BO XI 3.1 SP3 SSO with CMC and Webi Rich Client

Similar Messages

• Export data to excel with EPPlus and Web Api - HELP!

  I am trying to do a simple excel file export with EPPlus and Web Api. In the html client I have a button that calls the web api and opens a new window. No error is thrown, but the result is always "file could not be downloaded".  I get the
  save file dialog but the file name is Order/ instead of the expected Orders.xls or Orders.xlsx.  Can anyone help? I'm surprised this is so difficult.
  using System.Linq;
  using System.Net.Http;
  using System.Web.Http;
  using OfficeOpenXml;
  using System.Collections.Generic;
  using System.IO;
  using System.Net.Http.Headers;
  using System.Net;
  using System.ComponentModel.DataAnnotations;
  namespace LightSwitchApplication
  public class OrdersController : ApiController
  // GET: api/Orders
  [HttpGet]
  public HttpResponseMessage Get()
  HttpResponseMessage response;
  response = Request.CreateResponse(HttpStatusCode.OK);
  MediaTypeHeaderValue mediaType = new MediaTypeHeaderValue("application/octet-stream");
  response.Content = new StreamContent(GetExcelSheet());
  response.Content.Headers.ContentType = mediaType;
  response.Content.Headers.ContentDisposition = new ContentDispositionHeaderValue("attachment");
  response.Content.Headers.ContentDisposition.FileName = "Orders.xls";
  return response;
  public List<Order> GetOrders()
  List<Order> colOrders = new List<Order>();
  using (ServerApplicationContext ctx = ServerApplicationContext.Current ??
  ServerApplicationContext.CreateContext())
  colOrders = ctx.DataWorkspace.Data.Orders.GetQuery().Execute().ToList();
  return colOrders;
  public MemoryStream GetExcelSheet()
  using (var package = new ExcelPackage())
  var worksheet = package.Workbook.Worksheets.Add("Orders");
  worksheet.Cells["A1"].LoadFromCollection(GetOrders(), false);
  package.Save();
  var stream = new MemoryStream(package.GetAsByteArray());
  return stream;
  This has been driving me crazy for two days!

  Making some progress.  I got the spreadsheet into a byte[] and used code from Paul Van
  Bladel's blog to make the HttpResponseMessage.  If I comment out the LightSwitch data access code, this works to export a spreadsheet from a static list to the browser from Web Api.
  using System;
  using System.Collections.Generic;
  using System.IO;
  using System.Linq;
  using System.Net;
  using System.Net.Http;
  using System.Net.Http.Headers;
  using System.Web.Http;
  using Microsoft.LightSwitch;
  using Microsoft.LightSwitch.Details;
  using OfficeOpenXml;
  using System.ComponentModel.DataAnnotations;
  namespace LightSwitchApplication
  public class Order
  [Key]
  public int Id { get; set; }
  public string OrderNumber { get; set; }
  public class OrdersController : ApiController
  // GET: api/Orders
  [HttpGet]
  public HttpResponseMessage Download()
  MediaTypeHeaderValue mediaType =
  MediaTypeHeaderValue.Parse("application/octet-stream");
  byte[] excelFile = ExcelSheet();
  string fileName = "Orders.xlsx";
  MemoryStream memoryStream = new MemoryStream(excelFile);
  HttpResponseMessage response =
  response = Request.CreateResponse(HttpStatusCode.OK);
  response.Content = new StreamContent(memoryStream);
  response.Content.Headers.ContentType = mediaType;
  response.Content.Headers.ContentDisposition =
  new ContentDispositionHeaderValue("fileName") { FileName = fileName };
  return response;
  public List<Order> Orders()
  List<Order> orders = new List<Order>();
  orders.Add(new Order { Id = 1, OrderNumber = "123456789" });
  orders.Add(new Order { Id = 2, OrderNumber = "987654321" });
  return orders;
  // this doesn't work
  //public List<Order> Orders()
  // List<Order> colOrders = new List<Order>();
  // using (ServerApplicationContext ctx = ServerApplicationContext.Current ??
  // ServerApplicationContext.CreateContext())
  // colOrders = ctx.DataWorkspace.Data.Orders.GetQuery().Execute().ToList();
  // return colOrders;
  public byte[] ExcelSheet()
  using (var package = new ExcelPackage())
  var worksheet = package.Workbook.Worksheets.Add("Orders");
  worksheet.Cells["A1"].LoadFromCollection(Orders(), false);
  byte[] bytes = package.GetAsByteArray();
  return bytes;
  The problem is that the LightSwitch query (commented out in the code above) is trying to load navigation properties for the orders.  Error: "It is not valid to access this object on the current thread."  How do I solve this? 

