BO XI 3.1 Sso Problems

Hi,
We are trying to do Sso.
We have a tomcat server and we have configured AD Auth (thanks to Tim).
Well, I have been updating server.xml (increasing HeaderSize) and updating web.xml. I have removed some comments from filters and activate vintela sso. I have updated idm.realm and idm.princ.
I have set vintela.enabled to true, siteminder.enabled to false, and authentification.default to secWinAD.
I have updated too Tomcat java options
-Dcom.wedgetail.idm.sso.password=xxxxxx
-Djcsi.kerberos.maxpacketsize=0
-Djcsi.kerberos.debug=true
Ok, I don't exectue ktpass command, because i don't have access to AD Server but if I set all parameters InfoView portal doesn't work.
Apache error: HTTP Status 503 - This application is not currently available
Is that correct?
Thanks
Kind Regards

Update info:
We have executed ktpass command.
ktpass -out BOSSO.keytab -princ
BOSSO/GNTSAPBODE.FERRERGRUPO.INET#FERRERGRUPO.INET -mapuser SAPServiceBOD#FERRERGRUPO.INET -pass xxxxx -kvno 255 -ptype KRB5_NT_PRINCIPAL -crypto RC4-HMAC-NT
note: replace # to @
But when we did we return some errors.
Crypto parameter was invalid  and failed to locate user SAPServiceBOD
So we have changed the comand to
ktpass -out BOSSO.keytab -princ BOSSO/GNTSAPBODE.FERRERGRUPO.INET#FERRERGRUPO.INET -mapuser SAPServiceBOD -pass xxxxx -kvno 255 -ptype KRB5_NT_PRINCIPAL
And it generates a tab file and says all correct.
So following Tim's Manual we have update CMC SPN Parameter to BOSSO/GNTSAPBODE.FERRREGRUPO.INET
And we have tried to validate it using:
kinit BOSSO/GNTSAPBODE.FERRERGRUPO.INET#FERRERGRUPO.INET
and it seems work
We have stopped tomcat and after modifying web.xml restart it and check stdout.log. It says
[localhost].[/InfoViewApp] Thread [Thread-1];  Exception starting filter authFilter
com.wedgetail.idm.sso.ConfigException: Configured service principal name `BOSSO/GNTSAPBODE.FERRERGRUPO.INET' could not be found [caused by: com.dstc.security.kerberos.KerberosError: Client not found in Kerberos database]
Can anyone help us?
Thanks for your help.

Similar Messages

  • APEX and SSO problem

    I was having issues with SSO and APEX.
    I got error in portal_sso_redirect: missing application registration information.
    we followed the APEX as partner app on how to site.
    Problem was that in SSO sdk docs, they state that if ports 80 or 442 are used, do not include the in p_listener_token - so we followed that.
    Looking through forums I tried rerunning regapp.sql and appending the 80 port for the listener token.
    Now works.
    I hope this helps others that are banging their heads against a wall trying to solve this.
    These forums are a fabulous resource.
    Peter

    I've just created a new instance on the same server, installed Apex 3.2, created a single page test app, used Application Express as Partner Application as SSO authorisation scheme, accessed the app's url and exactly the same thing happens... I just get a 404 page where the URL http://OID_HOST:port/sso/auth
    I must be overlooking something somewhere but as far as I know, I've followed all the guidance and have created this based on previous installs.
    Again, any help would be greatly appreciated!
    Thanks.

  • SSO problem on Windows Mobile with WAS Java 7.0 and R/3 4.7

    We have a curious single sign-on problem with custom WM-app.
    The application is developed using WD Java and currently runs on WAS 7.0 SPS10. WAS makes calls to several RFC:s on 4.7 Enterprise and authentication is done using SSO.
    The enduser device is a handheld running Windows Mobile and the browser is a vendor (HHP) provided Mobile IE based HandHeldWeb. Because of the poor usability of the default login on handhelds we created a custom J2EE Web Application JSP which does the login to the WM-app.
    On a PC browser everything functions normally, but occasionally with the mobile device no data from R/3 is displayed. As if SSO didn't work. Sometimes, if transaction 1 doesn't work and the user comes out of it, then runs transaction 2 which makes an RFC call and then returns to transaction 1 it works. Sometimes..
    This problem does not occur on mobile device when the default login is used. And as stated previously, on a PC the custom login works fine.
    -Erno

    Hi,
    Currently SAP is selling the Software in Business Suite .
    If you are purchasing the SRM 7.0 .It will come as Business suite . It will contain
    1. SRM 7.0
    2.CRM
    3.PLM
    4.SCM
    5. ECC 6.0 wiht Eph 4
    When you are getting the ECC 6.0 in this package why to use  SAP R/3- 4.6C
    So better you upgrade both the SRM and R/3.
    I would like to know if SRM 7.0 and R/3 4.6C is compatible in first place.Will it work?
    It will work but in the long run you will get lot  of Problem.Since SRM 7.0 is Based on Webdynpro technology
    Regards
    G.Ganesh Kumar

  • SSO problem between EP 6 SP9  on Web AS 6.4 JAVA  and  WebAS 6.3 JAVA.

    We have Portal EP 6 SP9 running on Windows 2003 and IIS version 6.
    Also implemmnted NTLM to get to the Portal from desktop.
    Every thing works fine.
    I have also setup SSO between Portal EP 6 SP9 and SAP R/3 4.7, SAP BW 3.3. Every thing works just fine.
    We also have product called xEM which runs on webAs 6.30.
    SSO is not working between EP 6 SP9 which runs on WebAS 640 Java & xEM which runs on WebAS 6.30 JAVA.
    I tried options and changed logon module stack fo ticket and it did not help.
    I imported certificate from Portal to webAS 6.3 where xEM is running. Used option load from ticketstore in the admin tool.
    Previous to this we have SSO setup between EP 6 SP2 running on WebAS 6.2 JAVA & xEM running on WebAS 6.3 and it just worked fine.
    Only change is the new Portal EP 6 SP9 running on WebAS 64.0 JAVA only.
    Please help me.

    Hmm interesting problem. Have you tried increasing the logging level on the 6.30 WebAS server so you can get more detailed info on what the issue might be?
    If so, can you post some of it?

  • NW 7.3 SSO Problem

    Hi,
    At http://portal:port/nwa;
    Configuration / Certificates and Keys / TicketKeystore / .cert We have exported the certificate.We import from STRUSTSSO2.So there is no problem here.
    But, when we get the following error when testing connection to the portal.
    Linked2 Exception: com.sapportals.connector.connection.ConnectionFailedException: Connection Failed: A nested exception occurred. Could not initialize the physical connection. Linked Exception: Connection Failed: A nested exception occurred. Could not initialize the physical connection. Linked Exception: Connection Failed: A nested exception occurred. JCO Could not create connection. -> SSO ticket editor, provided the authority.
    Please help.
    Thanks.
    Fatih.

    Hi Faith,
    As you see in exception JCO couldn't cretate connection. If you give more informatiion about your configuration SCN members can help you. And as you know NW 7.3 is new for all of us.

  • OPMN: OC4J_SECURITY won't start - SSO problems

    Hi,
    After restoring our infrastructure database and oracle home from backups I am unable to get the OC4J_SECURITY to start. I had to really fiddle around with the restoration and it's possible I mucked something up there. Here are relevant parts of the logs, I'm hoping someone can advise me what the problem is and what I can do to fix it:
    e:\oracle\product\10.1.4\identdev\opmn\logs\OC4J~OC4J_SECURITY~default_island~1
    ======================================================================================================
    09/09/13 11:02:49 Start process
    09/09/13 11:02:53 Warning: Error reading transaction-log file (/E:/oracle/product/10.1.4/identdev/j2ee/OC4J_SECURITY/persistence/OC4J_SECURITY_default_island_1/transaction.state) for recovery: premature end of file
    09/09/13 11:02:53 Forced or abrupt (crash etc) server shutdown detected, starting recovery process...
    09/09/13 11:02:53 Recovery completed, 0 connections committed and 0 rolled back...
    09/09/13 11:02:55 SSOLoginServlet.init: Starting up SSO server ...
    09/09/13 11:02:55 Initilize NLS utility...
    09/09/13 11:02:55 Reading SSO server policy....
    09/09/13 11:02:55 SSO: Entered FilePolicyManager constructor ...
    09/09/13 11:02:55 SSO: FilePolicyManager: done loading the E:\oracle\product\10.1.4\identdev\sso\conf\policy.properties file
    09/09/13 11:02:55 SSO: Leaving FilePolicyManager constructor ...
    09/09/13 11:02:55 SSODebug: Done loading the debug file, E:/oracle/product/10.1.4/identdev/sso/log/ssoServer.log
    09/09/13 11:02:57 SSO: Initializing the encryption objects failed
    09/09/13 11:02:57 oracle.security.sso.server.conf.ConfigurationException: Missing SSO server configuration
    09/09/13 11:02:57      at oracle.security.sso.server.conf.DatabaseConfigReader.init(DatabaseConfigReader.java:444)
    09/09/13 11:02:57      at oracle.security.sso.server.auth.AuthUtil.init(AuthUtil.java:194)
    09/09/13 11:02:57      at oracle.security.sso.server.ui.SSOLoginServlet.init(SSOLoginServlet.java:284)
    09/09/13 11:02:57      at javax.servlet.GenericServlet.init(GenericServlet.java:258)
    09/09/13 11:02:57      at com.evermind.server.http.HttpApplication.loadServlet(HttpApplication.java:2358)
    09/09/13 11:02:57      at com.evermind.server.http.HttpApplication.findServlet(HttpApplication.java:4800)
    09/09/13 11:02:57      at com.evermind.server.http.HttpApplication.initPreloadServlets(HttpApplication.java:4894)
    09/09/13 11:02:57      at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1026)
    09/09/13 11:02:57      at com.evermind.server.http.HttpApplication.<init>(HttpApplication.java:560)
    09/09/13 11:02:57      at com.evermind.server.Application.getHttpApplication(Application.java:915)
    09/09/13 11:02:57      at com.evermind.server.http.HttpServer.getHttpApplication(HttpServer.java:707)
    09/09/13 11:02:57      at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:637)
    09/09/13 11:02:57      at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:278)
    09/09/13 11:02:57      at com.evermind.server.http.HttpServer.setSites(HttpServer.java:278)
    09/09/13 11:02:57      at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:179)
    09/09/13 11:02:57      at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2435)
    09/09/13 11:02:57      at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1592)
    09/09/13 11:02:57      at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:92)
    09/09/13 11:02:57      at java.lang.Thread.run(Thread.java:534)
    09/09/13 11:02:57 SSO: FAILED TO START SSO SERVER!
    =============================================================================================================================
    E:\oracle\product\10.1.4\identdev\sso\logs\ssoserver.log
    =============================================================================================================================
    Sun Sep 13 10:53:22 WST 2009 [DEBUG] Orion Launcher DBConnectionPool: Checking for DB connection errors..
    Sun Sep 13 10:53:22 WST 2009 [ERROR] Orion Launcher SSO Server initialization failed. Check the DB availability and restart SSO Server
    Sun Sep 13 10:53:22 WST 2009 [ERROR] Orion Launcher Initializing the encryption/decryption objects failed
    oracle.security.sso.server.conf.ConfigurationException: Missing SSO server configuration
         at oracle.security.sso.server.conf.DatabaseConfigReader.init(DatabaseConfigReader.java:444)
         at oracle.security.sso.server.auth.AuthUtil.init(AuthUtil.java:194)
         at oracle.security.sso.server.ui.SSOLoginServlet.init(SSOLoginServlet.java:284)
         at javax.servlet.GenericServlet.init(GenericServlet.java:258)
         at com.evermind.server.http.HttpApplication.loadServlet(HttpApplication.java:2358)
         at com.evermind.server.http.HttpApplication.findServlet(HttpApplication.java:4800)
         at com.evermind.server.http.HttpApplication.initPreloadServlets(HttpApplication.java:4894)
         at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1026)
         at com.evermind.server.http.HttpApplication.<init>(HttpApplication.java:560)
         at com.evermind.server.Application.getHttpApplication(Application.java:915)
         at com.evermind.server.http.HttpServer.getHttpApplication(HttpServer.java:707)
         at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:637)
         at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:278)
         at com.evermind.server.http.HttpServer.setSites(HttpServer.java:278)
         at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:179)
         at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2435)
         at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1592)
         at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:92)
         at java.lang.Thread.run(Thread.java:534)
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Done loading Policy Configurations
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Login Page Value: /sso/pages/login.jsp
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Change password Page location: /sso/pages/password.jsp
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Wireless Login Page location: /wirelesssso/wirelesslogin.jsp
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Wireless Change password Page location: /wirelesssso/wirelesscpwd.jsp
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Calling Initialization Methods ...
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher Connection pool inactivity timeout (mins) 120
    Sun Sep 13 11:02:55 WST 2009 [DEBUG] Orion Launcher SSO Admin Group: cn=iASAdmins,cn=Groups,cn=OracleContext
    Sun Sep 13 11:02:55 WST 2009 [INFO] Orion Launcher Entered DBConnectionPool.init method ...
    Sun Sep 13 11:02:56 WST 2009 [DEBUG] Orion Launcher Repository API returned - DB conn string: ldap://agspsrap01.agric.wa.gov.au:13061/infradev,cn=oraclecontext
    Sun Sep 13 11:02:56 WST 2009 [DEBUG] Orion Launcher Setting max number of connections to 150 in the DB cache pool
    Sun Sep 13 11:02:56 WST 2009 [DEBUG] Orion Launcher Setting minimum number of connections to 0 in the DB cache pool
    Sun Sep 13 11:02:56 WST 2009 [DEBUG] Orion Launcher JDBC pool InactivityTimeout (secs) 7200
    Sun Sep 13 11:02:56 WST 2009 [DEBUG] Orion Launcher JDBC pool PropertyCheckInterval(secs) 900
    Sun Sep 13 11:02:56 WST 2009 [INFO] Orion Launcher Leaving DBConnectionPool.init method ...
    Sun Sep 13 11:02:56 WST 2009 [INFO] Orion Launcher Entered DBConnectionPool.getConnection method ...
    Sun Sep 13 11:02:57 WST 2009 [INFO] Orion Launcher Leaving DBConnectionPool.getConnection method ...
    Sun Sep 13 11:02:57 WST 2009 [DEBUG] Orion Launcher SQL Exception received: java.sql.SQLException: ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01400: cannot insert NULL into ("ORASSO"."WWCTX_SSO_SESSION$"."SUBSCRIBER_ID")
    ORA-06510: PL/SQL: unhandled user-defined exception
    ORA-06512: at "ORASSO.WWCTX_SSO", line 1579
    ORA-06502: PL/SQL: numeric or value error
    ORA-01403: no data found
    Sun Sep 13 11:02:57 WST 2009 [DEBUG] Orion Launcher DBConnectionPool: Checking for DB connection errors..
    Sun Sep 13 11:02:57 WST 2009 [ERROR] Orion Launcher SSO Server initialization failed. Check the DB availability and restart SSO Server
    Sun Sep 13 11:02:57 WST 2009 [ERROR] Orion Launcher Initializing the encryption/decryption objects failed
    oracle.security.sso.server.conf.ConfigurationException: Missing SSO server configuration
         at oracle.security.sso.server.conf.DatabaseConfigReader.init(DatabaseConfigReader.java:444)
         at oracle.security.sso.server.auth.AuthUtil.init(AuthUtil.java:194)
         at oracle.security.sso.server.ui.SSOLoginServlet.init(SSOLoginServlet.java:284)
         at javax.servlet.GenericServlet.init(GenericServlet.java:258)
         at com.evermind.server.http.HttpApplication.loadServlet(HttpApplication.java:2358)
         at com.evermind.server.http.HttpApplication.findServlet(HttpApplication.java:4800)
         at com.evermind.server.http.HttpApplication.initPreloadServlets(HttpApplication.java:4894)
         at com.evermind.server.http.HttpApplication.initDynamic(HttpApplication.java:1026)
         at com.evermind.server.http.HttpApplication.<init>(HttpApplication.java:560)
         at com.evermind.server.Application.getHttpApplication(Application.java:915)
         at com.evermind.server.http.HttpServer.getHttpApplication(HttpServer.java:707)
         at com.evermind.server.http.HttpSite.initApplications(HttpSite.java:637)
         at com.evermind.server.http.HttpSite.setConfig(HttpSite.java:278)
         at com.evermind.server.http.HttpServer.setSites(HttpServer.java:278)
         at com.evermind.server.http.HttpServer.setConfig(HttpServer.java:179)
         at com.evermind.server.ApplicationServer.initializeHttp(ApplicationServer.java:2435)
         at com.evermind.server.ApplicationServer.setConfig(ApplicationServer.java:1592)
         at com.evermind.server.ApplicationServerLauncher.run(ApplicationServerLauncher.java:92)
         at java.lang.Thread.run(Thread.java:534)
    ======================================================================================================================
    If anyone can give me a clue what to do about this I would be greatly appreciative
    Thanks
    Adam

    The RDBMS with the metadata repository was down or has been restarted. Please restart your OID and SSO and it should work again. (remember to remove all data from table ods.ods_process after stopping OID and before restarting OID)
    If not, please post the contents of the OPMN logging of OID and OC4J_SECURITY.

  • WebSphere Portal 6.1 SSO problem with Business Objects Release 3 server.

    Have anybody successfully integrated SSO between WebSphere Portal 6.1 BO portlet with Business Object release 3 server ?? If so please help. I have followed the steps in BO documentation (Portal Integration Kit for WebSphere) but when I logged on to portal I get the following error message
    Auto signon to the BusinessObjects Enterprise infrastructure at hostname  failed. Contact your reporting administrator for assistance." message

    Anybody still looking for a solution following the below guides.
    http://help.sap.com/businessobject/product_guides/boexir31SP3/en/xi31_sp3_pik_adminportlet_en.pdf
    Replace secEnterprise with secLDAP in below guide for LDAP Automatic Sign
    http://help.sap.com/businessobject/product_guides/boexir3/en/xi3_pik_deploy_ibm_en.pdf

  • 10g BIEE integrated with 10.1.4.3 SSO problem

    I have an interesting issue. I am setting up 10g BIEE with SSO on Solaris. I have it working fine on Windows but customer is moving. When I log in, I get rediected to sso and authenticated as expected. My authentication init block works, it gets an atributure from LDAP. However on the Answers page I see errors and in the sawserver.out.log, I see that my session is being reassociated from the USER id that is set in the init block to the REMOTE_USER value. The log entry, with identifying names and IPs removed looks like:
    Type: Warning
    Severity: 30
    Time: <current time>
    File: project/websubsystems/checkauthentication.cpp Line: 520
    Properties: ThreadID-7;HttpCommand-Answers;Proxy-<correct name>;RemoteIP-XX.XX.XX.XX;User-<correct name>;HttpArgs-_scid='2ezRVzXDAD
    g';Impersonator-Impersonator
    Location:
    saw.httpserver.request
    saw.rpc.server.responder
    saw.rpc.server
    saw.rpc.server.handleConnection
    saw.rpc.server.dispatch
    saw.threadPool
    saw.threads
    The session (ID: 5607n8f4oph2khenp068d2athamisqtnqtcoumizOr07UFe9W00) previously associated with "<correct name>" is now associat
    ed with "<REMOTE_USER>" (via SSO identity assertion). The caller's session will be reset.
    It goes on to say Authentication context has changed. Clearing session ID cookie and redirecting. Recorded incident
    Has anyone seen this? I don't know why the session is being reassociated with the wrong name. we have lots of saved reports tied to the value of <correct name> so I need to make this configuration work. It's like it's losing the value set in the init block and defaulting back to the value in REMOTE_USER, which messes everything up.

    I am starting to agree, the authentication init block has no use to sso authentication it is only used if you want to authenticate users against OID. The errors on Solaris are probably expected behavior. We are doing it to ourselves, but in Windows it probably works because the UNIX/LINUX version was written after Oracle bought the product, Siebel only had it for Windows, that code is different and they either suppress the error or don't even do that authentication check at all.
    thanks, I'm going to close this one.

