Unable to Access SSL WebVPN Login Page

Similar Messages

• Limit access to Apex login page

  Hi,
  We are deploying an application to our users. I need to limit access to Apex login page f?p=4550 to some predefined Ip adresses. Any ideas on this?
  Best regards,
  Onur.

  How exactly the APEX engine forces a '404' to be returned, I am not entirely sure. Perhaps it sends back the Response with the Header Status set to 404 ?Yes, with this process on the login page.
  begin
    if not #OWNER#.wwv_flow_security.ip_check then
        #OWNER#.wwv_flow.g_unrecoverable_error := true;
        sys.owa_util.status_line(404, 'Page Not Found');
        sys.owa_util.http_header_close;
    end if;
  end;Scott

• How to enable https or SSL for login page only?

  Hi,
  My application is runnnin in iPlanet web server 4.1 version.
  how to make my login page only secured (SSL)?
  previously we have done https enable for the whole application. but client specifically wants for login page only, not for the whole application. how can i make SSL for login page only in iPlanet 4.1.
  I searched through iPlanet console, but i didn't get any option such.
  i found one more thing console,i.e., "encrypt on or off". if i put encrypt "on" means, it will be for the whole application? How can i make it for login page only.
  Do i need to do any code changes for that?
  i tried through web.xml security constraints tags, but it is not working and taking that file as we are doing everything in servlet.properties and rules.properties files.
  can anybody help me in this regard?
  Regards,
  Chandu

  You specify SSL in web.xml of your application. So, in that case other web applications in same server would not be affected.
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>myresources</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <user-data-constraint>
  <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  </user-data-constraint>
  </security-constraint>Following link will help you to setup SSL in tomcat:
  [http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/|http://techtracer.com/2007/09/12/setting-up-ssl-on-tomcat-in-3-easy-steps/]
  Thanks,
  Mrityunjoy

• How to edit webvpn login page with 7.2 version in ASA5510?

  Dear guys,
  As a solution for business, I have deployed webvpn with 7.2 version in ASA5510(Version 8.0 cannot be used in this case). Could you share some experiences in customizating login page of webvpn manually(not use ASDM)? for example, if I want to add some system tips or links in login page, how to do?
  Appreciate your kindly help and suggestion.
  Best Regards,
  David Wu

  Customizing login page of webvpn with 7.2 version of ASA is easy to be done and the following Url contains the dcument for customizing the webvpn login page for ASA version 7.2:
  http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/webvpn.html#wp1031868
  This document contains the step-by-step procedure for customizing the login page.

• Not able to access the portal login page and idenetity console page

  Hi all.
  I installed PS 6.1 on a new Solaris 8 Box. DNS is not configured for this box.
  I use netscape browser on the solaris boz to test my installation - everything is fine
  issue:
  When i tried to access the amconsole or amserver/UI/Login application, it bombs with the following exception.
  but i can see the default webserver page (or any static html for that matter).
  any clue?
  10/28/2003 03:22:22:776 PM EET: Thread[Thread-195,5,main]
  ERROR: Exception occured
  java.lang.Exception: Service URL not found:session
  at com.iplanet.services.naming.WebtopNaming.getServiceURL(WebtopNaming.java:180)
  at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:686)
  at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:668)
  at com.iplanet.dpro.session.Session.getSession(Session.java:540)
  at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:73)
  at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:280)
  at com.sun.identity.authentication.service.AuthUtils.getOrigLoginURL(AuthUtils.java:1546)
  at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:253)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:783)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:434)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:312)
  at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:282)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:919)
  at com.iplanet.server.http.servlet.WebApplication.service(WebApplication.java:1061)
  at com.iplanet.server.http.servlet.NSServletRunner.ServiceWebApp(NSServletRunner.java:981)

  I am facing the same problem. I am using Custom Authentication module. When I access the login page for this custom authentication module I got this error. I have DNS entry and added the IP Adress in the host file too. Anyone tell us, what could be the problem?

