SP4 and Form Based Authentication

Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
     Patrick.

Hehe Hiya Patrick!, that was Me! seems we use the same hot source of info :)
Cheers
Rob :)
"Patrick Byrne" <[email protected]> wrote in message
news:[email protected]..
Hi,
I had just advised a customer to apply SP4 to WLS and
then plug in the 'source code' patch, he replied that he had
been informed that SP4 breaks Form Based Authentication for
war web apps?
Can anyone confirm/deny this for me please ?
regards,
Patrick.

Similar Messages

  • Issues with OSSO ,custom login module and form based authentication

    Hi:
    We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
    authentication and Custom login module.
    Application is going in infinite loop when we we try to login using osso ,from the logs
    what I got is looks like tha when we we try to login from OSSO application goes to the login
    page and it gets the remote user from request so it forwards it to the home page till now
    it is correct behaviour ,but after that It looks like home page find that authentication is
    not done and sends it back to the login page and login page again sends it to the home as it
    finds that remote user is not null.
    Our web.xml form authentication entry looks like this :
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/jsp/login.jsp</form-login-page>
    <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
    </form-login-config>
    </login-config>
    While entry in orion-application.xml has the following entry for custom login :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    </jazn>
    Whether If I change the authentication type to BASIC and add the following line
    in orion-application.xml will solve the issue :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    <jazn-web-app auth-method="SSO" >
    </jazn>
    Any help regarding it will be appreciated .
    Thanks
    Anil

    Hi:
    We are facing issues with OSSO (Oracle Single Sign on ),Our application use the form based
    authentication and Custom login module.
    Application is going in infinite loop when we we try to login using osso ,from the logs
    what I got is looks like tha when we we try to login from OSSO application goes to the login
    page and it gets the remote user from request so it forwards it to the home page till now
    it is correct behaviour ,but after that It looks like home page find that authentication is
    not done and sends it back to the login page and login page again sends it to the home as it
    finds that remote user is not null.
    Our web.xml form authentication entry looks like this :
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/jsp/login.jsp</form-login-page>
    <form-error-page>/jsp/couldnotlogin.jsp</form-error-page>
    </form-login-config>
    </login-config>
    While entry in orion-application.xml has the following entry for custom login :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    </jazn>
    Whether If I change the authentication type to BASIC and add the following line
    in orion-application.xml will solve the issue :
    <jazn provider="XML">
         <property name="custom.loginmodule.provider" value="true" />
    <property name="role.mapping.dynamic" value="true" />
    <jazn-web-app auth-method="SSO" >
    </jazn>
    Any help regarding it will be appreciated .
    Thanks
    Anil

  • MOBI SSO with trusted authentication and form based authentication

    Dear All,
    I am trying to configure Trusted authentication based SSO FOR MOBI, here are the details:
    - SAP BI 4.1 SP04
    - Trusted authentication with HTTP header configurred for BI Launchpad and working fine.
    Now to have SSO from Mobile, I plan to leverage the existing configuration of BI Launchpad and at Mobile level, I want to use authentication type as TRUSTED_AUTH_FORM, instead of TRUSTED_AUTH_BASIC, with the approach: Trusted authentication with HTTP header.
    And
    Provide our app users their X502 certs.
    1. Will the above approach work ??
    2. As per SAP NOTE: 2038165 - SSO using form based trusted auth gives with the SAP BI app for iOS gives error MOB00920 this does not work and is still under investigation from July last year ? So for any community member, has this been found working ??
    I would appreciate your valuable inputs.
    Regards,
    Sarvjot Singh

    Hi,
    According to your post, my understanding is that you want to know the difference of the SharePoint three type user authentications.
    Windows claims-based authentication uses your existing Windows authentication provider (Active Directory Domain Services [AD DS]) to validate the credentials of connecting clients. Use this authentication to allow AD DS-based accounts access to SharePoint
    resources. Authentication methods include NTLM, Kerberos, and Basic.
    Forms-based authentication can be used against credentials that are stored in an authentication provider that is available through the ASP.NET interface
    SAML token-based authentication in SharePoint 2013 requires coordination with administrators of a claims-based environment, whether it is your own internal environment or a partner environment.
    There is a good article contains all the SharePoint Authentications, including how they work and how to configure.
    http://sp77.blogspot.com/2014/02/authentication-in-sharepoint-2013_5.html#.VFcyQ_mUfkJ
    Thanks & Regards,
    Jason
    Jason Guo
    TechNet Community Support

  • Office Web Apps and Forms Based Authentication

    Is it possible to use Office Web Apps Server 2013 to give external SharePoint Foundation 2013 clients access to Office documents in a View only capacity?
    Does FBA work with Office Web Apps or would external users have to at least have a Windows CAL in AD if we are just using SharePoint Foundation?

