Weird response on logon

I have gotten a really weird response with a logon. I have a Before Header PL/SQL process on page 1
This is the code
<pre>
SELECT count(*) INTO :GLOBAL_ADMIN
FROM sys.dba_role_privs
WHERE GRANTED_ROLE = 'ADMIN_ROLE'
and grantee = upper(:app_user);
IF :GLOBAL_ADMIN =0 THEN
select div_no,sman_no,cust_no,cust_dept,store_no,region
into :global_div_no,:global_sman_no,:global_cust_no,:global_cust_dept,:global_store_no,:global_region
from nkw.user_restrictions
where user_id = :app_user;
else
:global_cust_no := NULL;
:global_div_no := NULL;
:global_sman_no := NULL;
:global_cust_dept := NULL;
:global_store_no := NULL;
:global_region := NULL;
END IF;
owa_util.redirect_url('f?p=&APP_ID.:6:&APP_SESSION.::NO:RP,6');
</pre>
Basically, this checks if the user is an admin, if they are they don't get globals, if not, the globals are assigned.
The issue was on 1 user, on 1 browser... it was bypassing this code and giving the user full privileges even though he didn't have them.
IE8 on vista on 1 workstation.
I changed the code to cause an error no matter what, and it still bypassed the security. The issue is that this user is bypassing all the security and has access to all customer data, not just his. My customer is very nervous that this will happen again, with other users.
Anyone have any ideas?
I can put the application on apex.oracle.com, but it won't compile due to the fact that I am not putting my entire table structure on there. I can provide access to my local development server if needed.
Thanks a lot. this is kinda urgent, so the quicker the response the better.
-Scott

Hi
Well you could look at setting up VPD, this way the security is controlled by the database - doesn't matter which app they are coming from, they would only be able to access data you gave them access to. The other advantage is that you can't cheat through browser or injection tricks, once you've authenicated as you - the database decides what you get. It also makes writing queries etc alot easier - no more
SELECT *
FROM my_table
WHERE company = :P_COMPANYJust SELECT * because the data will be limited to the users company.
It's also relatively easy to set up and pretty impervious.
I'm sure many people will have a lot of options to suggest here, but that is my opinion.
Cheers
Ben
http://www.munkyben.wordpress.com
Don't forget to mark replies helpful or correct ;)

Similar Messages

OWB Slow Response at logon and General Client Performance

Hi all wonder if anyone confirm what i am seeing is normal. I am relatively new to OWB but we are running with 10G R2 but have noticed very poor response from a client perspective particular at logon. It take around six minutes for the design center logon box to appear after you have clicked on the icon which seam very slow. Also noticed that performance reduces within the client the longer you use the product in one session.
Question: Is what i am seeing just normal performance or can the OWB performance be improved by some form of configuration either client or java settings. My PC spec is detailed below and has 2GB of memory which was recommended by Oracle
OS Name     Microsoft Windows XP Professional
Version     5.1.2600 Service Pack 2 Build 2600
Total Physical Memory     2,048.50 MB
Available Physical Memory     1.02 GB
Total Virtual Memory     2.00 GB
Available Virtual Memory     1.89 GB
Page File Space     2.82 GB

Hey all thanks for you responses, think you might have identified the problem with the Anti Virus, rebooted machine and just start OWB on its own. Mcafee was hitting the CPU hard for five minutes and then suddenly logon box appeared so looks like thats the issue. Note sure i will be able to get that changed as it is centrally administered global setting for all machines i think. At least that explains why it took so long.
Many thanks
Will double check the DB side of things as well

Incomplete Router Response to Logon

My WRT54GS v7 wireless router seems to be working OK, but when I logon to it using Internet Explorer or Firefox, the router responds with an incomplete page that's missing the navigation bar that normally appears across the top. The response page shows it's running firmware version 7.50.2, and shows the basic setup data (e.g. DHCP configuration, time zone, etc.), but the data labels are missing. If I point the browser to other pages (e.g http://192.168.1.1/wireless.htm), it shows the same problem. If I use the EasyLink software to examine the router, the software correctly displays my router settings. If I let EasyLink change the wireless security settings, and follow with a logon using my browser, the router's page then appears as normal. However, a day or two later when I log on, the incomplete response problem shows up again. Does anyone have a suggestion?

