Authentication Ticket Type setting in BI Portal

In the BI Portal's System definition for the backend BI ABAP system, is there any harm in using the SAP Logon Ticket as the "Authentication Ticket Type" instead of SAP Assertion ticket?
I have a federated portal configuration where the BI Portal is a producer. I configured the consumer portal's UME to use LDAP as the user store and the ABAP user mappings are defined in the consumer portal only. The BI producer portal is also setup to use the LDAP as the user store and is also configured to use SPNEGO -- the reason for this is so that the user doesn't have to login when he's accessing the BI reports through bookmarks in the browser favorites. The BI Portal doesn't have any user mapping to the backend ABAP system. It relies on the consumer portal's MYSAPSSO2 ticket's user mapping. In this configuration, I can run BI Bex reports iviews from the consumer portal through federated portal delta links to the BI producer portal. This only works however if on the BI Portal I set the "Authentication Ticket Type" setting to SAP Logon Ticket. The Bex reports stop working if I set the "Authenticaion Ticket Type" to SAP Assertion ticket. The SAP Assertion ticket does work however if I setup user mapping on the BI producer portal -- I really want to avoid setting up user mapping in both the consumer and producer portals.
Thanks in advance.
Mel Calucin
SAP Portal Architect
Bentley Systems, Inc.

Mel, I am not 100% sure, but I think the federated portal requires both consumer and producer to use the same data source.
Whoops! Misread your message. As to your question, I do not know why you could not use logon tickets.
-Michael
Edited by: Michael Shea on Dec 1, 2008 11:53 AM

Similar Messages

Cannot modify Authentication Type setting

I am running the WRT54G (v.6) with firmware v1.0.0.9. I am unable to modify the Authentication Type setting in the utility because the box is grayed-out. It is currently set to Auto (by deafult). Is the setting correct since I am using WPA2 Personal? I do not even know what the other options are since I cannot modify the setting. Thanks.
Wireless->Advanced Wireless Settings->Authentication Type

Hi… This authentication type is different then wireless security mode i.e. either WEP or WPA or WPA2. If want to what is your wireless security mode then go to wireless -> wireless security -> security mode, here you have an option to select the security mode. Select appropriate security mode supported by your OS and Wireless adapters on wireless computers.

How to pass any type of objects into Portal's rules engine?

Is that possible to pass any type of objects into Portal's rules engine? Or BEA's Portal service rules engine can only allow to pass a limited number of objects?
Are there any information about BEA's rules engine? and Can we use its rules engine without using its Portal service?
Thank you.

I worked on BEA rules engine 4 months back. I'm sure you can pass any JAVA object to it's working meomory. I am giving my sample rules here, hope it will be helpful for you.
I just replace pcakage name, other than that everything is from wroking project. Open in xml spy, it should be clear from the desc. If you have any questions post back.
<cr:rule-set is-complete="true" xmlns="http://www.bea.com/servers/p13n/xsd/expression/expressions/2.1.1" xmlns:cr="http://www.bea.com/servers/p13n/xsd/rules/core/2.1.1" xmlns:literal="http://www.bea.com/servers/p13n/xsd/expression/literal/1.0.1" xmlns:string="http://www.bea.com/servers/p13n/xsd/expression/string/1.0.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/servers/p13n/xsd/rules/core/2.1.1 rules-core-2_1_1.xsd">
     <cr:rule is-complete="true">
          <cr:name>TaxForm1040</cr:name>
          <cr:description>If salary is 70,000 then this rule makes 1040 as required form</cr:description>
          <cr:conditions>
               <multi-and>
                    <multi-and>
                         <equal-to>
<instance-method>
<variable>
<name>SalaryField</name>
<type-alias>com.blah.field.REInputObject</type-alias>
</variable>
<name>getKey</name>
</instance-method>
<literal:string>Salary</literal:string>
</equal-to>
<equal-to>
<instance-method>
<variable>
<name>SalaryField</name>
<type-alias>com.blah.field.REInputObject</type-alias>
</variable>
<name>getValue</name>
</instance-method>
<literal:integer>70000</literal:integer>
</equal-to>
                    </multi-and>
               </multi-and>
          </cr:conditions>
          <cr:actions>
               <new-instance>
                    <type-alias>com.blah.field.RequiredField</type-alias>
                    <arguments>
                         <literal:string>1040</literal:string>
                    </arguments>
               </new-instance>
          </cr:actions>
     </cr:rule>
</cr:rule-set>

Can we use AD authentication for SPoint users to access Portal behind OID?

