Using AD to authenticate BYOD users on Guest WLAN
First off, I have several WLANs -- one is a "Guest" that is anchored to our corporate WiSMv1 running 7.0.240.0 code. We have many 5508s running 8.0.100.0 -- the "guest" is tunneled back to the core WiSMv1. Right now, the Guest splashes a web page that a user just has to click through to get n the Guest WLAN. I currently have a production WLAN set up to use 802.1x and pass credentials through Win 2012R2 NPS (Radius) so that our employees can log on using their AD credentials.
We are looking to avoid the complexity and cost of ISE. We want to build a basic self-subscription process. I'd like to set up a separate "test" Guest network that will splash a web page that will basically have 2 sections -- the top section will display a phone number for the user to call. Basically the system will generate a random ID/PW which will be spoken or sent in a text message to the caller. Behind the scene, we will load these credentials into an AD OU. The bottom of this web page will be the fields for the user to enter the ID / PW which in turn will be validated to the AD.
I can't mess with the current Guest "anchored" in the corporate WiSM. We already have a custom web page and it appears you can only have one. So I was thinking of setting it up at one of the remote 5508 sites.... I can download a custom web page there and I believe I can still use the "management" interface to grab IPs out of the Guest Subnet that resides in our HQ.
My uncertainty revolves around the WLC / WLAN setup to use AD (via Radius if necessary) to validate the user -- and since it is BYOD, I have no idea what the client device will be and do not want the user to be required to do any setup.
I have gone through a lot of docs --- many talk about ISE. Others are really old -- and of course there is difference between WLC web pages simply due to the 8.0 code on the 5508s!
I am hoping this is a fairly straight forward setup.
TIA - Perry
Hi,
Your starting 3 Paragraphs say that you want to modify Guest page only.But after that You talk about the BYOD.BYOD involves device registration , supplicant provisioning etc and is entirely for different use. If you think , you are asking about that , Please go through this Tech-Talk by me to understand BYOD (Video as well Brief note )along with PPT having all the required configuration on WLC side,AD side,CA server and ISE side.
"We want to build a basic self-subscription process. I'd like to set up a separate "test" Guest network that will splash a web page that will basically have 2 sections -- the top section will display a phone number for the user to call. Basically the system will generate a random ID/PW which will be spoken or sent in a text message to the caller. "
If the requirement is the above i.e display Phone number which user would call to get credentials , it can be done via simply modifying the HTML web-page to show that number and load in to the WLC or else host that page on some external server.Infact , you can modify the Internal web page of the WLC via Security>Web-authentciation and write a header and message to be displayed on the web-page which WLC displays which can have your Mobile number to call.Once credentials are submitted , WLCcan do radius authentication.
Also 8.0 simply brings Redirection over HTTPS feature in to the WLC and there is no change in anything else i.e the concept via which web-authentciation/works.
Regards
Dhiresh
**Please rate helpful posts**
Similar Messages
-
Can my AD connected server use kerberos to authenticate windows users?
Hi,
I have installed our brand new Xserve with leopard and set it up so that it is connected to a directory service (AD). I have check to see if it kerberized and it does appear so.
What I want to do is provide SSO for our users when they visit our intranet. Our users will be using Windows XP Pro clients. I have tried using basic authentication but this requires the user to enter their network username and password to authenticate. When I try setting the realm security to be Kerberos it doesn't work.
Can this be done and if so what am I doing wrong? Surely I am not the only person trying to integrate a mac server into a windows environment and provide windows clients with a seamless experience!
Please help anyone!!!!Ok, we managed to solve this!!!
It was to do with Active Directory. You need to set the xserve in Active Directory to be trusted for delegation (all kerberos services) and voila! Sorted! -
Two different radius authentication methods on one guest wlan
I would like to use two different radius servers to one guest wlan.
One radius server is the Cisco NAC guest server, but I would like to use e.g. a RSA SecurID server as the second.
If the user does not exsist on the NAC guest server, the wlc should check the RSA server.
As I understand the servers mentioned under the layer 3 config tab on the wlan configuration tab is doing round-robin.
Is there any way that I can implement this?
Best regards,
Steffen LindemannIs there anything on the roadmap for the NAC guest server to use AD as an external database?
It seems like it shouldn't be too difficult since the server is already using AD to map sponsor roles.
We really would prefer to use a single SSID instead separate SSIDs for guest and domain accounts.
Thanks in advance! -
Guest portal using ACS to authenticate against AD
Running ACS 5.3, I have a Wireless Access policy that authenticates wireless users either by mac address, AD user name or computer name, depending on what AD groups the accounts belong to. My Network Authorization policy has rules because only certain groups should access certain SSIDs.
I am trying to get the Guest authentication portal to accept and authenticate AD users belonging to a certain group, but I run into 15039 Selected Authorization Profile is DenyAccess
Somewhere for some reason my authorization policy is denying access.
Needing some assistance in troubleshooting these rules.You have to change the Group Map Attribute to "member" and authorization will work.
-
Use User-certificates to authenticate a user?
Hi,
I have hit a big road block and so decided to reach for some help and information.
I figured out later that blazeds forum can be the best place to get some channelset authentication questions answered
I am using blazeds & Spring security on the server. As of now my application using channelset.login(username,password) to authenticate the user.
A new requirement has been introduced to authenticate the user using user-certificates derived from a smart card.
I can use spring-security filters to pass the certificate to the server and the validate it. But I have open questions about channelset authentication.
1. Is it required to call the channelset.login method inorder to use AMF Channels & StreamingAMFChannels?
2. Can I pass user-certificate instead of password in a login call and still authenticate the channelset?
3. I have to use the channelsets , so is there way to bypass username , Password based authentication?
Thanks,Hi,
I have hit a big road block and so decided to reach for some help and information.
I figured out later that blazeds forum can be the best place to get some channelset authentication questions answered
I am using blazeds & Spring security on the server. As of now my application using channelset.login(username,password) to authenticate the user.
A new requirement has been introduced to authenticate the user using user-certificates derived from a smart card.
I can use spring-security filters to pass the certificate to the server and the validate it. But I have open questions about channelset authentication.