To view the router's web pages:
Use Internet Explorer, it usually works.
JavaScript must be enabled.
Use a computer that is wired to the router.
In the non-working computer, temporarily turn off your software firewall.
If you are using Zone Alarm, right click on the ZA icon in the system tray (lower right corner of screen) and then click "Shutdown ZoneAlarm", and see if this fixes your problem. If this does not work, try the following with Zone Alarm: Open the ZAISS control center, go to Privacy, then temporarily turn off Ad Blocking and Cookie Control, and see if that fixes your problem.
If you are using Noton Internet Security with the Add-on Pack, be sure to turn off the Pop-up Blocker. Some users have reported that they needed to uninstall the entire Norton Add-on Pack.
If you cannot get anything at 192.168.1.1 then perhaps this is not your router's address. Go to "Start" > All Programs > Accessories > Command Prompt.
A black DOS box will appear. Type in "ipconfig" (with no quotes), then hit the Enter key. Look at the "Default Gateway". Is it 192.168.1.1 ? Point your browser to the "Default Gateway", then login to your router.
If the above fails, disconnect your modem from the router, and try again. If this corrects your problem, then most likely you have a "modem-router" rather than an ordinary modem. Check to see if your "modem-router" is using the same 192.168.1.x address space as your Linksys router. If it is, then report back with this problem, and also state the make and model of your modem-router.
If all of the above fails, power down your entire system, unplug it from the wall, wait one minute, then power up and try again.

Weird Screen after logon in Infoview on IIS 6.0

Hi, We are using BOXI R2 SP3. On one web server when I login then I see a very weird screen. I can successfully enter the Infoview and instead of showing my home screen its showing a similar login screen but instead of box to enter UserID/Pwd it has written Administrator with a "Log Off" button. When I click on logoff then again the login screen appears. When I enter my useriID/pwd then again the screen with "Log Off" button in the middle appears. I am unable to get my home screen. I am using Administrator UserID. We are on .NET Infoview.
Please let me know if anyone has seen this type of Infoview screen.
Thanks,

After removing IE security from windows add/remove component I am not getting this error message.

Weird response from my feedback form

recently made a flash movie with 2 feedback forms in it. One
form works perfectly but the other much larger one comes back like
html code. I don't know what i'm doing wrong. Here is what i use in
the movie clip
on (release) {
this.loadVariables("contact.php", "POST");
this is the php code that i used
<?php
$sendTo = "[email protected]";
$subject = "Booking from Mysite.com";
$headers .= "Reply-To: " . $_POST["text13"] . "\r\n";
$message .= "\r\nFrom: " . $_POST["text13"] . "\r\n";
$message .= "First Name: " . $_POST["text6"] . "\r\n";
$message .= "Last Name: " . $_POST["text7"] . "\r\n";
$message .= "Address: " . $_POST["text8"] . "\r\n";
$message .= "City: " . $_POST["text9"] . "\r\n";
$message .= "State: " . $_POST["text10"] . "\r\n";
$message .= "Zip: " . $_POST["text11"] . "\r\n";
$message .= "Phone: " . $_POST["text12"] . "\r\n";
$message .= "Email: " . $_POST["text13"] . "\r\n";
$message .= "Pickup Address: " . $_POST["text14"] . "\r\n";
$message .= "Destination Address: " . $_POST["text15"] .
"\r\n";
$message .= "Limousine Desired: " . $_POST["text19"] .
"\r\n";
$message .= "Time of Pickup: " . $_POST["text16"] . "\r\n";
$message .= "Number of hours: " . $_POST["text17"] . "\r\n";
$message .= "Date Desired: " . $_POST["text18"] . "\r\n";
mail($sendTo, $subject, $message, $headers);
?>
It's coming out like this.in the emails.
From: <TEXTFORMAT LEADING=\"2\">gyj</TEXTFORMAT>
First Name: First Name
Last Name: Last Name
Address: Address
City: <TEXTFORMAT LEADING=\"2\">456</TEXTFORMAT>
State: State
Zip: Zip
Phone: <TEXTFORMAT LEADING=\"2\">45</TEXTFORMAT>
Email: <TEXTFORMAT LEADING=\"2\">gyj</TEXTFORMAT>
Pickup Address: <TEXTFORMAT LEADING=\"2\">23</TEXTFORMAT>
Destination Address: <TEXTFORMAT LEADING=\"2\">ghjm</TEXTFORMAT>
Limousine Desired: 
Time of Pickup: 
Number of hours: 4
hours
Date Desired: 
the information is in all that code. How can i fix it so it
doesn't return the coding with the information?

you have html enabled textfields and you're sending the
htmlText property. just send the text property.

Weird problems in my N8! ! ! Please help! !

Ok... I googled about the problems I had and couldn't find anything relevant. So please help me of u have any idea with the problems.
1. My touch screen is perfect all the time. Bit it either stops to respond or gives weird responses when charging the phone. This happens only if u are not holding the back (the n series area) and trying do use the phone when placed on a surface.
2. My notifications and music player widgets stops working after about a day without restarting the phone. This is usually solved by the 8sec power button restart.
3. The restarting ends up hanging and freezing my phone when I leave it on the home screen. If I open the menu once. Then load all home screens one by one then it works perfectly. Else Jr connects to wifi to log in to Nokia account and just hangs and power button 8sec restart is the only solution.
Nokia N8 rm 596, dark grey, symbian Anna v 25.
Viki...

