WSDL security policy username & password authentication

Hi,
I am creating a WS policies in WSDL for username & password authentication , below is what I am using:-
<wsdl:service name="echoService">
    <wsdl:port name="echoPort" binding="tns:echoBinding">
        <soap:address location="http://pponnala-tecra-xp.stc.com:18181/
         echoService/echoPort"/>
        <wsp:PolicyReference URI="#HttpBasicAuthBindingBindingPolicy"/>
    </wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="HttpBasicAuthBindingBindingPolicy">
    <mysp:MustSupportBasicAuthentication on="true">
        <mysp:BasicAuthenticationDetail>
           <mysp:WssTokenCompare/>
        </mysp:BasicAuthenticationDetail>
    </mysp:MustSupportBasicAuthentication>
    <mysp:UsernameToken mysp:IncludeToken="http://schemas.xmlsoap.org/ws/
     2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
       <wsp:Policy>
            <sp:WssUsernameToken10>bobby</sp:WssUsernameToken10>
            <sp:WssPassword>${pass_token}</sp:WssPassword>
       </wsp:Policy>
</mysp:UsernameToken>
</wsp:Policy>
Here I need to pass the <Wsspassword> in the respective placeholder from the application. How we can pass
the respective password to the <sp:WssPassword>${pass_token}</sp:WssPassword>? I have hardcoded with some
valid password. But it is not working. What I am doing wrong here? Is there any way we can validate the authentication
in a better way in WSDL? Also clarify now we can pass the password in the respective pass_token placeholder?
Please clarify.
Thanks.

If you want the script to check whether the user successfully logged in. Go to tester's perspective, click on the POST request of the login and view HTML page response. There you should be able to see the page after successful login. Search and select an element that only appears after successful login, right click the test and create a variable. Use that variable to create a check after the POST request to let the script know whether it should continue or fail the script.

Similar Messages

Logon failure with username/password authentication in WLE 5.1

Hi,
I have WLE 5.1 configured and running on a Win2K system. I am able to
build and run the simpapp sample program. I am also able to build the
interceptor_cxx sample and run with all interceptors other than the
security interceptor. What I realised in this case was that the
PersonQueryClient did not perform any login of a user from which the
security interceptor could extract user ID information (have I missed
something? I am a WLE and CORBA newbie) so I modified the ubb config
file to define SECURITY as USER_AUTH and add the AUTHSVC, modified
personqueryclientc.cpp to get access to the SecurityLevel2 principal
authenticator, built the app, created a user with the tpussradd command,
and ran the app (the AUTHSVC successfully starts).
The Tobj::AuthType returned by the get_auth_type method of the
PrincipalAuthenticator is Tobj::TOBJ_APPAUTH as I expect. I call the
logon method with the parameters (user_name, argv[0], sys_password,
password, 0) where user_name is the same as the user I created with the
tpusradd command, argv[0] is personqueryclient (I've tried tpusradd'ing
the user both with the "-c personqueryclient" argument and without),
sys_password is the password I specified when tmloadcf was run against
the modified ubb config file, password is the password I specified when
I ran tpusradd. The logon always fails returning
Security::SecAuthFailure. In the ULOGxxxx file the following message is
displayed:
181605.NUMBAT!TMSYSEVT.2180: LIBTUX_CAT:1484: WARN: .SysClientSecurity:
User tbartley on SITE1 authentication failure
I've tried running in the following manners all with the same result:
1. With or without the security_cxx interceptor registered
2. With the user in or not in a group
3. With the the user created using the "-c personqueryclient" arg to
tpusradd or not
If I change the security level down to APP_PW then everything works and
the security_cxx interceptor sees a client name of personqueryclient and
a username of personqueryclient. The logon fails if I use a sys_password
other than the one specified to tmloadcf and succeeds if I use the
correct password.
Can anyone tell me what I might be doing wrong in the username/password
authentication case?
Here's the code I inserted to personqueryc.cpp to perform the logon:
// Get SecurityCurrent object
CORBA::Object_var var_security_current_oref
= bootstrap.resolve_initial_references("SecurityCurrent");
SecurityLevel2::Current_var var_security_current_ref =
SecurityLevel2::Current::_narrow(var_security_current_oref.in());
// Get the principal authenticator
SecurityLevel2::PrincipalAuthenticator_var
var_principal_authenticator_oref =
var_security_current_ref->principal_authenticator();
char user_name[100] = "";
char password[100] = "";
char sys_password[100] = "";
// Narrow to a BEA Principal Authenticator
Tobj::PrincipalAuthenticator_var v_bea_pa =
Tobj::PrincipalAuthenticator::_narrow(var_principal_authenticator_oref.in());
// See what level of logon has been turned on
Tobj::AuthType auth_type = v_bea_pa->get_auth_type();
cout << "Auth type: ";
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: cout << "TOBJ_APPAUTH"; break;
case Tobj::TOBJ_SYSAUTH: cout << "TOBJ_SYSAUTH"; password[0] = '\0';
break;
case Tobj::TOBJ_NOAUTH: cout << "TOBJ_NOAUTH"; break;
default: cout << "TOBJ_<unknown>"; break;
cout << endl;
cout << "Username: ";
cin >> user_name;
switch (auth_type) {
case Tobj::TOBJ_APPAUTH: {
cout << "User password: ";
cin >> password;
// fall through
case Tobj::TOBJ_SYSAUTH: {
cout << "App password: "; cin >> sys_password;
break;
default: {
break;
// now that we've got all the data necessary, logon
Security::AuthenticationStatus status =
v_bea_pa->logon(user_name,
argv[0],
sys_password,
password,
0); // user data
cout << "Logon result: ";
switch (status) {
case Security::SecAuthSuccess: cout << "SecAuthSuccess"; break;
case Security::SecAuthFailure: cout << "SecAuthFailure"; break;
case Security::SecAuthContinue: cout << "SecAuthContinue"; break;
case Security::SecAuthExpired: cout << "SecAuthExpired"; break;
default: cout << "SecAuth<unknown>"; break;
cout << endl;
if (status != Security::SecAuthSuccess) {
cerr << "Invalid password." << endl;
exit(1);
Here are the entries I added to the ubb config file:
*RESOURCES
SECURITY USER_AUTH
AUTHSVC AUTHSVR
*SERVERS
AUTHSVR SRVGRP=SYS_GRP SRVID=6 RESTART=Y GRACE=600 MAXGEN=2 CLOPT="-A"
I do not have the WLE Security Services installed (i.e. the package
that provides SSL and crypto). Is this required? It's not clear to me
from the documentation if this is required for username/password based
authentication or not.
Thanks for any help,
Tim Bartley

