Best practices followed in using Single Sign-On

Similar Messages

• Integrating AS 10.1.2 and AS 10.1.3 to use Single Sign-on for BI Publisher

  Hi Everyone
  I was trying to make the following demonstration scenario on the AS and the facilities that can afforded by Oracle to our company:
  Note: I have just one machine for demonstration with Win2003 Enterprise
  First of all, I need to build a portal for my company, this portal will be published to the web through port 80 opened by Microsoft ISA Firewall (ISA installed on different machine):
  1- Portal should be integrated with oracle forms and reports with single sign-on
  2- AS, should have single sign-on authentication to work on port 80 only.
  3- Portal should be integrated with BI Publisher 10.3
  For the objectives mentioned above i have done the following:
  1- install AS 10.1.2 (infra and mid-tier) on the same machine with default installation options (http port 7777 for infra and port 80 for MT). (objective 1 = done)
  2- to make sso works on port 80, i have used webcache as reverse proxy for sso, and it's done but i have error (WWC-41400), but it doesn't affect login on portal, and that is my first problem.
  3- To have BI Publisher to work and authenticate users using single sign-on on port 80 (from outside), I had to install AS 10.1.3 (http on port 7779) on the same machine mentioned above, and then deploy BI Publisher on it, and that was ok, but problem is how to make use of single sign-on to authenticate people listed in oracle internet directory of INFRA installation mentioned above to use BI Publisher on port 80 only.
  So, could anyone please guide me in problem 2 and 3.
  Thanks in advance.
  Anas

  a couple of parameters not configured inside the Tomcat files. Now the SSO is working.
  SNC is not required for sso in bi 4.0
  http://wiki.sdn.sap.com/wiki/display/BOBJ/BI4IntegrationintotheSAPEntreprisePortal+7.0.x
  http://wiki.sdn.sap.com/wiki/display/BOBJ/SetupofSAPSSOServiceinSAPBOBI4.0+CMC
  Best Regards

• How to use Single sign On in CRM2007 ?

  Dear All,
  I have created a launch transaction for launching ransactions from R3 (using BOR).
  Now, the problem is when I click on the link in WebUI it gives me a popup for entering R3 User Id and only then it allows navigation to R3 transaction.
  How do I remove this popup ? I want that since user has already eneterd password for WebUI it should further not prompt him/her for the password. How to achieve this ?
  Can we use Single Sign on ? How ?
  Regards,
  Ashish

  Hi Stephen,
  I have done the settings as per the OSS notes. But, I am getting the following error while navigating to R3 from CRM (BOR Launch transaction):-
  - SSO logon not possible; browser logon ticket cannot be accepted
  - Choose "Logon" to continue A dialog box appears in which you can enter your user and password
  - No switch to HTTPS occurred, so it is not secure to send a password
  Also, after this I get the popup where I have to enter R3 User Id and Password and then it continues.
  But, the whole purpose was to remove this intermediate popup.
  What settings are missing / going wrong ?
  Regards,
  Ashish

• Hi, I cant login to the facebook app on my iphone 5 ios 6.0.2.  I keep getting an error message saying 'There was an error logging in using single sign on' when im asked to log in again i get a 'session expired' message.  This only started happening yeste

  Hi, I cant login to the facebook app on my iphone 5 ios 6.0.2.  I keep getting an error message saying 'There was an error logging in using single sign on' when im asked to log in again i get a 'session expired' message.  This only started happening yesterday. Anyone else having this problem? Thanks.

  I am having the same problem and took the following steps to mitigate it to no avail.
  1. I deleted the Facebook app on the phone and turned off Facebook in the iPhone's system-wide settings.
  2. I re-enabled Facebook in the iPhone's system-wide settings and reinstalled the Facebook app and logged in again. It worked. For about an hour.
  3. I completely restored the phone to a previous backup (before the problems started) and reenabled Facebook .... reinstalled the app.... and now it works intermittenly. But it hasn't worked in about 12 hours now (just tried a few minutes ago).
  Please advise.

• How to use single sign on to authenticate

  How to use single sign on to use the MS-AD for authentication
  I have created an data source which points to the MS-AD and tested
  Next how do i add this to the policies.
  Thanks
  NS

  Hi,
  Please, specify the products and versions that you are using?
  thanks,
  Thiago Leoncio

• SRM EBP User management - best practice followed for your customer.

