User authentication problem

Hi,
I am using OC4J that comes with the Jdeveloper. i have a login page that i wanna use for my projects. i put user name and password info in jazn-data.xml and also in principals.xml found in the same directory. but it is not working.
Please help me
Tareq

You can refer following article to enable JAZN for your applications
http://otn.oracle.com/sample_code/tech/java/codesnippet/security/JaasProvider/content.html
Chandar

Similar Messages

CSM 3.1 local user authentication problem

Hi every one.i have strange problem with local user authentication.in our csm i have configured csm to auhenticate users using TACACS+ from our acs server which every thing is ok about this configurtion but also i have configured fall back authentication for user admin.here is the problem even when connection to ACS server is ok and server can send authentication requests to ACS we can authenticate with ACS and Local admin which i think this is wrong because using local admin is configured as fallback.so what do you think about this problem which CSM authenticates users with ACS and local database same time??

You probably need to go under the system context and create the interface and also allocate vlans to it in CSM before you configure the context itself.
I hope it helps.
PK

Problems with 802.1x MS PEAP machine and user authentication

Using Microsoft PEAP 802.1x client on Windows XP SP2, if we enable machine authentication against a Windows Domain, the machine authentication is successful and the machine gets access to the network. However, when user logon occurs to the domain, contrary to the flow given in ACS and Windows documentation, no user authentication takes place.
We need to differentiate user access based on their identities. We need machine authentication only to allow users access to the domain controller and also GP implementation.
Any idea why user does not get prompted when they logon. 802.1x is configured in users profile and I have tried with both integrated and non-integrated with Domain logon (i.e. "use my windows logon name and password and domain (if any) option"
There is no record of any identity request/response in ACS after the initial machine authentication (which appears in successful authentication log)
We are using MS-CHAPv2.

Update...The problem of cached credentials in MS PEAP does not occur if "enable logon using Windows username and password (and domain if any) is checked. Using this option, MS PEAP always uses logged on users most current credentials.
However, using this option sends the username as "DOMAIN\USERNAME". Since we are using ACS internal database for user authentication (even though the ACS and Windows passwords are same - using an identity management system) ACS does not recognize the user.
I have tried proxy distribution with prefix stripping but it does not seem to work when it is pointing to the same ACS server on which proxy distribution is configured and which receives the request.
Any idea how the domain\ can be ignored by ACS?

Dreamweaver Server Bahavior, User Authentication, Logout User Problem

Hi! I want to add a 'logout user' functionality to the PHP
page using Server Behavior, User Authentication, Logout User option
in Dreamweaver CS3.
I highlight the text, Logout, then clicked on the above
mentioned option and I get an error message:
While executing onLoad in Log Out User.htm, the following
JavaScript error(s) occurred:
At line 603 of file "C:\Program Files\Adobe\Adobe Dreamweaver
CS3\Configuration\Shared\Controls\Script\TagMenu.js": The object is
not currently contained in a document.
In the Log Out User form, the "link clicked" is blank and
"when done" is not selectable.
Can anyone help me out? Thanks!

Hi! I'm not using Javascript. I'm using PHP to log in and log
out a user. The log in implementation works fine. It's the log out
that is giving me problems.
Below is the code:
<?php
if (!isset($_SESSION)) {
session_start();
$MM_authorizedUsers = "admin";
$MM_donotCheckaccess = "false";
// *** Restrict Access To Page: Grant or deny access to this
page
function isAuthorized($strUsers, $strGroups, $UserName,
$UserGroup) {
// For security, start by assuming the visitor is NOT
authorized.
$isValid = False;
// When a visitor has logged into this site, the Session
variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that
Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only
certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
// Or, you may restrict access to only certain users based
on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
if (($strUsers == "") && false) {
$isValid = true;
return $isValid;
$MM_restrictGoTo = "denied.html";
if (!((isset($_SESSION['MM_Username'])) &&
(isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'],
$_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING)
> 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar .
"accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
Transitional//EN" "
http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="
http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />

<title>Admin</title>



<link href="../twoColFixLtHdr.css" rel="stylesheet"
type="text/css" />
<style type="text/css">

</style></head>
<body class="twoColFixLtHdr">
<div id="container">
<div id="header">
<h1 class="style1">Welcome to EMART</h1>
</div>

<div id="sidebar1">
<h3 class="style1">Emart</h3>
<ul type="square">
<li><a href="../index.php"
class="style1">Home</a> </li>
<li><a href="admin.php"
class="style1">Admin</a> </li>
<li><a href="add_product.php" class="style1">Add
Product</a> </li>
<li><a href="edit_product.php"
class="style1">Edit Product</a> </li>
<li><a href="delete_product.php"
class="style1">Delete Product</a> </li>
<li>Logout</li>
</ul>
<p> </p>

</div>

<div id="mainContent">
<h1>Admin</h1>
<p>
Logout</p>
<p> </p>
</div>

<br class="clearfloat" />
<div id="footer">
<p>© 2008
</p>
</div>
</div>
</body>
</html>

User Authentication for subfolder not working in Web Browser

We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
One of the functionalities of the Application is to send emails with attachments.
The logic is that the Application would generate the attachment file on the Application Server.
Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
Exchange and Relay Server is also set in the Application.
The problem is that the folder containing the folder which stores the attachments is having user authentication set.
Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
Alias created in httpd.conf
Alias /int-dir/ "/apps/interface/"
The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
Application Server : 10.12.213.21
Database Server : 10.12.213.22
Email Server : 10.12.213.44
Configuration as per httpd.conf
Alias /int-dir/ "/apps/interface/"
<Location /int-dir/>
AuthName "Interface folder"
AuthType Basic
AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
require user scott
</Location>
<Location /int-dir/email>
Options Indexes Multiviews IncludesNoExec
     Order deny,allow
     Deny from all
     Allow from 10.12.213.21
     Allow from 10.12.213.22
     Allow from 10.12.213.44
</Location>
Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
However if we use the following URL :
http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
Please help me if you can.
Thanking you in advance,
GLad to give any more information that i can.
dxbrocky

Thanks for your response. I fixed the problem by selecting "full site" or "full website" at bottom of the web page. After making this selection the zoom function returned. Thanks again for your interest.

Webservice authentication problem

Web Service Authentication problem
Posted: Jun 17, 2005 3:32 PM Reply E-mail this post
Hi
I have created a portal service and exposed this service as a webservice. I am consuming this webservice in webdynpro. Portal service contains 2 simple methods putdata() and getdatat().
When i access the webservice i am getting the following error.
"javax.xml.rpc.soap.SOAPFaultException: The User Authentification is not correct to access to the Portal Service com.sap.portal.prt.soap.GlobalData or the service was not found"
My Enterprise portal server is configured for SSO to back end R/3 system. I have checked for portal service availability and it is fine.
My Webdynpro and Portal are running on different machines. EP is running on AIX with SP11.
Any help please.
Regards
NagaKishore V

Hi Shahab,
Can you reproduce the issue if you create 2 applications. One that exposes a secured web service and the other one the one, consumes the web service? This would help to isolate the issue and move forward in case is a bug.
Thanks,
Juan Camilo

User Authentication failed

Hi all,
I like to share one of my peculiar issue with you and like to get a solution as well.
I am trying to install a portal server with r3load based method. I did a java export of mssql Portal server and suceefully imported in the newly installed server.The server is up and running.I also completed the post installation activites like SLD ,SSO and Jco creation. I am not able to log in to the java page using administrator user and also other users..It keep on saying that user authentication is failed.
But the beauty is that using the same adminsitrator user i am logging in the visaul administrator .
I dont know where the problem and also i verified the log files under cluset/server nodes. There i found the log as follows --- > Connection is already closed and no longer associated with a managed connection,,
I dont know where i am missing. Due to this I reinstalled the server and imported again..But the same problem is existing to me. Anyone have suggestion on this please do reply.
Thanks and Regards
Vijay