If the issue is not resolved by removing the cards, I would try a reset before taking to Nokia Care Point, it will take a while to do, but not as long as a repair, especially if the phone has to be sent away ?
Back up your Contacts, Calendar and Notes ONLY !! A full backup and restore will simplty re-install the conflict you need to remove, your phone will be wiped and you will need to set up from scratch as though you'd just got a new handset !
Turn phone to offline, then dial *#7370# followed by 12345 if required, the phone will restart and ask you to set time and date etc. Then connect to the latest Nokia Suite http://europe.nokia.com/support/product-support/nokia-ovi-suite/compatibility-and-download on your PC and check for software updates, if you have the latest Anna use the option to re-install. After re-installing Anna, set up the phone and install all your apps and put any media you want on the phone ! Also update your maps to 3.08 from the nokia store and use Nokia suite to add any map data you need.
Good Luck
If I have helped at all, a click on the White Star is always appreciated :
you can also help others by marking 'accept as solution'

Weird window on starting OEM

Hi folks; We are getting a weird response when we try to launch the oracle Enterprise Manager browser window. We type in http://localhost:5500/em. We get an open blank window with a square bracket facing down and a square bracket facing up. When try to run Set Oracle_Sid = xxxx then emctl start dbconsole we get System error 5 access is denied.
Do we have to enter the sys login to run this command? Nothing I've seen on the internet or in the documentation has stated that to be necessary, nor even how to do it.
Please advise?
"And we thank you for your support"
Update: we re-ran the emclt start dbconsole after re-opening the command prompt using the "run as administrator" modifier. Then it opened. However when we ran the browser as administrator it still open wtih the same symbols. see below.
Edited by: joeller on Nov 23, 2012 9:27 AM
Edited by: joeller on Nov 23, 2012 9:34 AM

OK we tried to address the issue by doing an emctl stop The command line reported that the dbconsole could not be stopped. We then tried to stop the service from the services window. We got the error startup up failed with service specific error. The system cannot find the file specified. Check Event System log. The event viewer showed the "The OracleDBConsoleArcxxx service terminated with the following service specific error. The system cannot find the file specified."
The em-application.log showed the error below, which doesn't tell me much.
12/11/23 10:52:34.379 em: Servlet error
javax.servlet.ServletException: Internal Error has occured. Check the log file for details.
at oracle.sysman.emSDK.svlt.EMServlet.doGet(EMServlet.java:418)
at oracle.sysman.eml.app.Console.doGet(Console.java:156)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:87)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)
at oracle.sysman.db.adm.inst.HandleRepDownFilter.doFilter(HandleRepDownFilter.java:134)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:17)
at oracle.sysman.eml.app.BrowserVersionFilter.doFilter(BrowserVersionFilter.java:122)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:17)
at oracle.sysman.emSDK.svlt.EMRedirectFilter.doFilter(EMRedirectFilter.java:102)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:17)
at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:306)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:627)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:376)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:870)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:451)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:218)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.run(HttpRequestHandler.java:119)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].server.http.HttpRequestHandler.run(HttpRequestHandler.java:112)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:230)
at oracle.oc4j.network.ServerSocketAcceptHandler.access$800(ServerSocketAcceptHandler.java:33)
at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:831)
at com.evermind[Oracle Containers for J2EE 10g (10.1.3.0.0) ].util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
When we checked the OracleDBConsoleARCGISsrvc.log
we saw the error below:
11/23/12 10:39:37 dbconsole launch commandline is "D:\Ora11g\administrator\product\11.1.0\db_1\bin\emctl.bat" istart dbconsole
11/23/12 10:39:37 Tracking process launch...
11/23/12 10:40:07 dbconsole exited with retCode 0.
11/23/12 10:40:07 Check D:\Ora11g\administrator\product\11.1.0\db_1\sysman\log\OracleDBConsoleARCGIS.nohup for details
Any ideas anyone?

Slow responsiveness when typing in mail

Hi all -
I'm having a weird responsiveness problem when typing new messages (or replies) in Mail on Mountain Lion. The app will often freeze temporally when typing, and then several words of recently typed text appears at once. Freezes last 2-5 seconds. This seems to happen most frequently on my business accounts on Google (meaning gmail service, although the account is not @gmail).
I have tens of thousands of emails , so perhaps it's an indexing delay? Is there a limit on emails?
FYI, I'm on a 2009 15" MacBookPro with 8MB of Ram. My wife has experienced a similar problem on her McBook Air.
Ay ideas? Very annoying problem when you're trying to crank through emails.

Please follow these instructions to delete the Mail "sandbox" folder.
Back up all data.
Triple-click the line below to select it, then copy it to the Clipboard (command-C):
~/Library/Containers/com.apple.mail
Quit Mail.
In the Finder, select
Go ▹ Go to Folder
from the menu bar. Paste (command-V) into the box that opens, then press return. A Finder window should open with a folder named "com.apple.mail" selected. If it does, move the selected folder — not just its contents — to the Desktop. Leave the Finder window open for now.
Relaunch Mail and test. If the problem is resolved, you'll have to recreate some of your Mail settings. You can then delete the folder you moved and close the Finder window. If you still have the problem, quit Mail again and put the folder back where it was, overwriting the one that may have been created in its place. Post your results.
Caution: If you change any of the contents of the sandbox, but leave the folder itself in place, Mail may crash or not launch at all. Deleting the whole sandbox will cause it to be rebuilt automatically.

