Windows authentication from an enterprise application

Similar Messages

• How to make use of Windows authentication from my Java application

  I have a Java application, Instead I design one more login page for my application, I want to make use of Windows Authentication.
  How should I use that windows authentication in my java application
  can any help me in suggesting a solution

  How will they be able to access your application if they aren't users of the system?

• Windows Authentication on a Coldfusion Application

  Hi community!
  I am working on a coldfusion application and I had a meeting
  today to show my client my progress. The IT director asked if they
  could use Windows Authentication in the new program because the
  doctors and therapists forget everything. My answer was kind of
  defensive but they asked me to figure that out.
  I have no idea as where to start! Can somebody put some light
  in my head?
  Any thoughts? Any ideas? Any resources?
  I work full time in a software development company, this
  project is part of the jobs I do on the side so I can afford gas!
  he,he In my primary job we have never created a coldfusion app that
  works like that. So that's why I am confused.
  Thanks fellows!

  I use integrated Windows Authntication on my intranet. There
  is a checkbox for it under IIS.
  This allows the uername to be visible to CF using the
  #cgi.auth_user# variable.
  As for security, I maintain a data table with each username
  and appropriate permissions. In my application, I merely confirm
  that the currently logged in user is authorized for given areas of
  my site.
  Works great. The only real caveat is that some places might
  aruge that you are not verifying that the person behind the
  keyboard is really the person currently logged into that particular
  machine on the network. My defense is that this scenario is the
  responsibility of the currently logged in user, rather than the web
  developer. Your environment may dictate more stringent criteria or
  verification.
  BTW: My implementation has passed muster with our security
  audits in the medical field for the last eight or nine
  years.

• Connecting to MSSQL Windows authentication from Linux

  Hi,
  From linux (OIM) environment we need to connect to window authenticated MSSQL server.In windows we set sql.dll file.How to do in linux?
  Thanks!

  There is a database library that can provide you with the additional options. It's here http://jtds.sourceforge.net/
  With it, you can provide domain authentication credentials.
  -Kevin

• SSO via Windows authentication for a BSP application

  Hi,
  is it possible to configure/implement a bsp-application, so that the user of the application is authenticated in the SAP system through the windows user (without entering the user or password). I search for a mechanism, that is like the SSO mechanism in the SAP EP. We don't have SAP EP, neither we have a java stack installation.
  Exists a way to implement this scenario?
  My idea was it, to use the same functionality, like in the SAP GUI, when configuring SSO. Unfortunately I don't find any hints about this topic.
  Regards,
  Thomas

  One best way is to embed the BSP page in the iview of the EP. As your are telling EP is not available i think there is no other way around.

• Authenticating from an HTML5 application

  Hi,
  I need to authenticate to my BSP applications from a form developed using HTML5. The form is rendered locally and contains a input fields for username and password. The username and password entered in this form need to be used for logging into the BSP. We do not have any portal, or any other middleware. We will just be passing the URL and password to the BSP.
  One option is to append the user id and password to the request URL as sap-user and sap-password parameters.
  However, I have learnt from several other forum questions that this is not a recommended approach. Also, I would not like the user to be prompted for authentication again as long as the session is valid.
  Any help regarding this query would be greatly appreciated.
  Thanks,
  Vibhu

  Just read the doco mate. [http://help.sap.com/saphelp_nw73/helpdata/en/48/3a0638902131c3e10000000a42189d/frameset.htm]
  Cheers
  Graham Robbo

• How to use windows authentication to MSSQL2008 from oim running in Linux

  Hi All,
  We have developed the code (in eclipse) in local windows machine to call sample stored procedures in MSSQL.The code works fine from client and are able to create, update users in MSSQL from windows.
  We have OIM 11g R2 installed in Linux 6 on local VM. The question is while building the jar from the code and placing it in Java task directory of OIM, calling thr Code we need sql.dll file to implement the windows authentication(no user name & pwd) to connect to MSSQL, but this is not possible in Linux since the jar don't support.
  Can any one please give suggestions on this to implement windows authentication from Linux through OIM server.
  Edited by: 970422 on Nov 8, 2012 11:39 PM

  I have no idea, but you might find it helpful to read Redhat's documentation concerning this subject:
  http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/ch-ldap.html

• Using the windows authentication

  In my application , I would like use Windows authentication .Currently I am using basic authentication in which the application will get the user details from a file.The file will contains users password and access right(read write permissions). I would like to enhance it with windows authentication in which my application take the windows user and allows him to use the application. Is it possible? If possible , can I set some attributes(like for xxxx value is 1, yyyy value is 2 ) for windows users. Kindly help me if it is possible in Java.

  Apart from transfer logins scripts Ashwin and Stan mentioned, I usually run following script in order to re-establish orphan users to establish if any SQL logins.
  set nocount on
  declare @username    sysname,
          @errcode     int
  select @errcode = 0
  select @username = min(name)
  from sysusers (nolock)
  where uid <> gid and
        name not in ('guest', 'sys', 'INFORMATION_SCHEMA') and
        suser_sname(sid) is null and
        issqlrole = 0
  while @username is not null
  begin
     if exists (select 1
                from master.dbo.syslogins (nolock)
                where name = @username)
     begin
        exec sp_change_users_login @Action = 'Update_One',
                                   @UserNamePattern = @username,
                                   @LoginName = @username
        select @errcode = @@error
        if @errcode = 0
           print 'The user ''' + @username + ''' was re-established in database!'
        else
           print 'Failed to re-establish user ''' + @username + ''' in database!'
     end
     else
     begin
        print 'The user ''' + @username + ''' does not have login ID. So, drop it from database!'
        exec sp_dropuser @username
     end
     select @username = min(name)
     from sysusers (nolock)
     where uid <> gid and
           name not in ('guest', 'sys', 'INFORMATION_SCHEMA') and
           suser_sname(sid) is null and
           issqlrole = 0 and
           name > @username
  end
  go

• Windows Authentication - Different Domain

  Hi:
  I am trying to figure out if there is a way to connect via SQL Server Management Studio to a server sitting on a separate domain. So here is the situation. there is Server B which sits in a domain called DomainB. If I am in DomainA, I could typically remote into that server utilizing an IP address in DomainB, and even transfer files to that server. But how do I connect via SQL Server Management Studio(basically login as a different domain user) to Server B in DomainB from DomainA. Basically when I choose Windows Authentication from the dropdown list in SQL Server Management Studio, it grays out the username field, which is where I could type something like this domainB\usernameondomainB, similar to how you would connect to a share on that server. Please let me know if there is a possibly solution to this. Also, our customer doesnot allow SQL Server Auth/Logins, so that is not an option. Thanks.

   Raul Garcia - MS wrote:
    The reason why the user name/password fields are unavailable in SQL Server Management Studio is because it will use the current Windows token (i.e. the interactive user credentials) to establish the connection.
     If you want to use different credentials you will need to impersonate the different principal in Windows (i.e. RunAs) before running Management Studio.
    I also recommend posting tool related questions in the tools forum (http://forums.microsoft.com/MSDN/ShowForum.aspx?ForumID=84&SiteID=1).
    I hope this information will help.
    -Raul Garcia
    SDE/T
    SQL Server Engine
  Raul.
  I have exactly the same problem, but the solution that you are giving doesm't solve the problem.
  I can't  RUN Managment Studio with RUN AS a member of a domainB if I'm in a machine that is member of the domainA.
  Is there any way I can modify Managment Studio to ENABLE the login and pass to introduce the domain using the WIN AUTHENTICATION ?

• Reg:- Include portal DC in Enterprise Application DC

  Hi All,
  I have a requirement to reference a portal DC from an Enterprise Application DC.
  Here's the scenario:
  We have a Web Module DC which uses a portal DC as Used DC. Then I created an Enterprise Application DC to deploy the Web Module DC. But, when the EAR file is deployed, I am getting the following exception:
  com.sap.engine.frame.core.load.SAPNoClassDefFoundError: com/sapportals/portal/prt/component/AbstractPortalComponent
  I have tried to add the Portal DC and epbc.prtapi._api as Used DCs to the Enterprise Application DC. The DC dependancy type is defined as "Build Time, Deploy Time and Run Time" for Portal DC and "Build Time" for epbc.prtapi._api DC. Yet, I am facing the same issue.
  Kindly help me out to resolve this issue.
  Thanks in advance,
  Pavithra

  Hi Pascal,
  Thank you very much for your answer. That was indeed very helpful.
  Now, I have followed a different approach. I have exported the PAR file as a JAR and added this JAR file to an external library along with prtapi.jar. Now I have created 2 Public Parts "assembly" and "compilation" for both the JARs.
  I have used the External Library DC as Used DC for the EAR. Now, I am able to successfully deploy the Enterprise Application DC and access my application without any runtime errors.
  I hope this is the right approach. Can you suggest me an optimized approach for the same, if any?
  Thanks a lot for the help.
  Regards,
  Pavithra

• Error 18452 "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication" on SQL Server 2008 R2 Enterprise Edition 64-bit SP2 clustered instance

