Error in custom OAM authentication plugin
Hi All
I am trying to build a custom OAM authentication plugin using JDeveloper. Here are the version information:
OAM - 11.1.1.5 BP04
WLS - 10.3.5
Issue:
I get the following error in the OAM logs when I try to activate the plugin.
[2012-11-14T09:39:17.996-08:00] [oam_server1] [WARNING] [] [oracle.oam.extensibility.lifecycle] [tid: DistributedCache:DistributionCache:EventDispatcher] [userId: <anonymous>] [ecid: 0000Jfzyiy6EgKI5qrH7iY1GcxMc000002,0] [APP: oam_server] Activation failed due to felix bundle exception while installing and starting the bundle.Unresolved constraint in bundle oamCustomAuthPlugin [2]: Unable to resolve 2.0: missing requirement [2.0] package; (package=oracle.security.am.plugin.ExecutionStatus)[[
org.osgi.framework.BundleException: Unresolved constraint in bundle oamCustomAuthPlugin [2]: Unable to resolve 2.0: missing requirement [2.0] package; (package=oracle.security.am.plugin.ExecutionStatus)
at org.apache.felix.framework.Felix.resolveBundle(Felix.java:3404)
The names of jar file, class file, plugin xml file etc are all same. My plugin code is very generic and I have the following values in the plugin's manifest and xml file
Plugin xml file [oamCustomAuthPlugin.xml]:
<Plugin name="oamCustomAuthPlugin" type="Authentication">
<author>uid</author>
<email>[email protected]</email>
<creationDate>09:32:20, 2011-11-13</creationDate>
<version>4</version>
<description>OAM Custom Authentication plugin</description>
<interface>oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn</interface>
<implementation>com.company.oam.oamCustomAuthPlugin</implementation>
<configuration>
<AttributeValuePair>
<Attribute type="string" length="20">INPUT_PARAM1</Attribute>
<mandatory>true</mandatory>
<instanceOverride>false</instanceOverride>
<globalUIOverride>true</globalUIOverride>
<value>Param1</value>
</AttributeValuePair>
<AttributeValuePair>
<Attribute type="string" length="20">INPUT_PARAM2</Attribute>
<mandatory>true</mandatory>
<instanceOverride>false</instanceOverride>
<globalUIOverride>true</globalUIOverride>
<value>Param2</value>
</AttributeValuePair>
</configuration>
</Plugin>
Manifest File [MANIFEST.MF]:
Ant-Version: Apache Ant 1.7.1
Bundle-Version: 1.0.0.4
Bundle-Name: oamCustomAuthPlugin
Bundle-Activator: oamCustomAuthPlugin
Bundle-ManifestVersion: 2
Created-By: 17.0-b17 (Sun Microsystems Inc.)
Import-Package: oracle.security.am.plugin,oracle.security.am.plugin.authn
Bundle-SymbolicName: oamCustomAuthPlugin
Bundle-RequiredExecutionEnvironment: JavaSE-1.6
Please let me know if you have faced a sinilar issues in the past. Please help !!
Try with Import-Package: org.osgi.framework;version="1.3.0",oracle.security.am.plugin,oracle.security.am.plugin.authn,oracle.security.am.plugin.api If it doesn't work try with - Import-Package: org.osgi.framework;version="1.3.0",oracle.security.am.plugin,oracle.security.am.plugin.authn,oracle.security.am.plugin.api ,oracle.security.am.plugin.ExecutionStatus
Similar Messages
-
Error in Custom Ldap Authentication
Hi All,
I was trying to use the custom LDAP authentication( [Earlier Post|http://forums.oracle.com/forums/thread.jspa?threadID=2251976&stqc=true] ) but was not successful in making it work with our AD LDAP server. Thats when I came across post [ http://forums.oracle.com/forums/thread.jspa?messageID=916185󟫙|http://forums.oracle.com/forums/thread.jspa?messageID=916185󟫙]
I used the same function
create or replace function authenticate_aduser(
p_username in varchar2,
p_password in varchar2)
return boolean
is
l_user varchar2(256);
l_ldap_server varchar2(256) := '<Hostname>';
l_domain varchar2(256) := '<Domain Name>';
l_ldap_port number := 389;
l_retval pls_integer;
l_session dbms_ldap.session;
l_cnt number;
begin
l_user := p_username||'@'||l_domain;
l_session := dbms_ldap.init( l_ldap_server, l_ldap_port ); -- start session
l_retval := dbms_ldap.simple_bind_s( l_session, l_user, p_password ); -- auth as user
l_retval := dbms_ldap.unbind_s( l_session ); -- unbind
return true;
exception when others then
l_retval := dbms_ldap.unbind_s( l_session );
return false;
end;Test it by giving correct password
SQL> declare
begin
if authenticate_aduser('<username>','<correct password>') then
dbms_output.put_line('Test Successful');
else
dbms_output.put_line('Test Failed');
end if;
end; 2 3 4 5 6 7 8
9 /
Test Successful
PL/SQL procedure successfully completed.Tested it by giving wrong password
SQL> declare
begin
if authenticate_aduser('<user name>','<wrong password>') then
dbms_output.put_line('Test Successful');
else
dbms_output.put_line('Test Failed');
end if;
end; 2 3 4 5 6 7 8
9 /
Test Failed
PL/SQL procedure successfully completed.So the fundtion is working perfectly with LDAP server.