    Hi,
    It may be possible.
    Here are some links for your situation:
    http://technet.microsoft.com/en-us/library/ff431682(v=office.15).aspx
    http://blogs.technet.com/b/office_web_apps_server_2013_support_blog/archive/2014/03/20/office-web-apps-2013-errors-previewing-viewing-editing-documents-when-using-fba-in-the-extended-zone-but-not-the-default-zone.aspx
    http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
    Office Web Apps can be used only by SharePoint 2013 web applications that use claims-based authentication.
    There is a known issue when using Office Web App in the extended zone with FBA, but not the default zone. Please configure FBA authentication in the Default zone in case of that.
    Hope it helps.
    Regards,
    Rebecca Tu
    TechNet Community Support

  • Form based authentication HTTP 403 access forbidden in WL 8.1

    Hi there..
    I found following message posted in April-2004 by Sandeep very useful.
    I also ended up getting the following HTTP 403 Forbidden access error while using Pageflow controller and Form based authentication.
    I noticed 2 things. If you have a normal webapp A, which is a plain old webapp (which does not use pageflow..workshop etc..) then the following error does not occur.
    It only happens with those webapps which utilizes WL 8.1's pageflow features. Note that I am not using nested page flows. I just used 1 pageflow controller and wanted to have the form based login feature for the same.
    BEA's samples on form authentication talks about nested page flows and javax.security.auth.login.FailedLoginException and etc.. are they only applicable to nested pageflows?
    can't I use the same to capture failed login exception within a single controller?
    I tried out putting FailedLoginException exception-handler in Global.app file but it didn't catch it. Only the following work around worked. is this a bug in WL 8.1 workshop? or I am missing something.
    I would appreciate if someone can clear this doubt.
    I am using WL 8.1 with sp3.
    Rajesh
    Hey guys,
    I could find the solution for my problem. Here it is
    We need to add following lines of code in the erro.jsp page.
    <form action"j_security_check>
    ....write the error mesage....
    </form>
    You will get rid of "403 Forbidden page" error.
    Thanks,
    Sandip
    [email protected] (Sandip Atkole) wrote in message news:<[email protected]>...
    I am trying to set up Form-Based Authentication on WebLogic 8.1
    The Problem:
    If the user provides correct userid/password, he gets access to the
    protected resource as required, but if he provides incorrect
    userid/password, he gets a 403 Forbidden page, instead of getting the
    login failure page.
    The Descriptors:
    WEB.XML
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/Login.jsp</form-login-page>
    <form-error-page>/LoginError.jsp</form-error-page>
    </form-login-config>
    </login-config>
    Why doesn't it redirect to "/LoginError.jsp" instead of showing the
    403 Forbidden page?
    Thanks in advance
    Sandip

    It seems like a bug. However when I explicitly reset the error using set status it worked for me. I added following code in my error jsp .
    <%     
         response.setHeader("conent-type","text/html");
         response.setStatus(200);
    %>

  • Can you enable both Windows Based Authentication and Forms Based Authenication for the same web application?

    Hello Community
        In WS2012 and SharePoint 2013 Server is it possible when creating a
    web application to enable both Windows Based Authentication/Negotiate
    (Kerberos) and enable Forms Based Authentication or does the web application
    use either one or the other?
        Thank you
        Shabeaut 

    Yes , you can use dual authentication on same web application. You can use same web application , at OOB login page you will have option to use windows or form login.
    Or you can extend your web application to a new web app and configure extended web application to use Form Based Authentication(Note extended web application will also show same content database , so the content will same only url will be different)
    http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx
    http://gj80blogtech.blogspot.in/2013/11/forms-based-authentication-fba-in.html
    Thanks
    Ganesh Jat [My Blog |
    LinkedIn | Twitter ]
    Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.

