User authentication and Searching in ADAM

Similar Messages

• Please guide me for user authentication and authorization in WebDynPro App

  Hi,
      I just study the WebDynPro to develop the SAP Portal. I've ever developed the Web-based App using J2EE. So when i developed the Web-based App i have to develop the control of the user authentication and authorization on each page for example ,checking the session of the user whether they can access this page or whether session is expired or not,. So i have no idea with the WebDynPro and the SAP Portal because i never had experience for both WebDynPro and Portal.
  I need to ask you some question to clarify my doubt :
  1. SAP Portal  is web page that include every enterprise application with in one page and user log-in to them just on time, isn't it?
  2. If i integrate WebDynPro with SAP Portal, which one will do the authentication and authorization?. I mean that, Do i have to develop the code to check authentication and authorization in the WebDynPro App or Let the SAP Portal manage them?
  3.Could you please suggest the best practice for authentication and authorization in webDynPro.
  Many Thanks
  Noppong J

  in most case you don't have to write code to deal with session, authentication and authorization.
  1. yes,
  2. no, no code needed. you just set an attribute to your application, which make the the authentication required. when user access this page, portal will display the logon page
  3 you can put some authorization related code in web dynpro for specific requirement, search this doc "Protecting Access to the Web Dynpro Car Rental Application Using UME Permissions"

• Open Directory: user authentication and logining takes a lot of time

  We have Mac OS X Server Snow Leopard 10.6.8 with OpenDirectory and some iMacs with Mac OS X Snow Leopard 10.6.8. After adding Network Account Server in iMacs (System Preferences->Accounts->Login Options->Network Account Server Edit) OD works normally and users authenticate and login their accounts rather fast (5-10 seconds). But some days or weeks later the time for authentication and logining takes for about 5 minutes. If I re-add Network Account Server, then all works greatly again. What's the matter? How to avoid this re-adding?

  Hello,
  can you tell us what is the size of this Universe in terms of:
  number of tables, number of objects, size of the .unv file?
  Also, is this behaviour specific to this universe or you have other universes having the same problem?
  Last, are you 'opening it' as in File/Open or importing it as in 'File/Import...' ?
  Thanks
  PPaolo

• User Authentication and User Authorization

  We have a scenario where the B2B customers are being provided EP user ids so that they can access certain data and create certain transactions. there are two issues out here:
  (1) For multiple EP users, there will be one single SAP Backend user mapped (which is allowed by EP). However these multiple EP users would have different authorization based on which sales area/product they access/buy and this needs to be controlled via one SAP Backend user?
  (2) Under the above user mapping model, is it possible to have authentication at EP level and  authorization at SAP Backend?
  (3) Once the customer accesses the EP system, then the SAP Backend system is exposed to him? Are there possibilities of having any further layer of security between EP and SAP Backend?
  Looking for response to this or any documentation which addresses the above. My mail id is [email protected]

  This is a broad topic, let me try to point out some key issues: (I asume, B2B means actual SRM these days.)
  (1) The user that is mapped is the generic EBP/SRM user.
  Therefore, the SRM does only know this specific user. There is no way to pass additional data to the SRM. Once the authentication is done, the role assignement is done by SRM (i.e. derived from the generic SRM user, not the EP User) Whenever you want to pass extra context values from the EP to SRM, you can only do this with tricks.
  My experience is, that SAP wants to have a 1:1 relationship between portal users and EBP, even if the bundled mapping is "allowed". (Rather grey'ish area).
  The trick copuld be to set a cookie in the portal and use a BADI together with a Javascript, to  make addiional mappings. But this would count as modification, at the end.
  (2) The authentication is mappped from EP to SRM via SSO2-Ticket, which is accepted by the SRM as authentication. The authorization (role assignement etc) is done solely by the SRM.
  (3) The Backend is exposed to the usual content - the EP via https is considered secure, so is the connection via https to the SRM - you can harden the rfc connection between the srm and the backend as well.

• WLC user authentication and SSID broadcast

                 Hi Everyone,
  Need to confirm if WLC  is sending the ssid as broadcast or not?
  Also if users connect if they get the ip from dhcp need to confirm how they are getting authenticated?
  Regards
  Mahesh   

