User authentication for menus..

Similar Messages

• User Authentication for subfolder not working in Web Browser

  We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
  One of the functionalities of the Application is to send emails with attachments.
  The logic is that the Application would generate the attachment file on the Application Server.
  Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
  Exchange and Relay Server is also set in the Application.
  The problem is that the folder containing the folder which stores the attachments is having user authentication set.
  Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
  Alias created in httpd.conf
  Alias /int-dir/ "/apps/interface/"
  The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
  Application Server : 10.12.213.21
  Database Server : 10.12.213.22
  Email Server : 10.12.213.44
  Configuration as per httpd.conf
  Alias /int-dir/ "/apps/interface/"
  <Location /int-dir/>
  AuthName "Interface folder"
  AuthType Basic
  AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
  require user scott
  </Location>
  <Location /int-dir/email>
  Options Indexes Multiviews IncludesNoExec
       Order deny,allow
       Deny from all
       Allow from 10.12.213.21
       Allow from 10.12.213.22
       Allow from 10.12.213.44
  </Location>
  Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
  http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
  However if we use the following URL :
  http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
  I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
  Please help me if you can.
  Thanking you in advance,
  GLad to give any more information that i can.
  dxbrocky

  Thanks for your response.  I fixed the problem by selecting "full site" or "full website" at bottom of the web page.  After making this selection the zoom function returned.  Thanks again for your interest.

• "Sharepoint 2013" is giving error that prevents local domain users authentication for "Team Foundation Server"

  I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
  1st Error (from administrative events):
  The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
  Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
  Tried so far:-
  - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
  2nd Error (from application server):
  DistributedCOM error
  The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
  {000C101C-0000-0000-C000-000000000046}
   and APPID 
  {000C101C-0000-0000-C000-000000000046}
   to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
  Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
  https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
  Other Fixes I tried
  - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
  loading up using w3wp.exe from processes. 
  Concern
  - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

  Hi Kpdn, 
  Thanks for your post.
  All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• User authentication for webservices

  Hi,
  I am using Oracle R12.
  I want to know how oracle handles user authentication when calling custom APIs through Integrated SOA Gateway.
  I know that we are using security headers to do this.  The header part is given below.
     <soapenv:Header>
       <xx:SOAHeader>
          <xx:Responsibility>INVENTORY_VISION_OPERATIONS</xx:Responsibility>
          <xx:RespApplication>INV</xx:RespApplication>
          <xx:SecurityGroup>STANDARD</xx:SecurityGroup>
          <xx:NLSLanguage>AMERICAN</xx:NLSLanguage>
          <xx:Org_Id>204</xx:Org_Id>
       </xx:SOAHeader>
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
          <wsse:UsernameToken wsu:Id="UsernameToken-1">
             <wsse:Username>uname</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
             <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rerr6et6eHFV</wsse:Nonce>
             <wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
          </wsse:UsernameToken>
       </wsse:Security>
    </soapenv:Header>
  But when a person is simply logging in to the application how can we choose a responsibility without know what responsibilities a person has?
  The  <xx:SOAHeader></xx:SOAHeader> is not mandatory. So can i simply not pass this header? Or is there a default responsibility that can be specified for all users?
  Also in what scenarios is the <wsse:Security> header not required? I recently checked and found that even without providing the Security header, it is possible to execute service in ISG. Hence the question.
  Thanks,
  Anoop

  Hi,
  Ok, so you want to know for an user , what responsibility you should use in order to be able to perform the invocation?
  Here is an example for Sysadmin user
  Select usr.user_name,usr.user_id, resp.RESPONSIBILITY_NAME ,
  resp.RESPONSIBILITY_KEY, grp.SECURITY_GROUP_KEY, grp.SECURITY_GROUP_ID,
  APP.APPLICATION_SHORT_NAME ,APP.APPLICATION_ID
  From FND_USER_RESP_GROUPS furg, FND_USER usr, fnd_responsibility_vl
  resp,FND_SECURITY_GROUPS grp,FND_APPLICATION APP
  where furg.user_id=usr.user_id
  and furg.RESPONSIBILITY_ID=resp.RESPONSIBILITY_ID
  and furg.SECURITY_GROUP_ID=grp.SECURITY_GROUP_ID
  and furg.RESPONSIBILITY_APPLICATION_ID=APP.APPLICATION_ID
  and usr.user_name='SYSADMIN'
  regards
  Mihai

• User Authentication for Internet access

  Hi,
  Is it possible to configure authentication for internal (LAN) users to Authenticate (local/RADIUS/LDAP) for any kind of internet access through the ISA550/570? (like cut-through authentication proxy in ASA.)
  And Can the ISA550/570 act as a Web proxy?
  Thanks in advance.

  HI Sulu,
  You can configure captive portal for internal LAN users to authenticate (local/Radius/LDAP) for internet
  access through ISA500. (see attached screenshot)
  ISA500 cannot act as a web proxy. what is your use case ?
  Regards,
  Wei

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• User Authentication for AppleScript

  Is there a way to authenticate an AppleScript with admin privileges?
  I have a script that messes with a certain application and admin authentication may be needed for standard users.
  Thanks for any input.

