Wireless WPA2 + AD + RSA ACE Server possible
I have a client that wants to use WPA2 authenticated to the Windows Active Directory and also has an RSA ACE Server. The goal os to provide 802.1x security with these 3 devices. I am NOT looking to USE the RSA tokens for this, only the underlying RSA RADIUS service to authenticate clients. Is this possible or do I also need a ACS server?
The alternative is to use Wireless WPA2 + AD + Windows IAS RADIUS.
Thanks for any comments,
Chris Serafin
Security Engineer
[email protected]
Hi Chris,
I don't think you can use the RSA's radius server without using tokens. If you are looking to authenticate to Active Directory then either use Wireless + IAS + AD or use Wireless + ACS + AD
There will be no need to bring the RSA into the solution.
Similar Messages
-
RSA ACE server SYSLOG collector, Parsing help!
Hi Board.
I am in a very big hurry for developing a RSA ACE collector script. The
already released RSA ACE Collector script is file based and the RSA ACE
server can dump a CSV log report with an interval of a hour as the
fastest possible interval. This is not at all satisfying for the
customer which - due to the latest issue with hacking attacks on EMC's
network both announced in the press and by letter from EMC and to their
customers - is not at all acceptable. They need to have logic for
pattern searches and correlation rules that can respond as close to real
time as possible.
We have with success and without any troubles or big efforts installed
the SNARE agent on the RSA ACE Appliance box. We are receiving the
events from the RSA server correctly (or we are receiving the events as
unsupported events because the events is not parsed correctly, but all
the needed information is there) and I have started development of a new
Collector script based on the Generic Event Collector (Just
doubleclicked on New Collector script in the Ant menu).
So far I have tryed some different approaches. I know that I can totaly
manipulate with the events received from the Source because I can
pre-set values via the protoEvt.map file. Even further have I been able
to set some other values in the Parse function by using the rec2Evt.map
and then hardcode a value to the desired field by using
rec.-input_record_field-.
Therefor I am pretty convinced that I am on the right track.
Now here is my question:
Based on this copy-pasted s_RXBufferString value (IP addresses and
host+domain values changed for protecting the customer):
Code:
Mar 26 05:48:12 192.168.1.100 hostname[tab]MSWinEventLog[tab]4[tab]Application[tab]14765[tab]Sat Mar 26 10:48:12 2011[tab]1011[tab]ACESERVER6.1[tab]Unknown User[tab]N/A[tab]Information[tab]hostname[tab]Devices[tab][tab][tab]Passcode accepted (Login:'jodo'; User Name:'Doe, John'; Token:'000123456789'; Group:''; Site:''; Agent Host:'remotehost.domain.com'; Server:'serverhost').[tab]14617
*NB!* Swap out [tab] with tablulator delimiter!
I have tryed this approach (this is the entire Parse Functiomn):
Code:
var ValueArray = this.s_RXBufferString.split("\\t");
rec.msg = this.s_RXBufferString;
var SourceInfo = ValueArray[0];
rec.sun = ValueArray[1];
//e.InitServiceName = ValueArray[1];
//rec.Service = ValueArray[1];
//e.EventTime = ValueArray[5];
//rec.EvtTime = ValueArray[5];
//e.VendorEventCode = ValueArray[6];
rec.evtCode = ValueArray[6];
e.DeviceName = ValueArray[7];
rec.sun = ValueArray[8];
//e.EffectiveUserID = ValueArray[8];
//var OSInitUser = ValueArray[8];
//e.InitHostName = ValueArray[11];
rec.shd = ValueArray[11];
//ValueArray[12] = ValueArray[12].ltrim();
var AppSpecificMessage = '';
for(var t = 12; t<count(ValueArray); t+1)
AppSpecificMessage += ValueArray[t];
//e.InitIP = SourceInfo.match("[0-9]+.[0-9]+.[0-9].[0-9]");
rec.sip = this.s_RXBufferString.match("\d+\.\d+\.\d+\.\d+");
var A = AppSpecificMessage.search('\(.+\)');
