another flashbuilder and create build..That build works fine...is there any chance for flash builder compiler problem.
  cheers,
  venkat

• Weird acting of Socket class while build for iOS device

  Hello,
  It's kind of weird and frustrating using Socket class to build package for iOS device (iPad in my case) - I do have the certificates files (P12, Provisioning) and I can build a package from FB4.5.1 too, but if I build the package as 'Fast' mode through 'Run Configuration' wizard the Socket works okay, but if I package with 'Standard' mode it never works - even I tested both the modes in same device! Any suggestions/idea - I couldn't able figure out why it's acting strange in different modes!
  Thank you.

  This is still become ridiculous - I've read in a document online that non-working socket has bug-fix with AIR 2.7, I was using 2.6 previously - so I downloaded the latest AIR 3.0 SDK and rebuild the project - yet its not working! This is ridiculous!

• HT1338 Java for iOS devices

  I am currently out of country and unable to log onto my personal email account via Comcast.net.  It is requiring me to have JavaScript activated.  But I have looked almost everywhere for a download for either my iPad or 4s iPhone runnning most current iOs.   Is there a location to download or is it even available for iOs devices?

  Java and Javascript are two very different things so don't confuse them.
  If you're  asking about Java there are mentions of it on the web but I've never tried to get it on the iPhone see How to Use Java on An iPhone
  If you asking about Javascript  then that is possible. Open settings on the iPhone go to Safari and make sure javascript is enabled see How to enable JavaScript on the iPhone

• Design for iOS devices

  I am a novice with web design but was able to make a fairly simple site that looks fine with Safari or Firefox on my desktop but on an IOS device the spacing and layout are all out of wack.
  Is there a special way to design for IOS devices?
  Thanks in advance

  This particular forum was created to help those transitioning from Photoshop.com to Adobe Revel. Your question does not pertain to that topic.
  We also have many other forums relating to other Adobe products at: http://forums.adobe.com

• Configuring Weblogic Server for X.509 Smart Card Authentication

  0 down vote favorite
  share [g+] share [fb] share [tw]
  I am running Oracle Weblogic 11g (10.3.6) and attempting to configure two-way SSL (client certificate requested and enforced). The client certificate is on a smart card.
  I have enabled "basic" ssl in the weblogic server, and used keytool to import the relevant root CA certificates into the DemoTruststore.jks file. I have set the Two-way client cert behavior to Client Certs Requested and Enforced for the server.
  Unfortunately, attempting to access my application causes the following:
  <pre>
  <Certificate chain received from 127.0.0.1 - 127.0.0.1 was incomplete.>
  <NO_CERTIFICATE alert was received from 127.0.0.1 - 127.0.0.1. Verify the SSL configuration has a proper SSL certificate chain and private key specified.>
  <Certificate chain received from 127.0.0.1 - 127.0.0.1 was incomplete.>
  </pre>
  The ActivClient dialog never appears to select a certificate from the Smart Card, and a pin is never requested. Therefore, I think I misconfigured something.
  Help would be greatly appreciated.
  Jason

  Hello Mukunthan Damodharan,
  this means that the SSL Server Certificate has not his fully quallified name in the subject alternative name extension of the X.509 certificate.
  You can create a valid one or disbale that check in the Secure Login Client.
  How does the configuration gets to the clients?
  With the Policy Download you can disable that check over the Secure Login Server Administration console in the corresponding authentication profile.
  If manually you can change the following registry key:
  [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\SAP\SecureLogin\profiles\<profile name>
  "sslHostAlternativeNameCheck"=dword:00000000
  the value 0 disable that check on the client.
  best regards
  Alexander Gimbel