1. Is it required to call the channelset.login method inorder to use AMF Channels & StreamingAMFChannels?
2. Can I pass user-certificate instead of password in a login call and still authenticate the channelset?
3. I have to use the channelsets , so is there way to bypass username , Password based authentication?
Thanks, -
Guest WLAN need to re-authenticate for each new tab
Hi,
We installed recently a new WLC 2504 with 22 AP's.
We use web authentication for the guest WLAN.
The porblem is : users can login and authenticate but whenever the open a new webbrowser tab they need to re-authenticate again.
And this for each new tab they open.
Anybody knows how to solve this?No, the user shouldn't have to reauthenticate for every tab they open, once the clients entry is built in the MSCB they should stay in a RUN state until either the reauth timer or the user idle timer expire.
First I'd upgrade to 7.0.220.0 and see if that resolves the issue. If it doens't get a TAC case open.
Steve -
Messages (Jabber) Refuses to Authenticate AD Users after 10.9.2/Server 3.0.3 update
Once again, an update appears to have broken Messages/Jabber's ability to authenticate AD users after the 10.9.2/Server 3.0.3 update even though it was working well before. Hoping someone here has some ideas for how to help!
I can log in just fine as a local user (e.g. [email protected]), but no luck with AD users (e.g. [email protected]). As always, it fails with no intelligible error message whatsoever:
Mar 1 09:46:00 comet.ADdomain.private jabberd/c2s[604]: [9] [::ffff:76.24.227.229, port=58658] connect
Mar 1 09:46:01 comet.ADdomain.private jabberd/c2s[604]: [9] [::ffff:76.24.227.229, port=58658] disconnect jid=unbound, packets: 0
Mar 1 09:48:00 comet.ADdomain.private jabberd/c2s[604]: [9] [::ffff:76.24.227.229, port=58667] connect
Mar 1 09:48:01 comet.ADdomain.private jabberd/c2s[604]: [9] [::ffff:76.24.227.229, port=58667] disconnect jid=unbound, packets: 0
I reset the jabber server configuration as described here to no avail: https://discussions.apple.com/thread/5354428
The DNS configuration looks good:
changeip -checkhostname
Primary address = 10.0.17.15
Current HostName = comet.ADdomain.private
DNS HostName = comet.ADdomain.private
The names match. There is nothing to change.
dirserv:success = "success"
The Jabber status from jabber:
serveradmin fullstatus jabber
jabber:state = "RUNNING"
jabber:roomsState = "RUNNING"
jabber:logPaths:PROXY_LOG = "/private/var/jabberd/log/proxy65.log"
jabber:logPaths:MUC_STD_LOG = "/var/log/system.log"
jabber:logPaths:JABBER_LOG = "/var/log/system.log"
jabber:proxyState = "RUNNING"
jabber:currentConnections = "0"
jabber:currentConnectionsPort1 = "0"
jabber:currentConnectionsPort2 = "0"
jabber:pluginVersion = "10.8.211"
jabber:servicePortsAreRestricted = "NO"
jabber:servicePortsRestrictionInfo = _empty_array
jabber:hostsCommaDelimitedString = "comet.ADdomain.private"
jabber:hosts:_array_index:0 = "comet.ADdomain.private"
jabber:setStateVersion = 1
jabber:startedTime = "2014-03-01 17:39:06 +0000"
jabber:readWriteSettingsVersion = 1
Full jabber server startup log:
Mar 1 09:52:19 comet.ADdomain.private servermgrd[180]: servermgr_jabber[N]: waiting for jabberd to finish startup...
Mar 1 09:52:19 comet.ADdomain.private jabberd/router[1785]: starting up
Mar 1 09:52:19 comet.ADdomain.private jabberd/router[1785]: loaded user table (1 users)
Mar 1 09:52:19 comet.ADdomain.private jabberd/router[1785]: couldn't open filter file /etc/jabberd/router-filter.xml: No such file or directory
Mar 1 09:52:19 comet.ADdomain.private servermgrd[180]: servermgr_jabber[N]: jabberd service startup completed.
Mar 1 09:52:19 comet.ADdomain.private jabberd/c2s[1786]: starting up
Mar 1 09:52:19 comet.ADdomain.private jabberd/s2s[1787]: starting up (interval=60, queue=60, keepalive=0, idle=86400)
Mar 1 09:52:19 comet.ADdomain.private jabberd/sm[1784]: starting up
Mar 1 09:52:19 comet.ADdomain.private jabberd/c2s[1786]: modules search path: /Applications/Server.app/Contents/ServerRoot/usr/libexec/jabberd/modules
Mar 1 09:52:19 comet.ADdomain.private jabberd/c2s[1786]: initialized auth module 'apple_od'
Mar 1 09:52:19 comet.ADdomain.private jabberd/sm[1784]: initialised storage driver 'sqlite'
Mar 1 09:52:19 comet.ADdomain.private jabberd/sm[1784]: modules search path: /Applications/Server.app/Contents/ServerRoot/usr/libexec/jabberd/modules
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-last' added to chain 'sess-end' (order 0 index 0 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'validate' added to chain 'in-sess' (order 0 index 1 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'privacy' added to chain 'in-sess' (order 1 index 2 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'roster' added to chain 'in-sess' (order 2 index 3 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=5347] listening for incoming connections
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: [comet.ADdomain.private] configured; realm=comet.ADdomain.private, registration disabled, using PEM:/etc/certificates/mail.ADdomainbio.com.E41BBC081993E348B26181D9CB334A28137A8D8D.concat.pem
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: attempting connection to router at 127.0.0.1, port=5347
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49353] connect
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49353] authenticated as jabberd
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: connection to router established
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [c2s] online (bound to 127.0.0.1, port 49353)
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: [::, port=5222] listening for connections
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: [::, port=5223] listening for SSL connections
Mar 1 09:52:20 comet.ADdomain.private jabberd/c2s[1786]: ready for connections
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'vacation' added to chain 'in-sess' (order 3 index 4 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/s2s[1787]: attempting connection to router at 127.0.0.1, port=5347
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49354] connect
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49354] authenticated as jabberd
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-vcard' added to chain 'in-sess' (order 4 index 5 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/s2s[1787]: connection to router established
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [s2s] set as default route
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [s2s] online (bound to 127.0.0.1, port 49354)
Mar 1 09:52:20 comet.ADdomain.private jabberd/s2s[1787]: ready for connections
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-ping' added to chain 'in-sess' (order 5 index 6 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-private' added to chain 'in-sess' (order 6 index 7 seq 0)
Mar 1 09:52:20 comet.ADdomain.private Rooms[1792]: Starting up...