//e.EventName = 'Debugging RSA';
//e.EventName = AppSpecificMessage.substring(0,A-1).ltrim();
rec.evt = AppSpecificMessage.substring(0,A-1).ltrim();
AppSpecificMessage = AppSpecificMessage.match('\(.+\)');
// var B = AppSpecificMessage.search(')');
//var B = AppSpecificMessage.search(')');
// var BaseInfo = AppSpecificMessage.substring(A+1,B-1);
// var BaseTmpArray = BaseInfo.split(';');
// var BaseArray = new Array();
/*for(var i = 0; i<count(BaseTmpArray); i+1)
var str = BaseTmpArray[i].ltrim();
var TempAr = str.split(':');
BaseArray.push(TempAr[1].substring(1,-1));
/*var AgentArr = BaseArray[6].split(".");
AgentArr.reverse();
AgentArr.pop();
AgentArr.reverse();
e.InitHostDomain = AgentArr.join(".");
//rec.InitDomain = AgentArr.join(".");
e.InitHostDomain = "corp.ad.local";
if (ValueArray[10] == "Information")
rec.sev = "0";
//e.Severity = "0";
else if (ValueArray[10] == "Warning")
rec.sev = "3";
//e.Severity = "3";
else if (ValueArray[10] == "Error")
rec.sev = "4"
//e.Severity = "4";
else
rec.sev = "1";
//e.Severity = "1";
//e.InitUserID = BaseArray[0];
rec.LoginName = BaseArray[0];
//e.InitUserName = BaseArray[1];
rec.UserName = BaseArray[1];
//e.customerVar35 = BaseArray[2];
//rec.Token = BaseArray[2];
//e.customerVar36 = BaseArray[5];
//rec.Agent = BaseArray[5];
instance.SEND_EVENT = true;
// parsing logic goes here
/*if (1==1) { // set SEND_EVENT to true if your parsing logic worked correctly
instance.SEND_EVENT = true;
// If you can't parse...
//rec.sendUnsupported();
return true;
But it just laughs at me and wont work. It states that there is a
parsing error: match function something with input.
Can you please help me build a logic that will work as intended? It
should be clear what information or which piece of the text that I try
map to which Event fields (look at the outcommented bits right above or
below the ones that point to a rec.something because there I have tryed
just map the information directly).
kkrasmussen
kkrasmussen's Profile: http://forums.novell.com/member.php?userid=20966
View this thread: http://forums.novell.com/showthread.php?t=435715> - I'm not sure I understand why you replace the tabs with '|' just to do
> the split; why can't you just split on tab? You can also investigate our
> 'safesplit()' method, which understands quoted delimited strings:
> Novell Login
> (not sure that's necessary in this case)
I replaced the tabs with '|' foir easier regex searchess for both
numbers, alphanummeric and spaces in same match cases - but with the
opportunity to index better for those searches because I did not need to
worry about the tabs being recognised as whitespaces anymore.
The safesplit works fine with '|' but not for this one:
Code:
var AppSpecificArray = AppSpecificMessage.safesplit(";");
It reports that: "Cannot find function safesplit".
If I change that to:
Code:
var AppSpecificArray = AppSpecificMessage.split(/\;/);
It reports that: "Cannot find function split".
> - The 'substring()' method is defined as taking two arguments:
> from Required. The index where to start the extraction. First character
> is at index 0
> to Optional. The index where to stop the extraction. If omitted, it
> extracts the rest of the string
> Neither of those two arguments will *ever* be negative - they always
> count from the beginning of the string. What you're really trying to do
> is to extract the substring from the beginning +1 character, to the end
> -2 characters, which is not how substring() works. But you *can* do
> something like:
> this.evt = Msg.substring(1,Msg.length - 2);
>
Aha I see. Thanks for the info. However, I tried the suggested this.evt
= Msg.substring(1,Msg.length - 2); but it reports: Cannot call method
"substring" of null. Remember that I have already testet and verified
that I do have a value in the Msg variable.