  Hi there,
  I have a Windows 2008 R2 Enterprise x64 SP2 cluster which has 2 SQL Server 2008 R2 Enterprise Edition x64 SP2
  instances.
  A domain account "Domain\Login" is administrator on both physcial nodes and "sysadmin" on both SQL Server instances.
  Currently both instances are running on same node.
  While logging on to SQL Server instance 2 thru "Domain\Login" using "IP2,port2", I get error 18452 "Login failed. The login is from an untrusted domain and cannot be used with Windows authentication". This happened in the past
  as well but issue resolved post insatllation of SQL Server 2008R2 SP2. This has re-occurred now. But it connects using 'SQLVirtual2\Instance2' without issue.
  Same login with same rights is able to access Instance 1 on both 'SQLVirtual1\Instance1' and "IP1,port1" without any issue.
  Please help resolve the issue.
  Thanks,
  AY

  Hello,
  I Confirm that I encountred the same problem when the first domain controller was dow !!
  During a restarting of the first domain controller, i tried to failover my SQL Server instance to a second node, after that I will be able to authenticate SQL Server Login but Windows Login returns Error 18452 !
  When the firts DC restart finishied restarting every thing was Ok !
  The Question here : Why the cluster instance does'nt used the second DC ???
  Best Regards     
  J.K

• Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.

  Hello,
  I have gone through couple of posts regarding this issue but couldn't get the right solution. Could you please help what exactly we are missing here.
  Details:
  1) we have two SQL instances on one standalone machine (Default Instance (2008 SP3) + Named Instance (SQL 2012 SP1))
  2) Both instances are configured to accept SQL+ Windows authentication.
  3) when we give access to our users they are getting following exception if they connect with 'windows authentication'. (For both instances)
  Login failed. The login is from an untrusted domain and cannot be used with Windows authentication.
  Note: (Being a sys + windows admin I'm able to connect both the instances from same client machine without
  any issues)
  4) Also, we observed following error in windows application event log,
   SSPI handshake failed with error code 0x8009030c, state 14 while establishing a connection with integrated security; the connection has been closed. Reason: AcceptSecurityContext failed. The Windows error code indicates the cause of failure.
  The logon attempt failed   [CLIENT: 192.168.xxx.xyx]
  5) If we create SQL login it is working fine without any issues.
  Could someone guide/help  me identifying and fixing this issue.
  Thank you

  Hello,
  Are those Windows Logins associated to domain Windows accounts? Windows Logins work for domain accounts and local Windows account created on the server where the SQL Server instance is installed (and used to login locally to the server).
  Could you try to delete one of the Windows logins that fail to login , and try to recreate them?
  The following resources may help:
  http://blogs.msdn.com/b/dataaccesstechnologies/archive/2012/12/19/error-message-quot-login-failed-the-login-is-from-an-untrusted-domain-and-cannot-be-used-with-windows-authentication-quot.aspx
  http://support.microsoft.com/kb/555332
  Hope this helps.
  Regards,
  Alberto Morillo
  SQLCoffee.com

