WEP Authentication Example

Similar Messages

• Problems with basic authentication example

  I am trying to run the basic authentication example from the Professional JSP book (Chapter 16) although for some reason I continue to get "AUTHENTICATION MECHANISM NULL" instead of "AUTHENTICATION MECHANISM BASIC". I do not even get the pop-up window with the prompt for Username and Password. I am running Tomcat 4.0-dev and have tried to access the login window by pointing the browser to the appropriate file:
  //localhost:8080/ch16-basic/index.jsp
  Still not login window???
  I have added the extra user and password to the tomcat-users.xml file (username="projsp" password="projsp" roles="superuser")
  Still no luck????
  Could someone please let me know what could possibly be going wrong.
  Thank you!!!!

  The index.jsp is:
  <html>
  <head>
  <title>Protected Area Page</title>
  </head>
  <body>
  <%
  out.println("<H2>Authentication Mechanism "+ request.getAuthType() +" </H2>" );
  %>
  </body>
  </html>
  The tomcat-users.xml is:
  <!--
  NOTE: By default, no user is included in the "manager" role required
  to operate the "/manager" web application. If you wish to use this app,
  you must define such a user - the username and password are arbitrary.
  -->
  <tomcat-users>
  <user name="tomcat" password="tomcat" roles="tomcat" />
  <user name="role1" password="tomcat" roles="role1" />
  <user name="both" password="tomcat" roles="tomcat,role1" />
  <user name="projsp" password="projsp" roles="superuser" />
  </tomcat-users>
  And the web.xml is:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!DOCTYPE web-app
  PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/j2ee/dtds/web-app_2_3.dtd">
  <web-app>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Entire Application</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>ProJSP Authentication Example</realm-name>
  </login-config>
  </web-app>
  WHY ISN"T THIS WORKING!!!!

• JAAS Authentication Example Error

  I am working with the JAAS Authentication example provided by Sun at the following link:
  http://java.sun.com/j2se/1.4.1/docs/guide/security/jgss/tutorials/index.html
  I am working with Windows NT. I am using a NTLoginModule in my config file. I would like to create a simple Login that uses the current OS's user ID. Once I add the security.manager and a policy file that includes anything besides full permisions (permission java.security.AllPermission;), I get a Security Exception, and more specifically a "java.security.AccessControlException:access denied...".
  I am using the following config:
  JaasConfig {
  com.sun.security.auth.module.NTLoginModule required debug="true";
  I would like to use a policy file that gives permission to a file for the current user. I would like to do something similar to the following, but get the error once this is added....
  grant Principal com.sun.security.auth.NTUserPrincipal "user"
  //Allow everything for now
  //permission java.security.AllPermission;
  permission java.io.FilePermission "ProtectedFile.txt", "read , write";
  What am I doing wrong? Any help is very much appreciated!
  Thanks!

  I got it...my policy file needed more to work in NT. Here is the entire file:
  grant Principal com.sun.security.auth.NTUserPrincipal "s156898"
       permission java.io.FilePermission "ProtectedFile.txt", "read";
  grant {
  //Allow everything for now
  //permission java.security.AllPermission;
       permission javax.security.auth.AuthPermission "createLoginContext.JAASConfig"     permission java.io.FilePermission "ProtectedFile.txt", "read";
       permission javax.security.auth.AuthPermission "modifyPrincipals";
       permission javax.security.auth.AuthPermission "doAsPrivileged";
       permission javax.security.auth.AuthPermission "getSubject";
  However, I am trying to also do my work on a Solaris/Unix machine. I get an error that tells me that only Principal-based entries are allow. Anyone know how to give permission to all users in a Principal statemtent. The same setup as the above, using Unix Principals, will not work. Seems like I have to always have a grant and Principal for every set of permissions.
  Lemme know if you can help. Thanks!

• Java authentication example  jsp

  1) season variable is builtin jsp context object, so jsp does
  not compile; season variable name needs to be renamed at lines: 31
  , 45, 52
  for my jsp I named it coco_season :)
  2) String select(String r) {// takes String
  return r.equals(role) ? "selected" : "";
  select(100) // passes int. need to pas select("100")

  Hi, when I try to run the php authentication example I get the error
  "You don't have permission to access /cnx/Flexternal.html on this server."  cnx is my folder name at http://cardcrackers.com/cnx/
  I checked the unix permissions and set them to 777 and still this message. I remember reading something about adding some entries to htaccess but not sure if it was related to running this example app or not.
  Thanks, Kevin