Hi Michael
I am using SSL in my application. So that it asks for the certificate username
and password while startup. But now i want to mention the username and password
in weblogic.properties file itself. So that the client need not have to provide
the username and password everytime. I am using weblogic server 5.1 version.
How do i do this?
Hope my question is clear. Please help.
with regds
siva
Michael Young <[email protected]> wrote:
Hi.
It's not 100% clear to me what you are asking for. Do you want authentication
turned off for
your application? That will certainly turn off prompting for authentication
information. You
can set your ACL for your application (in your properties file) to allow
everyone to execute
it. Something like:
weblogic.allow.execute.<myApplication>=everyone
But maybe you want some kind of silent authentication so that not everyone
can execute your
app? I suppose you could pass authentication info in a cookie. I really
don't know enough
about your application, though.
I suggest you post this question in weblogic.developer.interest.security
- you have a better
chance of getting an answer there for security related questions.
Hope this helps.
Michael
siva wrote:
Hi all,
I have the following requirements. I have an application which asksfor the authentication
information like username and password at first. The application isrunning in
weblogic5.1 server. Is there a way where in weblogic.properties file,i mention
the username and password so that the application will not ask forin the browser.
please help. It's urgent.
with regds
siva--
Developer Relations Engineer
BEA Support

Simple http username-password authentication

I want to achieve a simple authentication process. When a user wants to access the internet, he/she would have to enter username/password combination. The platform is 1721 or 1841 router.
I tried to use authentication-proxy, but it turns out IOS 12.3 doesn't support Windows RADIUS server.
Is there a way to use authproxy with a windows-based solution?
If not, what else can I use besides authproxy IOS feature?
Thanks

To use auth proxy you need a RADIUS server, this should work if you have ACS server.

How to add Security Token / Username/Password on WSDL?

Hello,
I have made a BPEL process i.e. exposed as a http WebService. I want to use Security Token on it. Because of Security reason I don't want anyone able to call my WebService unless they provide us the username and password.
Thanks.

See
Disabling
Remote Development Services
If you use Macromedia Dreamweaver MX or Macromedia HomeSite+ to
develop your applications, you can access a remote ColdFusion MX 7
server using HTTP. However, you must configure Remote Development
Services (RDS) in your integrated development environment (IDE),
and RDS must be enabled in ColdFusion MX 7. Using RDS, IDE users
can securely access remote files and data sources, build SQL
queries from these data sources, and debug CFML code.
Note: The ColdFusion Report Builder uses RDS for the Query
Builder and for charting support.
However, for security reasons, Macromedia recommends that you
disable RDS on a production server. To disable it, you must disable
the RDSServlet mapping.
You actually configure your data sources through the
ColdFusion Administrator (and I guess through Dreamweaver too,
although I have never used it myself), but RDS lets you work with
them. Bottom line, if you allow your developer access to ColdFusion
via RDS, then they will have all of the privileges that are allowed
to the data source for the account that is configured in the
ColdFusion administrator for that database.
Phil

OATS - Load testing username/password Authentication

Hi Guys ,
I have recorded a load script - HTTP and in the URL when i give the username and password and click on submit it works fine. however when i give a wrong password , it works too.
Now , how do i validate the authentication . the script , when given the wrong password should fail but it passes.
Note : I have researched the Issue and Could not find the answer .
Below is the Code.
import oracle.oats.scripting.modules.basic.api.internal.*;
import oracle.oats.scripting.modules.basic.api.*;
import oracle.oats.scripting.modules.http.api.*;
import oracle.oats.scripting.modules.http.api.HTTPService.*;
import oracle.oats.scripting.modules.utilities.api.*;
import oracle.oats.scripting.modules.utilities.api.sql.*;
import oracle.oats.scripting.modules.utilities.api.xml.*;
import oracle.oats.scripting.modules.utilities.api.file.*;
public class script extends IteratingVUserScript {
@ScriptService oracle.oats.scripting.modules.utilities.api.UtilitiesService utilities;
@ScriptService oracle.oats.scripting.modules.http.api.HTTPService http;
public void initialize() throws Exception {
http.setUserAgent("Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)");
http.setAcceptLanguage("en-US");
* Add code to be executed each iteration for this virtual user.
public void run() throws Exception {
http.get(
2,
"http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/AppsLocalLogin.jsp",
null, null, true, "UTF8", "UTF8");
http.solveXPath("web.framesrc.pprIFrame",
".//IFRAME[@name='_pprIFrame']/@src",
"/OA_HTML/cabo/images/swan/t.htm", 0, EncodeOptions.None);
http.solveXPath("web.framesrc.formsLauncher",
".//IFRAME[@name='formsLauncher']/@src",
"http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html",
0, EncodeOptions.None);
http.solveRefererHeader(
"referer.httpwkdevvebs3waukwmscom80_1",
"/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&params=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..");
http.solveXPath(
"web.formaction.DefaultFormName",
".//FORM[@name='DefaultFormName']/@action",
"/OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=2020957545&language_code=US&requestUrl=&oapc=2&oas=svdc_F8auGyQo_Ra9wFgAg..",
0, EncodeOptions.None);
http.solveXPath("web.input.AMTXIDFIELD",
".//INPUT[@name='_AM_TX_ID_FIELD']/@value", "1ujSEi0jV", 0,
EncodeOptions.None);
http.solveXPath("web.input.FORM", ".//INPUT[@name='_FORM']/@value",
"DefaultFormNameAx9rQiPG", 0, EncodeOptions.None);
http.solveXPath("web.option.None",
".//OPTION[text()='None']/@value", "Noa1lYfKg", 0,
EncodeOptions.None);
http.solveXPath("web.input.SubmitButtonunvalidated",
".//INPUT[@name='SubmitButton$$unvalidated']/@value",
"falseOlawF-M6", 0, EncodeOptions.None);
http.solveXPath("web.input.SubmitButtonserverUnvalida",
".//INPUT[@name='SubmitButton$$serverUnvalidated']/@value",
"false7FkgC9gT", 0, EncodeOptions.None);
http.solveXPath(
"web.input.SubmitButtonprocessFormDat",
".//INPUT[@name='SubmitButton$$processFormDataCalled']/@value",
"trueLKXNumu1", 0, EncodeOptions.None);
http.solveXPath("web.input.Cancelunvalidated",
".//INPUT[@name='Cancel$$unvalidated']/@value",
"truejE_ESnr4", 0, EncodeOptions.None);
http.solveXPath("web.input.CancelserverUnvalidated",
".//INPUT[@name='Cancel$$serverUnvalidated']/@value",
"truelS8G9ye6", 0, EncodeOptions.None);
http.solveXPath("web.input.CancelprocessFormDataCalle",
".//INPUT[@name='Cancel$$processFormDataCalled']/@value",
"trueAtyF7R1u", 0, EncodeOptions.None);
http.solveXPath(
"web.input.FORMMACLIST",
".//INPUT[@name='FORM_MAC_LIST']/@value",
"Cancel$$serverUnvalidated^Accessibility^SubmitButton$$processFormDataCalled^_FORM_SUBMIT_BUTTON^_ssoLangCode^evtSrcRowId^_AM_TX_ID_FIELD^Cancel$$processFormDataCalled^Cancel$$unvalidated^evtSrcRowIdx^SubmitButton$$unvalidated^SubmitButton$$serverUnvalidated^_FORM^serverValidate^_FORMEVENT***@@@FORM_MAC_LIST***@@@event^passwordField^usernameField^FORM_MAC_LISTHAm6l5q6NRKVuTJZ4jGPfg..",
0, EncodeOptions.None);
http.solveGroupJavaScript(http.javaScriptPath(
"web.jscript.httpwkdevvebs3waukw_37", 1, 17, 3, 0));
