10g904 - custom login pages & development method of applics for SSO
i am getting baffled with these custom login pages and their connection with the SSO.
I have now read extensive documentation from the following:
Oracle® AS SSO Admin Guide for release 10g (9.0.4) (B10378-01)
Oracle® AS SSO App Developers Guide for release 10g (9.0.4) (B10852-01)
Oracle® AS SSO Admin Guide 10g (9.0.4) (B13791-01)
Oracle® AS App Developers Guide for release 10g (9.0.4) (B10378-01)
Oracle® SSO Developers Guide for version 306
what baffles me is how custom login pages are to be defined for the 10g versions of AS.
in 10g (904) version, applications for SSO can be protected using mod_osso, and may be developed using mod_osso or using SSO-SDK which is deprecated from this version.
1. this means that if we do not have to use SSO-SDK (which is deprecated in 904 version) and where we need to protect applications using the mod_osso, then why do we need to use the custom pages.
2. how do the custom-defined deployment specific login pages or change-password pages work?
3. what is the role of SSO for partner applications if we do not configure it specifically.
any helpful hints or links would be highly appreciated.
thanks
i am getting baffled with these custom login pages and their connection with the SSO.
I have now read extensive documentation from the following:
Oracle® AS SSO Admin Guide for release 10g (9.0.4) (B10378-01)
Oracle® AS SSO App Developers Guide for release 10g (9.0.4) (B10852-01)
Oracle® AS SSO Admin Guide 10g (9.0.4) (B13791-01)
Oracle® AS App Developers Guide for release 10g (9.0.4) (B10378-01)
Oracle® SSO Developers Guide for version 306
what baffles me is how custom login pages are to be defined for the 10g versions of AS.
in 10g (904) version, applications for SSO can be protected using mod_osso, and may be developed using mod_osso or using SSO-SDK which is deprecated from this version.
1. this means that if we do not have to use SSO-SDK (which is deprecated in 904 version) and where we need to protect applications using the mod_osso, then why do we need to use the custom pages.
2. how do the custom-defined deployment specific login pages or change-password pages work?
3. what is the role of SSO for partner applications if we do not configure it specifically.
any helpful hints or links would be highly appreciated.
thanks
Similar Messages
-
Hi,
We are trying to develop an application using "ADF security", which means we can give permissions to certain roles based on "Binding Container", "Iterator Binding", "Method Action Binding" and "Attribute-level Binding".
After reading the document -- "Oracle® Containers for J2EE Security Guide 10g (10.1.3.1.0) B28957-01" that Frank pointed out. We have a question:
Can we develop an ADF application without creating a custom login page? Right now we've followed the security guide and modified the configuration files. But when we run the application, we get the "user null" error message. The reason is clear because we do not have a login page. On the security guide, it says that it is possible to use the oracle default login module. But it does not say how. Does anyone have any idea?
Thanks,
AnnieBrenden,
Thank you so much for the reply. This is our code in the web.xml:
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
We are using HTTP basic Authentication. This technique worked for the container-managed security. The browser default login page pops up when the end users try to log into a secured JSP. But here we want to use "ADF security" to set up "Iterator binding" and "Attribute level binding" security. The browser default login page does NOT show up. Instead we get the "user null" error message.
If you have detailed step on how to select HTTP Basic Authentication, it would be very helpful to us. Or if you know any document has the detail.
regards,
Annie -
OAM-02073 when trying to login with custom login page
I Created a custom login page, but when I submit it to OIM I get the error on the page "System error. Please re-try your action. If you continue to get this error, please contact the Administrator." with the OAM 11g Page, and in the logs it shows the errors below. Thanks for any ideas on what this issue could be.