I am trying to create a custom authentication scheme with the above function.
Shared Components -> Authentication Schemes -> create ->From Scratch ->
In Autentication Function -> return authenticate_aduser(:P101_USERNAME,:P101_PASSWORD);
In Logout URL -> wwv_flow_custom_auth_std.logout?p_this_flow=&APP_ID.&p_next_flow_page_sess=4155:PUBLIC_PAGE
Then after setting this as the current authentication scheme. Whenever I try to login with correct credentials it is giving me error
Invalid Login Credentials
Kindly let me know were I am going wrong here.
Thanks & Regards,
Vikas KrishnaI was able to fix this.
I used the same function authenticate_aduser
and then followed blog http://www.talkapex.com/2009/03/custom-authentication-status.html to create a custom authentication. It worked finally.
Thanks to Martin for his wonderful post.
Thanks & Regards,
Vikas Krishna -
Unable to login using OAM Custom Authentication Plugin
Hi,
I have a problem with OAM Custom Authentication Plugin, My Plugin is Activate successfully. When try to login from Access Manager SSO login page, it is unable to login. I am getting followiing message in the log file.
I am return ExecutionStatus.SUCCESS from my Java code and I have only one step where I have attached Plugin and my Steps Orchestration is
On Success -> Success
On Failure -> Failure
On Error -> Failure
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:is_resource_protected.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Processing Event is_resource_protected
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Is Resource Protected status : success
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :is_resource_protected with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_valid_session.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_valid_session with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB User Authentication Scheme
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB User Authentication Scheme.
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB User Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=default, username=string, contextValue=OAM, password=sercure_string, challenge_url=/pages/login.jsp}
Authentication Module Name: = DB Authentication module
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication module.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector: ["PluginPhaseEvent.oracle.security.am.plugin.diagnostic.PluginPhaseEvent@6d6a08fb":" Collector : OAMS/OAM/Plugin/AUTHN/Plugin_SamplePlugin/PluginLocate
Type : PHASE_EVENT
Metrics : 511
LogLevel : OFF
EnableRate : false EnablePersistence : false"], registered at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: false.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Can anyone help me regarding this issue.
Thanks
Tamim KhanHi,
Little update about authentication plugin, please see the log file below, Result of Authentication Scheme Execution:true, now but, still the cookie is LOGGEDOUTCONTINUE and still I am unable to login.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB Authentication Scheme
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB Authentication Scheme.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=external, username=string, contextValue=/oam, password=sercure_string, challenge_url=http://192.168.1.220:14100/ssologin/ssologin.jsp}
Authentication Module Name: = DB Authentication Module
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication Module.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Set 1st Responce
Set 2nd Responce
Set 3rd Responce
Setting cookie
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: true.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Can anyone help me please.
Thanks
Tamim Khan -
URGENT help required : Custom Authentication Plugin for validation of users
Hi Experts.
I'm a newbie and am stuck in middle of nowhere.
I have been asked to develop a custom authentication plug-in which would validate a user using the attributes such as a userid and a shared-userid.
shared-userid is just a custom id that would be generated on the basis of some logic.