  • SSO problems after system copy

    Hi,
    We have done a system copy of our PRD system to a new QAS server with new server host name. We also have a new ITS server with a new host name as well. So we now have 2 QAS R/3 systems and 1 portal QAS. I have reconfigured the portal system landscape to point to the new QAS R/3 system but since then SSO has not worked. Here is what I have done :
    1) Through RZ10 added the following parameters to the instance profile :
    login/accept_sso2_ticket=1
    login/create_sso2_ticket
    Checked in SSO2 and login tickets accepted.
    2) Added FQDN to instance profile parameter icm/host_name_full in RZ10
    3) in STRUSTSSO2 deleted old System PSE and created new.
    4) Exported tickets from Portal and added to STRUSTSSO2. Added to certifcate and ACL. Ticket has not expired
    5) Recreated sso tickets and imported back into R/3 with STRUSTSSO2 but still no luck.
    Can anyone help ? Do I need to make any changes in Visual Administrator ? Like adding new r/3 hostname ??
    Thanks
    Craig

    check these links     
    https://forums.sdn.sap.com/click.jspa?searchID=13478788&messageID=5478166     
    https://forums.sdn.sap.com/click.jspa?searchID=13478788&messageID=5429973     
    https://forums.sdn.sap.com/click.jspa?searchID=13478788&messageID=5321462     
    https://forums.sdn.sap.com/click.jspa?searchID=13478788&messageID=5141524

  • ISA SSO problem, help!!

    Our system landscape is as follows:
    1. Portal(7.0 sp8)  PGD  host:pekax119.mycompany.com
    2. CRM(2005)        CGS  host: crmdev01.mycompany.com
         Abap instance
         Java instance (ISA installed here)
    We want to integrate the ISA applications into PGD portal by the Partner Shop application in CRM Business Package 5.0. But SSO with ISA can't work. we have several questions very clear:
    1. XCM setting. Should we special use UME or not using UME? Or it doesn't matter for SSO?
    2. To my current understanding, the SSO with ISA is in fact the ISA J2EE engine evaluate the MYSAPSSO2 cookie from PGD portal, is this right? In this single scenario, is that all?  Besides, we already successfully config the SSO between PGD portal and CGS ABAP instance. Do we need to config the SSO between the CGS java instance and the CGS ABAP instance? We have specify login/accept_sso2_ticket = 1 in rz10 of CGS, but we havn't set the parameter login/create_sso2_ticket, is that necessary? In this scenario, the Abap system don't create any logon ticket, right?
    Thanks and Best Regards,
    Xiaoming Yang

    Hi Xiaoming,
    I'll definately try adding the parameter login/create_sso2_ticket = 2, System need to create SSO in order to send request back to portal
    Hope this help!
    Juan
    Please reward points if helpful

  • SSO problem when redirecting from a JSP page to an external application

    Hi,
    I try to make a redirect from a JSP page (that is under a SSO protected application on iAS) to another page from another application, on an external iAS server, also protected by (a different) SSO. After the redirection is done, the login window appears, I enter the login name and the password and after that I obtain the followin error:
    "Oracle SSO Failure - Unable to process request
    Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured.
    Please notify your administrator."
    In the logs og the server I found the following:
    [OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request
    mycompany.com:7777, registered host 144.147.147.200:7778.
    (the ip address being the address of the mycompany.com host).
    Any clue about this? Thanks a lot in advance!
    Regards,
    Marinel

    Hi Carlo,
    Thanks for your answer.
    The JSP original page is not added as a partner application to the second SSO server.
    The idea was that the user should insert first the login name/passwd for the first server, after being logged in, then redirected to the second application (on a different server), insert the login name/password for the second application and then load the 2nd application page. It seems that is not working after inserting the password for the 2nd application.
    Coming to a more general question that could help me to avoid this complicated approach: is it possible to have two different applications deployed on two different iAS servers and the two applications to use the same SSO (let's say the one from the first iAS server)? I have to mention that the process scenario is the following: the user load a page from the first application (protected by SSO), then, after successfull login and some processing in the first app, he will be automatically redirected by the first app to the second application, on the second server. I want to have also the second application, on the 2nd server, protected by SSO (ideally would be the same SSO as the first one!). Ideally the scenario would be: if it is redirected from the first app and the user is already authenticated, the automatic redirection should be done transparently for the user (without enetring the password again). If the user goes directly from the browser to a page of the second app, the SSO login window should be displayed and the user should provide his password.
    Is such a scenario possible on two apps deployed on two different servers?!
    Thanks a lot again!
    Regards,
    Marinel

  • AutoVue 20.2 UCM VueLink SSO problem

    We have just installed AutoVue 20.2 and configured the VueLink for UCM. Everything works properly, including proper authentication with ucm, however when I go into UCM and click 'view in autovue' it challenges me for a username and password. Is there any way to make the autovue applet not challenge for authentication?
    Thanks and regards,
    Matt
    Edited by: 961991 on 27-Sep-2012 23:30