  Hello All,
  What are the best practices followed on SRM User manageemnt  followed for your customers.
  (1)When employee/ buyer  leave the organisation  ? what actions you do ? do you lock the users?
  (2) If any thing interested share your experiences.
  (3) What exactly customer expects from SRM systems on SRM user management?
  (4) SAP audit/ customer audit practice on USER management ?
  Any piece of information on your experiece/ best practice  is appreciated.
  regards
  Muthu

  Thanks Peter .
  it is happening only in SRM right.
  Is any work around for this issue.
  In future SRM any planing to take care of this.
  in ECC i can delete the user whenever the user moves .
  All SRM customers will be very happy if SRM gives some workaround for this issue.
  Every customer wants to reduce cost .
  How can I find what are the opening documents for this user in one shot ?
  thanks for answering this question.
  I have seen our Eden Kelly report helps for shopping cart and other BO.
  You are doing good job on our SRM  WIKI innovative topics and discussons. I appreciate.
  why i am raising this concern is that one user left the organisation and again we want to edit the data whch entered by the left user . system will not allow us to do after deleting the user.
  so we are approaching SAP for ths help.
  It is very difficult to convice the customers on this issues.
  br
  muthu

• Best practice for ConcurrentHashMap use?

  Hi All, would the following be considered "best practice", or is there a better way of doing the same thing? The requirement is to have a single unique "Handler" object for each Key:
  public class HandlerManager {
      private Object lock = new Object();
      private Map<Key,Handler> map = new ConcurrentHashMap<Key,Handler>();
      public Handler getHandler(Key key) {
          Handler handler = map.get(key);
          if (handler == null) {
              synchronized(lock) {
                  handler = map.get(key);
                  if (handler == null) {
                      handler = new Handler();
                      map.put(key, handler);
          return handler;
  }Clearly this is the old "double-checked-locking" pattern which didn't work until 1.5 and now only works with volatiles. I believe I will get away with it because I'm using a ConcurrentHashMap.
  Any opinions? is there a better pattern?
  Thanks,
  Huw

  My personal choice would be to use the reliable "single-checked-locking" pattern:
      public Handler getHandler(Key key) {
          synchronized(lock) {
              Handler handler = map.get(key);
              if (handler == null) {
                  handler = new Handler();
                  map.put(key, handler);
              return handler;
      }But I'm afraid the Politically Correct way of doing it nowadays looks as ugly as this:
  class HandlerManager {
      private Map<Key,Handler> map = new HashMap<Key,Handler>();
      private final Lock readLock;
      private final Lock writeLock;
      public HandlerManager() {
          ReadWriteLock lock = new ReentrantReadWriteLock();
          readLock = lock.readLock();
          writeLock = lock.writeLock();
      public Handler getHandler(Key key) {
          Handler handler = null;
          readLock.lock();
          try {
              handler = map.get(key);
          } finally {
              readLock.unlock();
          if (handler == null) {
              writeLock.lock();
              try {
                  handler = map.get(key);
                  if (handler == null) {
                      handler = new Handler();
                      map.put(key, handler);
              finally {
                  writeLock.unlock();
          return handler;
  }

• Best Practice? Edit using Word - Acrobat X Pro to Distribute?

  I create Real Estate contracts/paperwork and email them to clients.  The clients then view, print, sign, and fax them back to me.
  I'm trying to figure out how to setup my system so that I can modify all my document packages in Word Format then distribute them via email in PDF Reader Compatible format (so that users can save and print but not modify) WITHOUT having to recreate the PDF forms or stamps i use each time I create the PDF.
  Considerations:
  I use the "Sign Here" and other stamps on the documents that are only visible before printing so that they understand the paperwork better.
  I need to include Word and not just go all-acrobat because the documents frequently change and I don't want to have to recreate the forms from scratch in Acrobat when they do.
  I also need to keep word because I use "Mail Merge" from to populate much of the data from an excel spreadsheet for me.  The rest is user-input.
  Software I have:
  Acrobat X Pro.
  MS Word 2010 Ultimate
  I'm not familiar with Acrobat enough to know which features are available to me to best carry out my job.  If anyone can point me in the right direction, to a tutorial perhaps, so that I might learn how to minimize my workload i'd really appreciate it!
  Thanks!
  Edit: PS. I need the final result to be a SINGLE PDF that I can attach to email.

  I've decided to try to simplify my question in hopes somebody can answer.
  How do most Realtors Prepare their paperwork for their Clients?
  Imagine this: a Real Estate Agent wants their client to fill-out a purchase contract and addendums.  They want their client's data to be auto-populated in the form before sending it.  The Realtor places stamps in the PDF so that their clients know where to initial or sign the document.
  Some clients need a buyers addendum with the contract, some need a dual-agency agreement with the contract, etc.
  Let's say there are three documents that could potentially be needed:
  Purchase Contract (Buyers and Sellers)
  Addendum (Buyers Only)
  Agreement (Sellers Only)
  It's the "package" that changes most of the time and not the data in the documents themselves.  I would like to be able to create a "Package" to send to the client based upon whether they're considered a "buyer" or a "seller". 
  Once the package is created, I need to be able to type data in certain fields and have them auto-populate throughout all other matching fields within each document (Price, for instance).  The forms wizard doesn't match up these fields so if the price field is in there 5 times, i have to type it in 5 different times.  To only do it once I have to manually change the tooltip/name to have them all change at the same time.
  Optimally, in each package I want to be able to import the client's information from Excel so that most of the person's information is auto-populated.  For example, their name & Address.
  My reality is that there aren't only 3 documents, there are 15-25 per client that I mix and match depending in their needs. THE CATCH is that sometimes I have to include protected forms to the package.
  If anyone can suggest the most efficient way to do this (or at least any way they do it), I'd really appreciate it.
  -Neil