Here is the newest code. Please notice that I have outcommented the
desired "result" and is just trying to get something from at least the
part of the string that I want to parse.
Code:
this.msg = this.s_raw_message2;
var TempTxt = this.s_raw_message2.replace(/\t/g,"|");
var ValueArray = TempTxt.safesplit("|");
var SourceInfo = ValueArray[0];
this.evtCode = ValueArray[6];
this.sip = TempTxt.match(/\d+\.\d+\.\d+\.\d+/);
e.DeviceName = ValueArray[7];
//AppSpecificMessage = TempTxt.match(/(?:\().+(?:\))/);
var Msg = ValueArray[14].match(/(?:\|)[^\|]+(?:\()/);
this.evt = Msg.substring(1,Msg.length - 2);
//this.evt = Msg;
AppSpecificMessage = ValueArray[14].match(/(?:\().+(?:\))/);
if (ValueArray[10] == "Information")
this.sev = "0";
else if (ValueArray[10] == "Warning")
this.sev = "3";
else if (ValueArray[10] == "Error")
this.sev = "4"
else
this.sev = "1";
if(TempTxt.match(/(?:Login:\')\S+(?:')/) != false)
//var apptemp = AppSpecificMessage.substring(1,AppSpecificMessage. length - 1);
//var AppSpecificArray = apptemp.safesplit(";");
var AppSpecificArray = AppSpecificMessage.safesplit(";");
for(var c = 0; c<count(AppSpecificArray); c + 1)
var key = AppSpecificArray[c].split(/:/);
if (key[0] == "(Login")
if (key[1] == "''")
this.iuid = ValueArray[8];
else
this.iuid = key[1];
//this.iuid = key[1].substring(1,key[1].length - 1);
if (key[0] == " User Name")
if (key[1] == "''")
this.sun = "System";
else
this.sun = key[1];
//this.sun = key[1].substring(1,key[1].length - 1);
if (key[0] == " Agent Host")
if (key[1] == "'')")
this.shd = "Unknown Host Domain";
else
//var TempArr = key[1].substring(1,key[1].length - 1).safesplit(".");
var TempArr = key[1].plit(/\./);
TempArr.reverse();
TempArr.pop();
TempArr.reverse();
this.shd = TempArr.join(".");
if (key[0] == " Token")
if (key[1] != "''")
e.CustomerVar35 = key[1];
//e.CustomerVar35 = key[1].substring(1,key[1].length - 1);
else
this.shd = "Unknown Host Domain";
this.iuid = ValueArray[8];
this.sun = "System";
instance.SEND_EVENT = true;
return true;
kkrasmussen
kkrasmussen's Profile: http://forums.novell.com/member.php?userid=20966
View this thread: http://forums.novell.com/showthread.php?t=435715 -
Dot1x/ACS3.0/RSA ACE server 5.0
Hi,
I tried to configure dot1x (cat6500) with ACS 3.0 and RSA ACE server. In the first step when I configured static password in ACS everything was OK, but when I changed to the external user database I got an error: "Auth type not supported by External DB"
Does anyone know why?
Thanks,The dot1x supplicant on the PC will use Extensible Authentication Protocol (EAP) authentication to send the username/password. This authentication method cannot be used with an external RSA database, RSA has to use PAP authentication which sends the password in the clear (which is OK because it's a one-time password).
See http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/o.htm#625794 for details on the external DB's and password protocols. Notice how all the one-time password databases can only use PAP. -
Rsa/ace server radius authentication
Hi ,
I am in the process of setting up cisco routers/swithces to authenticate to an RSA/ACE radius server. Basically I would like it to work as follows.
SSH/Telnet to router switch.I have ace side configured. I have added the necessary users to authenticate list on agent host.
Username:joebloggs
Password : ( rsa secure id token here ). Do I have to authenticate then using enable password or what is best practice here ??
router>en
router#
I have the following lines added so far and need some help on the aaa authentication as there seems to be a lot of options
aaa new-model
aaa authentication banner # Connection to this device is for authorized users only #
aaa authentication fail-message # You are not authorized to log on to this device #
radius-server host x.x.x.x auth-port 1645 acct-port 1813
radius-server retransmit 3
radius-server key xxxxxxfrancis
if you want users who telnet/SSH to vty ports or who are on the console to authenticate with the radius server you should add something like this to your configuration:
aaa authentication login default group radius line
This will send an authentication request to the configured radius server and if there is an error from the radius server (this is different from a negative response) then the router will authenticate using the configured line password. This will work for both telnet and SSH connections and for login from the console.
You are correct that there are quite a few optional parameters. These are to allow flexibility in what is the primary authentication method and what (if any) fall back methods you wish to use.
From user mode going to enable mode you could configure the router to use the enable password/enable secret or you can configure it to use radius. I believe that best practice is to use radius rather than the local enable password/enable secret.
aaa authentication enable default group radius enable
HTH
Rick -
RSA Secure ID ACE/Server and gateway IDM
Hi all,
we are trying to integrate and RSA server with IDM 6.0SP2.
I do not understand this phrase on resource references doc.
If SecurID is installed on Windows, the Identity Manager gateway must be running on
the same system where the RSA ACE/Server is installed.it means that the gateway from RSA server must run on the same server where is running RSA ?
Someone has integrated the appliance RSA installing on it the gateway ?
Thanks,
mazantThe port should be 9278. Enable the gateway trace and see if it is logging anything to the trace file.
-
SecureID / ACE Server different applications
Dear all
Is there a way to have more than one SecureId-Profile?
We have a client asking for for different profiles while using a RSA ACE Server a login authority for example:
PowerUsers: should have access to the full desktop and all applications
StandardUsers: should have Outlook only in a seamless window
Any ideas / help really appreciated....
Thank you
SupportFound the solution. Problem was the acecInt.dll in the System32 folder was mismatching with the one in the RSA install folder. I copied the dll from the RSA install folder to the System32 and it started to work fine.
The error i was getting was "Get file operation with no or unknown handle aborted". -
Please can anyone help me regarding getting a windows dialup user to get access to internal resourced once authentication to RSA ACE server has been successful.
I have setup AAA authentication & authorization.
I can get the user to authentication to the RSA ACE server but after authentication i cannot get authorization to work but it has been configured in the list.see below
aaa authentication login default group tacacs+ local
aaa authentication login ACE group radius local
aaa authentication enable default group tacacs+ enable
aaa authentication ppp ACE if-needed
aaa authorization network ACE if-authenticated none
aaa accounting commands 15 default start-stop group tacacs+
interface Group-Async1
description ** modem lines **
ip unnumbered GigabitEthernet0/0
encapsulation ppp
ip route-cache policy
dialer in-band
dialer idle-timeout 600
dialer-group 1
autodetect encapsulation ppp
async mode interactive
peer default ip address pool DIALIN
ppp authentication pap ms-chap ms-chap-v2 ACE
ppp authorization ACE
group-range 1/0 1/7
line 1/0 1/7
login authentication ACE
modem InOut
transport input all
autoselect during-login
autoselect ppp
flowcontrol hardware
the debug message i get is as follows
AAA/AUTHOR (000000A3): Method list id=0 not configured. Skip author
The username/password window on the client PC just sits there and then times out...
Any help is welcomeUnder the group Async you have:
interface Group-Async1
ppp authorization ACE
This line is normally not needed and I presume it is the cause of your trouble because there is no corresponding line in the aaa-section. This sample is from a working configuration:
interface Group-Async1
bandwidth 56
ip unnumbered Loopback1
encapsulation ppp
ip tcp header-compression passive
dialer in-band
dialer idle-timeout 300
dialer enable-timeout 8
dialer-group 1
async mode interactive
peer default ip address pool ippool
no keepalive
ppp authentication chap pap
group-range 65 76
regards,
Leo -
RSA SecureID ACE/Server 6.1.2 integration issue with IDM2005Q4M3
I tried the SecureID adapter with the following steps:
1.setup the idm gateway on SecureID Server
2.copy SecureID's apidemon.exe to gateway.exe folder
3.add the administrator on secureid server and use it on idm resource adapter
4.run gateway.exe -d -fsso.log -l6
5.configure the SecureID adapter resource and test configuration is ok
6.add a rsa_test user on IDM, then assign the SecureID resource to the user
before step 6 every thing is fine, but the step 6 cause the IDM hangup, nothing response from gateway.