<Oct 29, 2011 11:24:46 PM CDT> <Warning> <oracle.oam.controller> <OAM-02073> <Er
ror while checking if the resource is protected or not.>
<Oct 29, 2011 11:24:46 PM CDT> <Warning> <oracle.oam.binding> <BEA-000000> <OAM-
02073
oracle.security.am.common.utilities.exception.AmRuntimeException: OAM-02073
at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
ckProtected(AuthzEngineController.java:536)
at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
cessEvent(AuthzEngineController.java:159)
at oracle.security.am.controller.MasterController.processEvent(MasterCon
troller.java:354)
at oracle.security.am.controller.MasterController.processRequest(MasterC
ontroller.java:517)
at oracle.security.am.controller.MasterController.process(MasterControll
er.java:457)
at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
lowManager.java:209)
at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
java:147)
at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
ava:107)
at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
et.java:168)
at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
:133)
at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
673)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
tyHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
a:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
oFilter(OAMServletAuthenticationFilter.java:265)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
er(OAMValidationSystemFilter.java:133)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
rapperFilter.java:120)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
3)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
il.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
a:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
61)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
6)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
ervletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
ontext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
ava:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: oracle.security.am.engines.authz.AuthorizationException: OAMSSA-14003
: Policy runtime failed.
at oracle.security.am.engines.authz.AuthorizationEngine.isResourceProtec
ted(AuthorizationEngine.java:183)
at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
ckProtected(AuthzEngineController.java:373)
at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
cessEvent(AuthzEngineController.java:159)
at oracle.security.am.controller.MasterController.processEvent(MasterCon
troller.java:354)
at oracle.security.am.controller.MasterController.processRequest(MasterC
ontroller.java:517)
at oracle.security.am.controller.MasterController.process(MasterControll
er.java:457)
at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
lowManager.java:209)
at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
java:147)
at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
ava:107)
at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
et.java:168)
at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
:133)
at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
673)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
tyHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
a:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
oFilter(OAMServletAuthenticationFilter.java:265)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
er(OAMValidationSystemFilter.java:133)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
rapperFilter.java:120)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
3)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
il.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
a:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
61)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
6)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
ervletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
ontext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
ava:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused By: oracle.security.am.common.policy.runtime.PolicyEvaluationException: O
AMSSA-06191: The runtime request contains no resource.
at oracle.security.am.common.policy.runtime.PolicyRuntimeImpl.isResource
Protected(PolicyRuntimeImpl.java:143)
at oracle.security.am.engines.authz.AuthorizationEngine.isResourceProtec
ted(AuthorizationEngine.java:181)
at oracle.security.am.engines.enginecontroller.AuthzEngineController.che
ckProtected(AuthzEngineController.java:373)
at oracle.security.am.engines.enginecontroller.AuthzEngineController.pro
cessEvent(AuthzEngineController.java:159)
at oracle.security.am.controller.MasterController.processEvent(MasterCon
troller.java:354)
at oracle.security.am.controller.MasterController.processRequest(MasterC
ontroller.java:517)
at oracle.security.am.controller.MasterController.process(MasterControll
er.java:457)
at oracle.security.am.pbl.PBLFlowManager.delegateToMasterController(PBLF
lowManager.java:209)
at oracle.security.am.pbl.PBLFlowManager.handleBaseEvent(PBLFlowManager.
java:147)
at oracle.security.am.pbl.PBLFlowManager.processRequest(PBLFlowManager.j
ava:107)
at oracle.security.am.pbl.transport.http.AMServlet.handleRequest(AMServl
et.java:168)
at oracle.security.am.pbl.transport.http.AMServlet.doPost(AMServlet.java
:133)
at oracle.security.am.pbl.transport.http.AMServlet.doGet(AMServlet.java:
673)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
tyHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
a:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.am.agent.wls.filters.OAMServletAuthenticationFilter.d
oFilter(OAMServletAuthenticationFilter.java:265)
at oracle.security.am.agent.wls.filters.OAMValidationSystemFilter.doFilt
er(OAMValidationSystemFilter.java:133)
at oracle.security.wls.oamagent.OAMAgentWrapperFilter.doFilter(OAMAgentW
rapperFilter.java:120)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:31
3)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUt
il.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.jav
a:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:1
61)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:13
6)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.ja
va:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
n.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
ervletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
ontext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
ava:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)Hello, I'm having the same issue. I did check my custom login form and I'm using "post" and fully qualified OAM host name. The behavior and very inconsistent. My integration is OIF-OAM. OIF proxy protected by 11g webgate. If I close the browser or try hitting back button, the login form comes up fine and could able to access the resource. I did look into support site and found this Doc Id: ID 1348419.1 which matches my condition, but couldn't able to figure out if there is a patch out for this bug.
Has anyone faced this issue?
Thanks for the help.