• Best Practice for CTS_Project use in a Non-ChARM ECC6.0 System

  We are on ECC6.0 and do not leverage Solution Manager to any extent.  Over the years we have performed multiple technical upgrades but in many ways we are running our ECC6.0 solution using the same tools and approaches as we did back in R/3 3.1. 
  The future vision for us is to utilize CHARM to manage our ITIL-centric change process but we have to walk before we can run and are not yet ready to make that leap.  Currently we are just beginning to leverage CTS_Projects in ECC as a grouping tool for transports but are still heavily tied to Excel-based "implementation plans".  We would appreciate references or advice on best practices to follow with respect to the creation and use of the CTS_Projects in ECC.
  Some specific questions: 
  #1 Is there merit in creating new CTS Projects for support activities each year?  For example, we classify our support system changes as "Normal", "Emergency", and "Standard".  These correspond to changes deployed on a periodic schedule, priority one changes deployed as soon as they are ready, and changes that are deemed to be "pre-approved" as they are low risk. Is there a benefit to create a new CTS_Project each year e.g. "2012 Emergencies", "2013 Emergencies" etc. or should we just create a CTS_Project "Emergencies" which stays open forever and then use the export time stamp as a selection criteria when we want to see what was moved in which year?
  #2 We experienced significant system performance issues on export when we left the project intersections check on.  There are many OSS notes about performance of this tool but in the end we opted to turn off this check.  Does anyone use this functionality?  Any reocmmendations?
  Any other advice would be greatly appreciated.

  Hi,
  I created a project (JDeveloper) with local xsd-files and tried to delete and recreate them in the structure pane with references to a version on the application server. After reopening the project I deployed it successfully to the bpel server. The process is working fine, but in the structure pane there is no information about any of the xsds anymore and the payload in the variables there is an exception (problem building schema).
  How does bpel know where to look for the xsd-files and how does the mapping still work?
  This cannot be the way to do it correctly. Do I have a chance to rework an existing project or do I have to rebuild it from scratch in order to have all the references right?
  Thanks for any clue.
  Bette

• Best practice for development using REST API - OData

  Hi All, I am new to REST. I am a developer who works mostly in server-side code using Visual Studio. Now that Microsoft is advocating to write code using REST API instead of server-side code or client side object model, I am trying to use REST API.
  I googled and most of the example shows to write a code and put it on Content Editor/Script Editor. How to organize code and deploy to the staging/production in this scenario? Is there any Best Practice or example around this?
  Regards,
  Khushi

  If you are writing code in aspx or cs it does not mean that you need to deploy it in the SharePoint server, it could be any other application running from your remote server. What I mean it you can use C# & Rest API to connect to SharePoint server.
  REST API in SharePoint 2013 provides the developers with a simple standardized method of retrieving information from SharePoint and it can be used from any technology that is capable of sending standard HTTP requests.
  Refer to the following blog that provide your more details about comparison of the major features of these programming choices/
  http://msdn.microsoft.com/en-us/library/jj164060.aspx#RESTODataA
  http://dlr2008.wordpress.com/2013/10/31/sharepoint-2013-rest-api-the-c-connection-part-1-using-system-net-http-httpclient/
  Hope this helps
  --Cheers

• Best practice for the use of reserved words

  Hi,
  What is the best practice to observe for using reserved words as column names.
  For example if I insisted on using the word comment for a column name by doing the following:
  CREATE TABLE ...
  "COMMENT" VARCHAR2(4000),
  What impact down the track could I expect and what problems should I be aware of when doing something like this?
  Thank You
  Ben

  Hi, Ben,
  Benton wrote:
  Hi,
  What is the best practice to observe for using reserved words as column names.Sybrand is right (as usual): the best practice is not to use them
  For example if I insisted on using the word comment for a column name by doing the following:
  CREATE TABLE ...
  "COMMENT" VARCHAR2(4000),
  What impact down the track could I expect and what problems should I be aware of when doing something like this?Using reserved words as identifiers is asking for trouble. You can expect to get what you ask for.
  Whatever benefits you may get from naming the column COMMENT rather than, say, CMNT or EMP_COMMENT (if the table is called EMP) will be insignificant compared to the extra debugging you will certainly need.