Currently I'm using OAM 10.1.4.3.0 on WINDOWS server and as everybody, I'm also not able to find any sample files or sample folder structure.
As per one of the other threads https://forums.oracle.com/forums/thread.jspa?messageID=3838474, sample code and sample folders are removed from this particular version and were present in some previous version.
So, can anyone please help me out with the following:
1. How can I proceed to accomplish this task, i.e. to check whether a user-id and a shared-userid both are validated and a user is granted access.
2. Are all of these files required to create a custom authentication plug-in or can we proceed only with the ".c" file (i.e. make file, authn.c, and a dll file made using the make file and .c file)
3. Can anybody provide me with a sample file or a sample code written in "C" wherein the plug-in connects to the LDAP and searches for a particular dn for comparison or something. Also a sample make file for windows to convert the .c file to .dll.
PLEASEEEE help me ASAP.
Regards
Edited by: 805912 on Nov 15, 2011 7:18 PMHi,
Regarding question 2, you also need the header file is supplied in the Access Server installation directory, under ...access\oblix\sdk\authn_api and is called authn_api.h. you need this to build the dll which must then be placed in the Access Server's ...\access\oblix\lib directory.
Regarding question 3, if you install an earlier version of the Access Server, ie 10.1.4.2 or less, then you will get a \access\oblix\sdk\authentication\samples\authn_api directory that contains a basic sample authentication plugin. However, there is still documented in the 10.1.4.3 Developer Guide another sample plugin, simplapi.c, in the 10.1.4.3 Developer Guide with instructions on how to use it. It does work, but unfortunately requires a couple of edits to get it working after copy&pasting it (no code changes, just fairly obvious case changes eg changing ObanPlugin* to ObAnPlugin*). I used the following commands to get it to compile into a .so file on unix:
g++44 -c -fPIC -Wno-deprecated -m32 simpleapi.c
g++44 -shared -nostdlib -lc -m32 simpleapi.o -o simpleapi.so
but I really would not know if or how these translate into a Windows environment.
Regards,
Colin
Edited by: ColinPurdon on Nov 15, 2011 2:50 PM -
Weird errors when compiling a custom InDesign CS6 plugin
Hello @all,
this is my first post, so HI EVERYONE...
I have made a custom InDesign CS6 plugin.
When I try to compile this on Mac OS X Snow Leopard Server with XCode 3.2.6 and Mac OS X SDK 10.5 I get the following errors:
source/public/interfaces/architecture/IPMUnknown.h:57: error: 'QueryInterface' declared as a 'virtual' field
source/public/interfaces/architecture/IPMUnknown.h:57: error: expected ';' before '(' token
And the following from line 38 to line 118:
source/public/interfaces/architecture/DocumentID.h:38: error: 'uint32' does not name a type
Does anybody know how I can solve this errors?
Much thanks in advance
Best RegardsThank you,
I made a new post in the InDesign SDK forum now. -
How to redirect a first time OAM authenticated user to a custom page
We are using OAM 11.1.1.5 with OVD. If user logs in for the first time thru OAM, we wanted to collect few more additional information about the user. To do this, we wanted to redirect the user to the collect-additional-data.jsp page immediately after OAM authentication. This will be only one time operation for the user. How to do this in OAM.
Thanks!
KabiJust set additional-data.jsp in your authentication policy success url. So always after authentication user req is redirected to the success url. You can also set the requested url in the response in case you want to retrieve it in your additional-data.jsp.
-
OAM Post Authentication plugin
Hi All,
Can anybody please suggest me how to develop and configure Post Authentication plugin.
ThanksHi Sagar,
Thanks For the Reply.
Once the user accesses the protected resource then I have to store that UserID in some DataBase.
And one more thing, Can we write plugin's in Java. As i know we can write in c but not sure about the java compatability.
Thanks -
How to bypass from OAM authentication for certain domain
Hi All,
We are trying to unprotect certain domain from OAM domain but coudn't. Please help us fix this issue.
Environement details:
We have two nodes, one node for OAM_OSSO and another one for OSSO_Portal application.
OAM server details:
In this server, oracle application server single sign on(services are HTTP, OC4J, and OID) and OAM. Integrated OAM_OSSO using [ID 979827.1]
Portal server details:
In this server, oracle application server single sign on(services are HTTP, OC4J, and OID) and portal weblogic server(portal application) is running. portal weblogic is registered with thier own portal OSSO.
