Web Server Authentication

Similar Messages

• Web Server Authentication Required

  When I try to go to the settings page after going  my web server user interface I get this response: A username and password are being requested by https://my ip address The site says: "admin" Iv'e tried every id/password combination I have ever used nothing works. I am using a HP Photosmart 5512 on os x Lion I have made on changes since installing the printer.

  Hi there s_bmay4,
  Is this an external webserver or is this the web interface for your printer?
  You can say thanks by clicking the Kudos Star in my post. If my post resolves your problem, please mark it as Accepted Solution so others can benefit too.

• Can iDSIE (Meta-directory) be used as a single authentication point from iPlanet Web Server for multiple databases using direct "or" indirect connectors?

  Basically, the latest release of iPlanet Web Server forces the user/group information source to be an LDAP database. Currently, the user accounts are in Active Directory, NT, Oracle and NetWare Directory Service in this heterogeneous environment.
  What I am looking for is a meta-directory product which can do two things:
  1-Single authentiation point for users in mulitple databases from iPlanet Web Server.
  2-Single administration point for all of the databases listed above.
  For example, can I add/modify/delete a user account at the meta-directory level and have this propagate to all of the databases listed above reducing the administration to one meta-directory product?

  With an Virtual Directory solution, you can authenticate Iplanet Web Server against nearly anything including any LDAPv3 Directory Server, Microsoft Active Directory, Windows NT Domains, Oracle RDBMS, IBM DB2 RDBMS, Microsoft SQL, and others.
  All of this is done dynamically and doesn't require any heavyweight synchronization process. The Virtual Directory acts as a dynamic schema / DIT / data translation engine for different types of repositories.
  OctetString's Virtual Directory Engine is one such example. You can download a 30 day evaluation copy at:
  http://www.octetstring.com
  It will take you all of 30 minutes to get iPlanet Web Server authenticated against and using groups from things like Oracle RDBMS, Windows NT Domains, or Active Directory.

• Sun One web server 6.0 Authentication

  Does anyone know if it is possible to use form based authentication under Sun One Web Server 6.0, that checks the user authentication on a proprietary API. I need to use a JAVA library to authenticate users and i would like to use it under the form based authentication method inside the web server. Is it possible to write a plug-in for web server authentication mechanism?
  Thank you

  I have almost identical problem (topic �iPlanet 6.0 stops responding�). Since than I made some serious testing and found out that NSAPI does not produce problem. There are two types of delays: the shortest last from 10 to 20 seconds and usually there is �Error accepting connection (The semaphore timeout period has expired.� message in error log. The longest sometimes last more than 10 minutes.
  This is short cut from my response time log (in miliseconds):
  10:30:18 Response:    15
  10:30:28 Response:    32
  10:30:38 Response:    47
  10:30:48 Response:    31
  10:31:06 Response:  8265
  10:31:17 Response:   188
  10:31:27 Response:    31
  10:31:37 Response:    16
  10:31:47 Response:    16
  10:31:57 Response:    31
  10:32:07 Response:    32
  10:32:17 Response:    31
  10:32:37 Response: 10578
  10:32:47 Response:    31
  10:32:57 Response:    31
  10:33:07 Response:    32
  10:33:17 Response:    47
  10:33:27 Response:    31
  10:33:38 Response:   266
  10:33:48 Response:    62
  10:33:58 Response:    31
  10:34:08 Response:    47
  10:34:18 Response:    47
  10:34:28 Response:    31
  10:34:49 Response: 11047
  10:34:59 Response:    31
  10:35:10 Response:    93
  10:35:20 Response:    32
  10:35:30 Response:    46
  10:35:40 Response:    32
  10:35:50 Response:    47
  10:36:00 Response:    46
  10:36:10 Response:    32
  10:36:20 Response:    62
  10:36:30 Response:    47
  10:36:40 Response:    31
  10:36:50 Response:   391
  10:37:01 Response:   297and Connection statistics from Admin web at delay
  Total Number Of Connections:  31644 
  Maximum Number Of Queued Connections: 4096 
  Peak Number Of Queued Connections: 285 
  Current Number Of Queued Connections: 285 
  Number Of Processes:  1 Configuration is Sun One Web Server 6.0.6, Win2K Advanced Server with SP4, Single Processor Machine (Compaq DL360).

