BPM Composer and custom authenticator

Similar Messages

• BPM Composer and workspace login using OID

  I have configured my weblogic to use OID for user and roles management. I am able to login as me when I access weblogic console and em (I am a member of administrator group). When I tried to login to BPM Composer and workspace, I have to login as weblogic user (the user from weblogic embedded ldap from my install). How to configure the BPM composer and workspace to use OID that I've configured in WLS?
  Thanks.

  Never mind. I solved this problem. Just need to ensure all the authenticator control flag set to SUFFICIENT.

• Oracle BPM Composer and no ADF

  Hi Everyone,
  We are planning to use Oracle BPM as our BPM engine. But our organization doesn't support ADF. So could anyone help to answer the below questions. Thanks a lot for your time.
  1) Can we use Oracle BPM Composer... Does Oracle BPM composer require extended ADF Domain?
  2) Default BPM workspace can't be used. So we need to build our own workspace. Are they any predefined framework to build a MVC or any other java framework to build workspace.
  3)Could anyone let me know the additional things we should take care in case we don't use ADF domain.
  Thanks everyone for your time.

  Oracle BPM Studio (JDeveloper) is used by developers to create processes, human tasks, the process instance payloads, the composite services used by the processes, complex transformations, business rules and the ADF UIs.
  Composer is a business user oriented web based tool used by business analysts with similar capabilities.  Using Composer, business people can create and maintain processes, define process instance payloads, human tasks, process payloads, business rules.  Instead of creating ADF UIs, you create and test web forms using a web based UI web form designer tool that it comes with in 11.1.1.7. Because the forms built using Composer can only be viewed from the Workspace or WebCenter Spaces tools, and because you're not going to use the Workspace or WebCenter Spaces tools, you won't be able to use Composer to create your UIs.
  You might want to rethink your decision to not use the Workspace or WebCenter Spaces tools, but because you're not going to use either one you will instead be building your forms using the form design tool of your choice.
  Although I'd advise you against recreating it, you'll need to become comfortable using the different APIs Oracle BPM exposes if you're going to try to duplicate the Workspace and WebCenter Spaces tool functionality.
  Here's the API JavaDoc and a few blogs that will give you some tips on getting started:
  API JavaDoc reference -
  http://docs.oracle.com/cd/E28280_01/apirefs.1111/e25378/toc.htm
  http://docs.oracle.com/cd/E14571_01/apirefs.1111/e10660/oracle/bpel/services/workflow/query/ITaskQueryService.html
  http://docs.oracle.com/cd/E28389_01/apirefs.1111/e25378/oracle/bpm/services/instancequery/IInstanceQueryService.html
  Simple list example -
  http://soadev.blogspot.in/2011/07/querying-oracle-bpm-process-instances.html
  Aborting instances -
  http://download.oracle.com/docs/cd/E17904_01/apirefs.1111/e10659/oracle/soa/management/facade/package-tree.html
  Creating instances -
  http://niallcblogs.blogspot.com/2011/12/invoking-bpm-processes-via-java.html
  Building a custom worklist ap -
  http://redstack.wordpress.com/worklist/
  http://redstack.wordpress.com/2011/03/09/creating-the-domain-layer-for-the-worklist/
  http://redstack.wordpress.com/2011/03/09/implementing-task-initiation/
  Purging Instances -
  http://niallcblogs.blogspot.com/2011/12/soabpm-apis-manipulating-composites-and.html
  Instance Query -
  http://java.net/projects/oraclebpmsuite11g/downloads/directory/Samples/bpm-api-101-instance-query
  Human Workflow Services / Human Task API -
  http://docs.oracle.com/cd/E23943_01/dev.1111/e10224/bp_workflow.htm
  http://docs.oracle.com/cd/E23943_01/apirefs.1111/e10660/toc.htm
  Oracle BPM 11g Human Workflow Service Java API – Part 1
     http://niallcblogs.blogspot.com/2010/11/oracle-human-workflow-service-java-api.html
  Oracle BPM 11g Human Workflow Service Java API – Part 2
     http://niallcblogs.blogspot.com/2010/11/human-workflow-java-api-part-2.html
  Oracle BPM 11g Human Workflow Service Java API – Part 3 – ITaskQueryService.AssignmentFilter
     http://niallcblogs.blogspot.com/2010/12/oracle-human-workflow-part-3.html
  UMS API:
  http://docs.oracle.com/cd/E28280_01/apirefs.1111/e14011/toc.htm
  Dan

• How to configure bpm composer and access the projects present in bpm mds re

  To access the bpm composer I performed the below mentioned steps: - Installed the standalone weblogic server with soa server configured
  - Invoked the bpm composer using the url : http://machine:soa_port/bpm/composer
  - Used weblogic and weblogic1 as username and password.
  Please let me know whether I am following the correct approach as I am not able to see any options in bpm composer like open project etc, the project menu appears but there are no projects visible.