• Changing WEP Authentication Type - Internet Sharing

  OK, this is a question for those who are techi and are up to the challenge.
  I am currently using my Mac (OS X 10.4.10) to share it's AirPort Extreme WiFi connection and using a WEP key. However I have done my research and found that the Airport Extreme cards use the Shared System method of authenticating the WEP key. However, with that setting, when a Windows XP machine attempts to connect, it is unable to do so unless it is setup to authenticate using a shared key.
  Now comes the challenge:
  Is there anyway to change the Internet Sharing to disperse the WEP key in Open System mode?
  I have been looking through all the various Terminal commands and have had no luck finding something useful. Then today I looked through all the .plist files to find if there was something there to change the setting...I found a few regarding the AirPort but they were all for the client side...not the apache serve side (ie the internet sharing).
  Anyhow I am not by any means a fluent Unix/Mac user but I am a quick learner and I know quite a bit about computers, so feel free to delve deep into the interworkings of how to do this...I will do my best to follow.
  Thank you!

  I am not using the Airport Admin Utility because this is not the Airport device. This is the onboard Airport Extreme in my eMac. As far as for authenticating with WEP...I would love to do it this way since I am trying to integrate it into an existing wireless network I already have.
  Great ideas, though...I am still looking for an answer...there has got to be a way. It is Unix after all

• Linksys WBP54G bridge WEP authentication and firmware

  Hello,
  I'm working Linksys WBP54G bridges and am having problems in a couple areas. One is that when configuring WEP 128 for the bridge, the utility refuses to allow more than 16 characters being entered for the passphrase even though 128 bit WEP allows up to 26 characters. I'm trying to connect the bridge to an existing wireless network that uses 26 character passphrase. I know that WEP is outdated but reconfiguring the network is not an option unfortunately.
  Is there a way to enter 26 characters or is there a update for the bridge setup utility?
  This was already asked in an earlier thread, but I'll ask it too, the utility doesn't work in Vista or above, it only works for XP. Is there an update in the works?
  Appreciate it,
  Thank you
  Alex McLin

  Hi,
  As initial remark, please allow me to question the usage of WEP as it is the weakest security method and not recomended if you really want to secure your network.
  Regarding the configuration itself, it would really help a bit more if you could show the full config.
  For the part shared, i noticed that you are using 128bit key, however please keep in mind that for the creation of a 128-bit WEP link, Cisco products only interact       with other Cisco products, so if your PC does not have a cisco card it may not connect.
  As in everything i would start by the basic:
  - configure no security method -> does the client associate fine and gets IP address?
  - If yes, move to the security settings -> try with a 40 bit key -> does it work and the PC gets IP address?
  If you decide to go for a better security setting like WPA or WPA2, you can find here usefull examples:
  http://www.cisco.com/en/US/customer/products/ps6521/prod_configuration_examples_list.html.
  HTH,
  Tiago
  If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

• Pb with 2nd Authentication using form.jsp (authentication example)

  Hi,
  I am using the example form.jsp to log on to my application. The first
  page (testsecurity.jsp) can be accessed by "everyone" and until this step everything
  goes fine, I manage to log on. From the testsecurity.jsp page there is a link
  to a jsp which can only
  be accessed by some users (I defined that in the policy file).
  Avan if I have identified myself through the form.jsp, before the 2nd page is
  displayed, I must log on again. When I give
  the same login and password as I gave for the first identification
  I can see the proper page.
  Do you have any idea about why I have to log on twice?
  Thanks
  Odile
  PS: I checked that, in the session, the attribute "javax.naming.InitialContext"
  is still present, if this has anything to do with the authentication..

  Hi,
  I am using the example form.jsp to log on to my application. The first
  page (testsecurity.jsp) can be accessed by "everyone" and until this step everything
  goes fine, I manage to log on. From the testsecurity.jsp page there is a link
  to a jsp which can only
  be accessed by some users (I defined that in the policy file).
  Avan if I have identified myself through the form.jsp, before the 2nd page is
  displayed, I must log on again. When I give
  the same login and password as I gave for the first identification
  I can see the proper page.
  Do you have any idea about why I have to log on twice?
  Thanks
  Odile
  PS: I checked that, in the session, the attribute "javax.naming.InitialContext"
  is still present, if this has anything to do with the authentication..