In OAM, We protected following portal url's
/sso/auth
/pls/orasso/orasso.wwsso_app_admin.ls_login
portal _OAM integration is working fine.
Now portal team come with new requirement for customer, application also running in their same portal weblogic server and that portal application domain is alreday registered with Portal OSSO and Portal OSSO page is protected by OAM. the requirement is bypass OAM authentication, and need to authentication against their own portal OSSO+OID.
Please tell me how to bypass OAM authentication from this scenerio.
-SarathHi MD,
Thanks for your update.
We are using oracle 10g. Please tell me how Anonymous scheme will help us to get out from this issue.
Portal Weblogic server registered with portal IDM server and portal IDM server OSSO protected by IDM OAM. So if i tried any of the application which deployed under portal weblogic server will get protected by OAM right. Please correct me if iam wrong.
In this scenerio we have two OSSO, one in OAM node and another one in portal server. Now portal team come up with new webserver domain for customer, in customer scenerio we want authenticate againt portal OSSO with their own OID rather than using OAM authentication. Here my concern is, customer or employee the portal weblogic server and portal OSSO are common for both user but only difference in webserver domain.
So if i tried to access customer application, then customer webserver redirect to portal weblogic for open the requested page(note if webgate not in picture). portal weblogic server is register with portal OSSO and its redirect to portal OSSO for authentication but Portal OSSO server integrated with OAM using webgate.
1. When tried to access customer application ,Portal OSSO server tried to show own sso login page for authentication but Portal OSSO server already integrated with OAM. so portal OSSO server requested to OAM to access portal sso login page not the request of customer page login.
2. here,portal OSSO login page protected and OAM serve login page for OAM authentication against OAM OID. If i specify anonymous scheme for customer domain then how will work here, portal OSSO requested to OAM to access portal OSSO login page not the customer page or employee page...
Here OAM authentication will come into picture for all scenario but need bypass for customer login.
Requirement is when customer trying to access then authentication need to happen in portal OSSO not in OAM. Hope you understand the architecture.Please suggest how.
-Sarath
Edited by: 898990 on May 11, 2012 8:22 PM
Edited by: 898990 on May 11, 2012 8:25 PM -
Custom DB authentication to an application from Oracle Portal not working.
Hi All,
We have a Portal customized and integrated to LDAP for SSO.
From the portal, we have a link that takes to another custom application that requires another level of authentication. We have implemented this authentication as custom Database based authentication.
When user login to the portal and access this link, he will be directed for authentication again. This custom application has been installed on a different OC4J instance while Oracle Portal is running in a different OC4J instance.
Issue is though user details are being propagated to the custom application page, we are receiving an error saying authentication failed.
In the OC4J instance specific for this custom application, we have configured jazn.xml to use custom authentication.
Below is the code:
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<!DOCTYPE jazn PUBLIC "JAZN Config" "http://xmlns.oracle.com/ias/dtds/jazn-9_04.dtd">
<jazn provider="XML" location="./jazn-data.xml" default-realm="jazn.com">
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
</jazn>
and in jazn-data.xml, we gave the role mapping.
But the problem is when the link to the custom application is accessed, it seems like the custom autentication mechanism is not working.
Can anyone throw light on this?
Do we need to give the same configuration in the j2ee/home/config directory files also?
Can we use both LDAP and custom DB authentication with in the same OAS setup. Remember as of now, Portal and custom application are running in different OC4J instances but within the same OAS.
Any help in this regard will be highely appreciated.
Thanks,
Sasi BhushanHi All,
We have a Portal customized and integrated to LDAP for SSO.
From the portal, we have a link that takes to another custom application that requires another level of authentication. We have implemented this authentication as custom Database based authentication.
When user login to the portal and access this link, he will be directed for authentication again. This custom application has been installed on a different OC4J instance while Oracle Portal is running in a different OC4J instance.
Issue is though user details are being propagated to the custom application page, we are receiving an error saying authentication failed.
In the OC4J instance specific for this custom application, we have configured jazn.xml to use custom authentication.