  With respect to username you are correct.
  But regarding authentication you cannot come to a conclusion like that, You have to see the full "show client detail " . Here is an example of PEAP authenticated client. Authentication algorithm open system does not mean user does not use password. Any EAP method  Authentication Algorithm show as open system, but still user has to enter their credential (except TLS where it is certificate based)
  (WLC) >show client detail 04:1e:64:13:f9:03
  Client MAC Address............................... 04:1e:64:13:f9:03
  Client Username ................................. smcowgill
  AP MAC Address................................... c4:0a:cb:a0:e8:50
  AP Name.......................................... APc464.13b4.4be8 
  Client State..................................... Associated    
  Client NAC OOB State............................. Access
  Wireless LAN Id.................................. 2 
  Hotspot (802.11u)................................ Not Supported
  BSSID............................................ c4:0a:cb:a0:e8:51 
  Connected For ................................... 7520 secs
  Channel.......................................... 1 
  Association Id................................... 1 
  Authentication Algorithm......................... Open System
  Reason Code...................................... 1 
  Status Code...................................... 0 
  Client CCX version............................... No CCX support
  Re-Authentication Timeout........................ 3284
  802.1P Priority Tag.............................. 6
  CTS Security Group Tag........................... Not Applicable
  KTS CAC Capability............................... No
  WMM Support...................................... Enabled
    APSD ACs.......................................  BK  BE  VI  VO
  Power Save....................................... ON
  Current Rate..................................... 54.0
  Supported Rates.................................. 12.0,18.0,24.0,36.0,48.0,54.0
  Mobility State................................... Foreign
  Mobility Anchor IP Address....................... 10.14.7.247
  Mobility Move Count.............................. 3
  Security Policy Completed........................ Yes
  Policy Manager State............................. RUN
  Policy Manager Rule Created...................... Yes
  Audit Session ID................................. 0a0a06f400040f985228de2e
  IPv4 ACL Name.................................... none
  IPv4 ACL Applied Status.......................... Unavailable
  IPv6 ACL Name.................................... none
  IPv6 ACL Applied Status.......................... Unavailable
  Client Type...................................... SimpleIP
  PMIPv6 State..................................... Unavailable
  mDNS Status...................................... Enabled
  mDNS Profile Name................................ default-mdns-profile
  No. of mDNS Services Advertised.................. 0
  Policy Type...................................... WPA2
  Authentication Key Management.................... 802.1x
  Encryption Cipher................................ CCMP (AES)
  Protected Management Frame ...................... No
  Management Frame Protection...................... No
  EAP Type......................................... PEAP

• Web Application Security - User authentication and registration

  I am trying to develop a very simple web app with following feature
  1. Users should be able to register (sign-up) with the application, i.e backed code will create new user account when new users sign up.
  2. Once the user account is created, they should be able to log in.
  I was reading Java Security section in Java EE tutorial. To use any of Java EE security, the recommended way is to have security-constraint in web.xml specifying roles that have access to application. The roles are then mapped to the users that are created in the application server. The problem here is that the users cannot be created at deployment time. Users are created at run-time as new people sign up using the registration form. So, how can user be created with the application server before deploying the application?
  It seems very odd to be that application users are defined at the app-server level. Eg, Ebay/Amazon has millions of users. Are all those users defined at the application server where their app is deployed?
  If JavaEE security cannot support this simple usecase, what is the point of having security-constraint and all the other security features?

  As per your comment you want to use J2EE/JAAS security for existing user and want sign in feature. You can do it by providing link on log in screen. Please create sign up page and unprotected resource in web.xml. Once user fill sign in details you can store his detail in your authorization repository ( LDAP / Database ) and then either redirect request to login page or submit to your authorization scheme directly.

• User Groups and non Developers users

  Hi,
  two questions.
  1) How do I create users groups.
  I want to divide specific users to specific groups.
  2) I created users not as developer and not as a administrator.
  When I logged on with that users I didnt see any of the applications, why?
  Thanx.

  1. You asked "how do I assign users to that group and later attach the group..." I think your question is not about how to assign users to a group but rather how to attach the group... Use the function wwv_flow_fnd_user_api.user_in_group in an authorization scheme (desc wwv_flow_fnd_user_api). Attach the scheme to a region, button, etc. to control access. Please read about authorization schemes in the user guide and search this forum for "authorization" and "groups" for useful threads.
  2. A user account without development privilege will be useful for authenticating to an application you create. It will not be useful for developing any applications in the Application Builder.
  Scott

• User Authentication for subfolder not working in Web Browser

  We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
  One of the functionalities of the Application is to send emails with attachments.
  The logic is that the Application would generate the attachment file on the Application Server.
  Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
  Exchange and Relay Server is also set in the Application.
  The problem is that the folder containing the folder which stores the attachments is having user authentication set.
  Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
  Alias created in httpd.conf
  Alias /int-dir/ "/apps/interface/"
  The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
  Application Server : 10.12.213.21
  Database Server : 10.12.213.22
  Email Server : 10.12.213.44
  Configuration as per httpd.conf
  Alias /int-dir/ "/apps/interface/"
  <Location /int-dir/>
  AuthName "Interface folder"
  AuthType Basic
  AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
  require user scott
  </Location>
  <Location /int-dir/email>
  Options Indexes Multiviews IncludesNoExec
       Order deny,allow
       Deny from all
       Allow from 10.12.213.21
       Allow from 10.12.213.22
       Allow from 10.12.213.44
  </Location>
  Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
  http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
  However if we use the following URL :
  http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
  I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
  Please help me if you can.
  Thanking you in advance,
  GLad to give any more information that i can.
  dxbrocky

  Thanks for your response.  I fixed the problem by selecting "full site" or "full website" at bottom of the web page.  After making this selection the zoom function returned.  Thanks again for your interest.