• RDBMS Authentication Example Error

  When I test the code
  weblogic.security.acl.CachingRealm realm = (weblogic.security.acl.CachingRealm)
  weblogic.security.acl.Security.getRealm();
  The Error was raised:
  java.lang.ClassCastException: weblogic.security.acl.internal.FileRealm
  It is a example in book 'J2EE Application and BEA WebLogic Server'

  I got it...my policy file needed more to work in NT. Here is the entire file:
  grant Principal com.sun.security.auth.NTUserPrincipal "s156898"
       permission java.io.FilePermission "ProtectedFile.txt", "read";
  grant {
  //Allow everything for now
  //permission java.security.AllPermission;
       permission javax.security.auth.AuthPermission "createLoginContext.JAASConfig"     permission java.io.FilePermission "ProtectedFile.txt", "read";
       permission javax.security.auth.AuthPermission "modifyPrincipals";
       permission javax.security.auth.AuthPermission "doAsPrivileged";
       permission javax.security.auth.AuthPermission "getSubject";
  However, I am trying to also do my work on a Solaris/Unix machine. I get an error that tells me that only Principal-based entries are allow. Anyone know how to give permission to all users in a Principal statemtent. The same setup as the above, using Unix Principals, will not work. Seems like I have to always have a grant and Principal for every set of permissions.
  Lemme know if you can help. Thanks!

• GSS-API/Kerberos v5 Authentication - Example throws strange exception

  Hi There,
  When II'm trying to run the GSS-API example I get this exception:
  java.lang.SecurityException: D:\Program Files\jdk1.2.2\jre\lib\security\HBJAASLogin.config (The system cannot find the file specified)
  I know that the exception is thrown because it cannot find the file: HBJAASLogin.config
  The strangest thing is that I don't have that file, if I search for it on the NET it isn't found anywhere ?!?
  And on the code there's no mention of the file ???
  Why does it need the file?
  Thank You
  Pinho