Sunil. -
Web Module App not using custom login page.
Iu2019ve created a simple Web Module Application that I wish to use a custom login page for authentication. From previous posts it looked like this would be easy. Iu2019ve made the changes below and have redeployed my application. When the application runs it forwards to the standard SAP login page rather than my login page. What am I missing? Thanks in advance. /Greg
Web.xml.
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>login.jsp</form-login-page>
<form-error-page>error.jsp</form-error-page>
</form-login-config>
</login-config>Moderator message -
When closing old threads, there is no need to add a comment. Adding a pasted answer like "Resolved ourselves" only brings old threads to the top of the forum list and pushes current ones down. If you do add a comment, please indicate just how the problem was resolved.
Rob -
Did any body try to change 10g SSO login page to custom login page?
Hi..
Did any body try to change Oracle 10g SSO login page with custom login Page as we used to do in 902 and 1022 versions by changing wwsso_ls_configuration_info_t table entries?
It seems that there is now other file policy.properties that has entry for login page.
Is there any documentation provided by Oracle on this?
I checked metalink and SSO admin guide?
Any clue or glue....??
Thanks
SarveshTry 1 & 2 if does not work please file a daycare for further assistance.
1. In "Day CQ Login Selector Authentication Handler" for path info add an empty row then verify.
2. Delete the existing entry for "Day CQ Login Selector Authentication Handler" , Configure your custom at repository level & verify -
SharePoint Foundation 2013 - FBA Custom Login Page
Hi,
i am trying to enable FBA in SharePoint Foundation 2013 and it works fine for default login page
but when i try to create custom login page ( which is already working without any problems in SharePoint 2010 ) i receive an error when i try to authenticate user using the following code :
SPClaimsUtility.AuthenticateFormsUser(Context.Request.UrlReferrer, txtUserName.Text, txtPassword.Text);
i checked the Log file and found the following entries :
- Application error when access /_layouts/CM Custom Login Page/Login.aspx, Error=Exception of type 'System.ArgumentException' was thrown. Parameter name: httpApplication at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri
context, String userName, String password) at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object sender, EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
- System.ArgumentException: Exception of type 'System.ArgumentException' was thrown. Parameter name: httpApplication at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri
context, String userName, String password) at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object sender, EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
- Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.ArgumentException: Exception of type 'System.ArgumentException'
was thrown. Parameter name: httpApplication at Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(Uri context, String userName, String password) at CM_Custom_Login_Page.Layouts.CmCustomLoginPage.Login.btnLogin_Click(Object
sender, EventArgs e) at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e) at System.Web.UI.Page.ProcessRequestMain(...
- ...Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest() at System.Web.UI.Page.ProcessRequest(HttpContext context) at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)check first whether you are getting context or not, to me it looks like issue with Contrext.Request.UrlReferrer
try with this code
Uri url = new Uri(SPContext.Current.Web.Url);SPClaimsUtility.AuthenticateFormsUser(url, txtUserName.Text, txtPassword.Text); -
I have two WebApps. In central admin i set one different custom login page for each.
now the problem: the second WebApp redirects to the login page of the first one.
Known problem?Hi,
According to your post, my understanding is that you wanted to set different login pages for different web applications.
Please check whether you choose the zone that you want to configure and enter the Sign In Page URL correctly.
Best Regards,
Linda Li
Linda Li
TechNet Community Support -
How can i use my custom login page in a custom partner application ?
Dear All,
I'm trying to customize a login page displayed other than the default sso login page
by submiting my form to the regular pl/sql procedure : "PORTAL.wwptl_login.login_url"
but i tried to type the requested partner application url in the browser i got the sso
login page other than my custom login page. So, How can i use my custom login page in a custom partner application ?
Regards,
Mohammed Amin
[email protected]I cannot begin to express my level of frustration. I have been trying to use the composition widget light box display for some time now. I drag the widget to my document. The default widget has three small trigger boxes and a large area made up of a forward and backward button, a background, a text box and a frame for your image.
My steps have been …
I click on the little trigger box.
I click on the frame that holds the main image.
I go to the fill menu and browse my computer for my image and then click OK.
IT shows up on my screen. Yay
I attempt to continue using the next two trigger boxes provided in the widget.
After that, I add more by clicking on the little plus sign.
This is where all heck breaks loose.
Every single time I attempt to add thumbnails, something messes up. When I go to preview, either not all of my main images show up, or it starts with the wrong one, or some are missing. I have looked and looked for help on this and the only thing I can find is how easy it is to create a great portfolio lightbox display. But as we know, that only works when your thumbnails are the same image as the images in your lightbox. If you want something different, you have to use the composition wizard. I am finding it extremely difficult and confusing to customize.
Is there an exact sequence you need to use to add images to the slideshow? I am my wits end. -
Questions about a custom login page.
Could someone give me an example of a custom login page that does the error checking with
p_error_code. I can't seem to get one to work correctly. I don't ever get any info in
p_error_code when there is an error in login.
You can email me the code at [email protected] if you would prefer.
Thanks.
BethanyBethany,
The best place for this question is the Orac le9ias Portal Security and Login Server forum.
Thanks -
Customized login page taking time to load
Dear Experts,
Request you to kindly suggest how can I tune the Customized login Page.
as it is taking time to load.
Warm Regards
Upendra Agrawal.Hi,
Thanks for your quick reply, Changes which I made are only in the LogonTopArea.jsp and in LogonBottomArea.jsp,
i.e i have added a flash and images, earlier the total file size of the
com.sap.portal.runtime.logon.par file used to be around 314 kb but now it is around 800kb.
Other than that, nothing has changed,
Request you to kindly suggest.
Thanks & Regards
Upendra Agrawal -
Custom Login Module - Commit Method return TRUE always?
Hi,
I am creating a custom login module for my portal authentication.
For the login module, should the commit() method always return TRUE?
The example code on help.sap.com indicates yes to this question.
However, the JAVA Sun standard indicates that commit should return FALSE if the preceding login method returned FALSE.
Does the SAP example stray from the SUN standard? How should I code the commit() method such that it works (Always TRUE, or follow lead of login() method)?
Regards,
KevinHi Kevin,
I'm actually working with this document: <a href="https://www.sdn.sap.comhttp://www.sdn.sap.comhttp://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/events/webinars/jaas%20login%20module%20development%20on%20webas%20java%20640.pdf#search=%22classloader%20sda%20jar%20reference%22">JAAS Login Modules</a>.
There is also example code. If it should be ignored they return false, otherwise true (page 32).
Regards,
Marcus
Message was edited by: Marcus Freiheit -
Using a custom login page for the portal
Hi all,
I'm currently doing a migration from Plumtree 4.5WS to Plumtree 5.0.4. In the current 4.5WS portal, I'm catering to 3 different login mechanisms due to time-lags in migration of my users' workstations. The 3 mechanisms are:
1) Smart Card Reader on Windows 95 using TLS (uses a client side ActiveX)
2) Smart Card Reader on Windows XP using SSL (uses client side ActiveX)
3) Java PKI Card on Windows XP using SSL (uses server side scripting)
To cater to the above, we've made customisations to login.asp and dologin.asp and also added a few scripts of our own.
I now need to migrate these over to Plumtree 5.0 as well. I've thought of 2 ways to do this:
1) Doing a custom view replacement of the Login View. This however has limitations as I'm not sure how the codes for the above 3 mechanisms will come in, especially 3), which involves server side scripting.
2) Creating a custom login and exit page. This is probably a much more feasible solution in my case as it allows me to freely create my login pages and exit pages accordingly to cater for the above. However to do this, I need to be able to customize the Log In and Log Off links on the Portal Banner in order to point these to my own login and exit pages.
Any ideas what is the best (or correct) way to do this?
Thanks!
Weng Kong LeeAFAIK only one login.jsp is called.
But you can include logic into that one JSP file.
If referer = portal.company.com THEN
else
This way you can create different look and feel for different virtual hosts.
Login portlets have the disadvantage that https is not supported
Ton -
Custom login page with Policy Agent 2.2 & Access Manager
Hi,
Im trying to set up policy agent 2.2 and Access Manager to use the login page of the application Im trying to secure. Im not sure if this is the correct forum or not so feel free to move this if need be.
Ive been using this link: http://docs.sun.com/source/816-6884-10/chapter3.html#wp25376 but it doesnt seem to make sense.