• Imp:How to find out whether client authentication Enabled on the Web Server

  Hi,
  I am trying to find out whether the Client Authentication Enabled on the Web Server or not.
  Reason for doing this, if we have two certificates in the key store which will authenticate the Web Server, JSSE Authentication will always take the first cert from the keystore. If the first Certificate is Expired, it will fail while doing the HandShake.
  So if I can find out whether Client Authentication is Enabled or not, then I can prompt a dialog for the user to select the Certificate for the Hand Shake.
  Thanks in advance for any Response,
  Krish.

  AUTH_TYPE will tell you only if it SSL or not. It won't say whether the Client Certificates Required for SSL Connection.
  Also, AUTH_TYPE is not part of the Http Headers.
  If there is any other solution, greatly appreciated.
  Thanks
  Krish.

• Kerberos Authentication DB in Oracle iPlanet Web Server

  [Here is a blog about how to configure Kerberos Authentication Database in Oracle iPlanet Web Server on Solaris 10 update 8 |http://blogs.sun.com/meena/entry/using_kerberos_as_authentication_database]

  As long as the application server that LCDS is deployed in is supported, it doesn't  matter which webserver is being used.
  HTH
  Kumaran

• SUN One web server 6.1,strong authentication and smart card

  Hi guys,
  I am experiencing a weired issue with smart cards.
  scenario:
  SOWS 6.1 SP6, smart card Gem Plus and Internet explorer 6 and 7 as client and strong authentication.
  Once I put my smart card and insert the PIN code to get into the html page, when I tried to just move the mouse in a frame, I got lots of PIN request. I have notest the there are lots of SSLv3 sessions opened. When I put the PIN code after a while and again when I move the mouse quickly I got the same request
  I tried with Firefox and the it works fine.
  Anyone experienced a sort of same issue? any clue? Could it be that Firefox store the PIN code somewhere and IE doesn't?
  Cheers

  Hi,
  Yes, Firefox and other mozilla products by default only require the pin for tokens the first time they are needed. In Seamonkey, the preference is in edit/preference/privacy & security/master passwords/master password timeout/web browser will ask for your master password . There is an equivalent in Firefox, but since i don't use it, I don't know the exact location of that pref.
  The fact that you are being prompted multiple times in IE means that there are multiple SSL handshakes happening. This may be because the server is forcing a new SSL handshake on each HTTP request. . There may be a way for the web server to be configured not to do that by setting client auth globally on the listen socket instead of setting it on a specific URL space.

• Problem with Basic Authentication in Web Server 7.0u8

  I am using a web application which has inbuilt form based authentication. After entering correct username and password, i get logged in, but then immediatly i see a basic authentication dialog popup. I am seeing this behavior in Sun Web server 7.0u8 as well as Sun Web server 7.0u3.
  Any idea what could be the reason behind this? Other app servers like Weblogic , JBoss, Websphere do not show this behavior.

  This is the content of the default.acl file. This is the only .acl file that is there in https-<instance_name> directory.
  # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
  # Use is subject to license terms.
  version 3.0;
  acl "default";
  authenticate (user, group) {
  prompt = "Sun Java System Web Server";
  allow (read, execute, info) user = "anyone";
  allow (list, write, delete) user = "all";
  acl "es-internal";
  allow (read, execute, info) user = "anyone";
  deny (list, write, delete) user = "anyone";

• IPlanet Web Server 6.0 SP3-4: authenticating succeeds with bogus password

  There is a very serious problem with ACL configured to authenticate against the ldap server.
  Going through the Global settings, if you configure it to use a Ldap server and then configure the ACL to allow only the authenticated users... however, by typing a bogus password, as long as userid is correct, I can get access to the URL pages.
  Previously, I have responded to "Thuan Nguyen" in the subject "Problem authenticating iPlanet Web Server 6.0 SP3 and SP4 with LDAP", regarding authentication to the Ldap with bogus password.
  I have emailed and called in to inform SUN of this severe security problem with their Web Server, but I don't even know if this information is getting through.
  Isn't there anyone out there who can also confirm this?
  And if there is any existing workarounds for this?
  Thank you.

