UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21. Read more.
UPDATE! The community will be go into read-only on April 19, 8am Pacific in preparation for migration on April 21.Read more.
Absent Member.
Absent Member.
589 views

Inject authentication header password error

Hi
I config inject authentication header policy.
I set username is ldap user name
password is ldap password
but the policy can't success SSO
When I set username is ldap user name
password is sting and input clear text password, the SSO is ok;
When I set ldap attribute company with the clear text password, the SSO is not ok;
So, Can support?
My AM version:4.2sp1
application is :Windchill(PDM,epicca)
0 Likes
7 Replies
Absent Member.
Absent Member.

xum;2483786 wrote:
Hi
I config inject authentication header policy.
I set username is ldap user name
password is ldap password
but the policy can't success SSO
When I set username is ldap user name
password is sting and input clear text password, the SSO is ok;
When I set ldap attribute company with the clear text password, the SSO is not ok;
So, Can support?
My AM version:4.2sp1
application is :Windchill(PDM,epicca)


Can you export the II policy so we can see it?

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 11-07-2018 6:54 AM, xum wrote:
>
> Hi
> I config inject authentication header policy.
> I set username is ldap user name
> password is ldap password
> but the policy can't success SSO
> When I set username is ldap user name
> password is sting and input clear text password, the SSO is
> ok;
> When I set ldap attribute company with the clear text password, the SSO
> is not ok;
> So, Can support?
> My AM version:4.2sp1
> application is :Windchill(PDM,epicca)
>
>


Probably best to check the logs from your app to check why its not happy with the supplied credentials.

--
Cheers,
Edward
0 Likes
Absent Member.
Absent Member.

Hi
I set form fill and catpture network flow,I confirm the policy can't get password and input or inject for policy.
but i login nidp,the authentication is ok.
So,Will I do?
thanks
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 11-07-2018 7:54 PM, whitesocks wrote:
>
> Hi
> I set form fill and catpture network flow,I confirm the policy can't get
> password and input or inject for policy.
> but i login nidp,the authentication is ok.
> So,Will I do?
> thanks
>
>


Any change you can provide the login page of this application here?

--
Cheers,
Edward
0 Likes
Absent Member.
Absent Member.

edmaa;2483832 wrote:
On 11-07-2018 7:54 PM, whitesocks wrote:
>
> Hi
> I set form fill and catpture network flow,I confirm the policy can't get
> password and input or inject for policy.
> but i login nidp,the authentication is ok.
> So,Will I do?
> thanks
>
>


Any change you can provide the login page of this application here?

--
Cheers,
Edward


I test,execute sso policy,the policy get user store for ad;
I build two userstore one is for AD ,one is for ed.I check the document ,If use the kerberos must create two user store. Will I do?
0 Likes
Absent Member.
Absent Member.

whitesocks;2483893 wrote:
I test,execute sso policy,the policy get user store for ad;
I build two userstore one is for AD ,one is for ed.I check the document ,If use the kerberos must create two user store. Will I do?


You can do Kerberos against any LDAP store, as long as it can perform a lookup with the information provided by the Kerberos ticket - plenty of posts in this forum about Kerberos and LDAP stores

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner Knowledge Partner
Knowledge Partner

On 12-07-2018 2:24 PM, whitesocks wrote:
>
> I test,execute sso policy,the policy get user store for ad;
> I build two userstore one is for AD ,one is for ed.I check the document
> ,If use the kerberos must create two user store. Will I do?


You dont need 2 user stores, not even sure where you get that information from.


--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.