  hi,
  i am very sorry to disturb you..
  already i sent this problem to [email protected]
  but i not able to see my mail in users archives.
  so i am forwarding this.
  i don't know how to forward this to forum
  please help me
  Thanks and Regards
  kumar
  -----Original Message-----
  From: kumar [mailto:[email protected]]
  Sent: Wednesday, April 10, 2002 6:17 PM
  To: [email protected]
  Subject: Compilation error :: please help me.. it is urgent
  hi ,
  I downloaded following version of openssl and during compilation, i got the following error.
  openssl-engine-0.9.6c.
  i got the same result with version openssl-0.9.6 also
  Step : Compile OpenSSL
  C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c> ms\mingw32
  C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>perl Configure Mingw32
  Configuring for Mingw32
  IsWindows=1
  CC =gcc
  CFLAG =-DTHREADS -DDSO_WIN32 -DL_ENDIAN -fomit-frame-pointer -O3 -m486
  -Wall
  EX_LIBS =
  BN_ASM =bn_asm.o
  DES_ENC =des_enc.o fcrypt_b.o
  BF_ENC =bf_enc.o
  CAST_ENC =c_enc.o
  RC4_ENC =rc4_enc.o
  RC5_ENC =rc5_enc.o
  MD5_OBJ_ASM =
  SHA1_OBJ_ASM =
  RMD160_OBJ_ASM=
  PROCESSOR =
  RANLIB =true
  PERL =perl
  THIRTY_TWO_BIT mode
  DES_PTR used
  DES_RISC1 used
  DES_UNROLL used
  BN_LLONG mode
  RC4_INDEX mode
  RC4_CHUNK is undefined
  Configured for Mingw32.
  Generating x86 for GNU assember
  Bignum
  DES
  crypt
  Blowfish
  CAST5
  RC4
  MD5
  SHA1
  RIPEMD160
  RC5\32
  Generating makefile
  Generating DLL definition files
  Building OpenSSL
  mkdir tmp
  mkdir out
  mkdir outinc
  mkdir outinc\openssl
  copy .\crypto\cryptlib.h tmp\cryptlib.h
  1 file(s) copied.
  copy .\crypto\buildinf.h tmp\buildinf.h
  1 file(s) copied.
  copy .\crypto\md32_common.h tmp\md32_common.h
  1 file(s) copied.
  copy .\crypto\md4\md4_locl.h tmp\md4_locl.h
  1 file(s) copied.
  copy .\crypto\md5\md5_locl.h tmp\md5_locl.h
  1 file(s) copied.
  copy .\crypto\sha\sha_locl.h tmp\sha_locl.h
  1 file(s) copied.
  copy .\crypto\ripemd\rmd_locl.h tmp\rmd_locl.h
  1 file(s) copied.
  copy .\crypto\ripemd\rmdconst.h tmp\rmdconst.h
  1 file(s) copied.
  copy .\crypto\des\des_locl.h tmp\des_locl.h
  1 file(s) copied.
  copy .\crypto\des\rpc_des.h tmp\rpc_des.h
  1 file(s) copied.
  copy .\crypto\des\spr.h tmp\spr.h
  1 file(s) copied.
  copy .\crypto\des\des_ver.h tmp\des_ver.h
  1 file(s) copied.
  copy .\crypto\rc2\rc2_locl.h tmp\rc2_locl.h
  1 file(s) copied.
  copy .\crypto\rc4\rc4_locl.h tmp\rc4_locl.h
  1 file(s) copied.
  copy .\crypto\rc5\rc5_locl.h tmp\rc5_locl.h
  1 file(s) copied.
  copy .\crypto\idea\idea_lcl.h tmp\idea_lcl.h
  1 file(s) copied.
  copy .\crypto\bf\bf_pi.h tmp\bf_pi.h
  1 file(s) copied.
  copy .\crypto\bf\bf_locl.h tmp\bf_locl.h
  1 file(s) copied.
  copy .\crypto\cast\cast_s.h tmp\cast_s.h
  1 file(s) copied.
  copy .\crypto\cast\cast_lcl.h tmp\cast_lcl.h
  1 file(s) copied.
  copy .\crypto\bn\bn_lcl.h tmp\bn_lcl.h
  1 file(s) copied.
  copy .\crypto\bn\bn_prime.h tmp\bn_prime.h
  1 file(s) copied.
  copy .\crypto\bio\bss_file.c tmp\bss_file.c
  1 file(s) copied.
  copy .\crypto\objects\obj_dat.h tmp\obj_dat.h
  1 file(s) copied.
  copy .\crypto\conf\conf_def.h tmp\conf_def.h
  1 file(s) copied.
  copy .\ssl\ssl_locl.h tmp\ssl_locl.h
  1 file(s) copied.
  copy .\apps\apps.h tmp\apps.h
  1 file(s) copied.
  copy .\apps\progs.h tmp\progs.h
  1 file(s) copied.
  copy .\apps\s_apps.h tmp\s_apps.h
  1 file(s) copied.
  copy .\apps\testdsa.h tmp\testdsa.h
  1 file(s) copied.
  copy .\apps\testrsa.h tmp\testrsa.h
  1 file(s) copied.
  copy .\.\e_os.h outinc\openssl\e_os.h
  1 file(s) copied.
  copy .\.\e_os2.h outinc\openssl\e_os2.h
  1 file(s) copied.
  copy .\crypto\crypto.h outinc\openssl\crypto.h
  1 file(s) copied.
  copy .\crypto\tmdiff.h outinc\openssl\tmdiff.h
  1 file(s) copied.
  copy .\crypto\opensslv.h outinc\openssl\opensslv.h
  1 file(s) copied.
  copy .\crypto\opensslconf.h outinc\openssl\opensslconf.h
  1 file(s) copied.
  copy .\crypto\ebcdic.h outinc\openssl\ebcdic.h
  1 file(s) copied.
  copy .\crypto\symhacks.h outinc\openssl\symhacks.h
  1 file(s) copied.
  copy .\crypto\md2\md2.h outinc\openssl\md2.h
  1 file(s) copied.
  copy .\crypto\md4\md4.h outinc\openssl\md4.h
  1 file(s) copied.
  copy .\crypto\md5\md5.h outinc\openssl\md5.h
  1 file(s) copied.
  copy .\crypto\sha\sha.h outinc\openssl\sha.h
  1 file(s) copied.
  copy .\crypto\mdc2\mdc2.h outinc\openssl\mdc2.h