Mar 1 09:52:20 comet.ADdomain.private Rooms[1792]: Loading persistent rooms from disk...
Mar 1 09:52:20 comet.ADdomain.private Rooms[1792]: Finished loading rooms from disk
Mar 1 09:52:20 comet.ADdomain.private Rooms[1792]: Connecting to XMPP server at 'comet.ADdomain.private' as 'rooms.comet.ADdomain.private'...
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'disco' added to chain 'in-sess' (order 7 index 8 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'amp' added to chain 'in-sess' (order 8 index 9 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'offline' added to chain 'in-sess' (order 9 index 10 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'announce' added to chain 'in-sess' (order 10 index 11 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'presence' added to chain 'in-sess' (order 11 index 12 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'deliver' added to chain 'in-sess' (order 12 index 13 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'session' added to chain 'in-router' (order 0 index 14 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'validate' added to chain 'in-router' (order 1 index 1 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'presence' added to chain 'in-router' (order 2 index 12 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'privacy' added to chain 'in-router' (order 3 index 2 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'privacy' added to chain 'out-router' (order 0 index 2 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-last' added to chain 'pkt-sm' (order 0 index 0 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-ping' added to chain 'pkt-sm' (order 1 index 6 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-time' added to chain 'pkt-sm' (order 2 index 15 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-version' added to chain 'pkt-sm' (order 3 index 16 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'amp' added to chain 'pkt-sm' (order 4 index 9 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'disco' added to chain 'pkt-sm' (order 5 index 8 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'announce' added to chain 'pkt-sm' (order 6 index 11 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'help' added to chain 'pkt-sm' (order 7 index 17 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'echo' added to chain 'pkt-sm' (order 8 index 18 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'presence' added to chain 'pkt-sm' (order 9 index 12 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'roster' added to chain 'pkt-user' (order 0 index 3 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'presence' added to chain 'pkt-user' (order 1 index 12 seq 3)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-vcard' added to chain 'pkt-user' (order 2 index 5 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'amp' added to chain 'pkt-user' (order 3 index 9 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'deliver' added to chain 'pkt-user' (order 4 index 13 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'vacation' added to chain 'pkt-user' (order 5 index 4 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'offline' added to chain 'pkt-user' (order 6 index 10 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-last' added to chain 'pkt-user' (order 7 index 0 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'session' added to chain 'pkt-router' (order 0 index 14 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'disco' added to chain 'pkt-router' (order 1 index 8 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'active' added to chain 'user-load' (order 0 index 19 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'autobuddy' added to chain 'user-load' (order 1 index 20 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'roster' added to chain 'user-load' (order 2 index 3 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'roster-publish' added to chain 'user-load' (order 3 index 21 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'privacy' added to chain 'user-load' (order 4 index 2 seq 3)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'vacation' added to chain 'user-load' (order 5 index 4 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'active' added to chain 'user-create' (order 0 index 19 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'template-roster' added to chain 'user-create' (order 1 index 22 seq 0)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'active' added to chain 'user-delete' (order 0 index 19 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'announce' added to chain 'user-delete' (order 1 index 11 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'offline' added to chain 'user-delete' (order 2 index 10 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'privacy' added to chain 'user-delete' (order 3 index 2 seq 4)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'roster' added to chain 'user-delete' (order 4 index 3 seq 3)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'vacation' added to chain 'user-delete' (order 5 index 4 seq 3)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-last' added to chain 'user-delete' (order 6 index 0 seq 3)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-private' added to chain 'user-delete' (order 7 index 7 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-vcard' added to chain 'user-delete' (order 8 index 5 seq 2)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'iq-version' added to chain 'disco-extend' (order 0 index 16 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: module 'help' added to chain 'disco-extend' (order 1 index 17 seq 1)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: version: jabberd sm 2.2.17-409
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: [comet.ADdomain.private] configured
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: attempting connection to router at 127.0.0.1, port=5347
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49355] connect
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49355] authenticated as jabberd
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: connection to router established
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [sm] online (bound to 127.0.0.1, port 49355)
Mar 1 09:52:20 comet.ADdomain.private jabberd/sm[1784]: sm ready for sessions
Mar 1 09:52:20 comet.ADdomain.private jabberd/router[1785]: [comet.ADdomain.private] online (bound to 127.0.0.1, port 49355)
Mar 1 09:52:22 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49356] connect
Mar 1 09:52:22 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49356] authenticated as proxy65.comet.ADdomain.private
Mar 1 09:52:22 comet.ADdomain.private jabberd/router[1785]: [proxy65.comet.ADdomain.private] online (bound to 127.0.0.1, port 49356)
Mar 1 09:52:23 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49357] connect
Mar 1 09:52:24 comet.ADdomain.private jabberd/router[1785]: [127.0.0.1, port=49357] authenticated as rooms.comet.ADdomain.private
Mar 1 09:52:24 comet.ADdomain.private jabberd/router[1785]: [rooms.comet.ADdomain.private] online (bound to 127.0.0.1, port 49357)
Mar 1 09:52:24 comet.ADdomain.private Rooms[1792]: Successfully connected to XMPP server, ready for activity
I am not sure if it's attempting to authenticate to AD or not, and if so, why it might be failing. Any suggestions would be greatly appreciated!uscadvit wrote:
Here is the output without the name of our AD:
Advanced Options - User Experience
Create mobile account at login = Disabled
Require confirmation = Enabled
Force home to startup disk = Enabled
Mount home as sharepoint = Enabled
Use Windows UNC path for home = Enabled
Network protocol to be used = smb
Default user Shell = /bin/bash
Advanced Options - Mappings
Mapping UID to attribute = not set
Mapping user GID to attribute = not set
Mapping group GID to attribute = not set
Generate Kerberos authority = Enabled
Advanced Options - Administrative
Preferred Domain controller = not set
Allowed admin groups = not set
Authentication from any domain = Enabled
Packet signing = allow
Packet encryption = allow
Password change interval = 14
Restrict Dynamic DNS updates = not set
Namespace mode = domain
That looks correct. Lets collect a few more config items.