• Enterprise application conversion problem from WLS 10.3.0 to WLS 10.3.2

  Hi all,
  I'm posting this just to document a problem I had when converting an Enterprise Application from WLS 10.3.0 across to WLS 10.3.2 environment.
  Upon deployment of the application I was getting this error:
  Caused By: weblogic.descriptor.BeanAlreadyExistsException: Bean already exists: "weblogic.j2ee.descriptor.wl.ApplicationParamBeanImpl@b720894d(/ApplicationParams[webapp.encoding.default])"
       at weblogic.descriptor.internal.ReferenceManager.registerBean(ReferenceManager.java:227)
       at weblogic.j2ee.descriptor.wl.WeblogicApplicationBeanImpl.setApplicationParams(WeblogicApplicationBeanImpl.java:560)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.staxb.runtime.internal.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:48)
       at com.bea.staxb.runtime.internal.RuntimeBindingType$BeanRuntimeProperty.setValue(RuntimeBindingType.java:536)
       at com.bea.staxb.runtime.internal.AttributeRuntimeBindingType$QNameRuntimeProperty.fillCollection(AttributeRuntimeBindingType.java:381)
       at com.bea.staxb.runtime.internal.MultiIntermediary.getFinalValue(MultiIntermediary.java:52)
       at com.bea.staxb.runtime.internal.AttributeRuntimeBindingType.getFinalObjectFromIntermediary(AttributeRuntimeBindingType.java:140)
       at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalBindingType(UnmarshalResult.java:200)
       at com.bea.staxb.runtime.internal.UnmarshalResult.unmarshalDocument(UnmarshalResult.java:169)
       at com.bea.staxb.runtime.internal.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:65)
       at weblogic.descriptor.internal.MarshallerFactory$1.createDescriptor(MarshallerFactory.java:150)
       at weblogic.descriptor.BasicDescriptorManager.createDescriptor(BasicDescriptorManager.java:323)
       at weblogic.application.descriptor.AbstractDescriptorLoader2.getDescriptorBeanFromReader(AbstractDescriptorLoader2.java:788)
       at weblogic.application.descriptor.AbstractDescriptorLoader2.createDescriptorBean(AbstractDescriptorLoader2.java:409)
       at weblogic.application.descriptor.AbstractDescriptorLoader2.loadDescriptorBeanWithoutPlan(AbstractDescriptorLoader2.java:759)
       at weblogic.application.descriptor.AbstractDescriptorLoader2.loadDescriptorBean(AbstractDescriptorLoader2.java:768)
       at weblogic.application.ApplicationDescriptor.getWeblogicApplicationDescriptor(ApplicationDescriptor.java:329)
       at weblogic.application.internal.EarDeploymentFactory.findOrCreateComponentMBeans(EarDeploymentFactory.java:181)
       at weblogic.application.internal.MBeanFactoryImpl.findOrCreateComponentMBeans(MBeanFactoryImpl.java:48)
       at weblogic.application.internal.MBeanFactoryImpl.createComponentMBeans(MBeanFactoryImpl.java:110)
       at weblogic.application.internal.MBeanFactoryImpl.initializeMBeans(MBeanFactoryImpl.java:76)
       at weblogic.management.deploy.internal.MBeanConverter.createApplicationMBean(MBeanConverter.java:88)
       at weblogic.management.deploy.internal.MBeanConverter.createApplicationForAppDeployment(MBeanConverter.java:66)
       at weblogic.management.deploy.internal.MBeanConverter.setupNew81MBean(MBeanConverter.java:314)
       at weblogic.deploy.internal.targetserver.operations.ActivateOperation.compatibilityProcessor(ActivateOperation.java:81)
       at weblogic.deploy.internal.targetserver.operations.AbstractOperation.setupPrepare(AbstractOperation.java:295)
       at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:97)
       at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
       at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
       at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
       at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
       at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:157)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:12)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:45)
       at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  It turns out this was an issue with the META-INF/weblogic-application.xml having duplicate entries for the "webapp.encoding.default" parameter.
  This obviously got duplicated when my app was re-imported into the Eclipse OPEP environment for WLS 10.3.2
  <?xml version="1.0" encoding="UTF-8"?>
  <wls:weblogic-application xmlns:wls="http://xmlns.oracle.com/weblogic/weblogic-application" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/javaee_5.xsd http://xmlns.oracle.com/weblogic/weblogic-application http://xmlns.oracle.com/weblogic/weblogic-application/1.0/weblogic-application.xsd">
  <!-- server-version: 10.3 -->
  <!--weblogic-version:10.3.2-->
  <wls:application-param>
  <wls:param-name>webapp.encoding.default</wls:param-name>
  <wls:param-value>UTF-8</wls:param-value>
  </wls:application-param>
  <wls:application-param>
  <wls:param-name>webapp.encoding.default</wls:param-name>
  <wls:param-value>UTF-8</wls:param-value>
  </wls:application-param>
  </wls:weblogic-application>
  Removing the duplicate entry resolved this problem.
  I hope this helps anyone else that experiences this issue.
  Regards,
  Paul

  Below link might be helpful.
  http://kr.forums.oracle.com/forums/thread.jspa?threadID=1049509&tstart=0
  Regards,
  Anandraj
  http://weblogic-wonders.com/

• I want to install my photoshop 5.0 limited edition but the pc displays i should check if it is a 32 or 64 bit application. i changed my windows os  from xp to win7 64 bit (i think that is the problem) how can i run my photoshop on this system?

  i want to install my photoshop 5.0 limited edition but the pc displays i should check if it is a 32 or 64 bit application. i changed my windows os  from xp to win7 64 bit (i think that is the problem) how can i install and run my photoshop 5.0 le on this system?

  Kglad Creative Suite 2 is only applicable to individuals affected by the activation server shut down.  A complete list of affected software titles can be found at Activation server shut down for Creative Suite 2, Acrobat 7, and Macromedia products.

• Windows authentication of Sharepoint Page viewer Web Part applications

  Hi,
  I am working on a new Sharepoint portal which will have Page viewer Web Parts hosting asp.net applications. The standalone applications those are hosted are using windows authentication. my requirment is, when the client logs in to sharepoint need to authenticate
  all web parts with same user credentials so that then don't need to log in again. those asp.net applications are hosted as standalone also out side sharepoint. Can some one advise me how to do that?..
  Thanks
  Ram

  We havent tried that.  We changed the link in the web part to access an html page that claims that the report is loading.  It states in the html that if the page doesnt load to "click here" which redirects to the crystalreportviewer.  Its a temp fix for it.  One thing we are looking at is the 64 bit version of the Sharepoint integration kit.  That may contain a reportviewer webpart.
  Thanks for the reply.
  Brian