  1 file(s) copied.
  copy .\crypto\hmac\hmac.h outinc\openssl\hmac.h
  1 file(s) copied.
  copy .\crypto\ripemd\ripemd.h outinc\openssl\ripemd.h
  1 file(s) copied.
  copy .\crypto\des\des.h outinc\openssl\des.h
  1 file(s) copied.
  copy .\crypto\rc2\rc2.h outinc\openssl\rc2.h
  1 file(s) copied.
  copy .\crypto\rc4\rc4.h outinc\openssl\rc4.h
  1 file(s) copied.
  copy .\crypto\rc5\rc5.h outinc\openssl\rc5.h
  1 file(s) copied.
  copy .\crypto\idea\idea.h outinc\openssl\idea.h
  1 file(s) copied.
  copy .\crypto\bf\blowfish.h outinc\openssl\blowfish.h
  1 file(s) copied.
  copy .\crypto\cast\cast.h outinc\openssl\cast.h
  1 file(s) copied.
  copy .\crypto\bn\bn.h outinc\openssl\bn.h
  1 file(s) copied.
  copy .\crypto\rsa\rsa.h outinc\openssl\rsa.h
  1 file(s) copied.
  copy .\crypto\dsa\dsa.h outinc\openssl\dsa.h
  1 file(s) copied.
  copy .\crypto\dso\dso.h outinc\openssl\dso.h
  1 file(s) copied.
  copy .\crypto\dh\dh.h outinc\openssl\dh.h
  1 file(s) copied.
  copy .\crypto\buffer\buffer.h outinc\openssl\buffer.h
  1 file(s) copied.
  copy .\crypto\bio\bio.h outinc\openssl\bio.h
  1 file(s) copied.
  copy .\crypto\stack\stack.h outinc\openssl\stack.h
  1 file(s) copied.
  copy .\crypto\stack\safestack.h outinc\openssl\safestack.h
  1 file(s) copied.
  copy .\crypto\lhash\lhash.h outinc\openssl\lhash.h
  1 file(s) copied.
  copy .\crypto\rand\rand.h outinc\openssl\rand.h
  1 file(s) copied.
  copy .\crypto\err\err.h outinc\openssl\err.h
  1 file(s) copied.
  copy .\crypto\objects\objects.h outinc\openssl\objects.h
  1 file(s) copied.
  copy .\crypto\objects\obj_mac.h outinc\openssl\obj_mac.h
  1 file(s) copied.
  copy .\crypto\evp\evp.h outinc\openssl\evp.h
  1 file(s) copied.
  copy .\crypto\asn1\asn1.h outinc\openssl\asn1.h
  1 file(s) copied.
  copy .\crypto\asn1\asn1_mac.h outinc\openssl\asn1_mac.h
  1 file(s) copied.
  copy .\crypto\pem\pem.h outinc\openssl\pem.h
  1 file(s) copied.
  copy .\crypto\pem\pem2.h outinc\openssl\pem2.h
  1 file(s) copied.
  copy .\crypto\x509\x509.h outinc\openssl\x509.h
  1 file(s) copied.
  copy .\crypto\x509\x509_vfy.h outinc\openssl\x509_vfy.h
  1 file(s) copied.
  copy .\crypto\x509v3\x509v3.h outinc\openssl\x509v3.h
  1 file(s) copied.
  copy .\crypto\conf\conf.h outinc\openssl\conf.h
  1 file(s) copied.
  copy .\crypto\conf\conf_api.h outinc\openssl\conf_api.h
  1 file(s) copied.
  copy .\crypto\txt_db\txt_db.h outinc\openssl\txt_db.h
  1 file(s) copied.
  copy .\crypto\pkcs7\pkcs7.h outinc\openssl\pkcs7.h
  1 file(s) copied.
  copy .\crypto\pkcs12\pkcs12.h outinc\openssl\pkcs12.h
  1 file(s) copied.
  copy .\crypto\comp\comp.h outinc\openssl\comp.h
  1 file(s) copied.
  copy .\crypto\engine\engine.h outinc\openssl\engine.h
  1 file(s) copied.
  copy .\ssl\ssl.h outinc\openssl\ssl.h
  1 file(s) copied.
  copy .\ssl\ssl2.h outinc\openssl\ssl2.h
  1 file(s) copied.
  copy .\ssl\ssl3.h outinc\openssl\ssl3.h
  1 file(s) copied.
  copy .\ssl\ssl23.h outinc\openssl\ssl23.h
  1 file(s) copied.
  copy .\ssl\tls1.h outinc\openssl\tls1.h
  1 file(s) copied.
  copy .\rsaref\rsaref.h outinc\openssl\rsaref.h
  1 file(s) copied.
  gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -fomit-frame-pointer -DDSO_WIN32 -c .
  \crypto\cryptlib.c
  process_begin: CreateProcess((null), gcc -o tmp\cryptlib.o -Ioutinc -Itmp -O3 -f
  omit-frame-pointer -DDSO_WIN32 -c .\crypto\cryptlib.c, ...) failed.
  make (e=2): The system cannot find the file specified.
  make: *** [tmp\cryptlib.o] Error 2
  You can ignore the error messages above
  1 file(s) copied.
  Building the libraries
  Building OpenSSL
  gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointe
  r -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_ASM -c ./crypto/cryptlib.c
  process_begin: CreateProcess((null), gcc -o tmp/cryptlib.o -Ioutinc -Itmp -DL_EN
  DIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -m486 -Wall -DBN_ASM -DMD5_ASM -DSHA1_
  ASM -c ./crypto/cryptlib.c, ...) failed.
  make (e=2): The system cannot find the file specified.
  make: *** [tmp/cryptlib.o] Error 2
  C:\kumar\openssl-engine-0.9.6c.tar\openssl-engine-0.9.6c>
  Note :
  As per readme instruction,
  i am using following
       1. GNU C (Mingw32) :
            gcc-2.95.2-msvcrt.exe
            make-3.76.1.zip
       2. ActivePerl-5.6.1.631-MSWin32-x86.msi
  what is the work around? is there any mistake from my side?
  please help me.. it is urgent
  Thanks and Regards
  kumar