• How to provide user authentication to a PDF form

  Guys I have develop a webservice on XI , and I am calling that webservice using PDF forms developed in WebDynpro . The problem is the webservice needs user authentication and I don't know how to pass user id and password from pdf form to web service . Can anybody help me out
  Thanks
  Manish

  I don't know what you mean by "printed entries"; you mean filled-in form fields?

• Performing User authentication with php server

  How to perform user authentication and keep track of logged
  in users ? I have the login form saved in one AIR page. I could do
  an ajax request to authenticate the user. However, how to keep
  track of the user after being logged in, so that when moving to
  other pages, he doesn't need to login again ?

  Hi,
  Cookies work in an Adobe AIR HTML application. You can use
  cookies to track your session.

• OFT- Recording Application which require User Authentication

  hi,
  I have recorded the application which requires user authentication and once the recording has been done i have logout from the application. and now if i playback the script ,then again it will playback from the login page.
  So according to my opinion,it should skip the login page at the time of playback the script. But it is not. So what would be the reason for that?

  Actually i have a confusion regarding this note given in the "OFTFunctionalTestingUserGuide pdf"
  "If you record a Visual Script with a login Web page (not a popup dialog box), which may not reappear when you revisit the site due a session cookie, Oracle Functional Testing for Web Applications recognizes the cookie and skips the login page during playback. Oracle Functional Testing for Web Applications logs a message indicating the
  login page was skipped and playback continues with the next page."
  If i m not wrong, when we record the process of visiting the pages on the site from login to log out from the site.
  and when we run the playback scirpt it should be not start from the login page as per the above mentioned note.
  Could u please help me to understand the fact given on the note.
  Thanks
  Mamta

• User Authentication o router

  Dear All
  Is the Cisco 3745 router having NM-8A/S module supports dialup user authentication and if yes what is the configuration requires.
  With Regards
  Anand

  Hi,
  It does but you need to be more specific in your backend technology.
  The reason i say this is because you can use AAA on the router to provide user authentication via TACACS+ or RADUIS, both which require a device with TACACS+ or RADUIS applications.
  The other option is to use local authentication which is not very scalable in a dialup environment.
  Rgds
  PD

• Active Directory Authentication and permissions for user group in APEX 4.0

  Hello,
  I am new to oracle APEX and I have searched the forum for active directory authentication for a user group and I am really confused about all the different threads. Can anyone please provide me the steps to follow; in order to implement AD authentication for a user group in Oracle APEX 4.0.
  These are the threads which i was looking at to get an idea like how AD authentication works but its really confusing for me.
  Help with Authentication (APEX_LDAP.AUTHENTICATE)
  Re: LDAP Authentication Via Groups
  Thanks,
  Tony

  You need to give it more than 30 minutes before bumping your own post. This is not an official support channel, so you need to be patient and wait for people to read, think and respond.

• My app store is not working after installing mavericks. When I open app store it repeatedly asking me to login with apple ID and to provide User name and Password for proxy authentication in a loop.I am a newbie to mac,Please help me.

  My app store is not working after installing mavericks. When I open app store it repeatedly asking me to login with apple ID and to provide User name and Password for proxy authentication in a loop.I am a newbie to mac,Please help me.

  Hmmmm... would appear that you need to be actually logged in to enable the additional menu features.
  Have you tried deletting the plists for MAS?
  This page might help you out...
  http://www.macobserver.com/tmo/answers/how_to_identify_and_fix_problems_with_the _mac_app_store
  Failing that, I will have to throw this back to the forum to see if anyone else can advise further.
  Let me know how you get on?
  Thanks.

• How to set up User id and Password for Web services or authentication

  Hi ,
  I am new to web services . I have created a new Web service in SAP , and while creating Service defination , set the Authentication as LOW for server proxy .Then created End-point in SOAMANAGER with USREID/PWS requried .This WSDL i am planning to share with Third party to call from Java application.
  But my web service checks for authorization which needs to be set up to allow the user id and pws .
  So question is how do i pass my user id and pws as i do not see this WSDL with User id and pws option displayed for me when i test this using SOAP UI .I saw some of WSDL with tag "AuthHeader" with user id and pws tags in them .So how could i get them ?
  Or requirement is that my Third party should be able to access my Web service in PRD and also be able to have authorization to auth object embedded in FM inside service defination .So how is this acheived ?
  Thanks,
  Sitaraman

  Hi,
  After creation of WSDL , you will get URL lkie http://idessapdev.ad.infosys.com:8000/index.html.
  For this URL your third party system need sto add id and pwd for accessing like http://idessapdev.ad.infosys.com:8000/index.html&userid = 111&pwd= wwgw.
  this is not the exact syntax. you can check with your third party system for this URL.
  Regards,
  Lokeswari.