  This is documented in the 6.0 SP5 (and higher)
  release notes as fixed problem 4770629, and,
  according to the SP5 release notes, "All users of
  previous versions of Sun ONE Web Server are strongly
  recommended to install this service pack."
  Note that the problem only occurs when the LDAP entry
  lacks a uid.Thanks for the info. However, the LDAP server I'm using does have the UID value.
  Regardless, I will try the SP5 and get back to you.
  Thank you.

• IGNORE this since I can not DELETE IT - Your browser does not support cookies, which are required for this web server to work in session authentication mode

  Error - No cookies
  Your browser does not support cookies, which are required for this web server to work in session authentication mode
  This is a NOSCRIPT PROBLEM and NOT a Firefox problem.......
  when disabled it works JUST FINE

  Error - No cookies
  Your browser does not support cookies, which are required for this web server to work in session authentication mode
  This is a NOSCRIPT PROBLEM and NOT a Firefox problem.......
  when disabled it works JUST FINE

• 26194 (7080/tcp) Web Server Uses Plain Text Authenti ...

  Our recent tenable security scan on the PeopleSoft web server shows the web
  server is using the plan text authentication. We are using the both secured
  (port 7081) and non-secured (port 7080) web services (PeopleSoft Weblogic
  web server). I have attached the detailed message to the submitted case. It
  looks that the LoginForm.jsp is passing the plain text password. I just
  don't know how to fix this? any suggestions?
  Vulnerability Details
  Vulnerability Report Description:
  Synopsis :
  The remote web server might transmit credentials over clear text
  Description :
  The remote web server contains several HTML forms containing
  an input of type password which transmit their information to
  a remote web server over plain text.
  An attacker eavesdropping the traffic might use this setup to
  obtain logins and passwords of valid users.
  Solution :
  Make sure that every form transmits its results over HTTPS
  Risk factor:
  Medium / CVSS Base Score : 5.0
  (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
  Plugin output :
  Page : /console/login/LoginForm.jsp;ADMINCONSOLESESSION=LGY........
  Destination page : /console/j_security_check
  Input name : xxxxxxxxx
  Page : /console/login/LoginForm.jsp;ADMINCONSOLESESSION=LGY........
  Destination page : /console/j_security_check
  Input name : xxxxxxxxx

  The most common solution to the problem is to only transmit user/pass over https. You might want to only enable https on your server. Or (more finer grained solution might be to access the app only over https)

• Mac Adobe Flash Player not supporting Web Proxy Authentication

  Anyone else got an enterprise network where you use web proxies with web authentication and no traffic allowed out except through the proxies?
  You may need to be in the UK for this, but try accessing BBC iPlayer content - http://www.bbc.co.uk/iplayer and you should discover that the content won't play. the error says "This content doesn't seem to be working. Try again later.". The content will never work as the Mac version of Flash (currently 10.1.53.64) is not able to respond to web proxy authentication requests. The BBC use various streaming server which are randomly selected when a user starts a stream and they have no DNS. Just IP addresses. They don't publish a list for security reasons. So it is almost impossible to exempt all their servers from authentication.
  I've logged a bug with Adobe. If you have this issue too, please add a comment and vote so that they can begin to grasp the impact of this problem:
  https://bugs.adobe.com/jira/browse/FP-5161

  I have the same issues in Australia trying to access flash content from the ABC website. The strange thing is the content will play if your leave the browser open for 5min.
  After several packet data captures we identified that it has to do with the amount of time it takes the Mac timeout from the proxy before it plays the video content.
  No solution yet.

• LDAP is not working on new Web Server

  Hi, I configured LDAP authentication and it was working fine. After this I installed a new web server. I copied the security certificate etc ( copied everything from other web server) onto new webserver. When I try to login into Infoview or CMC then I get error message "Security plugin error: Failed to set parameters on plugin" from the new web server. Its working fine from the old web servers.
  Not sure what else I have to do now as I have done the same thing on old servers in the past.
  We are on BOXI R2 SP3 with web server on IIS 6.0. We have three web servers  and 3 processing servers ( with all services) in cluster env.
  Thanks,

  I am sorry I got confused with Pure Enterise authentication. I should have referred to my notes. I apologize for this. Web application server is involved in communicating to LDAP. Below is the process
  1) User logs into the application
  2) Web application server security plugin sends credential to LDAP directory
  3) LDAP directory authenticate users.
  4) Web application server's security plugin sends users credential to LDAP
  5) CMS requests user and group info from LDAP
  6) The LDAP returns this information to CMS Security plugin
  7) CMS will grant access if users is member of mapped group
  8) If access is granted then both CMS and WAS plugin create a session
  9) The WAS sends an enterprise session token to user's browser
  I was referring to login into Infoview using LDAP.
  Thanks,

• SAP Crystal Report using SQL Server Authentication and Windows Authenticati

  I'm a SAP Crystal Report, version for Visual Studio 2010 Beginner
  my ingredients are
  1.windows 7 ultimate service pack1
  2.sql server 2008 standard edition
  3.visual studio 2010 pro
  4.SAP Crystal Report, version for visual studio.net
  I was created a report named customersByCity.rpt using OLE DB (ADO) -> Microsoft OLE DB Provider for SQL Server -> I'm supply Server, User ID, Password and Database. I assume me using SQL Server Authentication for my report
  Then, my ASP.NET files as following
  //ASP.NET
  <%@ Page Language="C#" AutoEventWireup="true" CodeFile="viewCustomersByCity.aspx.cs" Inherits="viewCustomersByCity" %>
  <%@ Register Assembly="CrystalDecisions.Web, Version=13.0.2000.0, Culture=neutral, PublicKeyToken=692fbea5521e1304"
      Namespace="CrystalDecisions.Web" TagPrefix="CR" %>
  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  <html xmlns="http://www.w3.org/1999/xhtml">
  <head runat="server">
      <title></title>
  </head>
  <body>
      <form id="form1" runat="server">
      <div><asp:Label ID="lblMsg" runat="server" BackColor="Yellow" ForeColor="Black"></asp:Label>
   <CR:CrystalReportViewer ID="CrystalReportViewer1" runat="server" AutoDataBind="true"></CR:CrystalReportViewer>
      </div>
      </form>
  </body>
  </html>
  //code-behind
  using System;
  using System.Collections.Generic;
  using System.Linq;
  using System.Web;
  using System.Web.UI;
  using System.Web.UI.WebControls;
  using System.Collections;
  using CrystalDecisions.CrystalReports.Engine;
  using CrystalDecisions.Shared;
  public partial class viewCustomersByCity : System.Web.UI.Page
      private const string PARAMETER_FIELD_NAME = "city";   
      private ReportDocument customersByCityReport;
      private void ConfigureCrystalReports()
          ConnectionInfo connectionInfo = new ConnectionInfo();
          connectionInfo.ServerName = @"WKM1925-PCWKM1925";
          connectionInfo.DatabaseName = "Northwind";
          connectionInfo.UserID = "sa";
          connectionInfo.Password = "sysadmin25";
          SetDBLogonForReport(connectionInfo);
      private void SetDBLogonForReport(ConnectionInfo connectionInfo)
          TableLogOnInfos tableLogOnInfos = CrystalReportViewer1.LogOnInfo;
          foreach (TableLogOnInfo tableLogOnInfo in tableLogOnInfos)
              tableLogOnInfo.ConnectionInfo = connectionInfo;
      private void SetCurrentValuesForParameterField(ReportDocument reportDocument, ArrayList arrayList)
          ParameterValues currentParameterValues = new ParameterValues();
          foreach (object submittedValue in arrayList)
              ParameterDiscreteValue parameterDiscreteValue = new ParameterDiscreteValue();
              parameterDiscreteValue.Value = submittedValue.ToString();
              currentParameterValues.Add(parameterDiscreteValue);
          ParameterFieldDefinitions parameterFieldDefinitions = reportDocument.DataDefinition.ParameterFields;
          ParameterFieldDefinition parameterFieldDefinition = parameterFieldDefinitions[PARAMETER_FIELD_NAME];
          parameterFieldDefinition.ApplyCurrentValues(currentParameterValues);
      protected void Page_Load(object sender, EventArgs e)
          customersByCityReport = new ReportDocument();
          string reportPath = Server.MapPath("customersByCity.rpt");
          customersByCityReport.Load(reportPath);
          ConfigureCrystalReports();
          ArrayList arrayList = new ArrayList();
          arrayList.Add("paris");
          arrayList.Add("Madrid");
          arrayList.Add("Marseille");
          arrayList.Add("Buenos Aires");
          arrayList.Add("Sao Paulo");
          ParameterFields parameterFields = CrystalReportViewer1.ParameterFieldInfo;
          SetCurrentValuesForParameterField(customersByCityReport, arrayList);
          CrystalReportViewer1.ReportSource = customersByCityReport;
  1st scenario
  When in a runtime, it's keep appear a dialog box. This dialog box ask me to suppy Server, User ID, Password and Database. Once all information is supplied, my report display the data as expected
  2nd scenario
  I change my report using OLE DB (ADO) -> Microsoft OLE DB Provider for SQL Server -> checked on Integrated Security. I just choose Server, and Database. I assume me using Windows Authentication
  When in a runtime, there's no dialog box as above. My report display the data as expected. really cool
  Look's like, when report using SQL Server Authentication there's some problem. but, when report using Windows Authentication, it's fine.
  I'm looking for comment. Please help me