while I assign the user with SecureID resource in IDM, the gateway trace log print the trace log below and then hanged up:
01/09/2008 17.44.55.234000 [2464] (../../../../src/wps/agent/securid/SecurIdExtension.cpp,1439): Enter: login
01/09/2008 17.44.55.234000 [2464] (../../../../src/wps/agent/connect/RAEncryptor.cpp,69): RAEncryptor::Decrypt3DES: input length (8) moded to 1
my environment:
idm 2005Q4M3 on linux
gateway: Sun Java System Identity Manager 6.0 SP1 HF82 on windows 2003 sp1
RSA SecureID ACE/Server: 6.1.2 on windows 2003 sp1
Any help on RSA SecureID ACE/Server 6.1.2 integration with IDM2005Q4M3 is greatly appreciated.
Or anybody can send me some more docs on the integration process and the check point?
My email: [email protected]
Please help!
Edited by: Brave on Jan 9, 2008 4:36 AMFound the solution. Problem was the acecInt.dll in the System32 folder was mismatching with the one in the RSA install folder. I copied the dll from the RSA install folder to the System32 and it started to work fine.
The error i was getting was "Get file operation with no or unknown handle aborted". -
ACS 4.0 and RSA Token Server problem
Hi,
We are having a problem trying to get ACS 4.0 for Windows to authenticate wireless users on an RSA Token server.
Our Cisco 1200 series AP is configured for WPA2 and LEAP authentication. It points at the ACS server for RADIUS authentication. Now this works fine for users with a static password defined on the ACS internal database. However, for obvious security reasons, we?d like the authentication passed to our internal RSA server.
I have installed the RSA Agent on the same server as the ACS along (after adding the generated sdconf.rec file to the System32 folder). The RSA server has been added to the ACS external databases and a user configured to use the RSA Token server for password.
When we try to authenticate, the ACS fails the attempt with reason ?External DB password invalid?. The same user can successfully authenticate when using the RSA test authentication tool which is installed on the ACS server as part of the RSA Agent software.
After running some debugs on a PIX in front of the servers, I can see traffic to/from the servers when using the test tool (which works), however it looks like ACS doesn?t even send traffic to the RSA server when authenticating.
Any help or advice appreciated.
ThanksHi,
The token servers only support PAP. Please make sure that the request are going to the RSA in PAP.
Following link talks about the same.
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs40/user/o.htm#wp824733
Regards,
~JG -
ACS appliance -- AD -- RSA Securid Server
I have Cisco ACS appliance running version 3.3.2.2 and Windows Active Directory on Win2000 Advanced Server and RSA v5.2. I already installed successfully the remote agent in Active directory.
Authentication using EAP-FAST from my wireless client going to ACS to AD is successful.
But when authenticating going to RSA failed. I can't find logs that my ACS is communicating successfully with RSA.
Here's more info:
In Active Directory, remote agent for ACS installed succesfully. Agent for RSA is also installed succesfully.
In ACS appliance, remote agent was already pointed to AD.
No RSA SecurID Token Server found in my External User Database Configuration list. I think this is the problem.
How can I manage to configure RSA SecurID Token Server in my ACS appliance?Hello,
The configuration guideline for the ACS is described in "Configuring CiscoSecure ACS for Windows NT with ACE Server Authentication" at
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080094650.shtml
I had this up and running with a customer. There was no AD involved though, so it is not entirely your case and there might be other obstacles on the way.
ACS with ACE however works, though there were some nasty problems to be solved on the way to success.