http.addCookie(
"oracle.uix=0^^GMT-6:00^p; domain=wkdevvebs3.wauk.wms.com; path=/",
null);
http.get(
9,
"http://wkdevvebs3.wauk.wms.com:8021{{web.framesrc.pprIFrame,/OA_HTML/cabo/images/swan/t.htm}}",
null, null, true, "UTF8", "ASCII");
http.get(
13,
"{{web.framesrc.formsLauncher,http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html}}",
null,
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_1,/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&params=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..}}",
Header.HeaderAction.Modify)), true, "UTF8",
"ASCII");
http.get(17, "http://wkdevvebs3.wauk.wms.com:8021/favicon.ico", null,
null, true, "ISO8859_1", "ISO8859_1");
http.post(
21,
"http://wkdevvebs3.wauk.wms.com:8021{{web.formaction.DefaultFormName,/OA_HTML/OA.jsp?page=/oracle/apps/fnd/sso/login/webui/MainLoginPG&_ri=0&_ti=2020957545&language_code=US&requestUrl=&oapc=2&oas=svdc_F8auGyQo_Ra9wFgAg..}}",
null,
http.postdata(
http.param("_AM_TX_ID_FIELD",
"{{web.input.AMTXIDFIELD,1ujSEi0jV}}"),
http.param("_FORM",
"{{web.input.FORM,DefaultFormNameAx9rQiPG}}"),
http.param("usernameField", "sbindingnavile"),
http.param("passwordField", "welcome7"),
http.param("Accessibility",
"{{web.option.None,Noa1lYfKg}}"),
http.param("SubmitButton$$unvalidated",
"{{web.input.SubmitButtonunvalidated,falseOlawF-M6}}"),
http.param("SubmitButton$$serverUnvalidated",
"{{web.input.SubmitButtonserverUnvalida,false7FkgC9gT}}"),
http.param("SubmitButton$$processFormDataCalled",
"{{web.input.SubmitButtonprocessFormDat,trueLKXNumu1}}"),
http.param("Cancel$$unvalidated",
"{{web.input.Cancelunvalidated,truejE_ESnr4}}"),
http.param("Cancel$$serverUnvalidated",
"{{web.input.CancelserverUnvalidated,truelS8G9ye6}}"),
http.param("Cancel$$processFormDataCalled",
"{{web.input.CancelprocessFormDataCalle,trueAtyF7R1u}}"),
http.param(
"FORM_MAC_LIST",
"{{web.input.FORMMACLIST,Cancel$$serverUnvalidated^Accessibility^SubmitButton$$processFormDataCalled^_FORM_SUBMIT_BUTTON^_ssoLangCode^evtSrcRowId^_AM_TX_ID_FIELD^Cancel$$processFormDataCalled^Cancel$$unvalidated^evtSrcRowIdx^SubmitButton$$unvalidated^SubmitButton$$serverUnvalidated^_FORM^serverValidate^_FORMEVENT***@@@FORM_MAC_LIST***@@@event^passwordField^usernameField^FORM_MAC_LISTHAm6l5q6NRKVuTJZ4jGPfg..}}"),
http.param("_FORMEVENT", ""),
http.param("serverValidate", ""),
http.param("evtSrcRowIdx", ""),
http.param("evtSrcRowId", ""),
http.param("_FORM_SUBMIT_BUTTON",
"{{web.jscript.httpwkdevvebs3waukw_37,SubmitButtonGNaB_JYN}}"),
http.param("event", ""), http.param("source", ""), http
.param("_ssoLangCode", "")),
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_1,/OA_HTML/RF.jsp?function_id=28716&resp_id=-1&resp_appl_id=-1&security_group_id=0&lang_code=US&params=zvhw2Ln2Uu68SKY4WSu2uQ&oas=nMs-5wjpY3wdKS_J2fyhQA..}}",
Header.HeaderAction.Modify)), true, "UTF8",
"UTF8");
http.solveRefererHeader("referer.httpwkdevvebs3waukwmscom80_6",
"/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE");
http.get(
27,
"http://wkdevvebs3.wauk.wms.com:8021{{web.framesrc.pprIFrame,/OA_HTML/cabo/images/swan/t.htm}}",
null, null, true, "UTF8", "ASCII");
http.get(
31,
"{{web.framesrc.formsLauncher,http://wkdevvebs3.wauk.wms.com:8021/OA_HTML/blank.html}}",
null,
http.headers(http
.header("Referer",
"http://wkdevvebs3.wauk.wms.com:8021{{referer.httpwkdevvebs3waukwmscom80_6,/OA_HTML/OA.jsp?OAFunc=OAHOMEPAGE}}",
Header.HeaderAction.Modify)), true, "UTF8",
"ASCII");
http.get(35, "http://wkdevvebs3.wauk.wms.com:8021/favicon.ico", null,
null, true, "ISO8859_1", "ISO8859_1");
public void finish() throws Exception {

If you want the script to check whether the user successfully logged in. Go to tester's perspective, click on the POST request of the login and view HTML page response. There you should be able to see the page after successful login. Search and select an element that only appears after successful login, right click the test and create a variable. Use that variable to create a check after the POST request to let the script know whether it should continue or fail the script.