• Printing from web pages is excruciatingly slow with most recent upgrades of Firefox .Use an iMac and an HP officejet printer. Printer works fine with Safari and woodprocessed files, but not with Firefox and web pages.

  Printing from web pages is excruciatingly slow since downloading most recent upgrades of Firefox Mozilla. I have a desktop iMac, OS 10.6.8, and an HP officejet printer 4500 G510n. The printer works fine with the Safari Browser and with woodprocessed files, but not with Firefox and web pages. Help please! It used to print fast with earlier versions of Firefox.

  Hello and welcome to the Apple Discussions Forum.
  I have hardly any experience with HP printers but since your posting has not been replied to yet I thought I'd offer some assistance.
  With the printer status and ink levels working, it shows that you have a connection to the printer. So I would look at the issue being with the protocol being used for the print queue on the Mac.
  Since you have XP and Vista working, I would check the printer queue configuration on either box. In XP, go to the Properties and select Ports. Click the Configure Port tab to view the connection. If you are using RAW, then this is known as HP Jetdirect-Socket on OS X. So if you are not sure what protocol was used before I would create another printer queue, this time selecting IP > HP Jetdirect-Socket. Then enter your IP address and select the K5400dn from the Print Using menu.
  If this still fails to print then please reply. There may be limitations with adding the HP driver this way that I am not aware of. There may also be other driver options you can look at, such as HPIJS. If Greg Sahli reads this posting he has expert knowledge on this matter and will be able to offer some guidance.
  PaHu

• Oracle Forms 11g SSO with OID and IAM

  What versions of OID and Access Manager are required to get an Oracle Forms and Reports 11.1.1.2 application
  on Weblogic 10.3.2 configured for Oracle SSO using OID authentication?
  We want the OID to store and authenticate Users for username and password logins to the database, then
  ultimately by user Certificate authentication in OID. I have OID 11.1.1.2 installed and SSO enabled for Forms
  in Enterprise Manager.
  Is Access Manager required for Forms SSO with OID authentication to work or just to allow user interaction
  for registration and Password reset?
  Things mention OAM 10.4.3 and others talk about IAM 11g for Forms 11.1.1.2 SSO to work with OID.
  We did this back in Oracle Forms and OID 10g with JSP and LDAP to setup users but I understand 11g is
  different and IAM can help or is required for this type of SSO to work.
  Any help?
  Edited by: Kirch on Apr 30, 2013 7:39 AM

  Hi,
  According to Oracle's certification matrix found at http://www.oracle.com/technetwork/middleware/downloads/fmw-11gr1certmatrix.xls, Oracle Forms 11.1.1.2 is not supported to use any Oracle Access Manager (OAM) version. OAM is a component of IAM. It is only supported with Oracle SSO 10.1.4.x. The best solution would be to upgrade the Forms and Reports environment to either 11gR2 (11.1.2.1) or to the latest 11gR1 patchset 11.1.1.7. Both versions are compatible with OAM 11.1.1.7.0 and OID 11.1.1.7.0 where only Forms 11gR2 (11.1.2.1) is compatible with OAM 11.1.2.0 and OID 11.1.1.7.0. That would be the best solution as we have ran into configuration problems in the past with using Oracle SSO 10.1.4.x.
  Since OID 11.1.1.2.0 is already installed, you should be able to patch it up to 11.1.1.7.0.
  For user authentication in OID, it is required to have OAM or Oracle SSO as both products use WebGate or mod_osso agents for authentication and authorization. For purposes of allowing end users to register accounts and password reset, you will either need to also install another IAM component called Oracle Identity Manager (OIM) or create a customized SSO login page that can be coded to perform these actions. I believe there are some examples available on the Internet.
  Thanks,
  Scott
  http://pitss.com/us

• SSO with Sharepoint and BO

  Hi ,
  We have BO XI 3.0 installed on Windows server 2003 system and Sharepoint also installed on the same system. We need to do the SSO between Sharepoint and BO XI 3.0.
  Is it posible with this version, if so could anyone share your experience ? I saw the product documentation which is only for BO XI 3.1, but ! my environment is BO XI 3.0.
  Regards,
  Jyothi