Testing to see if a session has expired

Hello all,
I am trying to test to see if the user's session has expired by inserting the following code at the top of the page:
HttpSession sess = request.getSession();
if(sess.getAttribute("userId")=="null"){response.sendRedirect("logon.jsp");}The problem is that when the session expires and I refresh or go to the page with the above code, I get a null pointer exception and, of course , it wont redirect.
Am I doing the comparison improperly?
TIA!!

I have changed my code somewhat but I still cant get the page to redirect.This is the first 20 lines of code:
<%@page import="java.util.*,
 java.net.*,
 java.text.*,
 java.util.zip.*,
 java.io.*,
 javax.servlet.http.*,sensorPac.methodClass"
%>
<%
System.out.println("SESSION="+session.getAttribute("userId"));
if(session.getAttribute("userId") == null){response.sendRedirect("logon.jsp");}%>When I look at the tomcat console window I get the following:
When I first hit the page with a valid session I get:
SESSION = fortegr
When I refresh or revisit the page after a minute (session.setMaxInactiveInterval(1);)
I get:
SESSION=null
Once again it will not redirect.
Any ideas?
TIA!

Error while importing MS project into cProject

Hi
I am getting the below error while importing MS project client file or XML file into cProjects.
dpr_shared087
Logon language becomes original language
Message no. DPR_SHARED087
Diagnosis
The logon language is defined as a possible text language in Customizing for Collaboration Projects under Specify Text Languages. Therefore, it is valid.
System Response
The logon language becomes the original language of the new object that was created.
Kindly suggest what configuration data if any is missing.
Regards
Srikrishna

Hi
I am getting the below error while importing MS project into cProject.
Error occurred when importing from Microsoft Project
Message no. DPR_UI_BSP116
Diagnosis
When a project is imported from Microsoft Project, the system generates an XML string during internal processing. A project is then created in cProjects from this string.
The XML string contains errors because the values from Microsoft Project were transferred without verification.
Procedure for System Administration
Notify SAP or call the cProjects application with the "DebugMode=X" query string and carry out the import again.
The XML string that was generated temporarily is then validated against the cProjects XML schema. The error message from the XML parser is then displayed in the popup.
Kindly suggest, if the below steps for importing MS project is ok or not?
step 1: Create project in MS project with tasks.
step 2: Maintain maping fields of MSP in cProject configurat
step 3: Import MPP file into cProject using "Import" button.
step 4: I am getting the above error while importing the MPP file.
Regards
Srikrishna

Exchange 2013 Realtime Block List is Kind of Working

Hi Everyone.
I've been setting up a RBL in exchange 2013 using zen.spamhaus.org. The IPBlockListProviders require that the connection filtering agent be enabled. By default when running the installantispamagents.ps1, this script will not install that connection filtering
agent because it only installs on an "edge" server and since exchange 2013 did away with the "edge" role, it did not get installed. I had to modify the script so it installed that connection filtering agent with all the other anti-spam agents. (We are a one
exchange server shop so the CAS and Mailbox roles are on one box.)
I'm having a very weird response. The RBL list works and when I get a test email sent to me using the service at '[email protected]', I can see the Reject message getting sent back out in the agent logs and the SMTP logs. This is the message
I see in the logs. Notice that the originating IP and the RBL triggering IP are the same: 192.203.178.107.
2012-12-14T01:59:04.970Z,08CFA71A75A19B4B,10.10.3.50:2525,192.203.178.107:55186,192.203.178.107
,,<>,,t***********e@*****.org,1,Connection Filtering Agent,OnRcptCommand,RejectCommand,550
5.7.1 zen.spamhaus.org has blocked your IP address (192.203.178.107) using the list
'zen.spamhaus.org'. Please see http://www.spamhaus.org/query/bl?ip=192.203.178.107 for further
information. This organization has no control over this RBL (Realtime Blo,BlockListProvider,
zen.spamhaus.org,,,,Undefined
This is a correct message and that IP address matches the Test RBL IP address spamhaus has blacklisted to check RBL filters. The IP address is added dynamically to the message with a variable in the reject message settings and should list the IP address
of the SMTP server that triggered the RBL hit.
The VERY strange thing is when I trigger the RBL with the test message, exchange rejects all incoming mail for my account from any source for several minutes and rejects with that same message. I send a test message from my google account and I can clearly
see in the agent log that the SMTP connection is coming from a google IP but it still rejects and issues the message that was sent in response to my test using the nelson-'[email protected]'
This is the reject message sent to my google account after I sent myself an email following the RBL test message. Notice that the originating IP is a google IP and does not match the IP the the reject message claims the message came from. The log
shows the originating IP as 74.125.82.179 (A google IP) but im rejecting the message because 192.203.178.107 is blocked??? The message didn't come from that IP. :
2012-12-14T02:00:06.318Z,08CFA71A75A19B4B,10.10.3.50:2525,74.125.82.179:50654,74.125.82.179,,
t***t@******.net,,t*******te@******.org,1,Connection Filtering Agent,OnRcptCommand,
RejectCommand,550 5.7.1 zen.spamhaus.org has blocked your IP address (192.203.178.107) using
the list 'zen.spamhaus.org'. Please see http://www.spamhaus.org/query/bl?ip=192.203.178.107
for further information. This organization has no control over this RBL
(Realtime Blo,BlockListProvider,zen.spamhaus.org,,,,Undefined
After a couple minutes, it clears up and I can get mail again. I just can not for the life of me figure out why all messages are rejected for several minutes after I have an RBL hit and the reject message is always referencing the the SMTP transaction
that originally triggered the hit. Which in this case, is blocking my Gmail message thinking its coming forom the crynwr.com test even when the smtp logs show a completely different SMTP originating IP and Connection.
Here is my IPBlockListProvider:
RunspaceId : 068b87d2-9c34-4ce9-ab05-eedef928cb27
RejectionResponse : {1} has blocked your IP address ({0}) using the list '{2}'. Please see
http://www.spamhaus.org/query/bl?ip={0} for further information. This organization has no control
over this RBL (Realtime Block List).
LookupDomain : zen.spamhaus.org
Enabled : True
AnyMatch : True
BitmaskMatch :
IPAddressesMatch : {}
Priority : 1
AdminDisplayName :
ExchangeVersion : 0.1 (8.0.535.0)
Name : zen.spamhaus.org
DistinguishedName : CN=zen.spamhaus.org,CN=IPBlockListProviderConfig,CN=Message Hygiene,CN=Transport
Settings,CN=Bel******ch,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=b******rk,DC=net
Identity : zen.spamhaus.org
Guid : 0c9b5eec-b19a-4ab5-9c6a-cb1666cf68d6
ObjectCategory : beltwaypark.net/Configuration/Schema/ms-Exch-Message-Hygiene-IP-Block-List-Provider
ObjectClass : {top, msExchMessageHygieneIPBlockListProvider}
WhenChanged : 12/12/2012 10:02:36 PM
WhenCreated : 12/12/2012 10:02:36 PM
WhenChangedUTC : 12/13/2012 4:02:36 AM
WhenCreatedUTC : 12/13/2012 4:02:36 AM
OrganizationId :
OriginatingServer : Lucas.*****.net
IsValid : True
ObjectState : Unchanged

When you install the Antispam agents on Exchange 2013 servers you get all of them installed like you did for previous versions of Exchange server. most of them will get installed on the mailbox role but not the Connection filtering agent aka. RBL, DNS Block
List etc.
The powershell script: install-AntispamAgents.ps1 will look for which server role is installed and will not install Connection filtering if the server hold the mailbox role. This is understandable since SMTP connection should come in from the CAS server
and then the original sending IP will not be show since CAS do Source-NAT. So the logic would be to install the connection filtering agent on CAS but the install script will not let you do that either. Connection Filtering will only install on Edge role.
I can only speculate why this is, but either Microsoft want it to be like this or they have found some trouble with the Connection Filtering Agent running on CAS.
I figured I will give this a try anyway, and here is how you get it to work.
Start Exchange Management Shell as administrator.
Change Directory to scripts folder.
cd $exscripts
Install the agent.
Install-TransportAgent -Name "Connection Filtering Agent" -TransportService FrontEnd -TransportAgentFactory "Microsoft.Exchange.Transport.Agent.ConnectionFiltering.ConnectionFilteringAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange
Server\V15\TransportRoles\agents\Hygiene\Microsoft.Exchange.Transport.Agent.Hygiene.dll"
If you have multiple agents running on the frontend transport you must set them in the correct order with the priority parameter
Add a IPBlocklistprovider of your choice
Add-IPBlockListProvider -Name zen.spamhaus.org -LookupDomain zen.spamhaus.org -AnyMatch $true -Enabled $true
You can add more than one provider if you like. If you Don’t provide a custom response it will be “Recipient not authorized, your IP has been found on a block list”
Enable the agent
Enable-TransportAgent -TransportService FrontEnd -Identity "Connection Filtering Agent"
Restart FrontEnd transport service
Restart-Service MSExchangeFrontEndTransport
Now the agent should be live and kicking. Logging for the frontend agent is here
“C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\FrontEnd\AgentLog” instead of the directory for the backend transport “C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Hub\AgentLog”
Since the script don’t install the Connection filtering agent on CAS it is probably unsupported to install the agent manually, but I had it running for months without any problem so make your own judgment.