• Apple Support admitted an Issue with WEP authentication and some Routers

  After reading many posts here and other places I logged a service call to Apple support. With the particulars: AT&T U-verse 2 Wire router would not connect with WEP would connect with Security disabled. I wanted a call logged before I went past the return time
  I got a call back immediately after a few basic questions I was passed to a product manager for ipads, it seems connectivity issues are taken seriously.
  The upper level support said there were known issues with some routers and WEP security we steeped through changing the security and it works fine now.
  Bottom Line:
  Apple knows there is an issue with some routers
  They were very helpful and acknowledged the issue.
  He even stayed on the line while I reconfigured one of my Windows PC to make sure it connected to the new settings
  I suggest to all to log a call and get a tech support involved before taking the iPad to the local store
  They certainly new their are some connectivity issues. If that does not work you can always return it.
  He did not admit it was a Apple issue and did not commit that Apple was working on it but it is something they are aware of.
  So skip the Apple store got right to tech support.
  Just my 2 cents.

  "But folks need to go straight to tech support. I live in oz, so it will be interesting to see if they help me.. or not.. but if support gets inundated they will fix it or have a massive recall (not likely on the latter)."
  Can't agree more. I used to manage a tech support department and it is all about the numbers. No matter how many forum entries the issues that get addressed are dictated by the reports.
  So for those that are buying new routers contact Tech Support first even if you end up getting a new router the call is logged that will get Apple's attention.
  People that are not familiar with post launch processes have no idea how things that need to get corrected and enhanced are dictated by support requests

• How to Manually Create Wi-Fi Profiles with Open Authentication & WEP Encryption

       I clicked Control Panel > Network and Internet > Network and Sharing Center> Set up a new connection or network > Manually connect to a wireless network, but I wasn't able to select WEP for Encryption type when I selected
  Open System for Security type. Why not? I hear Open authentication & WEP encryption is more secure than WEP authentication & encryption. Doesn't Windows support Open authentication & WEP encryption?
       I tried it on several computers: Win8.1/8/7, hp/DELL/ASUS/acer, but on neither of them was I able to select Open authentication and WEP encryption at the same time. Wi-Fi is enabled, and every user account that I tried it from is admnistrator
  one.
       I can manually create Wi-Fi profiles with WEP authentication and WEP encryption. What I wanted to create is, however, those with Open authentication and WEP encryption.
       I'll appreciate your help.
  cf. http://answers.microsoft.com/en-us/windows/forum/windows8_1-networking/how-to-manually-create-wi-fi-profiles-with-open/20306f4a-6909-44a5-a715-745a922b97e0?rtAction=1420438873802

  Hi,
  Acctually speaking, Both type of WEP encryption is not secure. I'm agree with SenneVl's opinion, it would be better to use WPA encryption. You can refer to the contents of the link belwo for more details:
  Set up a security key for a wireless network:http://windows.microsoft.com/en-hk/windows/set-security-key-wireless-network#1TC=windows-7
  Roger Lu
  TechNet Community Support

• WVC80N Wireless Problem - WEP

  I recently bought a WVC80N wireless webcam and had problems setting up the wireless network for it. I read a post similar to my issue from a user who had a WVC54GCA. It is specifically related to setting up WEP authentication.The CD runs you through the setup process and all is fine up to the point where it asks you to enter in the WEP key. At that point it asks you to power down the device and unplug the ethernet cable. After waiting 30 seconds, the directions say to plug it back in and it should come back up. It does not.
  The fix for me was to reset the camera(the is a small pinhole on the bottom of the camera you can depress for 10 seconds ) and start over. Ignore the wireless setup this time and simply browse to the IP address the camera is given during setup (or copy/paste the link it gives you in the text file on your dektop into a web browser)  and use the credentials you entered previously during the setup process for administration .
  Now, while at the web page for the camera click on Setup (it'll ask for those credentials). On the first section (Basic) enter your SSID, Network Type, and click on Edit Security Settings. Leave TX Key to 1 and don't change the passphrase. Instead enter your WEP key into Key 1 and save.
  This worked for me. Or, you could turn WEP off entirely, reset the camera and it should come right up.