Copy / paste the output of this command when run against c2s.xml:
sudo grep '<id require-starttls="true" pemfile="' /Library/Server/Messages/Config/jabberd/c2s.xml
Ours looks like this:
<id require-starttls="true" pemfile="/etc/certificates/chat.example.com.1234567890.concat.pem" private-key-password="12345678-1234-1234-12345678" cachain="/etc/certificates/chat.example.com.1234567890.chain.pem" realm="example.com">example.com</id>
Copy / paste the output of this command when run against sm.xml. To give us context, it will display the 6 lines above and below the text:
sudo grep -C 6 'If not set, the SM id is used. -->' /Library/Server/Messages/Config/jabberd/sm.xml
Ours looks like this:
<!-- Local network configuration --> <local> <!-- Who we identify ourselves as. Users will have this as the domain part of their JID. If you want your server to be accessible from other Jabber servers, this IDs must be FQDN resolvable by DNSes. If not set, the SM id is used. --> <id>example.com</id> <!-- <id>vhost1.localdomain</id> <id>vhost2.localdomain</id> --> </local>
Copy / paste the output of this command:
sudo serveradmin settings jabber
Ours looks like this:
jabber:dataLocation = "/Library/Server/Messages"jabber:s2sRestrictDomains = nojabber:jabberdDatabasePath = "/Library/Server/Messages/Data/sqlite/jabberd2.db"jabber:sslCAFile = "/etc/certificates/chat.example.com.1234567890.chain.pem"jabber:jabberdClientPortTLS = 5222jabber:sslKeyFile = "/etc/certificates/chat.example.com.1234567890.concat.pem"jabber:initialized = yesjabber:enableXMPP = nojabber:savedChatsArchiveInterval = 7jabber:authLevel = "STANDARD"jabber:hostsCommaDelimitedString = "example.com"jabber:jabberdClientPortSSL = 5223jabber:requireSecureS2S = nojabber:savedChatsLocation = "/Library/Server/Messages/Data/message_archives"jabber:enableSavedChats = nojabber:enableAutoBuddy = yesjabber:s2sAllowedDomains = _empty_arrayjabber:logLevel = "ALL"jabber:hosts:_array_index:0 = "example.com"jabber:eventLogArchiveInterval = 7jabber:jabberdS2SPort = 0
Also, while you're troubleshooting, I found Adium's debug window to be invaluble for showing errors during logon (even if you plan to use Messages).
You can open it in debug mode by holding option + click Adium.app, select "start in debug mode". Then in Adium menu > Debug window. -
How can I authenticate a User In Windows Active Directory?
I need to authenticate a user in Windows Active Directory, but I found use the code below will return true if the user name and password are both correct and false if one of them is wrong. But when I input a user name which is not exist in Active Driectory with a blank password, it will also return true. What shall I do? Ask every user must input a password withnot blank?
Please give me some help to solve this problem. Thanks a lot.
Code:
private Context ctx = null;
Hashtable env = new Hashtable ();
boolean isValid = false;
try {
this.setEnvironmentProperties();
String domainName = AuthenticateResources.getString("mydomain.com");
//set the name of domain with the user name
String fullName = name + "@" + domainName;
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,"ldap://mydomain:389");
env.put(Context.SECURITY_AUTHENTICATION,"simple");
//set user related information
env.put(Context.SECURITY_PRINCIPAL, fullName);
//set user password
env.put(Context.SECURITY_CREDENTIALS, password);
//validate user
ctx = new InitialDirContext(env);
isValid = true;
}catch (AuthenticationException ex){
isValid = false;
catch (NamingException ex) {
throw ex;
}finally{
this.freeContext();
return isValid;This is usually a problem if Anonymous Binding is enabled. I have faced this in other Directory Servers, but I am not familiar with Active Directory.
I think by default Active Directory disables Anonymous Binding, but you may want to check. -
Com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authen
Hi ,
I am invoking the process via email and its working fine for all the users but its not wrking for few users who are all in the partculer domain.
for example, We have two domains domain1 and domain2... this is wrking for domain1 users and not for domain2 users.. this is also wrking for outside users when i add the name in defautdom and all the domain users also can able to invoke the process via adobe workspace.
But when domain2 users are trying to invoke the process from their mail then i am getting the following error message.
com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
I used complete task to invoke the process via mail and the mail id which is created and added in the complete task also in domain2. Please let me know if you have any ideas for this issue.