  • Form based authentication getting logged in username and role

    Hi
    I have implemented a simple Form based authentication in my web site.
    I have maintained tomcat-users.xml file for user names, passwords and roles.
    Once my user is authenticated, I need to access his name and role in website.
    How can this be done.
    Please guide.
    Thanks

    The request object should contain the information, e.g. use request.getRemoteUser().

  • FORM Based Authentication and Browser Refreshing

    We are using FORM Based Authentication in our web application and it works rather well. I have noticed an interesting bit of behavior that I am unable to explain. After an attempt is made to access the first protected resource the container will display the login page specified in the web.xml file. After successful authentication the original protected resource is displayed as expected. In the Address line of the browser however the original URI requested is now replaced with the following:
    http://<domain>:<port>/<root>/j_security_check
    Now, when we hit the refresh button on the browser we get the following error:
    404 Not Found
    Resource /<domain>/j_security_check not found on this server
    Two questions. 1. why does it do this? and/or (more importantly) 2. How do I prevent this behavior or work around it?

    I�m trying to figure out how to pass the user�s ID
    and password, using form-based authentication and
    file realm, to our JDBC connection. Two separate issues.
    I've usually seen it done where there are three tiers, of course. The user provides login credentials from the view tier, which are passed to the controller tier. The controller will validate the user against a database or LDAP. Once they're validated, the credentials are put into session and provided for all apps that need them, including the persistence tier.
    The connection pool requires that you create connections using an application ID, not the user ID. You have to move the security out of the database and into the application.
    %

  • Form-based authentication and JSF

    I am trying to use a form-based authentication in Tomcat 6, and from what I understand the page that contains the login form can not be a JSF page.
    The problem I'm having with this is that I need the client's username and password accessible from my backing bean, but I don't know how to put them there from a standard JSP.
    Before all this, I had a simple login form with username/password fields that were bound to a bean, and a button that executed a bean method that would perform the login procedure, retrieve the client's data from the DB and create a Client object in the session to be accessible throughout the application. Now, I need to use container managed access control with form-based authentication, and I know how to set it up but don't know how to create the Client object if the container does all the authentication and I never even get a hold of a username/password combination let alone the rest of the client's data.
    Any advice on this would be greatly appreciated.

    alf.redo wrote:
    ...following article: [j2ee_security_a_jsf_based_login_form|http://groundside.com/blog/DuncanMills.php?title=j2ee_security_a_jsf_based_login_form]
    This is exactly the solution I am planning to use. It is good to know there are others who have decided to go that way.
    Thanks

  • Form Based Authentication in Tomcat, getting login and password

    Sorry for my English.
    How I can guess login and password strings of an user, from error page (JSP)using "Form Based Authentication of Tomcat"?
    I need know it to lock the count each 3 error tries (if login is ok but
    password is bad, insteed).
    Methods 'getRemoteUser', 'isUserInRole' and 'getUserPrincipal' of
    HttpServletRequest interface have this result: If no user has been
    authenticated, returns null, false and null respectly. For this reason, they aren't utils for me.
    If I don�t know login what user writed, I can't lock his/her count.
    Exist solution for this? Thanks

    hi i am also facing the same problem. could u please tell me how u overcame the situation ?
    u will reallly pull me out of my troubles
    thanx in advance
    [email protected]

  • Get user and user-roles in form based authentication

    How do I get user and roles associated with the user in my bean for "form based authentication".
    regards,
    nirvan.

    HttpServletRequest#getUserPrincipal().
    This has nothing to do with JSF. Form based authentication is part of Servlet spec.
    In JSF you can get the HttpServletRequest by ExternalContext#getRequest().