  In the setup process, if you were able to set up the camera while the ethernet cable was still attached then the camera got an IP address from your DHCP server. You can do a few different things to find the IP. The easiest way is to log into your home router and look at what IP address it gave to your camera.
  If you are not familar with that, open a command prompt on your home computer  you used to set it up, and type IPCONFIG. That will show you the IP Address of your home computer. Once you have that, you can reasonably assume your camera will have a nearby IP Address. So open a web browser and type in the next IP address up from your machine IP and see if the web came GUI comes up.
  Home computer IP Address: 10.0.0.1
  Reasonable assumption for IP of camera: 10.0.0.2 (this is what I would type into the URL field of a web browser).
  The 10.0.0.x series is just an example. Your home network can be set up on 192.168.x.x or the 172.16.x.x, so don't use the IP Addresses above until you find out your own scheme.

• Authentication in JSF 2.0

  I could use some advise... I've been trying to implement authentication in a JSF 2.0 web application and I've not been completely successful. I'm using NetBeans 6.8 and GlassFish v3. Here is what I would like:
  1) Use container managed security with a JDBC realm. Users who register via the web app will end up as users in the table that is used to authenticate access to the web app
  2) I want to use role-base authorization that I can specify in my web.xml file as [described in the JEE 6 tutorial.|http://java.sun.com/javaee/6/docs/tutorial/doc/bnbxj.html#bnbxu]. Thus, I'd like to secure JSF pages as well as managed bean actions.
  3) My web app uses EJB's that are secured using the [EJB annotations as described in the JEE 6 tutorial|http://java.sun.com/javaee/6/docs/tutorial/doc/bnbyl.html#gjgcq]. My understanding is that the credentials from the web app are propagated to the EJB's, so I should not need to do anything, other than catch exceptions whenever the EJB is being accessed by an unauthorized role.
  4) Ideally, I'd like to use a JSF form to request username/password from a user. I know the JSF form cannot directly post the information to the container's security mechanism (i.e. j_security_check action). While I've found some ways to do it, none are really satisfactory, so I've had to just use a plain HTML form.
  5) I could do it [authentication programmatically as explained in the JEE 6 tutorial|http://java.sun.com/javaee/6/docs/tutorial/doc/gjiie.html]. Unfortunately, the tutorial shows how to do this from a Servlet and not from JSF. In particular, I could invoke the HttpServletRequest#login method, but its result does not enter a session and thus I cannot continue to use container managed authorization past the request. If I use HttpServletRequest#authenticate, then this will force the container to present the login form I specify in web.xml and the credentials will be in the session.
  6) FYI, I've tried to implement an authentication a Filter but the URL requests that come from a JSF 2.0 app just do not correspond to what I'm looking for in the filter. That is, if I have a directory named secured where I keep JSF pages to be accessed only by authenticated users, I set up a Filter to look for these requests and it does not behave as expected (or at least the way it behaves when I use it with JSP)
  I hope someone here can help me find the resources so I can implement this. I've Googled many times and most of what I'm finding is incomplete. I'd greatly appreciate anyone's help and guidance in this. FYI... some students are counting on me to deliver a solution to this! I did not think it would be difficult, but it has turned out to be that way.
  Thanks for reading this far!
  Alvaro

  Hello Ed. I have your JSF 2.0 book now. I download and tried the authentication example that you have on chapter 14. Unfortunately, authorization is not working as I would expect it. Here are the specifics:
  1) I'm running it on GlassFish v3
  2) According to the web.xml, you create two security constraints. One on /trainer/*** requests to be accessed only by users with role of trainer. Another on the /user/*** requests to be accessed only by users with role of user
  3) Whenever I try this app, I can access that pages without ever being authenticated (i.e. without logging in). I can access them by entering the URL's, say: http://localhost:8080/formBasedLogin/faces/user/userPage.xhtml
  This is the problem I've been having whenever I try to do authorization. For some reason, either the URL is not matching the pattern specified or it gets rewritten by JSF 2.0 in some way?
  Update: I'll leave the above comments, but I was able to get your example working by changing the URL patterns to: /faces/user/*** and /faces/trainer/*** Is this an error in the sample code or should the pattern you provide still work?
  Update 2: It seems that I've now figured out that there is a difference on whether I use an outputLink or a commandLink. I need to read more about this. In any case, the URL patterns do match requests that are specified as an outputLink, but not when they are specified by a commandLink -- in this case, JSF uses JavaScript to make the request to some resource which does not match the pattern. It looks like I was just using commandLink before whereas I should have been using outputLink.