Hi,
We have Oracle Portal with OID-AD sychronization set up, and are currently implementing SharePoint in our organization.
We would like to provide links to a few pages on our Portal to some of the SharePoint users.
The SharePoint users are authenticated by the Active Directory SSO and the Portal users are authenticated by our OID SSO setup.
What we want to do is to let some SharePoint users access our Portal using their AD login. The SharePoint users should not have to login again to get to our Portal pages.
Is there a way to let the AD authentication to pass through the OID setup so that SharePoint users can directly access our Portal?
We don't have any external authentication plug-ins set up for our Portal.
Currently we are on Portal version 9.0.4.1 but may be upgrading to version 10.1.4.2 in the near future.
Any help would be greatly appreciated.
Thanks.
CV

Hi,
Thanks for the quick reply.
But I have a different scenario.
I want to establish it in such a way that certain users are stored in the LDAP and certain users are stored in the Portal Database.

Reference to generic type Set E should be parmeterized

I have the following code in a class:
1:Event theEvent = (Event) session.load(Event.class, eventId);
            2:Set<Event> eventSet;
            3:eventSet = user.getFavouriteEvents();
            4:eventSet.add(theEvent);At line 3, I get the following warning message:
Type safety: The expresson of raw type Set is converted to Set<Event>. References to generic type Set<E> should be parameterized.
What does this mean? What do I need to do to get past this warning.
Thanks
Sharma

Found the problem. I forgot to parameterize the Set in the getFavouriteEvents() method.
Thanks
Sharma

Questions on setting up a portal using oracle

hi,
i want to use oracle to set up a portal which is open to public and each user can register to setup their own account (with their own userid & password) and store their profile. At the same time, my application will periodically perform some tasks based on the values in some columns in the user's profile. Which is the best way to do this?
1. Oracle8i db + Webdb?
If i use this method, how do i implement the login method for the users? Will userid & password be just one of the fields in the user table? OR should each user be created and given an oracle user account?
how to get userid & password fr. login form for verification so that i can show them their own profiles? any info on where can i find how to implement this will be much appreciated.
2. Oracle8i db + Application Server
I know this is a better approach (3-tier architecture). Where can i find info on how to implement the user login form and show them their own profile?
thanks in advance. any help is appreciated.
null

Marcus,
I can't answer your specific question but I suggest you browse some of the OAS and WebDB documentation. Click the documentation link on the left of this page. You could also take a look at some of the technical white papers available at www.oracle.com.
Blaise

Programatic import can't clear out a property of data-type="set"

Our catalog repository has a item-descriptor for a "sku" that has a property named "modelProfiles" which is a data-type="set". This allow our SKUs to have a one-to-many relationship with ModelProfile components.
We programmatically import and update these SKUs through gsa-xml files. This usually works great, but the problem I am having is that there appears to be no way to "clear out" the set that a given SKU is connected to. I can add to the set, I can reduce the members of the set, but when I try to make an individual SKU's set empty, the BCC project shows the related SKU as unchanged (meaning that it still has all of its SKUs).
How can I clear out a property of type "set" using gsa-xml like...
<pre>
<update-item item-descriptor="sku" id="sku160005">
<set-property name="modelProfiles" value="__NULL__"></set-property>
</update-item>
</pre>
Our custom calalog.xml entry for this mess looks like...
<pre>
<item-descriptor name="sku">
<table
name="the_sku_modelprofile"
type="multi"
id-column-name="sku_id" >
<property
name="modelProfiles"
data-type="set"
column-name="model_profile_id"
component-item-type="ModelProfile"
display-name="Model Profile"
category-resource="theBasics"
required="false" >
<attribute
name="resourceBundle"
value="the.commerce.ProductCatalogTemplateResources"/>
<attribute name="propertySortPriority" value="-55"/>
</property>
</table>
</item-descriptor>
</pre>
As always, any help is greatly appreciated.

You just need
<update-item item-descriptor="sku" id="sku160005">
<set-property name="modelProfiles" value=""></set-property>
</update-item>

How to list those employees who do not have a certain pay rate type set up

Hi,
I'm trying to create a report that lists all employees who DO NOT have a certain pay rate role type set up. An employee can have multiple pay rate roles - for example: chargeable miles, non-chargeable miles, subsistence, etc.
I want to identify all those employees who do not have, say, subsistence yet set up.
I joined the employee table to the employee rates table. The employee_role_id=20 is the particular rate role value that I am interested in. I want to only list those employees who do not have rate of role type 20 set up. That way I can go and set one up for these employees. At present, I am using selection criteria where employee_role_id=20. This brings back only those employees that have an employee_role_id of 20 setup. I would like to do the inverse but setting <>20 only screens out those roles with value 20 and displays all of the rest of the pay role values for each employee.
Any help is appreciated.
thx!
Mark

if you are not sure about the linking i suggest to just show all roles associated to all the employees,
group by employee
create true/false formula for the role_ids where ONLY your 20 role is TRUE per employee
then exclude all false - that should give you only the employees that are missing that particular role.