• Use single sign on for multiple portal domains

  Is it possible for a user to sign on once to a domain, and then be able to access other domains. What I'm trying to do is have one user registration page/login page, but use different portal server domains to present different sites, while at the same time having a type of single sign on, once a user has entered his credentials. Thus my registration process will create a new ldap user in an external directory, and i can then just point all the different domains to that External Ldap directory.

  I wouldn't recommend this because it would affect performance plus there are potential other issues like conflict that you would run into ..
  Everytime a user logs into a new session is created for him and this means a user might have multiple sessions on the server. The cookie that is also set is dependent on per portal domain so it might not work ..
  An alternative approach might be to have multiple roles and then customize the role for different views. You can modify the membership code in such a way that based on certain criteria you can assign him to a particular role, equivalent to your domain. However the problem could be if you want to provide delegated admin, currently the delegated admin is only at a domain level.

• Getting an ntvdm error while using single sign-on

  HI!
  When I run GssExample from the tutorial, I get an ntvdm error in a requester, saying "Error while setting up environment for the application. Choose 'Close' to terminate the application.".
  Then I can klick on "Close" or "Ignore". Either way, it takes some seconds and then GssExample is working as expected. But this requester is of course annoying. I get it every time I start GssExample.
  This only happens with single sign-on (useTicketCache=true).
  Using JDK 1.4.0 on Windows 2000 SP2.
  Any ideas?
  Thanks!
  Regards,
  Thomas

  OK.. the error goes away when using jdk1.4.1 but still the system is unable to get the user credentials from the cache :-(

• Best Practice for Extracting a Single Value from Oracle Table

  I'm using Oracle Database 11g Release 11.2.0.3.0.
  I'd like to know the best practice for doing something like this in a PL/SQL block:
  DECLARE
      v_student_id    student.student_id%TYPE;
  BEGIN
      SELECT  student_id
      INTO    v_student_id
      FROM    student
      WHERE   last_name = 'Smith'
      AND     ROWNUM = 1;
  END;
  Of course, the problem here is that when there is no hit, the NO_DATA_FOUND exception is raised, which halts execution.  So what if I want to continue in spite of the exception?
  Yes, I could create a nested block with EXCEPTION section, etc., but that seems clunky for what seems to be a very simple task.
  I've also seen this handled like this:
  DECLARE
      v_student_id    student.student_id%TYPE;
      CURSOR c_student_id IS
          SELECT  student_id
          FROM    student
          WHERE   last_name = 'Smith'
          AND     ROWNUM = 1;
  BEGIN
      OPEN c_student_id;
      FETCH c_student_id INTO v_student_id;
      IF c_student_id%NOTFOUND THEN
          DBMS_OUTPUT.PUT_LINE('not found');
      ELSE
          (do stuff)
      END IF;
      CLOSE c_student_id;   
  END;
  But this still seems like killing an ant with a sledge hammer.
  What's the best way?
  Thanks for any help you can give.
  Wayne

  Do not design in order to avoid exceptions. Do not code in order to avoid exceptions.
  Exceptions are good. Damn good. As it allows you to catch an unexpected process branch, where execution did not go as planned and coded.
  Trying to avoid exceptions is just plain bloody stupid.
  As for you specific problem. When the SQL fails to find a row and a value to return, what then? This is unexpected - if you did not want a value, you would not have coded the SQL to find a value. So the SQL not finding a value is an exception to what you intend with your code. And you need to decide what to do with that exception.
  How to implement it. The #1 rule in software engineering - modularisation.
  E.g.
  create or replace function FindSomething( name varchar2 ) return foo.col1%type is
    id foo.col1%type;
  begin
    select col1 into id from foo where col2 = upper(name);
    return( id );
  exception when NOT_FOUND then
    return( null );
  end;
  And that is your problem. Modularisation. You are not considering it.
  And not the only problem mind you. Seems like your keyboard has a stuck capslock key. Writing code in all uppercase is just as bloody silly as trying to avoid exceptions.

• Best practice followed on CONTRACT

  Hello All
  What are the best practice needs to be followed on changing the material data information ,
  Step 1. created a contract for Material and PO released agains contract. later some times.
  Step 2:- material master changes some important piece of data like order Unit/ Deletion or material group changes on MATERIAL.
  step 3:- We do the same for the  materials in the contract and deactivate the w.r.t line and create a new line item so that my new line item picks up from material master.
  What are the other incidents material master team may do on material master so that i can inform the contract team to do the same.
  What are the actions material master team may do on MATERIAL and which is relavant for contract data.so that i can alert CONTRACT and MATERIAL master team. so that communication will be seemless.so that every thing perfect and sync.
  Muthu

  Please check these answered links:
  Contract best practices
  good practices in SAP Value Contract
  Best Practice while creating Contract, Purchase Requisition, Purchase Order
  Best Practice unit of measurement usage in CONTRACT.