IBM BPM process portal page not loading properly - business-process-management

After installing BPM 8.5.5, I could see process portal page loading the below way:
enter image description here
Tried both the http and https protocol. Need suggestions...

Use FQDN (fully qualified domain name) instead of "localhost" in the URL and it should work. E.g. use the hostname of the BPM server that was used during the IBM BPM installation.
If not, then perform verification of Process Portal using the instructions from this link and post screenshot(s) of what you see -
https://www.ibm.com/support/knowledgecenter/en/SSFTBX_8.5.6/com.ibm.wbpm.imuc.doc/topics/tcfg_process_portal_verify.html

Related

How to use Google OAuth2.0 without out-of-band (OOB)

I have created new OAuth 2.0 Client IDs (application type = Desktop app). Then downloaded the OAuth client JSON file. Put the file into the folder where my code is looking. When I run the code locally on my PC it`s try to open following URL:
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope={my_scope}&access_type=offline&response_type=code
and that is what I expect. Since the downloaded OAuth client has the parameter "redirect_uris":["http://localhost"]. So I expected the same thing when I ran this same code on the ubuntu server, but nope. The URL it proposes me visit is
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope={my_scope}&access_type=offline&response_type=code
And here is the problem, I don't understand what I have to do to make my server pass this authorization.
I already tried to manually change this parameter of redirect_uris before visiting the destination to the same one I had on my local computer - to http%3A%2F%2Flocalhost%3A8080%2F, but I got this error in the browser:
Who can help me? What should I do?
Developers using installed applications need to stitch to using IP flow.
Loopback IP address (macOS, Linux, Windows desktop)
A key point on that page is
To receive the authorization code using this URL, your application must be listening on the local web server.
So as directed you would use http://127.0.0.1:port or http://[::1]:port The fact that you are getting a page not found is working as intended as you just have not set up the local web server as directed in the documetnation.
The authorization code needed for authorization can still be found in the URL browser. Currently this is the only information we have from Google and there is no other solution.

Connecting using SnowSQL denied 403 error

I am trying to configure JDBC but kept getting the same error I am getting using snowsql:
250001 (08001): Failed to connect to DB. Verify the account name is correct: JG3409.canada-central.azure.snowflakecomputing.com:443. 000403: 403: HTTP 403: Forbidden
If the error message is unclear, enable logging using -o log_level=DEBUG and see the log to find out the cause. Contact support for further help.
Goodbye!
I have configured the config file, and I have double checked the account, company, region, reset password to only use alphanumeric.
I have used both forms of the URL
The only possibility is that I am using a trial account, but I can't imagine that this would limit external non-browser connections?
I use a simple user/password, I have whitelisted my IP and I don't have a problem with a proxy or a firewall. I can successfully connect using a browser.. using:
https://app.snowflake.com/canada-central.azure/jg63409
Important contents of the config file:
[connections]
accountname=JG3409
#accountname=uegxydq-pz20606
region=canada-central.azure
username=ASHSNOWFLAKE
any ideas?
Your account is not JG3409 but JG63409 based on this link:
https://app.snowflake.com/canada-central.azure/jg63409
Try in your browser:
https://jg63409.canada-central.azure.snowflakecomputing.com
I found out using snowcd that my computer could not connect via my home router.
When I used my personal hotspot on my (5G) phone, snowcd passed all the tests immediately. The problem then arose how to adjust the network security policy to allow a CIDR block of network addresses through since my phone uses a new address every time I connect, and I can't edit the policy to allow my phone while connected via my phone (for obvious reasons)
Catch 22
123.45.0.0/16 is not accepted in the new Snowflake UI, and 0.0.0.0 doesn't work for me, but the documentation gave me a clue.. the new UI doesn't separate by commas, so I switched to the old UI and voila!
Incidentally the OLD UI uses the same URL as SnowSQL so I picked up my error in my account number there as well (although I should have seen it earlier).
Diabolical but thanks #Sergiu too!

Network Sniffing/SSL Pinning : Not able to get post through the login page in a mobile app when detecting traffic with Fiddler

I am debugging network calls of one of the client's application whom code I am not having. The steps I have gone thorough is as below.
1) Install fiddler in a windows system.
2) unable HTTPS decryption.
3) set the system proxy to match the client's country. (USA)
4) install the app on iOS to which is on same network.
5) Installed the Fiddler certificate in phone, added to trusted certificate
6) Applied the manual proxy matching the same internal IP of the windows system. (not the system proxy of USA)
Now when I open the app, I am able to trace the network calls till login page. Also able to detect network call which send the credentials.
But after loading for 5-8 seconds, the app shows "something went wrong, we are unable to serve you"
I am not able to see any trace of my machine IP (internal IP), in network calls being sent. I changed my phones Timezone in case that is the triggering point for stop serving.
Also randomly after 2-3 attempts the following popup comes. I have set the Client Certificate as asked, which was downloaded from http://ipv4.fiddler:8888 .
There are many other apps for which I am able to see the entire network calls but not for this specific one.
Is there any issue in my system settings or the app provider have mechanism to identify man in the middle proxies. Or certificate issues?
Update 1 : I checked the fiddler log and found the below error
HTTPS hand shake to TargetURL failed The exact error was "a call to SSPI failed, see inner Exception, the certificate chain was issued by an authority that is not trusted. is this case if SSL Pinning?
You are mixing up the certificates. Usually the problem is the server certificate, however in your case the problem arises from a client certificate. A SSL client certificate is a optional feature that allows to identify a user based on a certificate + private key instead of username+password. It is often used in companies where each user has a certificate+private key on a smart card.
There are now two possibilities:
The iOS app includes a client certificate+private key and the app developers use this to protect the communication API (a bit similar like an API key). In this case you have to extract the certificate and the private key and provide it to Fiddler. Most likely certificate and private key are the same for every device world-wide and can be found as static resource in the iOS app (potentially obfuscated or somehow protected).
The server asks for a client certificate but providing a certificate is optional. I don't know if Fiddler can handle this situation.

wso2 dss 3.5.0 datasource is not updated when choose google spread private Visibility

I tried to follow wso2 instructions to connect wso2 dss 350 to google spreadsheet.(https://docs.wso2.com/display/DSS350/Google+Spreadsheet)
Something is wrong with the "generate token" button. It should upload my datasource with that refresh token, but instead it gave me to blank page https://localhost:9443/authCodeReceiver?code=.
I've tried to use that but it didn't work.
Is there something I'm missing?
thanks for help.
As the refreshing is happening with a session, the same session has to be maintained. Therefore, the hostname in the redirect url and the hostname in the opened management console should be same. For an example if the redirect url is https://localhost:9443/authCodeReceiver then the management console should be opened in the browser should have the url https://localhost:9443/carbon

How to change WebSphere Portal URL from ibmhttp to w3?

I installed a WebSphere Portal 8 and in this installation
I have one server as http server,
one server for Domino server as LDAP
one server for Portal 8.
Now the Portal URL is ibmhttp.XXX.com and I need to change it to w3.XXX.com
Can anybody help me how to do it? Is it simply changing the computer name hosting the web server to w3?
Thanks in advance.
you should reference http://www-01.ibm.com/support/docview.wss?uid=swg21569040
it discusses the changing of your WebSphere Portal name.
if you want to add a subportal at a URL, that's different and documented in the Portal 8 Infocenter http://www-10.lotus.com/ldd/portalwiki.nsf/xpDocViewer.xsp?lookupName=IBM+WebSphere+Portal+8+Product+Documentation#action=openDocument&res_title=Human_readable_URL_mappings_for_virtual_portals_wp8&content=pdcontent

Resources