The type Set is not generic; it cannot be parameterized with arguments K ?

When I use Hashtable or HashMap to get the keySet, it shows the error of "The type Set is not generic; it cannot be parameterized with arguments <K>".
The following is my code:
Hashtable table = new Hashtable();
table.put("A", new Integer(1));
table.put("B", new Integer(2));
Iterator its = table.keySet().iterator(); // <<<<<<<<<<<<<< this line shows the error "The type Set is not generic; it cannot be parameterized with arguments <K>"
How can I solve it? Please help me! I have no idea on it. It works fine in 1.4.
Best regards,
Eric

The original is my codes, please help!
public static List findDlicApp(Date startDate, Date endDate, Connection con) {
          String SQL = getSQL("app.sql");
          String where = getSQL("app.sql.where");
          boolean hasWhere = false;
          if (startDate != null) {
               SQL = SQL + " where d.create_date >= to_date('" + DMSUtil.convertDateToString(startDate) + "', 'yyyy-MM-dd')";
               hasWhere = true;
          if (endDate != null) {
               if (hasWhere) {
                    SQL = SQL + " and to_date(to_char(d.create_date, 'yyyy-mm-dd'), 'yyyy-mm-dd') <= to_date('" + DMSUtil.convertDateToString(endDate) + "', 'yyyy-MM-dd')";
               } else {
                    SQL = SQL + " where to_date(to_char(d.create_date, 'yyyy-mm-dd'), 'yyyy-mm-dd') <= to_date('" + DMSUtil.convertDateToString(endDate) + "', 'yyyy-MM-dd')";
               hasWhere = true;
          if (hasWhere) {
               SQL = SQL + " and " + where;
          } else {
               SQL = SQL + " where " + where;
          SQL = SQL + " " + getSQL("app.sql.order");
          //System.out.println(SQL);
          //Connection con = getParaDMConnection("findDlicApp");
          HashMap<String, DlicApp> dlicDocs = new HashMap<String, DlicApp>();
          List result = new ArrayList();
          try {
               Statement stmt = con.createStatement();
               ResultSet rs = stmt.executeQuery(SQL);
               long lastDocID = 0;
               boolean hasStartDate = false;
               while(rs.next()) {
                    long docID = rs.getLong("docID");
                    String docName = rs.getString("docName");
                    String refNo = rs.getString("refNo");
                    java.util.Date createDate = rs.getDate("createDate");
                    String creator = rs.getString("creator");
                    String profileType = rs.getString("profileType");
                    String assunto = rs.getString("assunto");
                    String fromEntity = rs.getString("fromEntity");
                    String location = getLocation(docID, con);
                    long fieldID = rs.getLong("fieldID");
                    String fieldValue = rs.getString("fValue");
                    DlicApp doc = null;
                    if (dlicDocs.containsKey(String.valueOf(docID))) {
                         doc = (DlicApp)dlicDocs.get(String.valueOf(docID));
                    } else {
                         doc = new DlicApp();
                    doc.setId(docID);
                    doc.setDocName(docName);
                    doc.setReferenceNo(refNo);
                    doc.setCreateDate(createDate);
                    doc.setCreator(creator);
                    doc.setProfileType(profileType);
                    doc.setAssunto(assunto);
                    doc.setFrom(fromEntity);
                    //if (doc.getStartDate() == null) {
                    //     doc.setStartDate(createDate);
                    doc.setLocation(location);
                    if (fieldValue != null) {
                         if (fieldID == 1114) {
                              doc.setChineseName(fieldValue);
                         if (fieldID == 1115) {
                              doc.setPortugueseName(fieldValue);
                         if (fieldID == 1116) {
                              doc.setApplicationCategory(fieldValue);
                         if (fieldID == 1118) {
                              doc.setStatus(fieldValue);
                         if (fieldID == 1119) {
                              Date d = DMSUtil.parseDate(fieldValue, "yyyy-MM-dd");
                              doc.setStartDate(d);
                              hasStartDate = true;
                         if (fieldID == 1120) {
                              Date d = DMSUtil.parseDate(fieldValue, "yyyy-MM-dd");
                              if (!StringUtils.isEmpty(fieldValue)) {
                                   //System.out.println(docName + ":" + fieldValue + ">>>>>>>>>findDlicApp>>>>>>>>>>>>>>>>>>APP END DATE: " + d);
                                   doc.setEndDate(d);
                    if (docID != lastDocID) {
                         doc.setRelatedDocs(findRelatedDoc(docID, con));
                         lastDocID = docID;
                    dlicDocs.put(String.valueOf(docID), doc);
               stmt.close();
               rs.close();
               Iterator<String> its = dlicDocs.keySet().iterator();
               while(its.hasNext()) {
                    String id = (String)its.next();
                    DlicApp a = (DlicApp)dlicDocs.get(id);
                    a.setRelatedDocs(findRelatedDoc(a.getId(), con));
                    dlicDocs.put(id, a);
               result.addAll(dlicDocs.values());
               // take out start date is not in the given period
               int n = 0;
               while(true) {
                    if (n < result.size()) {
                         DlicApp a = (DlicApp)result.get(n);
                         Date sd = a.getStartDate();
                         if (!isWithin(sd, startDate, endDate)) {
                              result.remove(n);
                         } else {
                              n++;
                    } else {
                         break;
          } catch(Exception e) {
               e.printStackTrace();
          if (result.size() > 0) {
               Collections.sort(result, new DmsDocComparator());
          return result;
     }Edited by: EJP on 13/01/2011 14:41: added code tags for you. Please use them next time.