  Hello,
  MS SQL Server 2008 requires you to install the MS Client Tools for 2008.
  Once install then update all of your reports to use the SQL Native 10 as the OLE DB driver.
  The try again, if it still fails search, lots of sample log on code in this forum.
  Don

• SOAP Web Service Authentication configuration

  Hello,
  I've got a little problem with Web Service authentication configuration.
  I'm working on the SAP NetWeaver CE EHP1 7.11. I also have a XMII application deployed on the server and there are some SOAP Web Services(over XMII Transactions) that require basic authentication.
  I use all Web Services in the EJB layer. So, I've generated proxy using SAP NetWeaver as a Web Service Runtime for generation. And Iuse an injection mechanism to get a service implementation:
  @WebServiceRef(name="GetBatchListService")
  private XacuteWS batchListWS;
  In this case I could use Single Service Administration application in the NetWeaver Administrator@SOA Management@Application and Scenario Communication to configure basic authentication for EVERY Web Service. And this configuration disappears after every redeploy.
  The question is how and where could I configure authentication for all web services?
  I've read a lot of documentation, but, unfortunately, I haven't found needed one. I could see 2 direction of searching now, it might help:
  1) Destination: Configure HTTP Destination or Web Service Template Destination and use it in all Web Services proxies somehow.
  2) Find Configuration way: Create a configuration group or anything else to configure all services from one screen.
  Best Regards,
  Dmitry

  Dimtris,
  If your WSDL url is pointing to the URL of the Adapter Engine as shownin the Hot to Use the SOAP adapter there is no option. You cannot add it to the SOAP Url.
  But, if you change the SOAP Url to the Url shown in this blog by Stefan Grube then you can add the user id and pasword to the url by adding sap- user=userid and sap-password = password.
  The optin shown ion the blog by Grube can be used as long as you do not have to use SOAP attachments and in this  case you would not need both sender SOAP adapter and a sender agreement.
  /people/stefan.grube/blog/2006/09/21/using-the-soap-inbound-channel-of-the-integration-engine
  Regards
  Bhavesh
  Regards
  Bhavesh