Below is the code:
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<!DOCTYPE jazn PUBLIC "JAZN Config" "http://xmlns.oracle.com/ias/dtds/jazn-9_04.dtd">
<jazn provider="XML" location="./jazn-data.xml" default-realm="jazn.com">
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
</jazn>
and in jazn-data.xml, we gave the role mapping.
But the problem is when the link to the custom application is accessed, it seems like the custom autentication mechanism is not working.
Can anyone throw light on this?
Do we need to give the same configuration in the j2ee/home/config directory files also?
Can we use both LDAP and custom DB authentication with in the same OAS setup. Remember as of now, Portal and custom application are running in different OC4J instances but within the same OAS.
Any help in this regard will be highely appreciated.
Thanks,
Sasi Bhushan -
CoreID Access Server not reading Authentication Plugin
Hello all! I've written an authentication plugin (.dll) for use with the CoreID Access Server in C++ .NET using the CoreID Managed Code (.NET) API. Everything compiles fine and I believe I've complied to the interface CoreID expects. However, when the access server starts it chokes on the plugin and this is the error message generated by the server:
UTC - Access Server File Logger
ERROR0x000003B6 base\obsharedobj.cpp:44 "Could not read file"
shlibname^C:\Program Files\csm\access/oblix/lib/csmAuthnSSOPlugin.dll
ACCESS_SERVER ERROR0x00001136 \Oblix\coreid\palantir\aaa_server\src\plugins.cpp:1329
"Error while loading the plug-in symbols" tmpdso^csmAuthnSSOPlugin
I thought perhaps a dependency .dll was not present on the server, i.e. managed_plugin_interface.dll, however it is present in an appropriate lib directory. So...any ideas out there? :-)If you have reinstalled Access Server, try running the Access Server configuration utility. I think its obacc*.exe or search for exe file name.
Once you retype all the configuration info, it should start.
Thanks
Ram -
Error while creating OAM MBean Conection
I am in the process of integrating OAM with OIM. When I run the idmConfigTool, I get the following error. Any suggestions
[oracle@idmhost2 bin]$ /u01/app/oracle/middleware/Oracle_IDM1/idmtools/bin/idmConfigTool.sh -configOAM input_file=/u01/OAMconfigPropertyFile
Enter ID Store Bind DN password :
Enter User Password for WLSPASSWD:
Confirm User Password for WLSPASSWD:
Enter User Password for OAM11G_OIM_WEBGATE_PASSWD:
Confirm User Password for OAM11G_OIM_WEBGATE_PASSWD:
Enter User Password for IDSTORE_PWD_OAMSOFTWAREUSER:
Confirm User Password for IDSTORE_PWD_OAMSOFTWAREUSER:
Enter User Password for IDSTORE_PWD_OAMADMINUSER:
Confirm User Password for IDSTORE_PWD_OAMADMINUSER:
oracle.idm.automation.exception.ExecutionFailedException: Error while creating OAM MBean Conection
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.getObjectName(OAM11gIntegrationHandler.java:934)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:306)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:593)
at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:218)
at oracle.idm.automation.AutomationTool.main(AutomationTool.java:132)
There were errors found. Details have been logged to automation.log
The Automationlog file details
FINER: ENTRY
Jul 16, 2013 2:09:36 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler getObjectName
SEVERE: Error while creating OAM MBean Conection
java.lang.Exception: No foundation mbeans found
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.getObjectName(OAM11gIntegrationHandler.java:915)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:306)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:593)
at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:218)
at oracle.idm.automation.AutomationTool.main(AutomationTool.java:132)
Jul 16, 2013 2:09:36 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
SEVERE: Error while configuring User ID Store
oracle.idm.automation.exception.ExecutionFailedException: Error while creating OAM MBean Conection
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.getObjectName(OAM11gIntegrationHandler.java:934)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.configOAM11gIdStore(OAM11gIntegrationHandler.java:306)
at oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler.execute(OAM11gIntegrationHandler.java:696)
at oracle.idm.automation.AutomationTool.configOAM(AutomationTool.java:593)
at oracle.idm.automation.AutomationTool.parseCmdLine(AutomationTool.java:218)
at oracle.idm.automation.AutomationTool.main(AutomationTool.java:132)
Jul 16, 2013 2:09:36 AM oracle.idm.automation.impl.oam.handlers.OAM11gIntegrationHandler configOAM11gIdStore
SEVERE: Error while creating OAM MBean ConectionCaused by: java.net.ConnectException: Connection refused
Is the Oracle application server running? -
HI, Im using Iphone 4 and i recently got my IOS updated to IOS7 and now im getting the error message as "PDP authentication failure" Im using Aircel carrier.