Version - Adobe LC ES2 and Adobe Reader 10
Thanks,
DhiyaneHi Varun,
Below are the server logs
Thanks,
Bryan
2013-08-26 05:24:54,786 ERROR [org.jboss.ejb.plugins.LogInterceptor] (WorkManager(2)-27) TransactionRolledbackLocalException in method: public abstract java.lang.Object com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterLocal.doSupports(c om.adobe.idp.dsc.transaction.TransactionDefinition,com.adobe.idp.dsc.transaction.Transacti onCallback) throws com.adobe.idp.dsc.DSCException, causedBy:
ALC-DSC-099-000: com.adobe.idp.dsc.DSCRuntimeException: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1160)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doSupports(Ej bTransactionCMTAdapterBean.java:227)
at sun.reflect.GeneratedMethodAccessor593.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:378)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doSupports(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:104)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:165)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.workflow.engine.PEUtil.invokeAction(PEUtil.java:893)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.transientInvoke(WorkflowDSCInvoker. java:350)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.invoke(WorkflowDSCInvoker.java:158)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doRequiresNew (EjbTransactionCMTAdapterBean.java:299)
at sun.reflect.GeneratedMethodAccessor545.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:404)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doRequiresNew(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:143)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:188)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.idp.jobmanager.execution.workadapter.AbstractExecutableJob.invokeRequest(Abstra ctExecutableJob.java:127)
at com.adobe.idp.jobmanager.execution.workadapter.PersistentExecutableJob.execute(Persistent ExecutableJob.java:60)
at com.adobe.idp.dsc.workmanager.adapter.UnManagedAsynchronousWorkAdapter.run(UnManagedAsync hronousWorkAdapter.java:39)
at org.jboss.resource.work.WorkWrapper.execute(WorkWrapper.java:205)
at org.jboss.util.threadpool.BasicTaskWrapper.run(BasicTaskWrapper.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: ALC-DSC-215-000: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1134)
... 108 more
2013-08-26 05:24:54,791 WARN [com.adobe.workflow.AWS] (WorkManager(2)-27) ALC-DSC-099-000: com.adobe.idp.dsc.DSCRuntimeException: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1160)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doSupports(Ej bTransactionCMTAdapterBean.java:227)
at sun.reflect.GeneratedMethodAccessor593.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:378)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doSupports(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:104)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:165)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.workflow.engine.PEUtil.invokeAction(PEUtil.java:893)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.transientInvoke(WorkflowDSCInvoker. java:350)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.invoke(WorkflowDSCInvoker.java:158)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doRequiresNew (EjbTransactionCMTAdapterBean.java:299)
at sun.reflect.GeneratedMethodAccessor545.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:404)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doRequiresNew(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:143)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:188)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.idp.jobmanager.execution.workadapter.AbstractExecutableJob.invokeRequest(Abstra ctExecutableJob.java:127)
at com.adobe.idp.jobmanager.execution.workadapter.PersistentExecutableJob.execute(Persistent ExecutableJob.java:60)
at com.adobe.idp.dsc.workmanager.adapter.UnManagedAsynchronousWorkAdapter.run(UnManagedAsync hronousWorkAdapter.java:39)
at org.jboss.resource.work.WorkWrapper.execute(WorkWrapper.java:205)
at org.jboss.util.threadpool.BasicTaskWrapper.run(BasicTaskWrapper.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: ALC-DSC-215-000: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1134)
... 108 more
2013-08-26 05:24:54,808 ERROR [org.jboss.ejb.plugins.LogInterceptor] (WorkManager(2)-27) TransactionRolledbackLocalException in method: public abstract com.adobe.pof.omapi.POFObjectSet com.adobe.pof.omapi.POFObjectManagerLocal.retrieveObjectSet(com.adobe.pof.omapi.POFQuery, int,int,com.adobe.idp.Context) throws com.adobe.pof.POFException, causedBy:
org.jboss.util.NestedSQLException: Transaction is not active: tx=TransactionImple < ac, BasicAction: 7f000001:c1c7:5217ec7e:80e07 status: ActionStatus.ABORT_ONLY >; - nested throwable: (javax.resource.ResourceException: Transaction is not active: tx=TransactionImple < ac, BasicAction: 7f000001:c1c7:5217ec7e:80e07 status: ActionStatus.ABORT_ONLY >)
at org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:95 )
at com.adobe.pof.ConnectionWrapper.getConnection(ConnectionWrapper.java:46)
at com.adobe.pof.ConnectionWrapper.prepareStatement(ConnectionWrapper.java:176)
at com.adobe.pof.adapter.JDBCAdapter.prepareStatement(JDBCAdapter.java:5310)
at com.adobe.pof.adapter.mysql.MySQL4Adapter.retrieveObjectSet(MySQL4Adapter.java:540)
at com.adobe.pof.omapi.POFObjectManagerImpl.retrieveObjectSet(POFObjectManagerImpl.java:154)
at com.adobe.pof.omapi.POFObjectManagerRemoteBean.retrieveObjectSet(POFObjectManagerRemoteBe an.java:228)
at sun.reflect.GeneratedMethodAccessor543.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy309.retrieveObjectSet(Unknown Source)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy309.retrieveObjectSet(Unknown Source)
at com.adobe.pof.omapi.POFObjectManagerLocalEJBAdapter.retrieveObjectSet(POFObjectManagerLoc alEJBAdapter.java:115)
at com.adobe.pof.omapi.POFObjectManagerAbstractAdapter.retrieveObjectSet(POFObjectManagerAbs tractAdapter.java:481)
at com.adobe.pof.omapi.POFObjectManagerAbstractAdapter.retrieveBOIObjects(POFObjectManagerAb stractAdapter.java:404)
at com.adobe.idp.applicationmanager.application.impl.ApplicationStoreImpl.getApplicationConf igurationBOI(ApplicationStoreImpl.java:594)
at com.adobe.idp.applicationmanager.application.impl.ApplicationStoreImpl.getApplicationConf iguration(ApplicationStoreImpl.java:537)
at com.adobe.idp.applicationmanager.application.impl.ApplicationStoreImpl.getApplicationConf iguration(ApplicationStoreImpl.java:566)
at com.adobe.idp.applicationmanager.application.impl.ApplicationRegistryImpl.getApplicationC onfiguration(ApplicationRegistryImpl.java:966)
at com.adobe.idp.applicationmanager.application.impl.ApplicationRegistryImpl.populateApplica tionContext(ApplicationRegistryImpl.java:1871)
at com.adobe.idp.applicationmanager.invoker.ApplicationInvoker.populateApplicationContext(Ap plicationInvoker.java:65)
at com.adobe.idp.applicationmanager.invoker.ApplicationInvoker.invoke(ApplicationInvoker.jav a:53)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.adobe.idp.dsc.registry.naming.impl.NamingRegistryImpl.loadApplicationContext(NamingRe gistryImpl.java:248)
at com.adobe.idp.dsc.registry.naming.impl.NamingRegistryImpl.internalCreateApplicationContex t(NamingRegistryImpl.java:198)
at com.adobe.idp.dsc.registry.naming.impl.NamingRegistryImpl.createApplicationContext(Naming RegistryImpl.java:141)
at com.adobe.idp.dsc.impl.InvocationContextImpl.getApplicationContext(InvocationContextImpl. java:91)
at com.adobe.workflow.engine.PEUtil.getOnFaultAction(PEUtil.java:386)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.transientInvoke(WorkflowDSCInvoker. java:368)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.invoke(WorkflowDSCInvoker.java:158)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doRequiresNew (EjbTransactionCMTAdapterBean.java:299)
at sun.reflect.GeneratedMethodAccessor545.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:404)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doRequiresNew(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:143)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:188)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.idp.jobmanager.execution.workadapter.AbstractExecutableJob.invokeRequest(Abstra ctExecutableJob.java:127)