SOAP Header based user/password authentication in OSB 11g Proxy Service

Hi,
I have implemented SOAP Header based authentication in my OSB 11g Proxy Service.
In the Security settings of my AnySOAP(Soap 1.1) HTTP Proxy service, I have amde the following changes:
1.
In Transport Access Control link, i selected the User predicate, and provided an user already existing on weblogic server with following roles(AppTesters, Monitors, Operators).
The AuthorizationProvider was XACMLAuthorizer
2.
Under Custom Authentication, I selected the Custom User Name and Password option, and provided the below mentiioned xpaths
User Name XPath: ./*/*:Username/text()
User Password XPath: ./*/*:Password/text()
3.
In Message Access Control link, i selected the User predicate with the same user as mentioned in Transport Access Control link.
Now, when I am testing this service from OSB Test Console, I am providing the following input.
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/">
<soap:Header>
<AuthHeader>
<N1:Username>userXYZ</N1:Username>
<N1:Password>passXYZ</N1:Password>
</AuthHeader>
</soap:Header>
<soap:Body>

</soap:Body>
</soap:Envelope>
The response is "The invocation resulted in an error: ."
The OSB server logs show the below error:
####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0
)>
####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException
com.bea.wli.sb.security.AccessNotAllowedException
     at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
     at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
     at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
     at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
     at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
     at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
     at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
     at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
     at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
     at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
     at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
     at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
     at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
     at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
     at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
     at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
     at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
     at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
     at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
     at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
Please suggest where I am going wrong in this. I have cross checked the user/pass credentials with what I am giving in the input, and it is perfectly fine.

I have added the Username and Password as follows, since the namespace declaration was required due to the namespace prefix 'N1' in the XPath
declare namespace N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Username/text()
declare namespace N1="http://abcdp.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Password/text()
I have removed the Message Access Control conditions, have only kept Transport Access Control conditions.
If i keep the condition in Transport Access Control as "Allow access to everyone", and test with proper credentials in the Username/Password tags in SOAP Header, then it works fine. However, if I try to give an incorrect password in the SOAP Header, it denies the access. So that means the XPaths given for Username/Password are working fine. The OSB logs show the below message
+####<Feb 10, 2011 12:59:21 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000ef2> <1297322961536> <BEA-386008> <Message level username/password authentication failed: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied>+
However if i add the condition with predicate as "User" and user name argument as "weblogic", and try to pass the same in the SOAP Header as well with the correct password, it denies the access with below message in the logs.
+####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0+
+)>+
+####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException+
com.bea.wli.sb.security.AccessNotAllowedException
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

Problem while setting username password to router

Hi,
i am trying to connect to router using java program. i am connecting with out any problem.
while giving the credentials like username and password i can't placing the original username
password.instead some thing is setted.
here is my code
   public class ConnectRouter
    public static void main(String[] args) throws Exception {
    try
    if (args.length != 2) {
    System.err.println("Usage: java router username and password");
    System.exit(1);
    String password = URLEncoder.encode(args[0], "US-ASCII");
    String username=URLEncoder.encode(args[1],"US-ASCII");
    URL url = new URL("http://192.168.0.75:23");
    URLConnection connection = url.openConnection();
    connection.setDoOutput(true);
        System.out.println("connection obj got");
    PrintWriter out = new PrintWriter(connection.getOutputStream());
    out.println(username);----------------------------------------------------------------------------------------------->passing username
    out.println(password);------------------------------------------------------------------------------------------------>passing password
        Process p = Runtime.getRuntime().exec("cmd /c perl C:\\perlsrc\\uname.pl");
    // out.println(args[0]);
        System.out.println("-----------connected---------------");
    out.close();
    BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
    String inputLine;
    while ((inputLine = in.readLine()) != null)
    System.out.println(inputLine);
    in.close();
    }catch(Exception e){e.printStackTrace();}
    }output is as follows:
connection obj got
-----------connected---------------
ÿûÿûÿýÿý
User Access Verification
Username: POST / HTTP/1.1--------------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Host: 192.168.0.75:23--------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Connection: keep-alive
Password:
% Authentication failed.
Process exited with exit code 0.
please explain me where i am missing???
Regards,
Nagaraju