  Hi Tim Ziemba,
  Thanks for the response.
  Yes, we are planning to upgrate the system soon. Now this is a POC for checking the functionality. Could you please share what are the prerequsites and where can i get the BO XI 3.0 with Sharepoint Integration Kit ?
  When i try to install Integration Kit of 3.1, it is asking to have Enterprise .Net SDK.  Where can i get it ?
  Regards,
  Jyothi

• SSO with ASA and CITRIX

  Hi,
  don't know whether this is the right forum, but i will try to ask my question in hope that somebody can give me an answer:
  I installed an ASA Security Appliance with WebVPN feature to connect to an internal Citrix Server farm. All authentication and authorization information are handled by a SecureACS, which is connected to ADS. All works fine. But now i want to Single-Sign-On to the citrix farm, means that the authentication information has to pass to citrix without entering the information twice...
  Is there anybody out there who got this working?? SSO with basic authentication to an Apache webserver works just fine...
  Which authentication informations are required for the Citrix Web Interface??
  Thanx in advance!
  Bernd

  My custpomer is using pure http between the citrix server and the citrix client, they want to access through the vpn concentrator using the webvpn feature, after checking the citrix metaframe option on the vpn concentrator, when they try to access the client hangs on and the error that we get is ssl should be installed on the citrix server, as we use ssl between the client and vpn concentrator, my question is could citrix be accessed via pure http between the citrix server and the client in this case how to fix this error, or are we obliged to use ssl even between the citrix server and the client.

• Business Connector problem with SSL and Web Services

  Hi,
  I have generated a Web Connector Service and tested this in our DEV and QA environment with http and no credentials.
  All is fine.
  I now switched to SSL and was provided with an https WSDL by our Web Server developers. The Web Connector service generates fine however as soon as I execute the service I get a NumberFormatException. Exact error is:
  java.io.IOException:java.lang.NumberFormatException: null
  The error occurs in pub.client:http
  I traced through the working (in QA) and non-workinfg versions and checked the pipeline prior to the call and can see no different apart from the difference in protocol.
  Does anyone have any idea what the cause is? I cannot determine what value is null.
  Thanks
  Brian

  Hi,
  I have generated a Web Connector Service and tested this in our DEV and QA environment with http and no credentials.
  All is fine.
  I now switched to SSL and was provided with an https WSDL by our Web Server developers. The Web Connector service generates fine however as soon as I execute the service I get a NumberFormatException. Exact error is:
  java.io.IOException:java.lang.NumberFormatException: null
  The error occurs in pub.client:http
  I traced through the working (in QA) and non-workinfg versions and checked the pipeline prior to the call and can see no different apart from the difference in protocol.
  Does anyone have any idea what the cause is? I cannot determine what value is null.
  Thanks
  Brian

• Office Administrative Template installation with 32 and 64 bits clients

  Hello,
  I would like to install the Office Administrative Templates (2007, 2010, 2013) but I don't really understand how.
  I have several clients computers :
  -Windows XP and 7 (the XP will disappear but not now so I have to handle with)
  - 32 and 64 bits (OS and associate Office version)
  - two Office languages (English and French)
  In this case, what I have to put in the domain controllers (or in the central store for GPO, not matters), to cover all the cases ?
  I do not understand the x86 or x64 Office administrative templates versions neither how the languages are managed.
  Thanks a lot.

  The Office2013 Admin Templates+OCT is available in both 32bit and 64bit formats
  http://www.microsoft.com/en-us/download/details.aspx?id=35554
  Because the download contains the Templates *and* the OCT (OPAX/OPAL and various DLLs etc), and, the OCT itself and also the OCT output file (a customization MSPfile) is architecture-specific, that is why there is a 32bit and a 64bit download.
  The ADMX/ADML files themselves, are not architecture-specific.
  ADMX and OPAX, is language-neutral, the language-specific details are contained within ADML/OPAL.
  https://technet.microsoft.com/en-us/library/cc178992.aspx#section2
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• Error during EAR deployment with EJB and web service

