• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Isa 2006, IE and Java Authentication Issue

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Isa 2006, IE and Java Authentication Issue Page: [1]
Login
Message << Older Topic   Newer Topic >>
Isa 2006, IE and Java Authentication Issue - 28.Jun.2007 6:05:04 AM   
SelhurstPalace

 

Posts: 13
Joined: 26.Jun.2007
Status: offline
I have been tearing my hair out trying to get ISA server 2006 and a java based webapp (blackboard) working correctly. I have been using FBA to  log into to the site using ldap which works fine. Initially, when I accessed an area of the site which ran a java applet I would be sent back to the isa log in page. However this issue would only occur when using IE, firefox worked as expected. I followed the advice in the thread http://forums.isaserver.org/Java_Application_Fails/m_2002037649/tm.htm
and this went most of the way to solving the issue. But instead of being redirected to ISA log on page I am now presented with what looks like a java log in form. If I enter my credentials I am allowed into the app and everything works correctly and choosing the save password option stops this log in box appearing again. I tried what was suggested in http://support.microsoft.com/kb/925881/en-us but this has not solved the issue. This issue only occurs in IE. Does anyone have an idea on how to stop this log in box appearing on java pages in IE?
Thanks in advance.
Peter
Post #: 1
RE: Isa 2006, IE and Java Authentication Issue - 10.Jul.2007 6:01:15 AM   
SelhurstPalace

 

Posts: 13
Joined: 26.Jun.2007
Status: offline
In reply to my own post the problems I was experiencing with Java authentication and ISA 2006 were completely solved by applying the hotfix http://support.microsoft.com/kb/933869/en-us 
I hope this helps someone sometime....
Thanks
Peter

(in reply to SelhurstPalace)
Post #: 2
RE: Isa 2006, IE and Java Authentication Issue - 14.Jul.2007 3:33:27 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Peter,

Thanks!

Good to hear you got it working and thanks for the follow up!

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to SelhurstPalace)
Post #: 3
RE: Isa 2006, IE and Java Authentication Issue - 1.Apr.2009 5:00:01 PM   
jrego

 

Posts: 6
Joined: 1.Apr.2009
Status: offline
hey SelhurstPalace

I am looking to do the same thing for our BB installation.  can you tell me more about the FBA that you have set up?  what type of client authentication method did you use for it.  we are also using LDAP for the Authentication Validation Method.

any help that you can provide would be greatful. 

ao,lso what there anything special besides the things mentioned in this post?  if you have any documentation that you wouldnt mind sharing that would b great as well.

thanks in advance.

(in reply to tshinder)
Post #: 4
RE: Isa 2006, IE and Java Authentication Issue - 2.Apr.2009 9:40:35 AM   
SelhurstPalace

 

Posts: 13
Joined: 26.Jun.2007
Status: offline
Hi there,
            If I remember rightly the steps we had to go through to get our Blackboard test server working successfully using ISA Server and FBA were:
  • Set up BB to use web server delegation authentication which we did following the instructions in the bb authentication guide. You can get this from behind blackboard. We used IIS to authenticate users to AD before passing these credential back to BB.
  • Set up BB to use SSL
  • Published the website through ISA Server 2006 used FBA and set the authentication method to basic.
  • Applied the patches Microsoft provided to stop the issues with were having with Java.
  • We had to hack the user registry table in blackboard to add the the remote header info to each user so they can authenticate to BB. You will be able to see the remote user info the ISA is sending by monitoring your connection in the logs. This took a bit of fiddling to get working.

Once we had it set up we then added other services to the same listener as BB was published on (exchange,sharepoint etc) and we got single sign on working very well between these services. We also tested software from collective software which allowed other services to also single sign on.
However we haven't yet gone live with this because by moving to web server delegation authentication on BB breaks a number of bb building blocks.  It is something we will look to implement in the near future.
Hope this is of some help.
Thanks,
Peter

(in reply to jrego)
Post #: 5
RE: Isa 2006, IE and Java Authentication Issue - 2.Apr.2009 9:44:42 AM   
jrego

 

Posts: 6
Joined: 1.Apr.2009
Status: offline
Thanks for the reply peter.  what about the HTTP filter.  doing anything there to keep things secure?

thanks again.

(in reply to SelhurstPalace)
Post #: 6
RE: Isa 2006, IE and Java Authentication Issue - 2.Apr.2009 10:11:53 AM   
SelhurstPalace

 

Posts: 13
Joined: 26.Jun.2007
Status: offline
To be honest as it was a test set up and ip restricted we didn't look at this for this particular service but do use http filtering for other websites we publish thorough ISA.
Thanks
Peter

(in reply to jrego)
Post #: 7
RE: Isa 2006, IE and Java Authentication Issue - 10.Sep.2009 9:53:42 AM   
dvizzle

 

Posts: 236
Joined: 20.Apr.2009
Status: offline
Is there a way to fix this and apply the hot fix if you do not have any web listeners?

(in reply to SelhurstPalace)
Post #: 8
RE: Isa 2006, IE and Java Authentication Issue - 11.Sep.2009 3:54:37 PM   
dvizzle

 

Posts: 236
Joined: 20.Apr.2009
Status: offline
anyone?

(in reply to dvizzle)
Post #: 9
RE: Isa 2006, IE and Java Authentication Issue - 18.Sep.2009 11:06:56 AM   
SelhurstPalace

 

Posts: 13
Joined: 26.Jun.2007
Status: offline
Hi,
I don't quite understand what you mean when you mention applying the hotfix without any listeners? I presume you are publishing sites/services using a non website publishing rule? In this case, as the fix is applied to a particular listener, I'm not sure how you would get round the authentication issue other than using a website publishing rule for the service which is giving you grief. As the hotfix is for Java and FBA problems I'm not sure it is what you are looking for.
Sorry I can't be of more help.
Peter

(in reply to dvizzle)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Isa 2006, IE and Java Authentication Issue Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts