11g Discoverer - Custom Login and private workbooks questions

I would like to know if anyone has experience with the following issues.
It appears that you could configure a custom login for Discoverer Plus/Viewer (users are authenticated via a custom application > provide a link within the custom application to launch Discoverer Plus > Discoverer Plus authenticate with the database as a generic single/service oracle username for a given EUL).
My questions:
1. Since we authenticate users in our application, could we just pass generic user information to allow a Discoverer Plus login via a URL (without the generic password being exposed to the user)?
2. If a custom login works using a generic discoverer database username, how could you pass a unique user identifier so that a user could create and save their own workbooks privately?
Essentially, we would like to authenticate the Discoverer Plus session via our own application (since the user is already authenticated within our application). And, we would like the Discoverer Plus database session to be generic so we do not require unique database accounts for every end-user. However, we also want the generic Discoverer Plus "session user" to be able to save private workbooks (possibly using sys_context('USERENV', 'CLIENT_IDENTIFIER')).
Thanks for any insight

Hi,
1. Since we authenticate users in our application, could we just pass generic user information to allow a Discoverer Plus login via a URL (without the generic password being exposed to the user)?You can use an HTTP post to send a Discoverer URL that contains both the username and password, so this should allow you to connect ot a generic user.
2. If a custom login works using a generic discoverer database username, how could you pass a unique user identifier so that a user could create and save their own workbooks privately?I don't think you can do this without using Oracle SSO. I workaround you could explore is for your Discoverer URL to run an initialisation workbook, which takes an encrypted username as a parameter and if this is OK the workbook sets the database environment using PL/SQL and DBMS_SESSION package. The user would then always see the results of the initialisation workbook when they connected which could just show a welcome message.
Rod West

Similar Messages

How To create custom login and create user pages

Where can I find documentation that discusses how I can create a custom login page and create new user page?
Also, I cannot find how to get away from the default login page.
I am using 9iAS/Portal R2.
Bill G...

Well - I did find some docs;
Chapter 8 of the Oracle9 iAS Single Sign-On.pdf file titled "Customizing the Single Sign-On Interface" has some good info but I'm wondering about the "create new user part".
Bill G...

How can i make custom login and priviliges pages depend on database ?

Hi all,
how can i make custom login page and custom security pages depend on oracle database tables.

User, please tell us your Jdev version!
Have you used the search field in the forum?
This had been asked a couple of times.
http://biemond.blogspot.in/2008/12/using-database-tables-as-authentication.html and
http://biemond.blogspot.in/2008/12/using-weblogic-provider-as.html
Timo

Customer login and apps.

Hi,
I would like for one of my customers to have the ability to use ntop. However, when I create a customer login there is no "Apps" section visible on the dashboard. Documentation suggest that customers can use these apps as well as partners.
Also , when logging into the Onplus locally from the lan what credentials are used? Does the device authenticate using Onplus portal creds?
Please advise. Thanks, Andrew

If the ON100 is on the same physical LAN as your customer, have them browse to the IP address of the ON100 on port 3000. NTOP will come up.
E.g.: http:xxx.xxx.xxx.xxx:3000
This is much faster and easier than going thru OnPlus to get to the NTOP app. The single issue that could bother you is that there is no login or other security.

Oracle Login and directory oraarch question ?

Hi,
I installed ERP 2004 IDES.
1. What is the default login name and password for oracle using Oracle Enterprise manager ?
2. How can I clear the directory "oraarch" ? The size is already more than 8 G ?
3. Can I stop oracle write to this directory ? Any impact ?
Thanks
Wilson

Hi Wilson,
1. Normally you should logon with your OPS$ user like OPS$ORA<SID> . default password for user "sys" is change_on_install and for user "system" - "manager".
During IDES installation you had to change them though.
2. Your archive logs are located in the "oraarch" directory. If you want to clear the directory, you'll have to backup logs (e.g. via brarchive with -sd option)
3. To stop filling the directory you can deactivate database logging by running "alter database noarchivelog" via SQLplus. However, i would consider this option only if your system is only for solely training/test purposes and you have full DB backup which can be restored in case of hardware/software failures. Without logs you will be unable to restore your DB to the last commited transaction.
Regards,
Mike

JDeveloper 11g - JSF Custom Validator - Client Side validation question...

Hi all,
I've created custom JSF validator.
How to trow some client side ValidatorException in javascript?
Thanks in advance,
s o v i e t

Try
throw new TrValidatorException(
null,
summary,
detail
Frank

Help - using custom login module with embedded jdev oc4j to access ejb 3

Hi All (Frank ??),
I'm just wondering if anyone has successfully been able to leverage a custom login module in combination
with a client that connects to a local EJB 3 stateless session bean through Jdeveloper 10.1.3.2's embedded oc4j.
I have spent 2+ days trying to get this to work - and i think I resound now to the fact im going to
have to deploy to oc4j standalone instead.
I got close.. but finally was trumped with the following error from the client trying to access the ejb:-
javax.naming.NoPermissionException: Not allowed to look up XXXXXX, check the namespace-access tag
setting in orion-application.xml for details.
Using the various guides available, I had no problem getting the custom login module working
with a local servlet running from JDev's embedded oc4j.. however with ejb - no such luck.
I have a roles table (possible values Member, Admin) - that maps to sr_Member and sr_Admin
respectively in various config files.
I'm using EJB 3 annotations for protecting methods .. for example
@RolesAllowed("sr_Member")
Steps that I had to do so far :-
In <jdevhome>\jdev\system\oracle.jwee.10.1.3.40.66\embedded-oc4j\config\system-jazn-data.xml1) Add custom login module
 <application>
 <name>current-workspace-app</name>
 <login-modules>
 <login-module>
 <class>kr.security.KnowRushLoginModule</class>
 <control-flag>required</control-flag>
 <options>
 <option>
 <name>dataSource</name>
 <value>jdbc/DB_XE_KNOWRUSHDS</value>
 </option>
 <option>
 <name>user.table</name>
 <value>users</value>
 </option>
 <option>
 <name>user.pk.column</name>
 <value>id</value>
 </option>
 <option>
 <name>user.name.column</name>
 <value>email_address</value>
 </option>
 <option>
 <name>user.password.column</name>
 <value>password</value>
 </option>
 <option>
 <name>role.table</name>
 <value>roles</value>
 </option>
 <option>
 <name>role.to.user.fk.column</name>
 <value>user_id</value>
 </option>
 <option>
 <name>role.name.column</name>
 <value>name</value>
 </option>
 </options>
 </login-module>
 </login-modules>
 </application>2) Grant login rmi permission to roles associated with custom login module (also in system-jazn-data.xml)
<grant>
 <grantee>
 <principals>
 <principal>
 <realm-name>jazn.com</realm-name>
 <type>role</type>
 <class>kr.security.principals.KRRolePrincipal</class>
 <name>Admin</name>
 </principal>
 </principals>
 </grantee>
 <permissions>
 <permission>
 <class>com.evermind.server.rmi.RMIPermission</class>
 <name>login</name>
 </permission>
 </permissions>
</grant>
<grant>
 <grantee>
 <principals>
 <principal>
 <realm-name>jazn.com</realm-name>
 <type>role</type>
 <class>kr.security.principals.KRRolePrincipal</class>
 <name>Member</name>
 </principal>
 </principals>
 </grantee>
 <permissions>
 <permission>
 <class>com.evermind.server.rmi.RMIPermission</class>
 <name>login</name>
 </permission>
 </permissions>
</grant>3) I've tried creating various oracle and j2ee deployment descriptors (even though ejb-jar.xml and orion-ejb-jar.xml get created automatically when running the session bean in jdev).
My ejb-jar.xml contains :-
<?xml version="1.0" encoding="utf-8"?>
<ejb-jar xmlns ....
<assembly-descriptor>
 <security-role>
 <role-name>sr_Admin</role-name>
 </security-role>
 <security-role>
 <role-name>sr_Member</role-name>
 </security-role>
</assembly-descriptor>
</ejb-jar>Note- i'm not specifying the enterprise-beans stuff, as JDev seems to populate this automatically.
My orion-ejb-jar.xml contains ...
<?xml version="1.0" encoding="utf-8"?>
<orion-ejb-jar ...
<assembly-descriptor>
 <security-role-mapping name="sr_Admin">
 <group name="Admin"></group>
 </security-role-mapping>
 <security-role-mapping name="sr_Member">
 <group name="Member"></group>
 </security-role-mapping>
 <default-method-access>
 <security-role-mapping name="sr_Member" impliesAll="true">
 </security-role-mapping>
 </default-method-access>
</assembly-descriptor>My orion-application.xml contains ...
<?xml version="1.0" encoding="utf-8"?>
<orion-application xmlns ...
<security-role-mapping name="sr_Admin">
 <group name="Admin"></group>
</security-role-mapping>
<security-role-mapping name="sr_Member">
 <group name="Member"></group>
</security-role-mapping>
<jazn provider="XML">
 <property name="role.mapping.dynamic" value="true"></property>
 <property name="custom.loginmodule.provider" value="true"></property>
</jazn>
<namespace-access>
 <read-access>
 <namespace-resource root="">
 <security-role-mapping name="sr_Admin">
 <group name="Admin"/>
 <group name="Member"/>
 </security-role-mapping>
 </namespace-resource>
 </read-access>
 <write-access>
 <namespace-resource root="">
 <security-role-mapping name="sr_Admin">
 <group name="Admin"/>
 <group name="Member"/>
 </security-role-mapping>
 </namespace-resource>
 </write-access>
</namespace-access>
</orion-application>My essentially auto-generated EJB 3 client does the following :-
 Hashtable env = new Hashtable();
 env.put(Context.SECURITY_PRINCIPAL, "matt.shannon");
 env.put(Context.SECURITY_CREDENTIALS, "welcome1");
 final Context context = new InitialContext(env);
 KRFacade kRFacade = (KRFacade)context.lookup("KRFacade");
...And throws the error
20/04/2007 00:55:37 oracle.j2ee.rmi.RMIMessages
EXCEPTION_ORIGINATES_FROM_THE_REMOTE_SERVER
WARNING: Exception returned by remote server: {0}
javax.naming.NoPermissionException: Not allowed to look
up KRFacade, check the namespace-access tag setting in
orion-application.xml for details
 at
com.evermind.server.rmi.RMIClientConnection.handleLookupRe
sponse(RMIClientConnection.java:819)
 at
com.evermind.server.rmi.RMIClientConnection.handleOrmiComm
andResponse(RMIClientConnection.java:283)
....I can see from the console that the user was successfully authenticated :-
20/04/2007 00:55:37 kr.security.KnowRushLoginModule validate
WARNING: [KnowRushLoginModule] User matt.shannon authenticated
And that user is granted both the Admin, and Member roles.
The test servlet using basic authentication correctly detects the user and roles perfectly...
public void doGet(HttpServletRequest request,
 HttpServletResponse response)
 throws ServletException, IOException
 LOGGER.log(Level.INFO,LOGPREFIX +"doGet called");
 response.setContentType(CONTENT_TYPE);
 PrintWriter out = response.getWriter();
 out.println("<html>");
 out.println("<head><title>ExampleServlet</title></head>");
 out.println("<body>");
 out.println("The servlet has received a GET. This is the reply.");
 out.println(" getRemoteUser = " + request.getRemoteUser());
 out.println(" getUserPrincipal = " + request.getUserPrincipal());
 out.println(" isUserInRole('sr_Admin') = "+request.isUserInRole("sr_Admin"));
 out.println(" isUserInRole('sr_Memeber') = "+request.isUserInRole("sr_Member"));Anyone got any ideas what could be going wrong?
cheers
Matt.
Message was edited by:
mshannon

Thanks for the response. I checked out your blog and tried your suggestions. I'm sure it works well in standalone OC4J, but i was still unable to get it to function correctly from JDeveloper embedded.
Did you ever get the code working directly from JDeveloper?
Your custom code essentially seems to be the equivalent of a grant within system-jazn-data.xml.
For example, the following grant to a custom jaas role (JAAS_ADMIN) that gets added by my custom login module gives them rmi login access :-
 <grant>
 <grantee>
 <principals>
 <principal>
 <realm-name>jazn.com</realm-name>
 <type>role</type>
 <class>kr.security.principals.KRRolePrincipal</class>
 <name>JAAS_Admin</name>
 </principal>
 </principals>
 </grantee>
 <permissions>
 <permission>
 <class>com.evermind.server.rmi.RMIPermission</class>
 <name>login</name>
 </permission>
 </permissions>
 </grant>If I add the following to orion-application.xml

<namespace-access>
 <read-access>
 <namespace-resource root="">
 <security-role-mapping>
 <group name="JAAS_Admin"></group>
 </security-role-mapping>
 </namespace-resource>
 </read-access>Running a standalone client against the embedded jdev oc4j server gives the namespace-access error.
I tried out your code by essentially creating a static reference to a singleton class that does the role lookup/provisioning with rmi login grant :-
From custom login module :-
private static KRSecurityHelper singleton = new KRSecurityHelper();
protected Principal[] m_Principals;
 Vector v = new Vector();
 v.add(singleton.getCustomRmiConnectRole());
 // set principals in LoginModule
 m_Principals=(Principal[]) v.toArray(new Principal[v.size()]);
Singleton class :-
package kr.security;
import com.evermind.server.rmi.RMIPermission;
import java.util.logging.Level;
import java.util.logging.Logger;
import oracle.security.jazn.JAZNConfig;
import oracle.security.jazn.policy.Grantee;
import oracle.security.jazn.realm.Realm;
import oracle.security.jazn.realm.RealmManager;
import oracle.security.jazn.realm.RealmRole;
import oracle.security.jazn.realm.RoleManager;
import oracle.security.jazn.policy.JAZNPolicy;
import oracle.security.jazn.JAZNException;
public class KRSecurityHelper
private static final Logger LOGGER = Logger.getLogger("kr.security");
private static final String LOGPREFIX = "[KRSecurityHelper] ";
public static String CUSTOM_RMI_CONNECT_ROLE = "remote_connect";
private RealmRole m_Role = null;
public KRSecurityHelper()
 LOGGER.log(Level.FINEST,LOGPREFIX +"calling JAZNConfig.getJAZNConfig");
 JAZNConfig jc = JAZNConfig.getJAZNConfig();
 LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getRealmManager");
 RealmManager realmMgr = jc.getRealmManager();
 try
 // Get the default realm .. e.g. jazn.com
 LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getGetDefaultRealm");
 Realm r = realmMgr.getRealm(jc.getDefaultRealm());
 LOGGER.log(Level.INFO,LOGPREFIX +"default realm: "+r.getName());
 // Access the role manager for the remote connection role
 LOGGER.log(Level.FINEST,
 LOGPREFIX +"calling default_realm.getRoleManager");
 RoleManager roleMgr = r.getRoleManager();
 LOGGER.log(Level.INFO,LOGPREFIX +"looking up custom role '"
 CUSTOM_RMI_CONNECT_ROLE "'");
 RealmRole rmiConnectRole = roleMgr.getRole(CUSTOM_RMI_CONNECT_ROLE);
 if (rmiConnectRole == null)
 LOGGER.log(Level.INFO,LOGPREFIX +"role does not exist, create it...");
 rmiConnectRole = roleMgr.createRole(CUSTOM_RMI_CONNECT_ROLE);
 LOGGER.log(Level.FINEST,LOGPREFIX +"constructing new grantee");
 Grantee gtee = new Grantee(rmiConnectRole);
 LOGGER.log(Level.FINEST,LOGPREFIX +"constructing login rmi permission");
 RMIPermission login = new RMIPermission("login");
 LOGGER.log(Level.FINEST,
 LOGPREFIX +"constructing subject.propagation rmi permission");
 RMIPermission subjectprop = new RMIPermission("subject.propagation");
 // make policy changes
 LOGGER.log(Level.FINEST,LOGPREFIX +"calling jc.getPolicy");
 JAZNPolicy policy = jc.getPolicy();
 if (policy != null)
 LOGGER.log(Level.INFO, LOGPREFIX
 + "add to policy grant for RMI 'login' permission to "
 + CUSTOM_RMI_CONNECT_ROLE);
 policy.grant(gtee, login);
 LOGGER.log(Level.INFO, LOGPREFIX
 + "add to policy grant for RMI 'subject.propagation' permission to "
 + CUSTOM_RMI_CONNECT_ROLE);
 policy.grant(gtee, subjectprop);
 // m_Role = rmiConnectRole;
 m_Role = roleMgr.getRole(CUSTOM_RMI_CONNECT_ROLE);
 LOGGER.log(Level.INFO, LOGPREFIX
 + m_Role.getName() + ":" + m_Role.getFullName() + ":" + m_Role.getFullName());
 else
 LOGGER.log(Level.WARNING,LOGPREFIX +"Cannot find jazn policy!");
 else
 LOGGER.log(Level.INFO,LOGPREFIX +"custom role already exists");
 m_Role = rmiConnectRole;
 catch (JAZNException e)
 LOGGER.log(Level.WARNING,
 LOGPREFIX +"Cannot configure JAZN for remote connections");
public RealmRole getCustomRmiConnectRole()
 return m_Role;
}Using the code approach and switching application.xml across so that namespace access is for the group remote_connect, I get the following error from my bean :-
INFO: Login permission not granted for current-workspace-app (test.user)
Thus, the login permission that I'm adding through the custom remote_connect role does not seem to work. Even if it did, i'm pretty sure I would still get that namespace error.
This has been such a frustrating process. All the custom login module samples using embedded JDeveloper show simple j2ee servlet protection based on settings in web.xml.
There are no samples showing jdeveloper embedded oc4j using ejb with custom login modules.
Hopefully the oc4j jdev gurus like Frank can write a paper that demonstrates this.
Matt.

MAKING AN IFRAME IN DREAMWEAVER TO IMPORT INTO MUSE FOR CUSTOMER LOGIN

Okay So i am making a client there website in muse and they're wanting a customer login and customer sign up into there webpage but muse does not have that option. I called adobe and they said to make an iframe in dreamweaver and then put it into muse in html. How do i do this? I NEED HELP BADLY!

The code that Muse creates is completely different to the code that Dreamweaver and other good IDE's produce. I doubt that you can put that code into Muse.
It may be an idea to ask the question the the Muse forum.

Stream of Login and Logout

Hi,
I wanted to create 2 page login(Login1 to login into Page Group1,another login into Group2).
Can I set links to access Login1 anh Login2 ?.
(I want Login1 derect Index of Page Group1,Login2 derect Index of page Group, the same question with Logout page?)
Could you solve the problem ?
regards,
thangtk

Hi,
this is not possivble with PAR. You can try to achieve this with the Activity Data Collector. The ADC will collect more information in a more raw format and you'll have to apply you own filter to gain the desired information.
SDN PDF: https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/e07edaa8-70ae-2b10-2390-f068636c8b1e
SAP Help: http://help.sap.com/saphelp_nw70/helpdata/en/46/e42c3ed63369b5e10000000a114a6b/content.htm
You can also try to catch these information with a customized login and logoff application (java) that will write the login / logoff ID and time to the DB.
br,
Tobias

Using a custom login page for the portal

Hi all,
I'm currently doing a migration from Plumtree 4.5WS to Plumtree 5.0.4. In the current 4.5WS portal, I'm catering to 3 different login mechanisms due to time-lags in migration of my users' workstations. The 3 mechanisms are:
1) Smart Card Reader on Windows 95 using TLS (uses a client side ActiveX)
2) Smart Card Reader on Windows XP using SSL (uses client side ActiveX)
3) Java PKI Card on Windows XP using SSL (uses server side scripting)
To cater to the above, we've made customisations to login.asp and dologin.asp and also added a few scripts of our own.
I now need to migrate these over to Plumtree 5.0 as well. I've thought of 2 ways to do this:
1) Doing a custom view replacement of the Login View. This however has limitations as I'm not sure how the codes for the above 3 mechanisms will come in, especially 3), which involves server side scripting.
2) Creating a custom login and exit page. This is probably a much more feasible solution in my case as it allows me to freely create my login pages and exit pages accordingly to cater for the above. However to do this, I need to be able to customize the Log In and Log Off links on the Portal Banner in order to point these to my own login and exit pages.
Any ideas what is the best (or correct) way to do this?
Thanks!
Weng Kong Lee

AFAIK only one login.jsp is called.
But you can include logic into that one JSP file.
If referer = portal.company.com THEN
else
This way you can create different look and feel for different virtual hosts.
Login portlets have the disadvantage that https is not supported
Ton

Custom Login Module with Adf 11g and and weblogic server

I have configured adf security on my application. I have checked the authentication and authorization are working fine with the default authenticator.
I am trying to create a custom login module. I have downloaded the custom login module implementation jaasdatabaseloginmodule.zip http://www.oracle.com/technetwork/developer-tools/jdev/index-089689.html. I have added the DBLoginModule.jar to my application. post written by Frank Nimphius and Duncan Mills
I have configured the jps config under the application resources with these entries.
<jpsConfig xmlns="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.oracle.com/oracleas/schema/11/jps-config-11_1.xsd">
<property value="true" name="custom.provider"/>
<property value="doasprivileged" name="oracle.security.jps.jaas.mode"/>
<serviceInstance name="CustomFFMLoginModule"
provider="jaas.login.provider">
<property name="jaas.login.controlFlag" value="REQUIRED"/>
<property name="log.level" value="FINEST"/>
<property name="debug" value="true"/>
<property name="addAllRoles" value="true"/>
<property name="loginModuleClassName"
value="oracle.sample.dbloginmodule.DBTableLM.ALSDBTableLoginModule"/>
<property value="jdbc/ApplicationDBDS" name="data_source_name"/>
</serviceInstance>
<jpsContexts default="FFMSecurityDAM">
<jpsContext name="FFMSecurityDAM">
<serviceInstanceRef ref="CustomFFMLoginModule"/>
<serviceInstanceRef ref="credstore"/>
<serviceInstanceRef ref="anonymous"/>
<serviceInstanceRef ref="policystore.xml"/>
</jpsContext>
When I run the application this custom login is not getting invoked.
I even tried to add these contents to DefaultDomain\config\fmwconfig\jps-config.xml still no result.
Can anyone who has configured custom login module direct me how to correct my application.

Hi Frank,
After following the documentation suggested. I am able to create custom authenticator. But when I login I getting the below exception. When I debugged login method returned true. But this error is being thrown after that. Any clue.
java.lang.IllegalArgumentException: [Security:097531]Method com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(Principals) was unable to sign a principal
 at com.bea.common.security.internal.service.PrincipalValidationServiceImpl.sign(PrincipalValidationServiceImpl.java:188)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
 at $Proxy10.sign(Unknown Source)
 at weblogic.security.service.internal.WLSIdentityServiceImpl.getIdentityFromSubject(WLSIdentityServiceImpl.java:63)
 at com.bea.common.security.internal.service.JAASLoginServiceImpl.login(JAASLoginServiceImpl.java:119)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
 at $Proxy16.login(Unknown Source)
 at weblogic.security.service.internal.WLSJAASLoginServiceImpl$ServiceImpl.login(WLSJAASLoginServiceImpl.java:91)
 at com.bea.common.security.internal.service.JAASAuthenticationServiceImpl.authenticate(JAASAuthenticationServiceImpl.java:82)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at com.bea.common.security.internal.utils.Delegator$ProxyInvocationHandler.invoke(Delegator.java:57)
 at $Proxy34.authenticate(Unknown Source)
 at weblogic.security.service.WLSJAASAuthenticationServiceWrapper.authenticate(WLSJAASAuthenticationServiceWrapper.java:40)
 at weblogic.security.service.PrincipalAuthenticator.authenticate(PrincipalAuthenticator.java:348)
 at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:237)
 at weblogic.servlet.security.internal.SecurityModule.checkAuthenticate(SecurityModule.java:186)
 at weblogic.servlet.security.internal.FormSecurityModule.processJSecurityCheck(FormSecurityModule.java:254)
 at weblogic.servlet.security.internal.FormSecurityModule.checkUserPerm(FormSecurityModule.java:209)
 at weblogic.servlet.security.internal.FormSecurityModule.checkAccess(FormSecurityModule.java:92)
 at weblogic.servlet.security.internal.ServletSecurityManager.checkAccess(ServletSecurityManager.java:82)
 at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2204)
 at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
 at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
 at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
 at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