  I created a simple stateless EJB with one method called echo that returns a string.  I created a web service using the wizard, did a build and deployed.  The deployment did not report an error, but the logs in the visual administrator showed the follwoing message, and the web service did NOT deploy.
  Am I missing something related to EJB and web service security?
  PLEASE HELP ME.
  >>> Warning: delete security configuration [apps/com.areva/ear/ejb/security/com.areva~ejb.jar]
  [EXCEPTION]
  java.lang.Exception
       at com.sap.engine.services.security.server.PolicyConfigurations.unregisterPolicyConfiguration(PolicyConfigurations.java:153)
       at com.sap.engine.services.ejb.EJBAdmin.remove(EJBAdmin.java:2538)
       at com.sap.engine.services.deploy.server.application.RemoveTransaction.removeApplication(RemoveTransaction.java:294)
       at com.sap.engine.services.deploy.server.application.RemoveTransaction.prepare(RemoveTransaction.java:178)
       at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesOnOneServer(ApplicationTransaction.java:299)
       at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhases(ApplicationTransaction.java:321)
       at com.sap.engine.services.deploy.server.DeployServiceImpl.makeGlobalTransaction(DeployServiceImpl.java:3028)
       at com.sap.engine.services.deploy.server.DeployServiceImpl.remove(DeployServiceImpl.java:820)
       at com.sap.engine.services.deploy.server.DeployRuntimeControlImpl.remove(DeployRuntimeControlImpl.java:271)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58)
       at com.sap.pj.jmx.mbeaninfo.AdditionalInfoProviderMBean.invoke(AdditionalInfoProviderMBean.java:289)
       at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)
       at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)
       at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:400)
       at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)
       at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
       at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287)
       at com.sap.engine.services.jmx.MBeanServerInvoker.invokeMbs(MBeanServerInvoker.java:157)
       at com.sap.engine.services.jmx.ClusterInterceptor.invokeMbs(ClusterInterceptor.java:220)
       at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:803)
       at com.sap.engine.services.jmx.MBeanServerInterceptorInvoker.invokeMbs(MBeanServerInterceptorInvoker.java:102)
       at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl.invokeMbs(P4ConnectorServerImpl.java:61)
       at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImplp4_Skel.dispatch(P4ConnectorServerImplp4_Skel.java:64)
       at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:291)
       at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:183)
       at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:119)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
       at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162)

  I have the same message. I am running sp11.
  Does anyone have an answer for this?????
  >>> Warning: delete security configuration [apps/avalero.com/rtfa-ear/contextRoot]
  [EXCEPTION]
  java.lang.Exception
       at com.sap.engine.services.security.server.PolicyConfigurations.unregisterPolicyConfiguration(PolicyConfigurations.java:153)
       at com.sap.engine.services.servlets_jsp.server.container.WebContainerHelper.removeSecurityResources(WebContainerHelper.java:905)
       at com.sap.engine.services.servlets_jsp.server.container.WebContainerHelper.remove(WebContainerHelper.java:447)
       at com.sap.engine.services.servlets_jsp.server.container.RemoveAction.remove(RemoveAction.java:50)
       at com.sap.engine.services.servlets_jsp.server.container.WebContainer.remove(WebContainer.java:150)
       at com.sap.engine.services.deploy.server.application.RemoveTransaction.removeApplication(RemoveTransaction.java:294)
       at com.sap.engine.services.deploy.server.application.RemoveTransaction.prepare(RemoveTransaction.java:178)
       at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhasesOnOneServer(ApplicationTransaction.java:299)
       at com.sap.engine.services.deploy.server.application.ApplicationTransaction.makeAllPhases(ApplicationTransaction.java:323)
       at com.sap.engine.services.deploy.server.DeployServiceImpl.makeGlobalTransaction(DeployServiceImpl.java:3033)
       at com.sap.engine.services.deploy.server.DeployServiceImpl.remove(DeployServiceImpl.java:821)
       at com.sap.engine.services.deploy.server.DeployRuntimeControlImpl.remove(DeployRuntimeControlImpl.java:271)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:324)
       at com.sap.pj.jmx.introspect.DefaultMBeanInvoker.invoke(DefaultMBeanInvoker.java:58)
       at com.sap.pj.jmx.mbeaninfo.AdditionalInfoProviderMBean.invoke(AdditionalInfoProviderMBean.java:289)
       at com.sap.pj.jmx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:944)
       at com.sap.pj.jmx.server.interceptor.MBeanServerWrapperInterceptor.invoke(MBeanServerWrapperInterceptor.java:288)
       at com.sap.engine.services.jmx.CompletionInterceptor.invoke(CompletionInterceptor.java:400)
       at com.sap.pj.jmx.server.interceptor.BasicMBeanServerInterceptor.invoke(BasicMBeanServerInterceptor.java:277)
       at com.sap.jmx.provider.ProviderInterceptor.invoke(ProviderInterceptor.java:255)
       at com.sap.engine.services.jmx.RedirectInterceptor.invoke(RedirectInterceptor.java:340)
       at com.sap.pj.jmx.server.interceptor.MBeanServerInterceptorChain.invoke(MBeanServerInterceptorChain.java:330)
       at com.sap.engine.services.jmx.MBeanServerSecurityWrapper.invoke(MBeanServerSecurityWrapper.java:287)
       at com.sap.engine.services.jmx.MBeanServerInvoker.invokeMbs(MBeanServerInvoker.java:157)
       at com.sap.engine.services.jmx.ClusterInterceptor.invokeMbs(ClusterInterceptor.java:220)
       at com.sap.engine.services.jmx.ClusterInterceptor.invoke(ClusterInterceptor.java:803)
       at com.sap.engine.services.jmx.MBeanServerInterceptorInvoker.invokeMbs(MBeanServerInterceptorInvoker.java:102)
       at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImpl.invokeMbs(P4ConnectorServerImpl.java:61)
       at com.sap.engine.services.jmx.connector.p4.P4ConnectorServerImplp4_Skel.dispatch(P4ConnectorServerImplp4_Skel.java:64)
       at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:294)
       at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:183)
       at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:119)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:37)
       at com.sap.engine.core.cluster.impl6.session.UnorderedChannel$MessageRunner.run(UnorderedChannel.java:71)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:94)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:162)