Hi ejp,
i done as follows even i am getting same problem
please help me
   public class ConnectRouter extends Authenticator
        static String username,password;
    public static void main(String[] args) throws Exception
        Authenticator.setDefault(new ConnectRouter());
    try
    if (args.length != 2) {
    System.err.println("Usage: java router username and password");
    System.exit(1);
     password = URLEncoder.encode(args[0], "US-ASCII");
     username=URLEncoder.encode(args[1],"US-ASCII");
    URL url = new URL("http://192.168.0.75:23");
    URLConnection connection = url.openConnection();
    connection.setDoOutput(true);
        System.out.println("connection obj got");
    PrintWriter out = new PrintWriter(connection.getOutputStream());
    out.println(username);
    out.println(password);
        Process p = Runtime.getRuntime().exec("cmd /c perl C:\\perlsrc\\uname.pl");
    // out.println(args[0]);
        System.out.println("-----------connected---------------");
    out.close();
    BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
    String inputLine;
    while ((inputLine = in.readLine()) != null)
    System.out.println(inputLine);
    in.close();
    }catch(Exception e){e.printStackTrace();}
    //@ovverriding the getPasswordAuhtentication method
    protected PasswordAuthentication getPasswordAuthentication()
        System.out.println("int the password authentication method");
        return new PasswordAuthentication(username,password.toCharArray());
    }output::
connection obj got
-----------connected---------------
ÿûÿûÿýÿý
User Access Verification
Username: POST / HTTP/1.1--------------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Host: 192.168.0.75:23--------------------------------->here something is placed instead of my username
Password:
% Authentication failed.
Username: Connection: keep-alive
Password:
% Authentication failed.
Process exited with exit code 0.
please explain me where i am missing again???
Thanks in advance,
Nagaraju.

"ORA-01017 invalid username/password: logon" --- Help Please !!!

Hello Peter,
Sorry for sending an unexpected mail.
I am stuck and really want your help. I have seen your email address on OTM website.
Aim: To run the JAVA code samples provided in Oracle 9i DATA MINING suite
on windows 2000.
I have installed Oracle 9i enterprise edition and
also Oracle 9i Data mining (ODM).
I have lot of problems in username/password authentication.
everytime I run the ODM setup, irrespective of the default
name/password
which is ODM/odmpw it says "ORA-01017 invalid username/password: logon"
I was just working on the Oracle 9i DataMining installation and found something really interesting
I was wondering if you can solve this:
1. I created user SCOTT and ODM using SQL Plus queries by logging system/manager.
and when I typed "select username from dba_names" it gave me ODM and SCOTT as
users and hence I was happy.
2. Then I uninstalled DATA MINING suite and reinstall it thinking this time it should
get ODM/odmpw as username and password as and DBA user/password being
system/manager. When uninstalling DATA MINING suite ODM user gets dropped
and when reinstalling ODM suite, it never make ODM user back in Oracle 9i database.
Hence it is not finding ODM user anymore and hence "ORA-01017 invalid username/password: logon"
error occurs.
Now can you tell me what can be done in order to make the ODM recreate when installing
DATA MINING suite.
Please reply me as I am badly stuck.
I at least know why problem is occurring now looking for solution.
Thanks
Nishant

I was reading on gogole
i have set
alter system set SEC_CASE_SENSITIVE_LOGON=false scope=spfile;
now i can connect from sqlplus
sqlplus SYSTEM/password
also
sqlplus SYSTEM/password@localhost:1521/XE
also :
From GUI i can connect to oracle db from http by port 8080
but its seems like oracle VM manager does not connect ...
example
Would you like to install Oracle Database 11g Express Edition (XE) or connect to an existing Oracle database?
1: Install Oracle Database 11g XE
2: Use an existing Oracle database
Select Number (1-2): 2
Enter the Oracle Database hostname [localhost]:
Enter the Oracle Database System ID (SID) [XE]:
Enter the Oracle Database SYSTEM password:
Enter the Oracle Database listener port [1521]:
Enter the Oracle VM Manager database schema [ovs]:
Enter the Oracle VM Manager database schema password:
Enter the Oracle VM Manager database schema password (confirm):
Oracle Weblogic Server 11g
==========================
Enter the Oracle WebLogic Server 11g user [weblogic]:
Enter the Oracle WebLogic Server 11g user password:
Enter the Oracle WebLogic Server 11g user password (confirm):
Oracle VM Manager application
=============================
Enter the username for the Oracle VM Manager administration user [admin]:
Enter the admin user password:
Enter the admin user password (confirm):
Verifying configuration ...
The database could not be reached using the provided connection info.
ORA-01017: invalid username/password; logon denied
Configuration verification failed ...
can any one please help me

Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

Please excuse the lousy table...Its late :-)
I have a multi-server SP2010 farm. Patched up to
Configuration database version: 14.0.6106.5002
My goal is to have a claims based web application that authenticated to ADAM for Extranet. I have configured the servers exactly to MSDN and technet specs (following this spec to the
letter (
http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
IT WORKS IN DEV!!! , which is a single server farm. However, it does not work in production. I get the following:
Claims Auth log entries:
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
f2ut
Verbose
Authenticated with login provider. Validating request security token.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Using membership provider 'ADAMProvider'.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Doing password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Failed password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Unexpected
Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
fo1t
Monitorable
SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
fsq7
High
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
8306
Critical
An exception occurred when trying to issue security token: The security token username and password could not be validated..
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
f2un
Verbose
Form authentication failed.
I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose).
I found plenty out there and nothing directly correlates with this issue.
I searched on all parts of the errors I got.
This contains an interesting blurb about setting up access for the apppool id correctly.
That’s not the case for me. It works in dev and the same id are used there.
http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
This was good but it doesn’t give specs on what the environment looks like:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
Any and all help would be greatly appreciated!

Hi.
You say its a multiserver farm, do you have more than one web server then?
If thats the case, have you tried accessing the site on each server directly?
Found this for you, maybe that can help?
Troubleshooting Exceptions: System.ServiceModel.FaultException`1
http://msdn.microsoft.com/en-us/library/bb907220.aspx
and this:
SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
and
This seems to be a good guide:
http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
Good luck
Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

Testing a secured Web Service (Basic -Username/Password)

Hello,
I configured security for a custom web service using [this |https://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/e08627de-9816-2a10-02b7-cbd60f7e4b2c&overridelayout=true] . I configured section
3.2 Configuring Document Authentication
Basic (Username/Password)
How should I go about testing this. I tried using Web Service Navigator, I get this error:
00118565098B00220000011400001D8C00047182FEC71535 : Authentication using a wsse:Username token failed. The error was com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the policy configuration..

Please download tutorial bundle from:
http://java.sun.com/javaee/5/docs/tutorial/information/download.html
some details about it:
http://docs.sun.com/app/docs/doc/819-3669/gfiud?a=view
You can try examples after downloading zip file :
The zip file also contains a documentation e.g. pdf file.
There you can find more info.
Here is one chapter from doc.
Example: Basic Authentication with JAX-WS
This section discusses how to configure a JAX-WS-based web service for HTTP basic
authentication. When a service that is constrained by HTTP basic authentication is requested,
the server requests a user name and password from the client and verifies that the user name
and password are valid by comparing them against a database of authorized users.
Regards Miro

Invoke a business service base in a WSDL with customer WS-Security Policy

Customer write a Web service (Refer to the attachment file “HTTPS_PartyServicePortType.WSDL”)which declare a WS-Security Policy and apply this it to WS binding ,How can I generate a business service base in this WSDL and invoke it successfully?
When create a business service in OSB, we get a error with below messages
[[OSB Kernel:398133]The service is based on WSDL with Web Services Security Policies that are not natively supported by Oracle Service Bus. Please select OWSM Policies - From OWSM Policy Store option and attach equivalent OWSM security policy. For the Business Service, either you can add the necessary client policies manually by clicking Add button or you can let Oracle Service Bus automatically pick and add compatible client policies by clicking Add Compatible button.
After enhanced the OSB domain with OWSM extension, we found the OOTB OWSM defined cannot support the HttpsToken and OSB cannot support below WS-Policy defined in OWSM, refer to http://docs.oracle.com/cd/E21764_01/doc.1111/e15866/owsm.htm#OSBDV1681
51.2.8.1 Unsupported Assertion
•     binding-permission-authorization
•     http-security
•     OptimizedMimeSerialization (MTOM)
•     RMAssertion (Reliable Messaging)
•     sca-component-authorization
•     sca-component-permission-authorization
•     UsingAddressing
•     wss-saml-token-bearer-over-ssl (Authentication)
it means that we cannot generate a web service with customer WS-security Policy
The WS-Security Policy is shown as below:
<wsp:Policy wsu:Id="WSHttpBinding_IPartyServicePortType_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy><sp:Basic256/></wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout><wsp:Policy><sp:Strict/></wsp:Policy></sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
BestRegards!
Simon

Hi
According to
http://e-docs.bea.com/wls/docs90/webserv/annotations.html#1050414
If you are going to publish the policy file in the Web Service archive, the policy XML file must be located in either the META-INF/policies or WEB-INF/policies directory of the EJB JAR file (for EJB implemented Web Services) or WAR file (for Java class implemented Web Services), respectively.
Can you make sure the policy file is in there?
Also there is a sample from the developer at http://dev2dev.bea.com/blog/jlee/archive/2005/09/how_to_use_anno.html
Vimala-