OBIEE 11g : Unable to see any images while customizing styles and skins

Hi,
I am trying to customize OBIEE 11g style and skin. I followed the steps mentioned at http://www.rittmanmead.com/2010/12/oracle-bi-ee-11g-styles-skins-custom-xml-messages/ and also in oracle white paper http://www.oracle.com/technetwork/middleware/bi/customizing-oracle-biee-11g-176387.pdf.
I am not able to see any images on any OBIEE screens. After login, I can see the name of skin which i have created as the default skin but login page images, header images (after login) are not coming up. Can you please provide solution?
P.S. I have not changed any images or any css files in the custom skin and style directory. I just wanted to know first whether the new skin/style works for me. If it works, then i will apply some sort of customization.

That is correct. Also remember to delete browser cache. Here you have the folders: Re: how to insert the picture in the dashboard of BIEE
Let me know.
J.-

Questions about a custom login page.

Could someone give me an example of a custom login page that does the error checking with
p_error_code. I can't seem to get one to work correctly. I don't ever get any info in
p_error_code when there is an error in login.
You can email me the code at [email protected] if you would prefer.
Thanks.
Bethany

Bethany,
The best place for this question is the Orac le9ias Portal Security and Login Server forum.
Thanks

Custom login question

C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportManager
C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer
Which of these two folder contains the web.config that must be modified when adding custom login/ forms authentication?
When and how is the AuthCookie used? Do I need to add any info to the ssrs auth cookie?
scott

Hi scott_m,
According to your description, you want to add a custom login form authentication and use AuthCookie. Right?
In Reporting Services, if we want to add custom login form, we need to modify the web.config in ReportServer folder. For the modification in configure files and usage of authcookie, please refer to the links below:
http://www.codeproject.com/Articles/675943/SSRS-Forms-Authentication
http://msdn.microsoft.com/en-us/library/ms345241.aspx
If you have any question, please feel free to ask.
Best Regards,
Simon Hou

Tweaking defaults of Discoverer 10g (Viewer and Plus) login page

Using information gleaned from the Metalink notes referenced below, we've had our admins successfully configure our default Discoverer 10g login pages (for Viewer and Plus) with the following tweaks:
1) Remove the "typo-prone" entry box for RESPONSIBILITY (on an Apps-Mode EUL) in favor of the subsequent drop-down LOV option to select available responsibilities
2) Re-order CONNECT TO options to make the more frequently used APPS-MODE option first in the drop-down list, followed by the STANDARD (relational) and finally, OLAP (to be hopefully implemented at some future date)
3) Re-label CONNECT TO options with terminology more understandable to our end-users in order to better understand choices
We would like, if possible, to further enhance the relative efficiency of the user login experience by making the APPS-MODE option the default selection upon initial entry to the page (the above-indicated re-ordering of the entries didn't appear to affect Oracle's continued default selection of the STANDARD option).
If anyone has any suggestions / tips to accomplish this, we would greatly appreciate your feedback. I should also say, that we don't possess a lot of Java Development skills and therefore would appreciate any directions provided in a "cookbook/recipe" manner similar to those provided in the Metalink documents we were able to utilize for the changes made thus far.
Thanks in advance.
Metalink
Docs Desciption
312463.1-How To Customize Oracle Business Intelligence Discoverer 10g (10.1.2) Connection Page
342255.1-How To Remove the "End User Layer" option Customize Discoverer 10g (10.1.2) Connection Page

Hi
I would have to suspect that the answer to the question of restricting responsibilities might well be yes.
Here's one idea:
Because responsibilities come from FND_RESPONSBILITIES, can you write a piece of SQL that positively identifies the responsibilities that are used inside Discoverer? If you can do that, I'm wondering whether a Discoverer logon trigger might be able to set a VPD policy to only allow those responsibilities.
I don't have any time to try it otherwise I would. Is there anyone who can pick this up and run with it to see what can be made to happen?
Best wishes
Michael

11g Discoverer - Custom Login and private workbooks questions

Similar Messages

Maybe you are looking for