  For shell scripts there is a way
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "blafasel" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  perhaps you can open another script app then like:
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "open ~/myscriptapp.app" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  or you run the script via the osascript-command. Type +*man osascript*+ in your terminal for more information

• 10.3.9 - Mobile Users Authenticating for SMTP Relay.

  I hope I get my thoughts together and this question comes out right.
  I have a small shop, where most of my users are in-house. They're using Entourage clients, and my couple of PC folks are using Outlook 2003. From in-house, everyone works just fine. Relay filters are setup to allow people inside the network to send fine. I have 127.0.0.1/32 and 192.168.1.1/32 in the Mail/Settings/Filters/SMTP Relay settings.
  However, I have a couple of mobile users, the Director being one of them, who want/need to send email when outside of the office, or from a mobile device, like their Treo.
  What I'm running into is that my mobile users are having authentication issues when trying to send email while outside the office. Even when they indicate they need to authenticate SMTP from their client, I get different issues with different users.
  The Director's Treo, using Versamail, recieves email normally via IMAP. However, when sending, even though she's set to ESMTP Authentication, I get a 502 error. Without ESMTP Authentication turned on, I get a relay error.
  Mail/Settings/Advanced has LOGIN and Plain checked for SMTP Authentication, and IMAP has LOGIN, Plain and Clear checked, while POP has APOP and Clear slected.
  I'm at a loss for how to proceed with correcting this issue to allow mobile users to authenticate reliably from where ever they are. Can someone provide me some straightforward guidence on how this should be correctly configured?
  Thanks.
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

  Thanks for the response.
  I've seen the posts about adding alternate ports, but it doesn't seem to matter what the ISP source is, they get Relay denied messages and our mailer shows the denial traffic.
  There are additional relay exceptions in this, but here is the postconf file you requested:
  always_bcc =
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  inet_interfaces = all
  luser_relay =
  mail_owner = postfix
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains = sbl-xbl.spamhaus.org,bl.spamcop.net
  messagesizelimit = 15728640
  mydestination = $myhostname,localhost.$mydomain,kemperart.org
  mydomain_fallback = localhost
  myhostname = mail.kemperart.org
  mynetworks = 127.0.0.1/32,192.168.200.99/32,192.168.200.1/32,rr.com,68.25.136.123/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  relayhost =
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = rejectmapsrbl
  smtpdenforcetls = no
  smtpdpw_server_securityoptions = plain,login,cram-md5
  smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = yes
  smtpdtls_certfile = /etc/postfix/server.pem
  smtpdtlsloglevel = 0
  smtpduse_pwserver = yes
  smtpdusetls = no
  unknownlocal_recipient_rejectcode = 450
  Remember, be gentle, while I'm able to get around the Terminal Window, I am, by no means, an expert.
  Thanks again!
  PowerBook G4 17   Mac OS X (10.4.9)   1.5G RAM

• User Authentication for CUIC co-resident with UCCX

  We are running UCCX 9.0.2 and have been using the HRC for reporting, but I'd like to switch us over to the version of CUIC that is built-in to UCCX.  I flipped us over to that after hours to take a look through it and get an idea what I'll need to do to get things working before permanently switching us off of HRC.
  One thing I'm having trouble with is that the authentication doesn't appear to be AD based like UCCX is.  It automatically imported all of the supervisors and administrators that have access to UCCX (including me), but I'm not able to log in with anything other than the platform admin user name and password.  I used the platform admin user name and password to get in and view everything and make a few changes.  I added my account to the admin group and assigned the System Configuration Administrator and Security Administrator roles to myself.  (see screenshot)
  I noticed the format it shows for my user name is CCX\tyson.shroyer and it doesn't show a field for a password anywhere.  I tried logging in using CCX\tyson.shroyer as my user name and the password for my AD account (which is what I use to log in to UCCX) and it doesn't work.  I tried it without CCX\ in the user name and it still didn't work.  I tried leaving the password blank...no dice.  No combination of user name and password gets me in.
  I've looked all over trying to find some info and documentation specifically for the version of CUIC that's built-in with CCX 9.x and above, but everything I find (SRNC, Admin Guide, etc) is specific to CUIC Premium which I know would be on a separate server and appears to have a different method of administration.  That documentation mentions accessing an OAMP page for all of the system administration tasks.  I tried going to the path for the OAMP page as specified in the documentation and it doesn't appear to be available.  I'm not sure if it just isn't part of this version or not.
  Anyway, I'd greatly appreciate any info you could provide on making this switch.  I'd prefer to get it integrated with AD just like the rest of the UC environment is, but at this point I'd settle for at least being able to get logged in with a user account.  Thanks in advance everyone!