How to create PDF type of ivews in portal using the standard SAP template

Hi,
I have to create PDF type of ivew in the portal, I am trying with URL type of ivew but it is not taking " %" in URL type of ivew.
Is there any other template availabe to create pdf type of ivews or how to create these pdf type of ivews in portal.
Please help me out .
Thanks,
Manasa.

Hi Manasa,
You can do that by simply removing the special character "%" (in ur case) and providing " "(blank space) in its place.
Please refer to this link: [http://help.sap.com/saphelp_nw70/helpdata/en/2f/84e378f6244113b0816b5d00cd3747/frameset.htm]
Hope this helps !
Regards,
Nishant Singh

Hunt group type Set up with outside ext numbers ie Cell phones

Using CUCM 9.1
Is there a quick and easy way to create a hunt group type set up using outside (cell phone numbers)?
The scenario will be one (person who will be ON Call) using an internal DID that is forwarded to to a cell phone of the oncall person that particular week. If no answer it would forward to the next line group of 4 members and also try their cell phones. After this it would simply repeat the entire process. So far it looks like a solution may be possible with single line reach perhaps?
Any insight would be grealy appreciated.
Dave

Hello,
I set up something like this on CUCM 8.0 a couple of years ago.
I used the Mobile Connect feature as you suggest and it worked ok after some playing about with the timers.
The main problem was that there was no way for the remote users to log out of the hunt group. They could disable Mobile Connect using the IVR but the calls would still ring on their deskphones - if you log out of the phones (i.e. Extension Mobility) before leaving the office this problem should not occur.
The other issue was how long calls took to connect especially if a couple of people in the group did not answer. We actually recorded a message asking callers to be patient that was played when the call was first received (we were using UCCX to do the IVR and call transfer).
Hope this is of use.

Errors Cannot process authentication server type *invalid_group_handle

Any idea what is these errors is about?
My wireless A.P is giving me these errors?

âerrors Cannot process authentication server type *invalid_group_handleâ This kind of error due to the method list function encountered a server type that was unknown, or could not be handled. This may be due to a server misconfiguration.

Not display a workitem type in UWL in portal

Hi to all.
I need that a type of workitem (TS.........) doesn't display in Portal inbox and display in SAP inbox.
Now these workitems display in SAP inbox and in Portal inbox (UWL).
Can anybody helps me?
Thanks a lot.

Hi Kata,
Sorry, my bad ....The SupportedItemTypes which infact is available under uwl.standard. Also I would suggest you go through chapter 4 of the attached document which would help you achieve the desired results.[http://www.erpgenie.com/sap/netweaver/ep/Configuring%20the%20UWL.pdf]
The solution is as follows: Find the 'View' name in which the other items are displayed. You can find that by looking up for the defaultView attribute(usually the value is DefaultView unless you have changed it) in the ItemType tag. In the uwl.standard file under the DefaultView definition(View name="DefaultView"), you would find the SupportedItemTypes tag which would have a value like 'uwl.task'. This property indicates the itemtypes to be displayed in the DefaultView. The value 'uwl.task' is the superset of all the task nos. For filtering the values in the DefaultView, the value under the SupportedItemTypes should be more specific like 'uwl.task.webflow.TS01000096.<systemalias>,uwl.task.webflow.TS01000099.<systemalias>'. So, you need to specifically include all the task items which should show up in the DefaultView and not include the ones which you do not intend to show.
Here I have explained everything wrt to 'DefaultView' but the defaultView value in the ItemTypes definition in your case might be different. Also, the uwl cache is the culprit in most cases, so keep clearing it.
Alternatively you can also try setting up a new view definition altogether and include the filtered items in that View. The steps for that are provided in the uwl document attached.
Hopefully your problem will be resolved now...
Regards,
Prathamesh
Edited by: prathamesh dalvi on Feb 1, 2010 12:15 PM
Edited by: prathamesh dalvi on Feb 1, 2010 12:42 PM