One thing to point out straight away also mentioned in the document mabove:
Challenge Handshake Authentication Protocol (CHAP) cannot be used with the ACE tokens alone because of the requirement CHAP RFC (1994) that states:
CHAP requires that the secret be available in plaintext form. Irreversibly encrypted password databases commonly available cannot be used.
This precludes use of the ACE tokens for straight CHAP unless there is a separate CHAP password. For instance:
username: xxxx
password: xxxx
Password Authentication Protocol (PAP) is a better choice here.
This means the user has to enter "username*token" - the customer finally wrote a Java applet to construct the propper combination out of different clearly named input fields to simplify the input for unexperienced users.
Hope this helps! Please rate all posts.
Regards, Martin -
Not able to run a reconciliation from IDM on a the securID/ACE server UNIX
I have configured a securID/ACE adapter in IDM 7.1 so that it can provision updates of user accounts. RSA 6.1.2 server is running on Linux RHEL 2.6.9. I am able to connect to RSA form IDM, but when I run a reconciliation I get the following error,
Error iterating accounts for resource RES-User-RSA-Projects:
com.waveset.util.WavesetException: Trouble constructing User 'null'
Below is the stack trace that I extracted from IDM (debug): The stack below tells me that IDM is not able to establish a connection to the RSA server. I have made sure that the login account that I am using in the RSA adapter parameters belongs to the same group that owns /opt/ace/utils/tcl/bin/tcl-sd.
Is there anything else I need to do? Has anybody out there faced a similar issue and found a resolution?
SecurIdUnixResourceAdapter#getFeatures() Entryno args
SecurIdUnixResourceAdapter#getFeatures() Exit void
SecurIdUnixResourceAdapter#getFeatures() Entry no args
SecurIdUnixResourceAdapter#getFeatures() Exit void
SecurIdUnixResourceAdapter#getFeatures() Entry no args
SecurIdUnixResourceAdapter#getFeatures() Exit void
SecurIdUnixResourceAdapter#getLoginScript() Entry no args
SecurIdUnixResourceAdapter#getTclshPath() Entry no args
SecurIdUnixResourceAdapter#getTclshPath() Exit returned= /opt/ace/utils/tcl/bin/tcl-sd
SecurIdUnixResourceAdapter#getResourceAttributeValue() Entry no args
SecurIdUnixResourceAdapter#getResourceAttributeValue() Exit returned= 24
SecurIdUnixResourceAdapter#getResourceAttributeValue() Entry no args
SecurIdUnixResourceAdapter#getResourceAttributeValue() Exit returned= 2
SecurIdUnixResourceAdapter#getResourceAttributeValue() Entry no args
SecurIdUnixResourceAdapter#getResourceAttributeValue() Exit returned= 6
SecurIdUnixResourceAdapter#getUserExtensionMapNames() Entry no args
SecurIdUnixResourceAdapter#getUserExtensionMapNames() Exit void
SecurIdUnixResourceAdapter#getLoginScript() Exit void
SecurIdUnixResourceAdapter#getAccountIteratorscript() Entry no args
SecurIdUnixResourceAdapter#procSetup() Entry no args
SecurIdUnixResourceAdapter#procSetup() Exit void
SecurIdUnixResourceAdapter#procTearDown() Entry no args
SecurIdUnixResourceAdapter#procTearDown() Exit void
SecurIdUnixResourceAdapter#getAccountIteratorscript() Exit void
SecurIdUnixResourceAdapter#getAccountIteratorResult() Entry no args
SecurIdUnixResourceAdapter#getAccountIteratorResult() Exit void
SecurIdUnixResourceAdapter#constructUser() Entry no args
SecurIdUnixResourceAdapter#constructUser() Info Database connection is not established!
SecurIdUnixResourceAdapter#getFeatures() Entry no args
SecurIdUnixResourceAdapter#getFeatures() Exit voidAnybody out there who has configured SUN IDM to provision into RSA SecureID Ace/Server UNIX? Any help on this is greatly appreciated!
-
We are trying to configure SecurID ACE/Server for Windows (ACE Server version 6.0). We have followed the below steps.