• SSO with OID and WLS 8.1 Web App

  Hi,
  I have a web application deployed on WLS 8.1.
  I have set up Oracle Custom Authenticator.
  Some of my users are stored in Oracle LDAP. I want that if user logs in Web Application deployed on WLS 8.1 and clicks on one link (in my web app) which refers him to go to OID interface, in OID interface he should not be authenticated again (as he is already authenticated by WLS). Please let me know how to resolve this issue with Oracle SSO.
  Any help in this regard highly appreciated.
  Thanks
  -Deepak

  Did you find a solution for this problem?
  I have somthing very similar going on where I am currently working.
  Thanks!
  Andy.
  "Simple Guy" <[email protected]> wrote:
  >
  Hi,
  I've a setup with iplanet 6.x webserver using the wls 7.0 sp2 proxy plugin
  to
  route requests to the clustered app server instances (2 of them) that
  are in wls
  6.1 sp3.
  The issue is, I'm noticing that the session is not sticky and is getting
  routed
  onto the other app server instance. The error that I see in the wlproxy.log
  is
  as follows:
  *******Exception type [PROTOCOL_ERROR] raised
  at line 654 of URL.cpp
  Thu Nov 13 11:30:08 2003 failure on sendRequest() w/ recycled connection
  to Instance1:7001, numfailures=1
  Thu Nov 13 11:30:08 2003 Marking Instance1:7001 as bad
  Thu Nov 13 11:30:08 2003 got exception in sendRequest phase:
  PROTOCOL_ERROR [line 654 of URL.cpp]: unexpected EOF
  reading HTTP status at line 1010
  Thu Nov 13 11:30:08 2003 Failing over after sendRequest exception
  Thu Nov 13 11:30:08 2003 attempt #1 out of a max of 5
  Has anyone seen this issue? Can anyone explain why this issue is occuring.?
  Thanks.

• BO XI 3.1 OpenDocument direct SSO with secWinAD in web.config

  Hi, fellows,
  The need has emerged to provide users with direct links to InfoView documents using the OpenDocument URL syntax and perform primary authentication of request automatically without showing the InfoView welcome screen. We have BO XI 3.1 ASP.NET application installed on Windows 2008 Server's IIS 7 with Kerberos already configured.
  Usually, the OpenDocument links work nicely but only after the user has visited the /InfoViewApp page. The OpenDocument virtual directory by default has only the anonymous authentication enabled.
  I've skimmed and searched for the keywords included in the topic subject in Google, help.sap.com and specifically in the BO Enterprise Admin Guide and the paper by Miles Escow on configuring XI 3.1 InfoView with Active Directory using Kerberos.
  Unfortunately, the sources I've already encountered do not provide sufficient details on configuring the OpenDocument section of the Web application.
  To solve the problem I disabled anonymous access to OpenDocument directory and enabled ASP.NET impersonation and Windows authentication (this would force IIS to attempt authenticating the user originating the request before serving the page) and mirrored the authentication.default and cookie-related settings ("opendoc.authentication.default" value="secWinAD") to the OpenDocument/web.config from InfoViewApp/web.config and turned the "opendoc.sso.enabled" to "true" (this is crucial, otherwise you will still receive the logon screen for primary authentication in BO although already authenticated by IIS).
  Hope this helps others.