• Authentication in clustered web application without sticky session

  I have built JSP/Servlet/Struts application in the past on a cluster of app servers. Each app server has its own JVM running the Servlel Container. All of the HTTP requests come into a hardware load balancer, which directs the requests to one of the app servers in the cluster.
  I have wanted to use the Java HttpSession management without any kind of distributed session provided by the app server. We have used "sticky" sessions. The application writes a cookie to the client on the first request. The load balancer looks for that cookie on subsequent requests and directs the request to the server that originally wrote the cookie. This ensures that all requests within the same session are handled by the same application server. This also means that if I do request.getSession().setAttribute("authenticated",true) on one request, when I do request.getSession().getAttribute(authenticated) on subsequent requests in the same session, I can be sure the value will not be null. This allows me to create a filter that checks for that session attribute on each request, and if it is false or null, redirect the request to some sort of login page. Otherwise I can be sure the user has logged in.
  I want to build a stateless/non-session based application that can still handle authentication. What I mean by that is that I don't want the load balancer to have to send requests for the same session all to the same server. I would like the load balancer to send each request where ever it wants. That means the simple authentication example I explained in the last paragraph would not work. The user could login on server A, but then on a subsequent request during the same "session", the user's request could be handled by server B. In that case, the session attribute would be null, and the app would think that the user has not logged in.
  My application can require that users have cookies enabled, so therefore I can assume the user is accepting cookies (I would have something to check that and redirect the user to an error page saying "turn cookies on" if cookies weren't on). I think one thing that I could do is use encrpytion with a key that is shared between all the servers in the cluster. For example, user logins in on server A, server A writes a cookie with the contents "username,1109272102009". The first part being the username that the user successfully authenticated as and the second part being a timestamp for when the cookie was created. The contents of the actual cookie would be encrypted and I would send the ciphertext as the value of the cookie. When server B gets the cookie, it can decrypt the ciphertext (using the same key as was used to encrypt the data on server A), and check that the username is valid and that the timestamp does not exceed some timeout. The timestamp in the cookie would then have to be updated for the next request.
  So my question is (thanks for sticking with me and reading this really long post), has anyone done anything like this before? Is what I have described totally ridiculous or insecure? Are there any books or articles that describe a pattern similar to this that has been know to work well?

  I have worked on a web site that did exactly that.
  The cookie contained a little bit more information - there was a small amount of user data that were needed on heavily accessed pages.
  You'll have a problem if your web application uses attributes. We solved this by keeping most stuff in hidden inputs (backed up by hidden input cryptographic checksums in places where forgery was a concern.) HttpSession attributes have some problems and gotchas.
  A few possible fine tunings:
  Add a random number to the cookie. Should make known plaintext attacks harder.
  Add some extra stuff to the cookie, so that any random hex string that happens to decode to "xZoiyqw,15" isn't accepted. It's easy to try a million cookies until you get "<something>,<integer>" but getting "<something>,<integer>,HelloHowAreYou" is a lot harder.
  Be paranoid in checking the format of the cookie. If you add a random number, check that it is all digits etc. Belt and suspenders: also check that the time stamp isn't in the future (allow e.g. 15 seconds future time, in case different servers' clocks are a bit off.)
  Don't update the cookie at every hit, only if the time stamp is older than a couple of minutes. Saves encryption CPU power.
  After encrypting, prepend a short version number to the cookie. E.g. if the hex cookie is ABCDEF, make it 1ABCDEF. If you later e.g. change the encryption algorithm, change version to 2 and you can easily skip any obviously non-decipherable cookies. A second version number within the cookie might or might not be useful.
  Even though you can make random load balancing, consider not doing that. E.g. a server might pull the user's name from the database into memory cache. You get less database traffic and smaller caches if the user still goes to the same server. If a server goes down, only then switch him elsewhere. Downside though: if one server is "half alive" (doesn't respond to requests but alive enough so the load balancer doesn't notice the malfunction), all users bound to that server see a 100% failure.
  Benchmark cookie decryption time when selecting the crypto algorithm. How many hits per second you can get and how many you need.
  Guard your crypto keys like the crown jewels. Change them periodically and whenever someone in your company (especially IT department) gets the pink slip.

• Programmatic User Authentication in JHS 10.1.2

  Hi,
  I've been trying to use JHS 10.1.2. and the Programmatic User Authentication example of 9.0.5.2 but this obviously does not seem to work.
  Could you please supply information how to enable programmatic User Authentication in JSH 10.1.2?
  Thanks
  William

  William,
  We are currently working on upgrading the old "JHeadstart Demo" to the JHeadstart ADF release. This demo will include programmatic user authentication. We have not scheduled the next patch release yet, but may 2005 seems realistic at this point.
  In the meantime, you could start off with the implementation provided in the non-ADF Jheadstart release, and upgrade it to the ADF release. I know of one customer who did that. It is not that hard, the approach will largely stay the same. An authentication filter checks whether the user is already logged on by checking some session attribute and will forward to an authenticate user action that validates the username/password.
  Steven Davelaar,
  JHeadstart Team.