<ol><li>Installed the Sun IdM Gateway on the NT where the ACE Accounts are being created </li>
<li>Copied the apidemon from the ACE/Server installation directory to c:\winnt\system32 </li>
<li>RSA ACE Agent Host added. </li>
</ol>
When we check for the Test Configuration we get connection Timed out error with port 9278.
And with the ports : 8098 java.io.EOFException: \n
With port 8198 java.net.SocketException: Connection reset\n
Please help us out with your ideas.
Thanks
SwarnaThe port should be 9278. Enable the gateway trace and see if it is logging anything to the trace file.
-
ACS5.2 with Radius to RSA token server
I have a test lab with the eval version of ACS5.2. I am running 802.1x on my switch to the ACS usinf radius and want to use my RSA token server to authenticate my users. I have setup my RSA server under "Radius Identiny Servers" in the external identity stores section of the ACS5.2. I have only selected this RSA server in access policies -> identity. When I plug in my 802.1x enabled laptop into the switch I can see the packets going to my ACS but I cannot see any communication from my ACS to the RSA server. And the error I get in the ACS is 22056 Subject not found in the applicable identity store(s). . It works fine with AD. Any reason why the ACS is not talking to the RSA token server?
It looks like the RSA token server is not one of the identity stores used by the authentication policies you set up, I would start troubleshooting by looking at them and see what identity store or identity store sequence they are using.
-
I need to write a JAAS module that will validate passwords against an RSA RADIUS Server (via RSA's Authentication Manager).
I'm not seeing the sort of api's I saw when I did a similar module for Siteminder, so a couple of questions:
- Is there a Java API for RSA Authentication Manager? (I'm not finding one on their website or via Google)
- If I need to use a RADIUS client what's the best (open source) choice?
Thanks in advance-- MikeIf I got your right, they provide you a RADIUS Server, so you don't need a special API. just go on sourceforge (www.sf.net) and try one of the available java radius client APIs to do the authentication as a proxy between your user and the RADIUS server.
I wrote a very simple one back in 2001 for the authentication against a RADIUS server only and not a full implmenetation of standard, but I think now on sf you will find much more mature ones. -
Steps to deploy Wireless application to 10G application Server
Dear,
I have a simple application developed using XForms/XHtml/JSP using JDeveloper Wireless Extension.
I have been able to test the application in embedded OC4J in JDeveloper but I want to deploy this application in 10G application Server installed on another Server.
Can anyone provide me the steps to deploy Wireless Application to the 10G Server.
It will be great help to me.
Regards,
NitiLogon to the webtool (http://oraclemidtierhost:port/webtool/login.uix) and click on the 'services' tab. Here you can add an application. Using the content tab you can publish your application to the wireless portal.
After clicking on the content tab click on Access Control Content to give your user groups access to certain applications.
Test your applications using the device portal entrypoint:
http://oraclemidtierhost:port/ptg/rm
Read more about publishing application in the online developer manual:
http://download-uk.oracle.com/docs/cd/B10464_01/wireless.904/b10948/toc.htm
Maybe you are looking for
-
Install glassfish tools in Luna M7
Hi all I installed the latest eclipse Luna milestone and tried to install glassfish tools for eclipse but it failed due to a "missing dependency" > Cannot complete the install because one or more required items could not be found. Software being inst
-
My music files won't transfer to itunes...
All of my music files from my hard drive are either mp3's or wma's that I have ripped from my own cd's. Why are some of them not transferring to my itunes library? what can I do to transfer them?
-
I am a beginner photography student and want to buy Lightroom for two of my computers, desktop and laptop, which package should I buy
-
Update playcount in shared library
When i play a song from my shared library the playcount is not updated. Is there a way that it is? Thanks
-
Premiere cs4 crashes when opening premiere 6 file
hi y'all, I'm trying to open quite a complex premiere 6 project (quite a few video tracks in it) with cs4 and it crashes everytime. i even tried to create a new project and import the p6 project but it still crashed. the weird thing is that i have an