How to pass Username from OWSM Security policy in Oracle Apps Adapter .jca file

My BPEL process uses Oracle Applications Adapter. The following is the .jca file for the Adapter. The Username is initialized statically to "sysadmin" when I created the Adapter.Is it possible to pass in the username from the OWSM Security policy for the username value below? If so how to do? I appreciate your response.
<adapter-config name="EBSAdapter" adapter="Apps" wsdlLocation="../WSDLs/EBSAdapter.wsdl" xmlns="http://platform.integration.oracle/blocks/adapter/fw/metadata">
<connection-factory UIConnectionName="EBS1" location="eis/Apps/EBS1" UIConcurrentPgmName="" UIOracleAppType="DBOBJECT"/>
<endpoint-interaction portType="EBSAdapter_ptt" operation="EBSAdapter">
    <interaction-spec className="oracle.tip.adapter.apps.AppsStoredProcedureInteractionSpec">
      <property name="SchemaName" value="APPS"/>
      <property name="PackageName" value="INTG"/>
      <property name="ProcedureName" value="GET_USER_PROFILE1"/>
      <property name="IRepInternalName" value="PLSQL:INTG:WEBCENTER_GET_USER_PROFILE1"/>
      <property name="Username" value="sysadmin"/>
      <property name="Responsibility" value="System Administrator"/>
    </interaction-spec>
</endpoint-interaction>
</adapter-config>

1. Go to Invoke activity
2. Click on Properties tab.
3. click Add
4. Add this property "jca.apps.Username" and map it with either variable or expression.
5. Populate variable defined at previous step with some valid username value at runtime.
hope this helps.
Regards,
Karan
Oracle Fusion Middleware Blog

EUS password authentication in sql developer failing with username/password

We have recently changed to use Enterprise User Security (EUS) for our client authentication (password global authentication).
This is working fine but we are encountering an issue with SQL Developer whereby we can't logon using our EUS details, it simply returns the following on the logon screen:
Status : Failure - Test failed: ORA-01017: invalid username/password; logon denied
Logging on via sql plus client and server software and other 3rd party tools like pl/sql developer works correctly.
It appears to be an issue with sql developer itself.
We are using the latest Production release of sql developer 2.1
Does anyone have any ideas?
This is an issue for
Edited by: david butler on Jan 14, 2010 10:45 AM

Further to this, I have now found a suitable resolution to this that doesn't require an external client.
There is a jdbc setting that will allow you to use EUS password authentication.
Add the jdbc line option (below) in the sqldeveloper.conf file (backup the sqldeveloper.conf file first).
AddVMOption -Doracle.jdbc.thinLogonCapability=o3
The sqldeveloper.conf file can be found wherever you have installed sqldeveloper, under <INSTALL_HOME>\sqldeveloper\bin\sqldeveloper.conf.
After you add this option, restart SQL Developer and you should be able to use your EUS username / password to authenticate via SQL Developer.

ORA-01017 (invalid username/password) using globally authenticated account

Kris and team,
Having a hard time believing no one else has encountered this already. But searching on 1017 and "globally" and "identified" in the forum yields nothing useful.
New corporate policy has all our DBAs, developers and QA logging into globally authenticated (against OID) accounts. Oracle docs call these accounts "global users". They are able to do so just fine using SQL*Plus, TOAD and PL/SQL Developer. But when we attempt the same in SQL Developer, different rules seem to be applied, and the user is told their username/password is invalid, which is not correct.
We have several hundred developers ready to use their new accounts in SQL Developer, but cannot. Would appreciate quick reply or patch on this.
btw, when I say "global user", I'm referring to accounts that are created in Oracle using the "identified globally as" syntax.
Am I missing something?
Edited by: chromedome on Aug 9, 2010 1:49 PM

Thank you, this was helpful in that it caused me to try the other connection methods: Basic, TNS (as you mentioned on your blog), LDAP and Advanced, both with regular accounts and with global users, both with thin and thick drivers employed.
In all cases, using a normal Oracle account, I was able to connect.
But using a global user, with the thick/OCI client forced, I get the "Status: Failure -Test failed: oracle.jdbc.driver.T2Connection.t2cCreateState([BI[BI[BI[BI[BISI[S[B[BZ)I" message. And with the thin driver used, I get the "ORA-01017: invalid username/password; logon denied" message. The possibility I have the password incorrect is non-existent as I'm both typing it in manually, and copying and pasting it, from successful global user connections in PL/SQL Developer and TOAD into SQL Developer.
SQL Developer 2.1.1.64 is not working using InstantClient 11.2 when attempting to login with a global user.
Sue/Kris, due I use "the site formerly known as Metalink" to log a bug, or are you already tackling this internally? We really need this patched soon.

Securing a BPEL Process with username/password in 10g

securing a BPEL Process with username/password in 10g

use OWSM gateways..
create a gateway and define your policy in the gateway

WSDL security policy username & password authentication

Similar Messages

Maybe you are looking for