How To: CF11 Clustering without Multicast (AWS)

This week I've been working on getting clustering setup for a client. Initially we were using CF10 with the latest patches. Ideally we wanted non-sticky load balancing with session replication. We want really high availability with the option to reboot a server at any time and not have to wait for session draining or lose customers if a node goes down. Adam Cameron points out that there is an issue with CF10 and not having an option to turn on session replication Adam Cameron's CFML Blog: Problem with session replication with CF10 clustering. Trying various fixes I could not get the session to replicate we moved to CF11 which restores that issue. There is a bug open for CF10 with some weird responses but I never saw any sort of fix for this.
CF11 as noted solves this odd issue, so I thought we were in the clear. Following the limited cluster setup guides found online there is some manual configuration to do on the remote instance. First, I am not sure if the default cfusion instance just can't be used as a member of a cluster but I had a hard time ever getting it to work. So both the local and remote instance use new CF11 instances created from within the Instance Manager. The instructions Adobe ColdFusion 10 * Enabling clustering for load balancing and failover are mostly correct in that you have to copy the <cluster> node to the remote instance. One issue pointed out in a few places is that the cluster block has to actually go IN the <host> node and not after it. CF10, CF11 and maybe even CF9 put the block (and the documents suggest putting the block) after the </host> tag which, in my experience, does not work.
After everything was configured and I started up my test I could not get the remote node to respond at all. Looking in the cf error log I constantly saw this line:
INFO: Manager [/]: skipping state transfer. No members active in cluster group.
Digging in to the tomcat clustering discussions this basically means the cluster couldn't find the remote instance. By default CF uses the multicast cluster support in tomcat and doesn't have an option to do anything different. Researching this found that AWS does not support broadcast nor multicast in EC2. Further research showed how tomcat could be configured for static cluster member configuration and so I modified the server.xml files to match and viola, cluster with session replication. Using the ELB on AWS we have sticky sessions disabled (basically round-robin style requests) and the requests bounce evenly between the instance members. The session id's, however, stay the same on each page load even though the request is going to a different host.
So here is what the cluster node of the server.xml looks like:
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" channelSendOptions="8" channelStartOptions="3">
 <Manager notifyListenersOnReplication="true" expireSessionsOnShutdown="false" className="org.apache.catalina.ha.session.DeltaManager"/>
 <Channel className="org.apache.catalina.tribes.group.GroupChannel">
 
 <Receiver port="4001" autoBind="100" address="auto" selectorTimeout="5000" maxThreads="6" className="org.apache.catalina.tribes.transport.nio.NioReceiver"/>
 <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
 <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
 </Sender>
 <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpPingInterceptor"/> 
 <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
 <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
 <Interceptor className="org.apache.catalina.tribes.group.interceptors.StaticMembershipInterceptor">
 <Member className="org.apache.catalina.tribes.membership.StaticMember"
 port="4002"
 host="172.31.33.220"
 domain="delta-static"
 uniqueId="{0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}"
 />
 </Interceptor>
 </Channel>
 <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/>
 <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
 <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
 <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
 </Cluster>
You can see the <membership> node is commented out (this is the multicast function). The TcpPingInterceptor is added and the StaticMembershipInterceptor is added. The reciever port on this instance is 4001 and the remote instance is 4002 so the interceptor uses 4002 on this instance to contact the remote host and vice-versa. In other words the remote instance will use the same <cluster> node with the ports switch and the host IP address changed on the static interceptor. The uniqueID then rotates on each member going from {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15} to {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,0}
Of course each additional member to the cluster will mean manual changes to each existing member (to add additional static interceptors) but that seems a small price to pay to not have to move our entire environment off AWS.