Hi,
Thnaks for reply. Its only a java system ,, So no activity needs to be done in SU01. I checked the table in database..the users are exisitng as well in the table.
FYI: I am able to log in visaul admin but not in the java pages like
http://<hostname>:port/
http://<hostname>:port/irj
Hope i explained my problem it in right way
Regards
Vijay

802.1x re authentication problem

Hello,
I have problem with 802.1x authentication on switch ports which are configured in "Multi Session" mode. In Single host mode and Multiple Host mode it works just fine.
The problem is following, when PC is first connected on switch port it authenticates successfully. After about 1-2 minutes windows 7 NIC notifies that its going to authenticate again, and after couple of minutes NIC status is changed to “Authentication Failed”. On ACS I only see first authentication request which is successful. If I unplug PC from port and plug it again. It authenticates successfully and then starts again with same problems.
I was doing packet sniffing on PC, and it seems that after pc first authentication completes successful, switch starting to sent EAP Identity/Request packets to host, for that host is sending EAP Identity/Response to switch, but switch don’t continues authentication process and starts again with new EAP Identity/Request packets.
On Windows 7 host Event viewer I see following log messages:
                Reason: 0x70004
                Reason Text: The network stopped answering authentication requests
                Error Code: 0x0
The ACS version is 5.3. Authentication method is PEAP. Supplicant OS is Windows 7 I also trued with Windows XP, with same result. The Authentication switch is ESW 520 with latest firmware. I also trued with 2960/3560 switches and it works perfectly. On ESW 520 switch if port mode is other than “Multi Session" if works without any issue.
Do you have any Idea how can i fix this ?

Hi ngtransge,
Thanks for rating the replies. You need to select "User Authentication". I am pasting some screenshots which might help you out.

User athentication problem in jsf

Hi all,
Upto to now i used filters for user authentication by placing the protected pages in the folder from the remaining the pages which are on root. The filter will come into action by the url detection of the foldername. But actually my problem here is different I should not have to place in separate folders and have to provide authentication for particular files which are in sample root. This is I used to solve in normal jsp programming with the help of session. But whereareas in JSF how cleanly to solve this problem. Also iam new to JSF. Please any help regarding this. I am at urgent for the solution.
many thanks,
vijaycanaan
Message was edited by:
vijaycanaan

Required help regarding this topic please.

Authentication problem - solved, but maybe a bug in Mac OS X?

Hi,
I've a rather small installation with only a handful of users configured on a Mac mini (Mac OS X Server, 10.6.8). All of them use the mail, calendar and addressbook server on the Mac, nothing more. They use it with Mac, iPhone and iPad. Everything worked fine for months but suddenly all of them were faced authentication problems: it was not possible to login on the imap server, the calendar server, the addressbook server. It was possible to login using the admin account on the server directly. Moreover, all users disappeared from the workgroup manager, however they still were available on the servers LDAP server and findable using ldapsearch.
First, I used to completely restart the server to solve the problem, but it reappeared after only few hours again.
Second, after understanding more about the authentication process, I found the "killall DirectoryService" was sufficient to solve the problem, but it still reappeared after few hours.
Then I found the, once the problem occured, there was nearly no more communication to the local LDAP server on port 389 on localhost. When everything was working fine, the was a lot of such communication, including queries for usernames, when a login attempt was made. I started a "tcpdump -n -i lo0 port 389" and waited for the problem again. After the problem occured, I found in the pcap files that there were a few final query attempts, actually attempts the open a port 389 TCP connection to the slapd running on localhost, which were answered with a TCP RST. Then, no more attempts were made until l restarted the DirectoryService. Using the logfile of the slapd I found that this happened exactly at the time the slapd was stopped and restarted. And - surprisingly for me - stopping and restarting the slapd happened exactly once an hour.
I then found that it happened exactly at the time the time machine backup process was started and indeed it was possible to trigger the event of restarting the slapd by manually starting a time machine backup.
(Indeed, I switched my backup strategy from SuperDuper to time machine the other day and maybe that was the time the problem occured for the first time. I know that time machine is not considered as the best backup strategy for a server but I wanted to try on my own.)
Google helped my to find a hint that time machine will actually stop and restart slapd - which is a generally a good idea, since otherwise a backup from some open database files would be made, which could work but may fail. So, I thing, someone of the developers thought about that problem too and has considered time machine for backups of a server.
However, a not running slapd can not answer queries from a DirectoryService and a stopping or starting process might indeed end up with TCP SYNs answered with TCP RST.
My solution was to disable time machine again and from that time the problem does not occur again.
I'm wondering why the DirectoryService process isn't starting to query the slapd again after a failed connection. Isn't this a bug? After this experience I consider time machine as not only the not preferred backup solution for a server but as completely incompatible with Mac OS X server - although, as I said, it seems that someone thought about backing up the LDAP database using time machine.
(On a Lion server this problem does not occur, the slapd will not be stopped and restarted when time machine is running. Moreover, I saw a com.apple.slapd.start notification in the slapd.log ... maybe this tells DirectoryService to try again.)
Cheers,
Wolfgang