at com.adobe.idp.jobmanager.execution.workadapter.PersistentExecutableJob.execute(Persistent ExecutableJob.java:60)
at com.adobe.idp.dsc.workmanager.adapter.UnManagedAsynchronousWorkAdapter.run(UnManagedAsync hronousWorkAdapter.java:39)
at org.jboss.resource.work.WorkWrapper.execute(WorkWrapper.java:205)
at org.jboss.util.threadpool.BasicTaskWrapper.run(BasicTaskWrapper.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.resource.ResourceException: Transaction is not active: tx=TransactionImple < ac, BasicAction: 7f000001:c1c7:5217ec7e:80e07 status: ActionStatus.ABORT_ONLY >
at org.jboss.resource.connectionmanager.TxConnectionManager.getManagedConnection(TxConnectio nManager.java:413)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnec tionManager2.java:496)
at org.jboss.resource.connectionmanager.BaseConnectionManager2$ConnectionManagerProxy.alloca teConnection(BaseConnectionManager2.java:941)
at org.jboss.resource.adapter.jdbc.WrapperDataSource.getConnection(WrapperDataSource.java:89 )
... 103 more
2013-08-26 05:24:54,812 WARN [com.adobe.workflow.AWS] (WorkManager(2)-27) com.adobe.pof.POFRuntimeException: Transaction is not active: tx=TransactionImple < ac, BasicAction: 7f000001:c1c7:5217ec7e:80e07 status: ActionStatus.ABORT_ONLY >; - nested throwable: (javax.resource.ResourceException: Transaction is not active: tx=TransactionImple < ac, BasicAction: 7f000001:c1c7:5217ec7e:80e07 status: ActionStatus.ABORT_ONLY >)
2013-08-26 05:24:54,812 ERROR [com.adobe.workflow.AWS] (WorkManager(2)-27) An exception was thrown with name com.adobe.idp.dsc.DSCRuntimeException message:None of the Auth Provider could authenticate the user. Authentication Failed while invoking service Task Notification and operation processEmailMapSubmit and no fault routes were found to be configured.
2013-08-26 05:24:54,813 ERROR [org.jboss.ejb.plugins.LogInterceptor] (WorkManager(2)-27) RuntimeException in method: public abstract java.lang.Object com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterLocal.doRequiresNe w(com.adobe.idp.dsc.transaction.TransactionDefinition,com.adobe.idp.dsc.transaction.Transa ctionCallback) throws com.adobe.idp.dsc.DSCException:
ALC-DSC-099-000: com.adobe.idp.dsc.DSCRuntimeException: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.transientInvoke(WorkflowDSCInvoker. java:375)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.invoke(WorkflowDSCInvoker.java:158)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doRequiresNew (EjbTransactionCMTAdapterBean.java:299)
at sun.reflect.GeneratedMethodAccessor545.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:404)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doRequiresNew(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:143)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:188)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.idp.jobmanager.execution.workadapter.AbstractExecutableJob.invokeRequest(Abstra ctExecutableJob.java:127)
at com.adobe.idp.jobmanager.execution.workadapter.PersistentExecutableJob.execute(Persistent ExecutableJob.java:60)
at com.adobe.idp.dsc.workmanager.adapter.UnManagedAsynchronousWorkAdapter.run(UnManagedAsync hronousWorkAdapter.java:39)
at org.jboss.resource.work.WorkWrapper.execute(WorkWrapper.java:205)
at org.jboss.util.threadpool.BasicTaskWrapper.run(BasicTaskWrapper.java:260)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
at java.lang.Thread.run(Thread.java:662)
Caused by: ALC-DSC-099-000: com.adobe.idp.dsc.DSCRuntimeException: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.workflow.engine.PEUtil.invokeAction(PEUtil.java:1008)
at com.adobe.idp.workflow.dsc.invoker.WorkflowDSCInvoker.transientInvoke(WorkflowDSCInvoker. java:350)
... 55 more
Caused by: ALC-DSC-099-000: com.adobe.idp.dsc.DSCRuntimeException: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1160)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.adobe.idp.dsc.component.impl.DefaultPOJOInvokerImpl.invoke(DefaultPOJOInvokerImpl.jav a:118)
at com.adobe.idp.dsc.interceptor.impl.InvocationInterceptor.intercept(InvocationInterceptor. java:140)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.DocumentPassivationInterceptor.intercept(DocumentPassi vationInterceptor.java:53)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor$1.doInTransaction(Transa ctionInterceptor.java:74)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.execute(EjbTr ansactionCMTAdapterBean.java:357)
at com.adobe.idp.dsc.transaction.impl.ejb.adapter.EjbTransactionCMTAdapterBean.doSupports(Ej bTransactionCMTAdapterBean.java:227)
at sun.reflect.GeneratedMethodAccessor593.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:386)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionConta iner.java:233)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionI nterceptor.java:156)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstance Interceptor.java:173)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:378)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:228)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:211)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java :97)
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invoke(PreSecurityInterceptor.java: 81)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor. java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:650)
at org.jboss.ejb.Container.invoke(Container.java:1092)
at org.jboss.ejb.plugins.local.BaseLocalProxyFactory.invoke(BaseLocalProxyFactory.java:436)
at org.jboss.ejb.plugins.local.StatelessSessionProxy.invoke(StatelessSessionProxy.java:103)
at com.sun.proxy.$Proxy265.doSupports(Unknown Source)
at com.adobe.idp.dsc.transaction.impl.ejb.EjbTransactionProvider.execute(EjbTransactionProvi der.java:104)
at com.adobe.idp.dsc.transaction.interceptor.TransactionInterceptor.intercept(TransactionInt erceptor.java:72)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvocationStrategyInterceptor.intercept(InvocationStra tegyInterceptor.java:55)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.InvalidStateInterceptor.intercept(InvalidStateIntercep tor.java:37)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.AuthorizationInterceptor.intercept(AuthorizationInterc eptor.java:165)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.interceptor.impl.JMXInterceptor.intercept(JMXInterceptor.java:48)
at com.adobe.idp.dsc.interceptor.impl.RequestInterceptorChainImpl.proceed(RequestInterceptor ChainImpl.java:60)
at com.adobe.idp.dsc.engine.impl.ServiceEngineImpl.invoke(ServiceEngineImpl.java:121)
at com.adobe.idp.dsc.routing.Router.routeRequest(Router.java:131)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageReceiver.routeMessage(AbstractMessage Receiver.java:93)
at com.adobe.idp.dsc.provider.impl.vm.VMMessageDispatcher.doSend(VMMessageDispatcher.java:22 5)
at com.adobe.idp.dsc.provider.impl.base.AbstractMessageDispatcher.send(AbstractMessageDispat cher.java:69)
at com.adobe.idp.dsc.clientsdk.ServiceClient.invoke(ServiceClient.java:208)
at com.adobe.workflow.engine.PEUtil.invokeAction(PEUtil.java:893)
... 56 more
Caused by: ALC-DSC-215-000: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed
at com.adobe.livecycle.notification.TaskNotificationServiceImpl.processEmailMapSubmit(TaskNo tificationServiceImpl.java:1134)
... 108 more
2013-08-26 05:24:54,817 ERROR [com.adobe.idp.jobmanager.execution.workadapter.PersistentExecutableJob] (WorkManager(2)-27) PeristentExecutableJob:execute():Attempting to fail job. Reason: com.adobe.idp.dsc.DSCRuntimeException: None of the Auth Provider could authenticate the user. Authentication Failed -
SEEBURGER AS2: AS2 Adapter failure - Cannot authenticate the user
Hello,
All was working fine but now I got these errors in an AS2 scenario. Sending a message via AS2. Also we don't receive any messages via AS2 anymore. This is the error when sending a message:
Unable to forward message to JCA adapter. Reason: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.