• Cant access router's login page

  my macbook cant access the router's login page,but i cant access the internet through this wifi
  here is some info i think may be useful
  lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=3<RXCSUM,TXCSUM>
    inet6 ::1 prefixlen 128
    inet 127.0.0.1 netmask 0xff000000
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    nd6 options=1<PERFORMNUD>
  gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
  stf0: flags=0<> mtu 1280
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 80:e6:50:00:a0:c6
    inet6 fe80::82e6:50ff:fe00:a0c6%en0 prefixlen 64 scopeid 0x4
    inet 192.168.2.101 netmask 0xffffff00 broadcast 192.168.2.255
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
  en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:04:91:16:20
    media: autoselect <full-duplex>
    status: inactive
  en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:04:91:16:21
    media: autoselect <full-duplex>
    status: inactive
  bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether 82:e6:50:00:cc:00
    Configuration:
    id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
    maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
    root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
    ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 6 priority 0 path cost 0
    nd6 options=1<PERFORMNUD>
    media: <unknown type>
    status: inactive
  p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    ether 02:e6:50:00:a0:c6
    media: autoselect
    status: inactive
  Internet:
  Destination        Gateway            Flags        Refs      Use   Netif Expire
  default            192.168.2.1        UGSc           28        0     en0
  127                localhost          UCS             0        0     lo0
  localhost          localhost          UH             34  2643545     lo0
  169.254            link#4             UCS             1        0     en0
  169.254.71.63      74:2f:68:73:6d:e   UHLSW           0        0     en0    281
  192.168.2          link#4             UCS             2        0     en0
  192.168.2.1        94:c:6d:30:49:de   UHLWIir        29      178     en0   1029
  192.168.2.101      localhost          UHS             0        0     lo0
  192.168.2.102      74:2f:68:73:6d:e   UHLWI           0        0     en0    290
  If some people cant help I'll really appreciate.

  What I did was a hard reset... (hold reset for 10 or 30 seconds then while holding, unplug unit then release reset button. After 10 more seconds, plug unit back in.)
  Between that and using the TFTP program, I was able to get back into my management screen. You will have to reconfigure your router after that. Be sure, if you have a dedicated ip on your computer, you temporarily set it to obtain everything automatically incase your set ip doesnt correspond to the default settings for your router. Then once everything is back up, you can change you ip settings on your PC back to what you had, if any.

• Unable to access SOA suite start page from remote browser.

  I have Oracle SOA Suite 10.1.3 and Oracle 10g AS 10.1.2 installed on a Windows 2000 machine.
  I am able to access the default start page of the 10.1.2 AS from the local and remote machine using the following URLs
  Http:\\hostname:7777\
  Http:\\hostname:80\
  Also, I am unable to access the SOA Suite 10.1.3 start page, bpel console etc - from the host machine using Http:\\hostname:8888\
  However from a remote machine browser I am not able to connect to the start page of SOA suite only. Http:\\hostname:8888\.
  Is there some settings which allow only local host access to the SOA suite pages?.
  All the hosts are on the same intranet, there is no firewall. Also i have Msft loopback adapter installed on the server host machine.
  Appreciate all suggestions.
  Thanks

  I suppose you're using DHCP and hope you have followed the steps in the Installation Guide. With DHCP it is always a bit tricky to access the server. You should check your /WINNT/system32/drivers/etc/hosts file. If the hostname you're using during install is not in it then adding it will help.
  --olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

• Unable to change the default login page

  I would to change the default login page (to /content/ethz_ch/Login)
  I configured tha page by "Day CQ Login Selector Authentication Handler":
  In ./launchpad/config/com/day/cq/auth/impl/LoginSelectorHandler.config I see
  auth.loginselector.defaultloginpage="/content/ethz_ch/Login"
  as expected.
  I then configured a page (/content/ethz_ch/de/auth_test.html) with a closed user group and left the login page field blank.
  Instead on the newly defined login page I am redirected to
  https://..../system/sling/cqform/defaultlogin.html?resource=%2Fcontent%2Fethz_ch%2Fde%2Fauth_test.html&$$login$$=%24%24login%24%24
  Any idea on what I am doing wrong?

  Try 1 & 2 if does not work please file a daycare for further assistance.
  1.   In "Day CQ Login Selector Authentication Handler" for path info add an empty row then verify.
  2.   Delete the existing entry for "Day CQ Login Selector Authentication Handler" , Configure your custom at repository level & verify