Another problem I found with the MacOS X key bindings: the 6 key doesn't work!
In the config that ships with SQL Developer, I found this:
<Item class="oracle.javatools.util.Pair">
<first class="java.lang.String">DOCUMENT_6_CMD_ID</first>
<second class="oracle.ide.keyboard.KeyStrokes">
<data>
<Item class="javax.swing.KeyStroke">6</Item>
</data>
</second>
</Item>
which should be:
<Item class="oracle.javatools.util.Pair">
<first class="java.lang.String">DOCUMENT_6_CMD_ID</first>
<second class="oracle.ide.keyboard.KeyStrokes">
<data>
<Item class="javax.swing.KeyStroke">meta 6</Item>
</data>
</second>
</Item>

How to provide user authentication to a PDF form

Guys I have develop a webservice on XI , and I am calling that webservice using PDF forms developed in WebDynpro . The problem is the webservice needs user authentication and I don't know how to pass user id and password from pdf form to web service . Can anybody help me out
Thanks
Manish

I don't know what you mean by "printed entries"; you mean filled-in form fields?

Wifi Authentication Problem in Lenovo K900

Hi,
I am able to connect to wifi at home network. And when I try it at office it is showing Authentication problem and "Not in Range". The password and everything is correct. All my colleagues are able to connect with the same password. I searched online for the solution and there are many other lenovo tab and phone users facing the same problem and I am unable to find the solution. Can anyone resolve this issue and give appropriate answer for this.

This is the first time I'm hearing this issue, I'm also an K900 user but this never happmed to me or my other friends.
Are you sure that's the right password, maybe its case sensitive, because this bug is not present in K900.
Facebook Profile I'm a carefree type of guy but always there to help, so if you have anything to ask don't hesitate.

User authentication errors

I have the following set up as a very basic user authentication system (without using databases):-
* a html file using forms to enter the username and password
* a jsp file which contains the following:
<jsp:useBean id="login" scope="page" class="login" >
<jsp:setProperty name="login" property="*" />
</jsp:useBean>
<HTML>
<head>
<title>Processing login request</title>
</head>
<h1>Login request</h1>
<%
String name = request.getParameter("Username");
String passwd = request.getParameter("Password");
String result = login.loginUser(name, passwd);
if (result.equalsIgnoreCase("validuser"))
%>
<jsp:forward page="Anypage.htm"/>
<%
else
%>
<h2>Invalid username / password</h2>
<%
%>
</body></html>
* and finally a java file which contains the following:
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;
public class login
//the arrays names and password should have the same number of entries
private static String[] names = {"Bob", "Bill"};
private static String[] password = {"a1357", "b9876"};
public String loginUser(String name, String passwd)
boolean user = false; //assume the username is not valid
int j = 0;
for (j = 0; j < names.length; j++)
if (name.equalsIgnoreCase(names[j]))
user = true;
break;
//check for password
if (user)
if (passwd.equalsIgnoreCase(password[j]))
return "validuser";
return "invaliduser";
My problem is this. When I enter any username and password, I get the following errors.......
Error: 500
Location: /jsp/ass1result.jsp
Internal Servlet Error:
org.apache.jasper.JasperException: Unable to compile class for JSPH:\tomcat\work\localhost_8080%2Fexamples\_0002fjsp_0002fass_00031result_0002ejspass1result_jsp_0.java:60: Class jsp.login not found.
login login = null;
^
H:\tomcat\work\localhost_8080%2Fexamples\_0002fjsp_0002fass_00031result_0002ejspass1result_jsp_0.java:63: Class jsp.login not found.
login= (login)
^
H:\tomcat\work\localhost_8080%2Fexamples\_0002fjsp_0002fass_00031result_0002ejspass1result_jsp_0.java:68: Class jsp.login not found.
login = (login) Beans.instantiate(this.getClass().getClassLoader(), "login");
^
3 errors
can anyone tell what is wrong and recommend how I fix it? Thanks.