Authenticating user in JSF from PHP portal (Joomla)

Hi there!
Here, where I work, there's a portal in php (Joomla) where all users gets authenticated.
I made an application using jsf and the protection to some pages, from anonymous access, is done by JSF Filters, but the users needs to login twice (Joomla and JSF).
I need to avoid the redundant authentication.
I found this solution: http://www.nuwanbando.com/?p=72, but modifying Joomla pages is not an option for me.
Please, someone can comment about some possible solutions that I can use?
Thank you in advance!
Flávio Henrique

There are many possible solutions, but you would need to figure out how to make the JSF pages secure by disabling authentication for the JSF pages. You could do this with some template that only displays the pages if something else is provided like some parameter passed to the JSF side, but that gets risky. Really what you are needing is single sign on feature that works between technologies. I would imagine you would really need some kind of federated authentication server that both PHP and JSF talk to and that both would share a single session id of some type. - Ponderator
Edited by: Ponderator on Mar 20, 2009 1:45 PM

Custom DB authentication to an application from Oracle Portal not working.

Hi All,
We have a Portal customized and integrated to LDAP for SSO.
From the portal, we have a link that takes to another custom application that requires another level of authentication. We have implemented this authentication as custom Database based authentication.
When user login to the portal and access this link, he will be directed for authentication again. This custom application has been installed on a different OC4J instance while Oracle Portal is running in a different OC4J instance.
Issue is though user details are being propagated to the custom application page, we are receiving an error saying authentication failed.
In the OC4J instance specific for this custom application, we have configured jazn.xml to use custom authentication.
Below is the code:
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<!DOCTYPE jazn PUBLIC "JAZN Config" "http://xmlns.oracle.com/ias/dtds/jazn-9_04.dtd">
<jazn provider="XML" location="./jazn-data.xml" default-realm="jazn.com">
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
</jazn>
and in jazn-data.xml, we gave the role mapping.
But the problem is when the link to the custom application is accessed, it seems like the custom autentication mechanism is not working.
Can anyone throw light on this?
Do we need to give the same configuration in the j2ee/home/config directory files also?
Can we use both LDAP and custom DB authentication with in the same OAS setup. Remember as of now, Portal and custom application are running in different OC4J instances but within the same OAS.
Any help in this regard will be highely appreciated.
Thanks,
Sasi Bhushan

Hi All,
We have a Portal customized and integrated to LDAP for SSO.
From the portal, we have a link that takes to another custom application that requires another level of authentication. We have implemented this authentication as custom Database based authentication.
When user login to the portal and access this link, he will be directed for authentication again. This custom application has been installed on a different OC4J instance while Oracle Portal is running in a different OC4J instance.
Issue is though user details are being propagated to the custom application page, we are receiving an error saying authentication failed.
In the OC4J instance specific for this custom application, we have configured jazn.xml to use custom authentication.
Below is the code:
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<!DOCTYPE jazn PUBLIC "JAZN Config" "http://xmlns.oracle.com/ias/dtds/jazn-9_04.dtd">
<jazn provider="XML" location="./jazn-data.xml" default-realm="jazn.com">
<property name="role.mapping.dynamic" value="true"/>
<property name="custom.loginmodule.provider" value="true"/>
</jazn>
and in jazn-data.xml, we gave the role mapping.
But the problem is when the link to the custom application is accessed, it seems like the custom autentication mechanism is not working.
Can anyone throw light on this?
Do we need to give the same configuration in the j2ee/home/config directory files also?
Can we use both LDAP and custom DB authentication with in the same OAS setup. Remember as of now, Portal and custom application are running in different OC4J instances but within the same OAS.
Any help in this regard will be highely appreciated.
Thanks,
Sasi Bhushan

Authentication Ticket Type setting in BI Portal

Similar Messages

Maybe you are looking for