MP: Exception caught with cause javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.
Exception caught by adapter framework: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user
Delivery of the message to the application using connection AS2_http://seeburger.com/xi failed, due to: com.sap.aii.af.ra.ms.api.RecoverableException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user., SEEBURGER AS2: AS2 Adapter failure # java.lang.Exception: AS2 message composition failed: com.seeburger.ksm.cryptoapi.exception.CryptoApiException: Cannot authenticate the user.: javax.resource.ResourceException: Fatal exception: com.sap.aii.af.ra.cci.XIRecoverableException: SEEBURGER AS2: AS2 Adapter failure.
Please advice, many thanks!
ErikAre you using the "Use Authentication" option in the communication channel? If yes, then ensure that the user provided is correct and is not locked. Also recheck the authentication certificate settings.
Regards,
Prateek -
EBS 7.3 "Could not authenticate this user name and password, try again"
I have just install Sun StorEdge Enterprise Backup Software 7.3 on a new Solaris 10 (06/06) system. I have installed the following packages with no errors: SUNWebsc (Client), SUNWebsn (Storage Node), SUNWebss (Server), SUNWebsm (Man pages) and SUNWebsg (Console).
I have executed the �nsraddadmin� command for both root and administrator.
I start the web browser with http://<hostname>:9000 and the java software loads with no errors. But when I try to login for the first time with administrator/administrator, I get the follow error:
ERROR: Could not authenticate this user name and password, try again�I think the client is not able to do a HTTP POST
to the WLS server but it can do a HTTP GET.
I dont know why.
http://manojc.com
"Ganesh" <[email protected]> wrote in message
news:3eba91bc$[email protected]..
>
Hi,
I deployed a rpc web service using WLS 7.0 SP2 in HP-UX 11 environment.When I
invoke the web service through my browser (IE 6.0) using the web servicesurl,
it brings my service method correctly. From there, if I click the invokebutton
it asks me for a network user name and password under "weblogic" realm???If I
provide the admin user credentials (which I supplied while creating mydomain)
it is not accepting that it keeps popping up this network user passwordwindow
over and over. Not sure which username/password I have to provide here tosee
the result of my service.
If I try to invoke the web service through my client (static) I am gettinga connection
refused exception. I guess either way, I am not able to access my webservice.
In the attached file, I have cut and pasted the client stack trace as wellas
the server log trace from weblogic.
Any ideas would be highly appreciated.
Thanks,
Ganesh -
I have created a user in oracle BPM but it is not reflected in system-jazn-data.xml file and I am unable to authenticate that user to create context as needed in workflow client
weblogic credentials are different.
and using thode credentials I am able to login to weblogic server
the users I am talking about is the process users defined in realm.
in realm those users are defined as Default authenticator and OID authenticator.
and I am trying to authenticate one of those users defined in realm using java api so that I an access a process defined In Oracle BPM 11g -
Keeping Internal Users off Guest Wireless
Have a WLC 5508 running 6.x code with LAP's providing wireless for our internal laptops (WPA2 and EAP-TLS). I want to provide guest wireless which goes out a different port on the WLC to a guest firewall/cable modem. However, we want to prevent our internal laptops from being able to use the guest wireless. I have RADIUS (IAS) and LDAP for my AD available. We would prefer not to have use Lobby Ambassador and just have the guests use a simple password or web passthru. Guests may be laptops or smartphones.
What options are available? I have tried a test setup using dynamic vlan assignments from RADIUS using the IETF flags, but can't seem to get it to work. Is there a way to identify the SSID is being used at the RADIUS server? Thanks.I'm closer. I have aaa override working for vlan assignment via RADIUS. On the RADIUS server, I have two access policies. The first is my normal authentication (EAP-TLS) for internal wireless clients where I included the condition member of Windows group Domain Computers. The RADIUS reply for the first policy assigns them to the "internal" vlan. The second RADIUS policy is for the visitor account (AD account with username/password) and the RADIUS reply from that assigns them to the "guest" vlan. The guest vlan exits my WLC on a seperate port to the guess firewall/cable modem, while the internal vlan exits to my internal lan.
That way even if internal user connects to the Guest SSID with a company laptop they still end on the internal lan.
Right now I have the Internal SSID authenticating off one group of RADIUS servers, and the Guest SSID authenticating off another set. My next step is to see if it can be done with only one SSID and one group of RADIUS servers, since assigning the vlan is what really matters.
Are there any security considerations with using a single SSID? I plan on turning on Peer to Peer Blocking if I do that. -
GUEST WLANs ::: user self regsitration
I would like to share a few thoughts about guest WLAN access.