Make sure you that the file login.java is in your WEB-INF/classes directory and then import the class into your jsp page using the <%@page %> directive:
i.e
<%@page import="login" %>
Also, it isn't a good idea to use a variable with the exactly same name as one of your classes. Captialise the first letter in your class names.
For instance use:
public class Login()
rather than:
public class login()
So that you can then code:
Login login = new Login();

Redirect to the jsp page after user authenticated successfully

Here is the requirement
Im using JAAS Custom Login Module for user authentication.
I have few questions in Portal Logon process
1. Exactly at what point I can conclude that the user has been authenticated successfully, because I have to redirect the user to some other page for the first time logon to enter some information, subsequent logins shouldnt be redirected. (I can update flag upon entering information).
2. Where should I add my redirection code? Is it in my JASS Custom Login Module?
If yes, how can I do that ? Im more consider on where should I add it?
3. Do I need to change my UmLogonPage.jsp to complete my requirement?
4. Once after entering the Logon information, who will call my JASS Custom Login Module for authentication? If authentication has failed who will return the control back to the umLogonPage.jsp?
5. In my JASS Custom Login Module, I have no redirections except having logic for authentication process, and some Login Exceptions are thrown for failure logins.
6. Who will catch these exceptions for failure logins to redirect back to the umLogonPage.jsp.
7. Finally I like to know where can I add my redirection logic once the user has been authenticated successfully?
8. last but not least can any of the experts explain the whole login process (using JASS module)? How the control goes from one component to another?
Any kind of help is appreciated.
Points can be awarded for useful answers.
Thanks
MMK

Thanks a lot for your valuable reply.
yes what you said was correct, storing information in R/3 System and getting the details from FM using Connector framework.
You said i have to modify "header.jsp", can you please tell which .par file should i get to modify?
one more question to you ... i have provide custom logon error messages to the user ... i did all the modification in logon.par and deployed in EP 6 .. working fine .. i can able to see "User ID Missing" , "Password Missing" etc ..
when i place same peace of code in EP 7 it always displaying "User Authentication failed". can u guess what whould be the problem?
Thanks
MMK

ACS 4.1 machine authentication problem

Hi,
I'm using the Cisco NAC framework in order to authenticate both users and machines before granting network access. i'm using windows AD to authenticate users and machines.
Under "External User Databases" -> Windows Authentication Configuration, you can configure some machine authentication settings.
I have to enable "Enable Machine Access Restriction" in combination with the group map "no access". Otherwise, even though machine authentication has failed, an authorized user can still login with an unauthorized machine (it will only appear in the failed attempts log but it will not be restricted).
This works, but the problem is the "aging time". The ACS caches the machines for a certain amount of time (12 hours by default). Now if a user logs off and he waits 12 hours to logg back on, authentication will fail (because machine authentication is already performed just after being logged off).
Is it possible to force machine authentication (together with the user authentication) at Windows log on?
Kind regards

ACS 4.1 machine authentication can work on windows. This issue occurs in an environment where there is more than one global catalog server for the domain. Restart CSAuth.exe service, and then try to authenticate again (with Machine credentials)

User authentication problem

Similar Messages

Maybe you are looking for