  Hi Aleley
  To solve the problem I disabled anonymous access to OpenDocument directory and enabled ASP.NET impersonation and Windows authentication (this would force IIS to attempt authenticating the user originating the request before serving the page) and mirrored the authentication.default and cookie-related settings ("opendoc.authentication.default" value="secWinAD") to the OpenDocument/web.config from InfoViewApp/web.config and turned the "opendoc.sso.enabled" to "true" (this is crucial, otherwise you will still receive the logon screen for primary authentication in BO although already authenticated by IIS)
  Can you pls tell how I can achieve this in Tomcat environment?
  Thanks

• Integrating 3rd party SSO with SAPGUI and distinguish between different SID

  Hello,
  we are trying to integrate a SSO application on Win XP with SAPGUI 6.20 (SAP 4.70).
  The SSO app fills, in case of SAPGUI, the fields 'client', 'username', 'password' and 'language'.
  Which credentials to choose is normaly based on information the SSO app gets out of the applications context it should log in to.
  As an example with IE it's the window title and the URL.
  But with the SAPGUI we only get "SAP" as an identifier, despite which SID/server(?) is selected. And therefore we are not able to fill in the corresponding credentials.
  Where can the SID (and perhaps 'client') be retrieved by an external program when the logon screen is displayed by SAPGUI?
  Please apologize if this is the wrong forum or I'm using wrong terms, but normaly I'm living outside the SAP world.
  TIA!
  Regards,
  Frank

  as an addendum to my post, I've seen that this can be done.
  http://www.hardcopy.de/hardcopy/english/bsp_sap_neu_kz.php3

• SSO with WindowsAD and SAP Auth

  Hi,
        we have heterogenous systems. We have reports based on oracle database and sapBW. currently we are using windows AD authentication for SSO to Oracle Database. but is it possible to use WindowsAD for oracle and SAP authentication for SAP BW?
  Is it really possible to have dual SSO ?
  Thanks,
  Gopi

  Hi Ingo,
           Thanks for the quick reply.  Can you please elaborate a little bit on this. Is it really possible to make SSO work for both SAP and Oracle Data ware?
  Do we have any documents on this.   Really Appreciate your help on this.
  Thanks,
  gopi

• Database connection encryption and integrity with ColdFusion and Oracle thin client

  As ColdFusion datasource we are using the Oracle thin client to  connect with the database. So, basically we are using a JDBC URL such as  jdbc:oracle:thin:@... and as Driver Class oracle.jdbc.OracleDriver. This works successfully however we would like to set encryption and  integrity parameters as well. In Java this is done similarly by setting a  Properties object prior to getting a connection as follows:
  Properties prop = new Properties();
  prop.put("oracle.net.encryption_client", "REQUIRED");
  prop.put("oracle.net.encryption_types_client", "( DES40 )");
  prop.put("oracle.net.crypto_checksum_client", "REQUESTED");
  prop.put("oracle.net.crypto_checksum_types_client", "( MD5 )");
  OracleDataSource ods = new OracleDataSource();
  ods.setProperties(prop);
  ods.setURL("jdbc:oracle:thin:@localhost:1521:main");
  Connection conn = ods.getConnection();
  Is there a way that I can pass these parameters to the ColdFusion  datasource. Ideally, I would love to do this centrally in such way that a  change to all the cfquery or cfstoredproc is not needed.
  I also know that in application servers such as Oracle AS there is an  option when creating a datasource which says "Add Properties". In there  you can add such properties. So, I was thinking of maybe creating a  JNDI DS in the app. server and then magically connecting to it but this  may have some impacts on the app.
  Besides this I was also thinking of communicating with the CF  datasource through the CF admin API (cfide.adminapi.administrator) and  also the option of extending the Oracle driver so that when CF connects  with it these params are already set.
  I would love to have your professional opinion and suggestions on this.