  Hi
  Are you able to try the LDAP option in the login page
  https://<IPAddress>:8444/cuic/Login.htmx;jsessionid=BB18708EA5C507AD7CF6512898C6FC5F

• How to remove user authentication for SAP Web Service?

  Hi there,
  I am using SAP Web Services in my flex application. Every time wsdl url is called, the username\password window pops up. I want to remove this.
  I searched in the forum and based on the discussions, I tried giving the user name password under Web Service Administration using SOAMANAGER, by selecting No Authentication option. But this did not work. I still get that pop up.
  I also tried giving the credentials in SICF, under Logon Data tab of the service. This too failed. I kept getting the pop up.
  Can someone pls let me know how can I remove this? If username password in mandatory to be passed, I can create a temporary username which will be used to access all of my webservices and use it. But I want to remove this authentication part when I am using the flex application ang calling the web service url from within it.
  Appreciate your help.....
  -Deepak

  Hi,
  It is a little bit tricky, because the interface has changed several times in different releases. I know that it is possible without authentification.
  I remember that i defined somewhere the default client, the username and password in the ERP system to use by this web service.
  Maybe it helps if you try the old transactions WSADMIN, WSCONFIG or WSADMIN2 ?
  Sorry that I cannot help you more. I hope it helps.
  Best regards,
  Joern

• No User Authentication for support pages

  While testing I notice that entering the full URL's in the browser address bar for
  Support Tickets ( SupportPage.aspx)
  KnowledgeBase (support/default.aspx, SolutionDetail.aspx and Search.aspx)
  Takes a user straight to those pages without forcing a login.
  Is there a way of forcing a login to access these pages?
  The Knowledge Base is perhaps less import but the current environment allows Support Tickets to entered without a UserID which does not make sense.

  Jay,
  Went in as manager I cleared the Cache (- it still reports 5 items in the cache though ) and cleaned memory
  I logged out. and then typed in the URL's
  There I was back in support again and this time in the support ticket page the userID and BP ID were showing as manager and internal
  Seems something is still being held in memory - but surely this shouldn't happen if I'd properly logged out.
  I closed the site and re-opened - this time although I could get back to support using the URLs again without logging in , no UserID and BP Id were displayed on the support ticket page.
  I wonder if there is anything in the settings causing this?

• User authentication for iView being access by URL

  Hello,
  We have an external facing Portal with 90% of our user base being from third-party vendors outside of the company.  There is an issue with URLs being sent to users to login into the Portal and view certain iViews.  The URL points to a specific iView and requires the user to log into the Portal, that iView calls a Web Dynpro application, and the Web Dynpro application calls an SAP function module to display the document to the user.  The problem is the document displayed is specific to a certain customer/company, but no matter what id/password you log into the Portal with, you can see that document. 
  Here is an example of the URL:
  https://<domain>/irj/portal?NavigationTarget=<pcd location of iview>&ApplicationParameter=%26link%3Dtrue%26<document number and date parms>%26mailid%3D<user mailid - also their portal id>
  Is there anyway to secure this iView (or the Web Dynpro application) so that the only user that can log on and view this document is the user contained in the URL?  We need this to keep users from being able to view data from other customers/companies in the event the URL is shared to someone else.
  Thanks,
  Jeremy

  Thanks for the suggestion.  This would help in securing the iView so only users with that role can access it, but that would not keep other users from logging in and viewing another customers document. 
  For example, the URL contains userid [email protected]  Currently any user with access to the Portal can login through the URL and view the document.  Even with your suggestion, other users with the same role would be able to login.  This is a security risk as we outsiders that could potentially view data from other customers.  We need to secure the iView in some way where only [email protected] can log in.
  Thanks!

• Domain user authentication for 3650 Wireless Access point

  Dear All,
  I have got new proposal inorder to configure the wireless access points by managing with the 3650 wireless controller. 
   We wanted to block the Wifi Access to mobile users.
  Only domain users need to be authenticate to the corporate wireless access.
  We have 3650 switch as a wireless controller and ISE in place. Kindly guide me the achieve the same. Attached the setup diagram.
  If possible share the sample configuration and it would be helpful. 

  Please refer
  http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/115734-ise-policies-ssid-00.html

• Tacacs authentication fails for one user account for only one switch

  Hi,
  I am having an scenario, where as Tacacs authentication fails for one user account for only one switch.
  The same user account works well for other devices.
  The AAA configs are same on every devices in the network.
  Heres the show tacacs output from the switch where only one user account fails;
                Socket opens:        157
               Socket closes:        156
               Socket aborts:        303
               Socket errors:          1
             Socket Timeouts:          2
     Failed Connect Attempts:          0
          Total Packets Sent:       1703
          Total Packets Recv:       1243
            Expected Replies:          0
  What could be the reason ?
  No errors on ACS server; same rights had been given to the user account.
  Thanks to advise.
  Prasey

  Hi there,
  Does the user get authenticated in the ACS logs?
  reports and activity----> failed attempts
  ro
  reports and activity----->  passed authentications
  That will help narrow it down.
  Brad