  The answer couldn't help us much. I will give you the steps we have followed in detail
  We have created a sample customizable BPEL process by selecting a Customizable checkbox in Jdev.
  Then,The sample BPEL process is deployed to SOA server from JDeveloper. We could see the deployed BPM process in EM console.
  Also the MDS repositories required for customization too are present in EM.
  Then We tried accessing the BPM Composer to do some customization on the sample BPEL process deployed. We are able to login to the BPM composer using "weblogic" user.
  But the composer displays only the welcome page. There are no other links enabled.
  Please let us know How to make a BPEL process customizable using BPM composer.
  Also there is an another SOA Composer. When this composer is mainly used?
  There is another BPM Workspace console. But we could not login to this using "Weblogic" user though we are able to login in EM, SOA and BPM composer.
  Why the login failed uisng "weblogic" user here?What for this console is used?

• Oracle BPM Composer and other Apps Too Slow

  Dear Forum Members,
  I made a installation of Oracle BPM/SOA Suite in a Development VM with 5GB RAM.
  The web applications such as BPM Composer, EM, Weblogic Console are too slow. They take too much time to load.
  I am using the JRockit JVM and Centos 6.
  Regards.

  Bump up your memory to 8gb and then look at your xmx setting in your startWeblogic.sh and ensure it's 3072m or more.

• Integrating BPM Composer and SOA Composer with Fusion

  Hi
  I am working on integration of BPM Composer or SOA Composer with Fusion. Any kind of help like documents etc would be very much appreciated.
  Thanks

  I don't believe that noone has ever tried to connect the local BPM environment to a remote WCC server before. Please let me know if you've ever experienced the same problem. Otherwise, even a simple "I tried to do the samething and I succeeded using the same steps in the tutorial" would help too .
  Another thing is that yesterday, I talked to the tech-lead and I learned that our WCC server environment doesn't have BPM installed yet. I am wondering if this would cause the WCC server to not understand the request from my BPM server. In addtion, I've also upgraded my local BPM server using the lastest SOA bundled patch. Should the same patch be applied to the WCC server environment too?
  I'd be very grateful for any advice .

• Question about setting cookies and custom authentication

  I have a question about setting cookies.
  I have two different 'projects' in HTMLDB - we will call them App1 and App2.
  I also have two different connection configurations setup in the DADs.conf file. - we will call them Connect1 and Connect2.
  App1 is setup to use database authentication (no user is specified in the DAD) and uses Connect1. Once the user successfully logs in, we set a username cookie (this is a persistent connection).
  We created a custom authenticatoin scheme for App2 - this scheme checks for the username cookie (set by App1). We would like for App2 to use Connect2 (HTMLDB_PUBLIC_USER is the default user specified and it uses connection pooling).
  Is it possible to set a cookie from App1, Connect1 for App2, Connect2 - then redirect to App2 and pick up that cookie?
  Here is an example of what we are trying to accomplish:
  A user loggs into App1, we set a cookie, and the user is redirected to App2. If the cookie exists, we allow them access to the home page in App2, if no cookie, we redirect back to a 'Login Failed' page in App1. We don't want App2 to use the same database connection as App1 though, we need App2 to use connection pooling.
  Is this possible? OR...Is there a better way to accomplish what we want to do?
  This is an enhancement to an existing app. Our requirements are to use Database Authentication (setup where pass expires after 60 days or so, cannot reuse last 3 passwords, etc.) - which is already setup and being used by other applications in our organization. All of our users have accounts in the database. We don't want users to have a new username/pass - and we don't want to manage a separate group for HTMLDB apps.
  The existing application uses HTMLDB's built in authentication - which uses database username/pass, and it uses connection pooling, but we cannot handle the pass expire stuff in it, unless there's something we're not seeing or understanding - at least that's how our DBA explained it to us.
  Any help with this will be appreciated so much. I can send you the code we have if needed.
  Thanks!

  Same problem here.  I have so many problems with this remote app.  Is there an iTunes API? I would like to write my own remote app that actually works.

• BPM Composer Player Configuration

  Hi
  I Configure my BPM server Behind a proxy (3 SOA Cluster and Proxy Server). when I want To play a process in BPM Composer, and launch to web Form (Not ADF form), BPM Composer try to load form from url that contain server name instead of Proxy url.
  for example my proxy server URL is : obpm.test.com:99
  and url to Access to Composer is : obpm.test.com:99/bpm/composer
  But call Form from this URL : ServerName(computer name):99/workflow/DefaultToDoTaskFlow/faces/adf.task-flow ..........
  and Cannot load Form.
  which mbean must edited ?

  No one?

• BPM composer - issue project

  Hi Experts,
  We have problems with create projects in BPM composer. Our configuration is :
  Server Admin
       weblogic Server 10.3.6.4 - Binaries
       SOA Suite 11.1.1.7 - Binaries
  Server Managed
       weblogic Server 10.3.6.4 - Binaries
       SOA Suite 11.1.1.7 - Binaries
  Domain configuration is Admin Server in Server Admin and soa_server1 in Managed Server.
  I can create project in BPM composer and also publish in order to works with jdeveloper (jstudio)
  the problem is that when restart Managed Server, all the projects gone, we can't see any projects created previously.
  Can anyone help us ?
  Regards

  You need to put policies and credentials in a LDAP or DB.