• Unable to access E-Recruiting Start Pages Externally

  Hello,
  I’m hoping for some assistance with an E-Recruiting issue (standalone system; Version 3.0).  We are currently only able to access the start pages while inside of our network, and receive a “page cannot be displayed” message while outside of our network.  This is with the exception of the candidate registration page.  We can successfully register, and then pass on to the main E-Recruiting start page for an external candidate.
  The hrrcf_start_int bsp/service is used to call the start page for registered internal candidates, recruiters, and administrators (different view for each).  The hrrcf_start_ext bsp/service is used to call the start page for registered external candidates.  And, the hrrcf_cand_reg bsp/service is used to access the external candidate registration page. 
  The URL’s for the start pages were created using program RCF_GENERATE_URLS.   We are requiring all traffic be routed through our WebDispatcher, and all traffic be HTTPS, so the URL’s start out with https://recruiting....  Our E-Recruiting system is actually “careers”, but again, we want all traffic to go through our WebDispatcher, which is “recruiting”.
  We have created external aliases in transaction SICF for all three URL’s, and using the alias, I can successfully login to all pages within our network.   When I test the external aliases within SICF, I get an internal error (The user is not assigned a candidate or an employee) for the hrrcf_start_int and hrrcf_start_ext services.  When I test the external alias for hrrcf_cand_reg, it is successful.
  When I test the hrrcf_start_int  service within SICF, I get the logon page, but after logging on, I get message “Name of logical port’&&lp_named” is invalid”.  When I test the hrrcf_cand_reg service, it is successful. 
  When I test the hrrcf_start_int and hrrcf_start_ext BSPs in SE80, I receive an Internet Explorer “cannot display page” message.   The same is true for the hrrcf_cand_reg.  However, it is trying to access http://recruiting instead of https://recruiting.  I can see that URL address in the application.do Controller, but have no idea where to change it, because it is greyed out (any help with this would be appreciated as well.)
  We have created internal users using program RCF_CREATE_USER, and when I look at transaction BP, I see that it is creating a business partner for each user.
  We have had SAP tell us that it is not a WebDispatcher issue, and we have also confirmed that it is not a firewall issue.
  It seems interesting to me that we can only get to the one page that does not first require authentication.  If anyone has any information that would be helpful, I would appreciate your time.
  Sorry for such a long message, but I was just trying to be as clear as possible.
  Thank you,
  Leeanna Travis

  Hello Leeanna,
  quite a lot of topics and doing remote analysis for netwok issues is difficult.
  Some ideas:
  - starting hrrcf_start_ext / hrrcf_start_int via SICF or SE80 will never be successful as these applications need parameters. The message you got when testing startpage from SICF is classical for invalid startpage Id
  - if you do not reach pages from outside, check network traffic / access rights in firewalls. Usually the sap server name cannot be resolved through a dns for an outside call as you companies dns is not visible for internet users. You will need a relay.
  - check that full qualified server name is set on the server
  - check eeb infrastructure that it allows the access protocoll. If ICF service says http but firewall only allows https you won't get a responde. Sometime switching protocolls within the request produces problems.
  - WebDispacher is known for eating parameters / url parts. Try to get your hands on the traces of the requests which really reach the server.
  - if possible supply some more information on release & support package level. E.g. there is a support package which has an error that if you activate 'do not show https warning' in an icf service it does not only hide the warning but the whole logon screen :o(
  Hope that helps, if not just reply - perhaps w/ focus on one special point.
  Best Regards
  Roman Weise

• ESS IView access to ERP - login page displayed and not access possible

  Hello Colleagues,
  we have to setup Employee Self-Service (ESS) Portal as well  ERP.
  All required steps seems to be performed but we still facing one access issue.
  If I try to enter the Link My Employees under SAP Portal > Employess Self-Service > Travel and Expenses it get an web login (ITS) from the ERP system and not direct access to the service. In addition I am not able to login with defined user an password.
  If I try the to enter the service directly (test service) at transaction SICF on the ERP (ECC) System itself it works fine as well with defined user and password.
  If both IE Browser Windows are open, then I am able to see the service (empty table) unter My Employees at portal after click again under Link SAP Portal > Employess Self-Service > Travel and Expenses > My Employees.
  So I think the general connectivity works fine but some thing still wrong with maybe IView access/permissions/roles?
  Any Ideas?
  Many thanks in advance!
  Regards,
  Jochen

  This means that your Single sign on is not working correctly.
  Things to check:
  1. From Portal System Administration - for the system object created for connecting to the backend system - try to perform the connection tests and make sure they pass.
  2. Access your portal with a Fully Qualified Domain Name (for example: myportal..mysubdomain.mydomain:port/irj/portal instead of just myportal:port/irj/portal) - this should most likely resolve your issue - since you see the error only for WD4A applications.
  3. Make sure that the host name you have configured in the portal system and the host name with which you access your portal are in the same domain.
  Also, check the SSO related profile parameters in the backend system:
  login/accept_sso2_ticket=1
  login/accept_sso2_ticket=0
  login/password_change_for_SSO=0
  Thanks,
  Shanti