    Hi Matt,
    We would need to see the VueLink and AutoVue server logs in order to see if there is any specific errors in them. To enable the VueLink log please refer to Note 1447757.1 and to enable the AutoVue server log please refer to Note 1151834.1. Both notes can be found in My Oracle Support. Once the logs are properly enabled you can simply reproduce the problem and create a new SR in My Oracle Support and attached the logs to the SR along with the problem description. I would also suggest to mention the VueLink version along with the UCM version you are using.
    Thanks,
    Daniel

  • Can't add cloud system to Eclipse - Password SSO problem

    Hi folks,
    Ok so I'm doing the openSAP Hanacloud2 course.
    When I go to set up my Eclipse and in the HANA Development perspective I ask to "add cloud system", I put in hanatrial.ondemand.com, my account, user id and I've tried all my usual passwords, but it still doesn't work.
    Regardless of what I put in I get the response:
    "The identify of user i003170 could not be verified for
    https://services.hanatrial.ondemand.com/services/v1/instances/i003170trial/persistence/v1/schemas/.
    Please very the supplied user name and password and execute the command again."
    The trouble is, as a SAP Employee, everything on the web logs me in by SSO.  I can't see anywhere in the HCP to reset the password or anywhere in Eclipse to use SSO?
    So I'm stuck.  Any suggestions????
    Rgds,
    Jocelyn

    Hey Jocelyn,
    it's the SAP ID Service / SCN password. Here you go:
    SAP Community Network: Forgot Your Password?
    Cheers,
    --Vlado

  • CWMS 2.5 SSO problem

    Hi everybody,
    After upgrading our CWMS from 2 to 2.5 SSO wont work any longer. It was working just fine before that. Now we get the following message:
    SSO Redirection Failed
    SSO protocol error. Contact your administrator for further support..
    Any ideas?
    Thanks,
    Alex.

    Thanks for the reply. In the meantime I integrated with CUCM and from CUCM to AD for auth. It was more a workaround then a fix but it got me going. 
    Thanks a lot again!

  • SSO Problem in firefox 1.0.6 browser

    Hi.
    I installed firefox 1.0.6 browser and I try to download client certification from http://service.sap.com/tcs. (I already have client certification for IE and It works)
    If I click "apply for an SAP passport" in sapnet, client certification downloaded my PC and installed firefox.
    After Then, I restart firefox and go to sapnet.
    Firefox doesn't recognize client certifiaction and request simple userid / password.
    Is there any idea ?
    Regards, Arnold.

    Hi,
    please try:
    --> Open PSE Management
    --> Select File
    --> Export PKCS#
    --> Select C:\ as directory or somewhere els on you hard drive
    --> Type your PSE Password 2 times
    --> Open Firefox Certifikate Store and include the certificate by clicking on import.
    --> Also type your PSE password in the popup normaly 2 popups after that ist should be done.
    If you have any more questions please ask again.
    kind regards
    Fabian

Maybe you are looking for

  • How to include Abbreviations in Dimensional Model

    Dear All, The question is basically related to modelling but as I am using OWB for this, I am posing the question here. I have to migrate a HR database from relational model to dimensional model. I have the following situation. There is a table which

  • Obtain all list of queries run on the database in history.

    Good day to all of you. This is my first post here. We have an application where we need to study the set of all queries that were run successfully on the DB by users of that db. In particular, SELECT stats that were run on the DB Tables/Views... The

  • Why wont itunes 11 install on my computer?

    itunes says it has successfully downloaded but it did not upgrade version 10. so i uninstalled itunes now it still wont install

  • Translation Route wizard Report

    Hello I am configuring UCCE components for Translation Route, After finishing my Translation Route wizard at the end when I click on finish, there was an error says ''Microsoft Visual C++ Runtime Library  Program: D:\icm\bin\trwizard.exe and I am not

  • Can see song on mac but not at the spot placed on shuffle

    Hi, My son's problem is he placed a song at a certain place on his ipod shuffle. It can be seen when it's mounted on our mac but it's not at that place when he's listening. Thanks for any suggestions Robert