  I believe the thin driver actually needs the IP address (not the DNS name). Also, is "java" the name of the Oracle instance to which you are trying to connect?
  Try the following:String driver = "jdbc:oracle:thin";
  String dbIP = "W2RZ1NXG01's IP address";
  String dbPort = "1530";
  String dbSid = "java";
  String dbUser = "Admin";
  String dbPswd = "apassword";
  String cnctStr = driver + ":@" + dbIP + ":" + port + ":" + dbSid;
  try
      Class.forName("oracle.jdbc.driver.OracleDriver");
      con = DriverManager.getConnection( cnctStr, dbUser, dbPswd );
      stmt = con.createStatement();
      stmt.executeUpdate(createString);
      stmt.close();
      con.close();
  catch(SQLException ex)
      System.err.println( "The following SQLException occurred: " + ex );
      System.err.println( "Message: " + ex.getMessage() );

• Server 2012R2 -- RDS Farm with XP and Windows Vista Clients

  Hi There,
  My team has been having some fun in getting our Server 2012R2 farm operational, annoyingly MS documentation is severely lacking on how to correctly configure a 2012R2 Farm correctly.
  We have an RDG1-TCC server, which is the RDGateway, RDConnection Broker and RDWeb Server. We have two session host servers RDS1-TCC and RDS2-TCC.
  It took us some time and much online research to figure out exactly how we needed to configure the RDS server as a lot of information online for 2012R2 was apparently incorrect(was based on 2008R2 practices). We started off with using a DNS Round Robin for
  the RDS Session hosts servers and after a number of certificate issues, we later found this was incorrect. We're now using RDWeb exclusively, which appears to be the correct way to have the Connection Broker working?
  We've ran into a number of issues with certificates too, we have an external certificate for remote.domain.com. Installing this on all 4 options in the certificate manager has made internally work correctly via RDWeb, however externally we are getting a
  certificate mismatch as it's trying to connected to RDG1-TCC with a certificate for remote.domain.com. I'm pretty sure I can resolve this with a replacement remote.domain.com certificate that includes a SAN for *.domain.internal. Testing with a self signed
  certificate seemed to resolve this issue.
  Now providing i've configured everything the correct way, we have an issue where RDWEb RDP files do not work internally or externally for XP, Vista or Windows 7 (With RDP7.1). Windows 8/8.1 and Windows 7 with RDP 8/8.1 updates work perfectly fine. Unfortunately
  this new client has a few XP machines that they are not willing to update just yet.
  Is there a known fix/workaround to get these older clients working correctly?
  Sorry for the extremely long post, but I'm sick of banging my head against the wall trying to get something that we assumed would have been fairly simple to get up and running.
  Cheers,
  Ben

  Thanks for the assistance so fat, now I have all clients connecting, I need to tackle the certificate issues.
  The UC SAN certificate is going to cost much more than the current certificate, currently that idea is on the back burner as the client does not wish to pay a few hundred extra.
  To quickly sum things up:
  AD DNS(internal DNS) override in place for remote.domain.com.au pointing it to the internal IP of the gateway/connection broker/RDWeb server.
  Connecting Internally its working perfectly fine under all circumstances (I'm guessing this is because of Kerberos Auth)
  When users connect externally via RDWeb they get a certificate missmatch as the cert is for remote.domain.com.au and the server is RDG1-TCC.domain.com.net
  When users connect externally via MSTSC using the Gateway option, they get a certificate missmatch as per the above, however they also receive a second "certificate is not trusted" error for whatever RDS server they hit.
  I have tried the below previously and they broke other things:
  "Change published FQDN for Server 2012 or 2012 R2 RDS Deployment."
  This resolved the external certificate issue. However then internal connections stopped working. When connecting via RDWeb, you would get asked for credentials instantly and no matter what you entered, it just asked for credentials again.
  There did not seem to be ANY event logs for this connection.
  "Changing RDP-Tcp listener on RDSH to use external certificate."
  I can't recall the exact error we had when we did this, but I know we had to roll back the change. I have a feeling we then started getting certificate missmatch errors on the Session Hosts.
  I'm half thinking that when the farm is free(Currently being used for application UAT), I'm going to try and reconfigure the RDP-Tcp listener on the RDSH servers again and see if that resolves one or more of our issues.
  Do you have any suggestions on how I can use the correct published FQDN name without breaking internal access? Or any other ideas on getting this entire thing working both internally and externally?
  Also, Dharmesh, I've tried clearing out the certificate cache as suggested, but to no avail.