- if you have a lot of guests this means a lot of work in terms of account & password generation plus changing the credentials after a certain time.
Now you can offload this to lobbyadmin / "Ambassadors" but still it means work. Further on it is hard to do if you get 500 visitors. Is there any way of secure user sellf enrollment / self regiostration?
- normally, if you print the credentials on badges the credentials can be shared. Is there any way to do a mac locking in a way so that only the first MAC address which successfully loged on with this credentials can use them?
- Is there a thermal / label printer which would work with the WiSM so that the generated password can be printed on a small note/receipt once the lobbyadmin registered the guest?
Thanks,
--JoergHowdy,
We deployed Guest Internet Access (GIA) a year ago, before our LWAPP migration began across 30 hospital systems. Our business requirements were:
1) No charge to guests
2) Minimize have VS have not's issues (no using credit cards, etc for validation)
3) Centralized ISP(s)
4) Some form of self-reg as NONE of the hospitals wanted staff to have to do anything
We ended up doing an Advanced Services engagement with Cisco. Looked at BBSM & SSG. Settled on BBSM. GRE + VRF overlay network. The main part of the CAES engagement was to 'adapt' their existing custom 'sponsor' app to accomodate self-reg. Bottom line is we were underwhelmed with the sponsor app, although I heard @ Networkers last year from a Cisco internal IT manager that they've enhanced it considerably so YMMV.
We dropped the sponsor app & I dug in to the BBSM's SDK docs. I built a simple web form that folks get re-directed to in the BBSM's 'walled garden'. They choose Dr, Guest of Patient or business partner and based on this selection have to provide add'l info such as contact within our company. Bear in mind that there's no way to check any of this so we do have some 'donald ducks' show up in registration. Once they fill in the info, we replay their info & IP to them visually along w/ the AU policy. They click accept & it posts a string back to the BBSM that calls a pageset to initiate their session. For the doctors personal devices we BBSM auth them against radius so that they can use existing novell credentials & not have to 'sign up' each time.
This has worked pretty well for > 1yr. The BBSM unfortunately is not the most stable platform. Appliance, Win2k w/ MS ISA & some fancy cisco nat code is what it amounts to. I have 2 of them. One died already (HDD/controller) and both have had to be rebooted (hung) probably 5-6 times in 1yr.
Sooo. We are excited about GIA via LWAPP. Removes the complexities of the overlay network, gets rid of BBSMs (potentially) and has the capability to provide some redundancy where the BBSMs do not.
As far as self-reg under GIA-over-LWAPP... Since there is no way to enforce truthful registration, it is, in my opinion, of dubious value. Our previous 'extremest' security officer that insisted on it has left the building and I am exploring forgoing it completely with mgt as it's the one major complaint we get amongst otherwise raving reviews of the service (we survey the guests, etc).
One other complaint we've had is "We don't like having to (completely) re-register every 8 hours. Couldn't we just set up our own userid/password & reuse @ session expiry?"
Considering all of this, if push comes to shove & I'm forced to keep self reg as we migrate to LWAPP then here is my plan & what I think you'll want to explore:
1) Redirect the guest users to a (offbox) webform. Collect info including chosen userID/pass.
2) On post, write to sql backend. Mysql should work fine on the cheap.
3) Use ACS (or freeradius) to radius auth the user against this external (to ACS) database, just need a second or two delay to make sure form post data makes it into DB prior to posting url back to anchor controller.
Benefits:
1) Easier reporting then old reg form-post text file
2) Ability to do sql replication to alt datacenter where redundant anchors live
3) Upon user's session expiration, they can re-login using credentials they chose instead of having to completely re-register.
4) Radius server can still look @ novell via sldap for our docs.
Obviously you have to determine what the ultimate life of the user account in radius is before it's auto-purged.
Still have some details to flesh out but that should give you some ideas. Also, don't be afraid to survey your guests, even using free or cheap online survey tools (surveymonkey). Link to it @ top of selfreg form. Our users have NO problem filling out the survey & telling us what they like & don't. Good info.
Hope it helps. -
Java API Failed to authenticate the user session with LDAP
I have created a Java class that uses the MDM Java Api's it works fine on our Development environment where the MDM server uses its own built in authentication, but when I moved it to our QA environment where MDM use LDAP for authentication its failed with a 'Failed to authenticate the user session'. Has anyone seen this before?
hi Dan,
The java class which u have created that suppose to works fine on MDM server because to execute that program there are no requirement of such protocols, the problem u will face while exporting those program to an client machine
LDAP(Lightweight Directory Access protocol) connector communicates with the SAP system using RFC and with the directory server using these standard communication protocol.
so try to select the protocol such that it should help in making connection between the server,direcotryserver and the client machine through which u can execute u r java class using java Api's.
i hope this will give u an idea to through ur problem.
regards,
swapnil
Maybe you are looking for
-
Whats the best way to get dvd onto 5800
Peoples, I'm strugglin to get DVD onto my noka 5800. It's not obvious in the user manual and looking around the web i need to 'convert' it to the fim on. Please does anybody have an easy, fool proof way of doing this?????? Message Edited by blueleach
-
Help, iTunes refuses to not auto launch when iPhone connected to computer
Hi, anyone else have this obnoxious problem? I unchecked "auto syncing" and all of the possible disabling options in iTunes>Preferences. Another forum I visted mentioned disabling iTunes Helper. I am having a problem launching iTunes Helper because I
-
Hi everyone My FCPX 10.1.4. won't open since this morning. I'm running it on a iMac 27", 3.5 GHz, 32GB RAM with OSX 10.9.5 Any help would be appreciated. Thanks! Here's my crash report: Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 lib
-
Help! Trying to install leopard from the DVD (purchased from apple store last wk) and having no end of trouble. Plenty of HD space and RAM etc. First it did nothing when i put it in, asked me to restart. Then i did restart and it asked me do I want t
-
SQL Error while trying to createMarkupDefinition
We upgraded wls portal schem from 8.1 to 10 and when we tried to deploy the app we had issues inserting the MarkupDefinition. Attached is the error. The error also complains that there might be Possible markup duplication of [MrkupDefinition] <appnam