In my AMAgent.properties file Ive set up
com.sun.identity.agents.config.login.form[0]=/contextRoot/login/login.jsp to my login page and Ive also configured the web.xml for that application to use the login:
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login/login.jsp</form-login-page>
<form-error-page>/login/login.jsp</form-error-page>
</form-login-config>
</login-config>
When I try and access the login page Im redirected to the default access manager login page. I did notice in the AMProperties.xml file the following line:
com.sun.identity.agents.config.login.url[0] = http://amserverhost:80/amserver/UI/Login
It seems like I should change that to point to my login page but I didnt see any documentation supporting that. When I change that property to point to location of my login page, i get a redirect loop error.
When I remove the com.sun.identity.agents.config.login.form[0] property all together, I just get a resource restricted error.
Now when I configure the com.sun.identity.agents.config.login.form[0] property, set the config.login.url = to my login page AND set the com.sun.identity.agents.config.notenforced.uri[0] property equal to my login page (so the login page is no longer protected) I am able to see the login page
Is unrestricting the login page correct? Im able to access the login.jsp page directly and when I try and access protected resources Im redirected back to the login page so everything seems to be working correctly but Im not sure if this is the correct way.Hi Neeraj,
I still have not been able to resolve that issue. Let me know If you find a solution for the same.
Thanks,
Srinivas -
OIM custom web page developed shows up on copy pasting the URL in browser
Hi experts,
I am facing this weird issue. I have developed a custom web page to generate password after adding custom menu item in OIM.
The web page shows up on copy pasting the URL in browser. Only System admins after loggin in should get this menu item and page after clicking on it.
http://xxxx:7778/xlWebApp/generatePassword.do
But any1 can access this page currently. I have changed the action class to check for valid session,so clicking reset doesnt trigger the code.
So atleast the functionality is protected.
But the page still shows up on copy pasting the URL. How do i prevent this from happening ??
Any suggestions and pointers would be appreciated.
Regards,
Confused developer.My action class does extend tcAction class.
Does my action class need initialisation code i.e. below lines of code ??
ConfigurationClient.ComplexSetting config = ConfigurationClient
.getComplexSettingByPath("Discovery.CoreServer");
final Hashtable env = config.getAllSettings();
tcSignatureMessage moSignature = tcCryptoUtil.sign("xelsysadm",
"PrivateKey");
ioUtilityFactory = new tcUtilityFactory(env, moSignature);
1 more question :
Should i check for valid HttpSession() in the execute function() of the action class ??
Can you share code for a sample custom action class please ??
Thanks in advance. -
Customizing login page AppsLocalLogin.jsp
I am trying to add a custom message with some links to the loginpage that is built with AppsLocalLogin.jsp. I would like to place the custom messages and link in an html file and then call it from AppsLocalLogin.jsp. Is there a way to do this? Is there a way to isolate an error in the message html so that the login page is not disabled when this occurs?
MikeWhenever you run AutoConfig (it happens also when you apply a patch that run AutoConfig at the end) you will lose any customization you do with AppsLocalLogin.jsp
You may like to have a look at the following link:
115.10.2 AppsLocalLogin - Personalization
Maybe you are looking for
-
Issue with user mapping and SAP reference system
Hello Gurus, I have this strange system behaviour when preparing my system for single sign-on using user mapping. Case 1. In the user management property category, I have the following defined. Authentication Ticket Type - SAP Logon Ticket Logon Meth
-
OSX 10.8 2.7 Ghz Intel Core i5
-
Why are the wrong paragraphs included when I do a Save As PDF
I'm using FrameMaker 12 and Acrobat Pro XI. When I do a 'Save As PDF' from a book and select the bookmarks I want, and arrange their hierarchy etc. Acrobat includes paragraphs formats that I did not select. For example, it seems to include a random s
-
How normally Supplier VAT (input tax) handled in Accounting point of view?
Dear Experts, We have a scenario for one of our Group companies to handle Tax entries. The mateials imported have to be charged with VAT 10% and to be paid to Government not to vendors. Is it possible to handle it thru tax procedure? Thru PO pricing
-
In my printer simulation, I want to display a dialog box that shows the print status. It should consist of a title bar with the X button, and a message. This message will update each time I change the string it uses. An OK (actually I'd prefer a Clos