  • JAAS and form-based webtier authentication

    Hi, I would like to know if it is possible to use form-based authentication with
    JAAS in a webapp. I would appreciate if you could show me some sample code.
    Thanks /Chris

    Hi, You may like to go through the following link.
    http://developinjava.com/readarticle.php?article_id=6

  • Forcing specific clients or groups to use forms based authentication (FBA) instead of windows based authentication (WIA) with ADFS

    Hi,
    We are have a quite specific issue. The problem is most likely by design in ADFS 3.0 (running on Windows Server 2012 R2) and we are trying to find a "work-around".
    Most users in the organization is using their own personal computer and everything is fine and working as expected, single sign-on (WIA) internally to Office 365 and forms based (FBA) externally (using Citrix NetScaler as reverse proxy and load
    balancing with the correct rewrites to add client-ip, proxy header and URL-transformation).
    The problem occurs for a few (50-100) users where they are sharing the same computer, automatically logged on to the computer using a generic AD-user (same for all of them). This AD-user they are logged on with does not have any access to Office365
    and if they try to access SharePoint Online they receive an error that they can't login (from SharePoint Online, not ADFS).
    We can't change this, they need to have this generic account logged on to these computers. The issue occurs when a user that has access to SharePoint Online tries to access it when logged on with a generic account.
    They are not able to "switch" from the generic account in ADFS / SharePoint Online to their personal account.
    The only way I've found that may work is removing IE as a WIA-capable agent and deploy a User-Agent version string specific to most users but not the generic account.
    My question to you: Is there another way? Maybe when ADFS sees the generic user, it forces forms based authentication or something like that?
    Best regards,
    Simon

    I'd go with your original workaround using the user-agent and publishing a GPO for your normal users that elects to use a user-agent string associated with Integrated Windows Auth.. for the generic accounts, I'd look at using a loopback policy that overwrites
    that user agent setting, so that forms logon is preferred for that subset of users. I don't think the Netscaler here is useful in this capacity as it's a front-end proxy and you need to evaluate the AuthZ rules on the AD FS server after the request has been
    proxied. The error pages in Windows Server 2012 R2 are canned as the previous poster mentioned and difficult to customize (Javascript only)...
    http://blog.auth360.net

  • Issue with form based Authentication in three tier sharepoint 2013 environment.

    Hi,
    We are facing issue with form based Authentication in three tier environment.
    We are able to add users to the database and in SharePoint.
    But we are not able to login with created users.
    In single tier everything working fine
    Please help , Its urgent ... Thanks in advance.
    Regards,
    Hari
    Regards, Hari

    if the environments match, then it sounds like a kerberos double-hop issue
    Scott Brickey
    MCTS, MCPD, MCITP
    www.sbrickey.com
    Strategic Data Systems - for all your SharePoint needs

  • Error re-logging in after session timeout using form-based authentication

    Hello,
    We have a web app configured for form-based authentication. When the session times out, we're redirected to our login page as expected. However, after re-logging in, we are not redirected to the desired page (e.g., /faces/OurMainPage.jspx) but to /afr/page_lev_idle.gif.
    Do we have to do anything special for session timeouts?
    Thanks,
    Rico

    Some extra information that might help:
    After re-logging in and we're in /afr/page_lev_idle.gif, we hit the browser Back button (showing the login page again) and then hit the browser Refresh/Reload button and voila we're at the page we expect to be.
    Rico

Maybe you are looking for

  • Java.lang.exception: word is too big

    Hi everybody! I have a problem need your help. At present I have a server-client application, server running on Linux enviroment, client running on Window enviroment. After a period of time, there is a exception thrown to console: java.lang.Exception

  • How to call BAPI in a ABAP prog

    Hi All I have a concern regarding the usuage of BAPI in the ABAP program. i have successfully created a BAPI and i have implemented a method as well using ADD API Method button. Now after doin all the things in SWO1. I wanted to know how to call this

  • Placing several times with place gun...

    Hello there! I came across a "problem", which is showing up in the following way... When I want to place a file via place gun function (placing a file with multiple pages), I want to place various pages several times. Somehow I made it before to do s

  • VPN stops working after 60 seconds.

    Hello Everyone I am having problem with my vpn i am using Express vpn on windows 8.1 64 bit last week everything was working fine. Now i am being disconnected every 60 seconds then i have to reconnect it and again it works for 60 seconds.  I am using

  • Where can I download a older version of Aperture?

    I had a MAC PRO with MAC OS 10.7.5 and need to install Aperture but the last version requires 10.9; Where can I download a older version of Aperture?