Please let me know how to fix this issueupdate...
I am not one to give up. So I called AT&T today. Now they are telling me they canceled my order because they were unable to fulfill my order. Basically, AT&T told me they sold out so they canceled my order so I can proceed to reorder again. It took them 4 days to realize this. I will be lucky if I get a new phone by Christmas. I am sure they will find a way to cancel my order again.
Again, I argued, how is this my fault. I placed my order at the store around 11 a.m. Pacific time. My friend ordered his phone online sometime after me. He got his but my order was canceled. AT&T tried to explain to me that they sold over 600,000 phones, almost 500 per minute during there peak. Again, I asked, how this was my fault.
I can understand over selling the phone. It is a great product. There is no reason to cancel my order. You adjust my order and tell me you will let me know when my phone will be in. I would have been mad that my phone was going to be late but I would have survived. At least I would be getting one.
At this point, I have no order and AT&T or Apple website will allow me to order one. I just want to get in the QUEUE for one.
Frustrated. -
Consistently getting an error in custom reports "an error occurred" is the only msg displayed...my clients are screaming...what is the problem?
Hi,
Please log a ticket with BC support for this issue. Please provide the exact steps, preferably a video. You can log the ticket from your admin panel > help & support.
Kind Regards,
Aish -
since moving to iCloud, my mobileme email works ONLY on my iPhone, but not on my PC with Outlook. I get an error message indicating the authentication is not accepted.
To anyone who has viewed this post and is having similar difficulties, the answer came on a different forum: I dragged & dropped the files from Mail to iCloud Drive. Opened them on my MB Air, they were saved in Templates and are now accessible across all my devices.
Answer came from SGIll: Numbers templateshttps://discussions.apple.com/message/27505880#27505880Numbers templates -
How to use a custom database authentication with APEX_AUTHENTICATION??
i have Custom user authentication method.
create or replace function user_check(username varchar2,password varchar2) return boolem
is
check_out integer;
begin
select count(*) into check_out from "user" where USER_EMAIL=username and USER_PASS=password;
if check_out >0 then
return true;
else
return false;
end if;
end;
apex_authentication.login() how to use. And how to make apex_authentication.login() use my method Verify User LoginYou can't mix custom authentication and the internal APEX authentication functions.. So either you use the pre-built user authentication in APEX or you can build your own CUSTOM authentication...
Many examples of custom authentication are out there...
Thank you,
Tony Miller
Ruckersville, VA
Maybe you are looking for
-
Changing the Owner from Peoplesoft8.8 to Peoplesoft 9.0 causes Data errors
Hi for a particular task in DAC, i changed a parameter in Parameter sub-tab of Tasks Tab in the Design view. the Default one was Dept_Security which i changed to Division_Tree. the Owner for Dept_security was Peoplesoft 8.8 in the Parameter sub-tab o
-
Iphone calendar displaying wrong times in day/week view
I work a lot of night shifts and consequently I input a lot of night shifts to my iphone calendar. They usually work. However, in a couple of weekends time I have some nights which I have input as starting on 30th march 20.45 ending 31st march 08.00,
-
ENCORE CS6 gives error message during the burning of Blu-ray Disc
I did it again - upgraded my Production Premium CS5 to CS6. I will not forget CS4 that never came to work. It was not a workable version, but at best an Alfa or maybe Beta version. I was therefore naturally afraid to upgrade my reasonably well functi
-
How to make the Convert task to exit if there is Rejected data
Hello, I try to develop a DTSX package for SQL 2005, with BPC 7.0 SP6. The package contains Convert step. I want to exit package execution if during the Convert step there is at least one Rejected data Problem: Convert task exists On Failure only if
-
Aligning footnote numbers to the left
Hello, I am currently in the process of designing the thesis of my sister. The text - imported from word - contains several footnotes. The problem is when I placed the word document the footnote reference numbers were automatically aligned to the rig