Hope I am not hijacking your excellent post.
Some details to add for findings on AWS EC2 environment.
From CMD prompt CF11 instance that is clusted starting:
Aug 26, 2014 11:23:44 PM org.apache.catalina.ha.session.DeltaManager startIntern
al
INFO: Register manager / to cluster element Host with name localhost
Aug 26, 2014 11:23:44 PM org.apache.catalina.ha.session.DeltaManager startIntern
al
INFO: Starting clustering manager at /
Aug 26, 2014 11:23:44 PM org.apache.catalina.ha.session.DeltaManager getAllClust
erSessions
INFO: Manager [/], requesting session state from org.apache.catalina.tribes.memb
ership.StaticMember[tcp://172.31.21.168:4001,172.31.21.168,4001, alive=0, secure
Port=-1, UDP Port=-1, id={1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 }, payload={}, c
ommand={}, domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]. This operation
will timeout if no session state has been received within 60 seconds.
Aug 26, 2014 11:23:45 PM org.apache.catalina.ha.session.DeltaManager waitForSend
AllSessions
INFO: Manager [/]; session state send at 8/26/14 11:23 PM received in 125 ms.
Aug 26, 2014 11:23:45 PM org.apache.catalina.ha.session.JvmRouteBinderValve star
tInternal
INFO: JvmRouteBinderValve started
From CMD prompt CF11 instance details when other cluster has been restarted:
Aug 26, 2014 11:22:47 PM org.apache.catalina.ha.tcp.SimpleTcpCluster memberDisap
peared
INFO: Received member disappeared:org.apache.catalina.tribes.membership.StaticMe
mber[tcp://172.31.25.175:4002,172.31.25.175,4002, alive=0, securePort=-1, UDP Po
rt=-1, id={0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 }, payload={}, command={}, doma
in={100 101 108 116 97 45 115 116 97 ...(12)}, ]
Aug 26, 2014 11:23:06 PM org.apache.catalina.ha.tcp.SimpleTcpCluster memberAdded
INFO: Replication member added:org.apache.catalina.tribes.membership.StaticMembe
r[tcp://172.31.25.175:4002,172.31.25.175,4002, alive=0, securePort=-1, UDP Port=
-1, id={0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 }, payload={}, command={}, domain=
{100 101 108 116 97 45 115 116 97 ...(12)}, ]
Aug 26, 2014 11:23:06 PM org.apache.catalina.tribes.group.interceptors.TcpFailur
eDetector performBasicCheck
INFO: Suspect member, confirmed alive.[org.apache.catalina.tribes.membership.Sta
ticMember[tcp://172.31.25.175:4002,172.31.25.175,4002, alive=0, securePort=-1, U
DP Port=-1, id={0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 }, payload={}, command={},
domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]]
Running CF11 via services.msc (as you normally would) these similar details are recorded in ColdFusion11\clustered_instance\logs\coldfusion-error.log. The latter part of log showing when other clustered instance has been stopped and started.
Aug 26, 2014 11:40:31 PM org.apache.catalina.ha.session.DeltaManager startInternal
INFO: Register manager / to cluster element Host with name localhost
Aug 26, 2014 11:40:31 PM org.apache.catalina.ha.session.DeltaManager startInternal
INFO: Starting clustering manager at /
Aug 26, 2014 11:40:31 PM org.apache.catalina.ha.session.DeltaManager getAllClusterSessions
INFO: Manager [/], requesting session state from org.apache.catalina.tribes.membership.StaticMember[tcp://172.31.21.168:4001,172.31.21.168 ,4001, alive=0, securePort=-1, UDP Port=-1, id={1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 }, payload={}, command={}, domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]. This operation will timeout if no session state has been received within 60 seconds.
Aug 26, 2014 11:40:31 PM org.apache.catalina.ha.session.DeltaManager waitForSendAllSessions
INFO: Manager [/]; session state send at 8/26/14 11:40 PM received in 141 ms.
Aug 26, 2014 11:40:31 PM org.apache.catalina.ha.session.JvmRouteBinderValve startInternal
INFO: JvmRouteBinderValve started
Aug 26, 2014 11:40:31 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8501"]
Aug 26, 2014 11:40:31 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-bio-8012"]
Aug 26, 2014 11:40:31 PM com.adobe.coldfusion.launcher.Launcher run
INFO: Server startup in 44274 ms
Aug 26, 2014 11:42:04 PM org.apache.catalina.ha.tcp.SimpleTcpCluster memberDisappeared
INFO: Received member disappeared:org.apache.catalina.tribes.membership.StaticMember[tcp://172.31.21.168:4001,1 72.31.21.168,4001, alive=0, securePort=-1, UDP Port=-1, id={1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 }, payload={}, command={}, domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]
Aug 26, 2014 11:42:23 PM org.apache.catalina.ha.tcp.SimpleTcpCluster memberAdded
INFO: Replication member added:org.apache.catalina.tribes.membership.StaticMember[tcp://172.31.21.168:4001,172.31. 21.168,4001, alive=0, securePort=-1, UDP Port=-1, id={1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 }, payload={}, command={}, domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]
Aug 26, 2014 11:42:23 PM org.apache.catalina.tribes.group.interceptors.TcpFailureDetector performBasicCheck
INFO: Suspect member, confirmed alive.[org.apache.catalina.tribes.membership.StaticMember[tcp://172.31.21.168:4001,172.31 .21.168,4001, alive=0, securePort=-1, UDP Port=-1, id={1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 0 }, payload={}, command={}, domain={100 101 108 116 97 45 115 116 97 ...(12)}, ]]
Hope that adds to the usefulness of this thread.
Regards, Carl.

Arrow and space keys not working on websites

I can't seem to get my arrow keys or space keys to work playing flash games on websites. An example would be this game: http://progressivefastandfurious.com When this game starts the car does not move anywhere because the keyboard keys won't work. What's odd is that they seem to work everywhere else (ex: typing doc etc.) This is not related only to this site but pretty much any flash or shockwave site that needs the use of the arrow keys. I also get weird responses when using the extended keyboard with the dashboard calculator. I assume these are coming from the same issue. I bought a new keyboard and my old one does the same thing.
Dual 2.7 GHz PowerPC G5 Mac OS X (10.4.7) 2GB DDR RAM, airport, bluetooth

I take back the "extended keyboard not working in calculator" it seems to be working now. As for flash, not so much. I also found out it is all keys that do not work in flash. Here is a good example:
http://www.miniclip.com/games/base-jumping/en
That game asks you to it any key to get started. I was not even able to do that. I also had focus set on the flash movie so I know it should have worked.
In another game which is not flash but shockwave (director compiled file):
http://www.miniclip.com/games/on-the-run/en/
Hit the how to play button. The "P,S, and R" keys work but the other keys do not while playing this game. I am starting to thing I have some sort of accessibility thing turned on that interferes with certain keys. Anyone know of anything that may effect this?

Kind of confused, never seen this before. Legal action?

I applied for an online CLI with cap 1. Got a 7-10 day type of message. So I got the message and its confusing, ive never seen it before =/ Dear K D A S , Application ID: 0numbers2919 Creditor: Capital One Bank (USA), N.A. Thank you for applying for a credit card issued by Capital One®. Unfortunately, after reviewing your application, we cannot approve your request at this time. Please know that in the process of making this decision, your credit score was not impacted. The reason(s) for our decision are:• Based on your application information, there is legal action pending against the applicant Anyone got a clue? Kind of a weird response, I usually get not enough experience with current credit limit

2b2rich wrote:
Irish80 wrote:
2b2rich wrote:
japakar wrote:
I applied for an online CLI with cap 1. Got a 7-10 day type of message. So I got the message and its confusing, ive never seen it before =/ Dear K D A S , Application ID: 0numbers2919 Creditor: Capital One Bank (USA), N.A. Thank you for applying for a credit card issued by Capital One®. Unfortunately, after reviewing your application, we cannot approve your request at this time. Please know that in the process of making this decision, your credit score was not impacted. The reason(s) for our decision are:• Based on your application information, there is legal action pending against the applicant Anyone got a clue? Kind of a weird response, I usually get not enough experience with current credit limit I don't know of any 'pending' legal action that shows up in credit reports (any reporting agency)? I though only finalized judgements, etc? Also, surely some of this stuff doesn't show up on soft pulls? So my first thought is how does Cap1 know you have anything legal 'pending' unless they're the one's initiating it? That too doesn't make a lot of sense because you would think they would have maybe cancelled the card(s) you do have with them, but I've known them to grant credit even when a person already has a card in collections with them). Do you (or spouse even?) have anything in default with Cap1? There are plenty of ways garnishments can be seen by creditors. See CreditCuriousity's earlier response. Be careful suggesting that CapOne is initiating some type of legal action. They aren't and this is very easily explained by the garnishments.Was a thought put to question, and wasn't my intention to suggest anything about someone else's finances that I'm not familiar with.
I guess the word that has me confused is 'pending'. How can garnishments be 'pending'? Don't legal matters need to be processed before showing up in any reports?
(I'm not familiar with them and asking for that reason, thanks)His garnishments have been processed. 'Pending' can be interpreted many ways. It's pending even though it's also ongoing in the sense that money is going to be taken out of his accounts this week, next, week after, etc until his garnishment is over.,

Web Applications on different servers

Hello,
I have a web app (App 1) running on OAS and have another web app (App 2) running on different instance of OAS.
App 1 calls App 2 (currently achieved using Struts Action Forward with redirect="true" in struts-config.xml)
I need to pass some user login related information from App1 to App2? How can I do this?
Thanks for you help!

Hello, Rex;
You cannot logon to InfoView using the URL and a token. You need to create an Identity cookie on the infoview side similar to the following:
Create an aspx page with the following code:
           CrystalDecisions.Enterprise.SessionMgr sessMgr = new CrystalDecisions.Enterprise.SessionMgr();
          //Log onto Enterprise and create an EnterpriseSession
           CrystalDecisions.Enterprise.EnterpriseSession enterpriseSession;
           enterpriseSession = sessMgr.Logon("Administrator", "", System.Environment.MachineName.ToString(), "secEnterprise");
           //Create a CrystalIdentity object, set the EnterpriseSession and store in session
           BusinessObjects.Enterprise.Infoview.Common.CrystalIdentity identity;
           identity = new BusinessObjects.Enterprise.Infoview.Common.CrystalIdentity();
           identity.Session = enterpriseSession;
           HttpContext.Current.Session.Add("INFOVIEW_SESSION", identity);
           //Create the InfoViewdotnetses cookie which holds the SerializedSession
           HttpCookie InfoViewdotnetses = new HttpCookie("InfoViewdotnetses");
           InfoViewdotnetses.Value = Server.UrlEncode(enterpriseSession.SerializedSession.ToString());
           InfoViewdotnetses.Path = @"/";
           Response.Cookies.Add(InfoViewdotnetses);
           Response.Redirect("logon.aspx");
Place this page in the InfoViewApp folder (C:\Program Files\Business Objects\BusinessObjects Enterprise 12.0\Web Content\InfoViewApp\InfoViewApp
Let me know if that is what you are looking for.
Elaine
Edited by: Elaine Dove on May 21, 2009 10:04 AM

Weird response on logon

Similar Messages

Maybe you are looking for