• Am not able to get the Access manager 7-  login page

  I have installed Access Manager and configured it was worked. but i did the Policy agent cofiguration for Access Manager after that i couldn't login to Access manager ie /amserver while on trying http://localhost:8080/amserver/UI/Login
  am getting the following error
  exception
  javax.servlet.ServletException
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:300)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  root cause
  java.lang.NoClassDefFoundError
       com.sun.identity.authentication.server.AuthContextLocal.(AuthContextLocal.java:140)
       com.sun.identity.authentication.service.LoginState.createAuthContext(LoginState.java:1121)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:310)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:250)
       com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:325)
       com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
       com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
       sun.reflect.GeneratedMethodAccessor115.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       java.lang.reflect.Method.invoke(Method.java:585)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  please any do some need full to solve this problem
  regards
  vimalraj.s

  Guys,
  This is a common problem that I have noticed when policy agent is installed on the same DAS (Domain Admin Server of Sun java Application Server) instance where access manager is installed.
  Best solution is to deploy your application on a different DAS and configure / install policy agent for the new DAS.
  If web server is used for Access Manager, Deploy your application on a different instance.
  Alternatively, follow these instructions.
  Assume that you have policy agent binary installed on /opt/SUNWam/policyagent/ j2ee_agents/am_as81_agent.
  When policy agent is configured, it creates a new configuration folder named agent_001.
  1.     Login to DAS and remove the class path changes done by the policy agent installer.
  These are the class path to remove:
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/amclientsdk.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/locale
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config
  2.     Add these to the class path to the end of the class path suffix. NOT AT THE START
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/locale
  3.     Insert amclientsdk.jar to the classpath. Insert this before agent.jar but after am_*.jar files (am_sdk.jar,am_services.jar,am_sso_provider.jar,am_logging.jar )
  4.     open amConfig.properties . Add this line to the bottom of the file.
  com.sun.identity.agents.config.location=/opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config/AMAgent.properties
  Above line points to the policy agent configuration file.
  5.     last but not the least:
  a.     Make sure that an agent is created in Access manager with the same name and password as the one that you gave when installing policy agent.
  b.     Set property com.sun.identity.agents.config.filter.mode = SSO_ONLY in AMAgent.properties. This will help initial testing of the configuration.
  c.     Above configuration is for Unix. But shouldwork for other OS as well.
  Best of Luck
  KK

• Unable to access gmail ("The web page isn't redirecting properly" message appears after I try

  a strange email arrived via gmail. opened page info>permissions. clicked block cookies. now i cant access my gmail account. visited http://mail.google.com/support, reopened page info>permissions, set cookies back to default (Allow)...per bkennelly post 2/2/10...apparently that no longer resolves this issue. any suggestions are appeciated.
  Tnanks!

  Clear the cache and the cookies from sites that cause problems.
  "Clear the Cache":
  *Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
  "Remove Cookies" from sites causing problems:
  *Tools > Options > Privacy > Cookies: "Show Cookies"
  *http://kb.mozillazine.org/Cookies
  *http://kb.mozillazine.org/The_page_is_not_redirecting_properly

• Unable to access Unity 5 web page

  This is pertaining to a new install. I can access the admin page locally from the server but not from anywhere else on the network. If I browse to the following page, it times out:
  http://10.X.X.X/Web/SA
  I'm not quite sure what's missing because it works at other sites.

  As a solution you can reset the IIS. In order to reset the IIS on the Cisco Unity Server, open the command prompt on the Cisco Unity server and issue the iisreset command. This makes the IIS stop for a period of time. When the IIS re-starts, you are able to access Cisco Unity from the web interface.
  http://www.cisco.com/en/US/products/sw/voicesw/ps2237/products_tech_note09186a00801651f9.shtml

• I am unable 2 access 2 f/b pages - the one with profile, chat, pics (main pg) and another with favorites. Yet notifications come thru! Plez help??

  Plez help me to find where my main f/b page is. All I can get is notifications. Can't access profile, news feed, chat, pics &amp; a page of favorites.

  If the removing account and redownloading did not work, I will briefly tell you something that happened to me.
  I am not stating that your issue is in anyway related, but thought it worth mentioning.
  Suddenly I could not access Facebook or the Yahoo account associated with it.
  In my case it turned out to be a malicious act by a hacker, or whatever it is called. Somehow he blocked me from getting into either account.  I later found out that my FB and Yahoo pages had been defaced and I was clicking away, etc.,etc.,  Finally, I had to go to a store, with a strong firewall/router and only then was able to delete the accounts.
  After that I was able to create new accounts.
  The best of luck to you.
  'REQUIRE ASSISTANCE'

• Unable to access e-bay home page

  able to access watch list and rest of site, but not home page

  Hello:
  You might want to verify whether the 'shared_servers' database parameter has been configured appropriately.
  http://download.oracle.com/docs/cd/E14373_01/install.32/e13366/db_install.htm#CHDGDHDE
  varad