• Accesing to the BPM Composer Web Page - Error : CurrencyKey not preserved

  Hi there,
  I've recently installed the Soa Suite 11.1.1.4, and when i logged in th BPM Composer and I try to use any option of the web page, i can see in the log the next error :
  ]] Root cause of ServletException.
  java.lang.AssertionError: CurrencyKey not preserved
       at org.apache.myfaces.trinidad.component.UIXCollection.encodeEnd(UIXCollection.java:531)
  With this error i can't navigate inside the BPM Composer Web page, any idea about this problem?
  Regards

  The solution to this issue, is adding in the CMDLINE of the Register Service the next value -da:org.apache.myfaces.trinidad.component.UIXCollection, with this option we disable the assertion of java, after that i can work with the BPM Composer Web Application

• New server and/or CA certificate for connection from custom authentication

  We are running Access Manager version 72005Q4 in the Sun ONE Web Server 6.1SP5 B06/23/2005 container with java build 1.5.0_07-b03. I run a custom authentication module which checks sessions against our university single sign on system which is CAS (from Yale/Jasig). The checks are essentially https calls. All this has been working well for us for the last couple of years.
  I would like to migrate the certificate used on the university CAS system from a Verisign certificate to a wildcard certificate issued by the IPS CA in spain -- these are in most browsers but are not in the standard batch of cacerts CA's -- and are free for .edu domains.
  My other java based authentication plugins (Blackboard, custom apps etc) have worked fine once I import the certificate into the cacerts for the java container, but I'm missing something (obvious probably) about importing this certificate so that my amserver custom authentication module can connect to the CAS server once the CAS server is using the new certificate.
  Could anyone provide guidance on where I need to import this server certificate (or preferably the IPS CA) in order to allow the custom authentication module to work properly? I assume this same problem has been solved by people wishing to connect from the amserver to services with self signed certificates. For some reason I'm finding the debugging unexpectedly difficult, I'll outline some of those details below.
  Relevant things I've tried so far:
  Import both the server cert and the IPS CA into the cacerts of the java container identified in the web server server.xml /usr/jdk/entsys-j2se.
  Import the IPS CA into the web server cert8 style db via the web admin server.
  The debugging has surprised me a bit, as I'm not getting an error that is explicitly SSL related error. It almost seems like the URLConnection object ends up using a HttpURLConnection rather than an HttpsURLConnection and never gives me a cert error, rather a connection refused since there is no non SSL service running on CAS. The same code pointed to the server running the verisign cert works as expected.
  Part of the stack:
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: java.net.ConnectException: Connection refused
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.socketConnect(Native Method)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:516)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:466)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:287)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:311)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:489)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:477)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.writeRequests(HttpURLConnection.java:422)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:937)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.util.SecureURL.retrieve(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(Unknown Source)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.fsu.ucs.authentication.providers.CASAMLoginModule.process(CASAMLoginModule.java:86)
  [28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:729)
  The relevent bit of code from the SecureURL.retrieve looks as follows:
  URL u = new URL(url);
  if (!u.getProtocol().equals("https"))
  throw new IOException("only 'https' URLs are valid for this method");
  URLConnection uc = u.openConnection();
  uc.setRequestProperty("Connection", "close");
  r = new BufferedReader(new InputStreamReader(uc.getInputStream()));
  String line;
  StringBuffer buf = new StringBuffer();
  while ((line = r.readLine()) != null)
  buf.append(line + "\n");
  return buf.toString();
  } finally { ...
  The fact that this same code in other authentication modules running outside the amserver (in other web containers as well, tomcat and resin for example) running java 1.5 works fine with the new CA, as well as with self signed certs that I've imported into the appropriate cacerts file leads me to believe that I'm either importing the certificate into the wrong store, or that there is some additional step needed for the amserver in the Sun Web container.
  Thank you very much for any insights and help,
  Ethan

  I thought since this has had a fair number of views I would give an update.
  I have been able to confirm that the custom authentication module is using the cert8 db defined in the AMConfig property com.iplanet.am.admin.cli.certdb.dir as documented. I do seem to have a problem using the certificate to make outgoing connections, even though the certificate verifies correctly for use as a server certificate. This is likely a question for a different forum, but just to show what I'm looking at:
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u V
  certutil: certificate is valid
  root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  certutil: certificate is invalid: Certificate type not approved for application.
  root@jbc1 providers#/usr/sfw/bin/certutil -M -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -t uP,uP,uP
  root@jbc1 providers#/usr/sfw/bin/certutil -V -l -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
  FSU Wildcard Certificate : Certificate type not approved for application.
  So it could be that I don't understand how to use the certutiil to get the permissions I want, or it could be that using the same certificate for both server and client functions is not supported -- though you can see why this would be a common case with wildcard certificates.
  BTW for those interested, it did seem to be the case that when the certificate failure occurred that the attempt was then made by the URLConnection to bind to port 80 in cleartext even though the URL was clearly https. I'm sure this was just an attempt to help out misformed URL, but it seemed that the URLConnection implementation in the amserver would swapped traffic over cleartext if that port had been open on the server I was making the https connection to; that seems dangerous to me, I would not have wanted it to quietly work that way exposing sensitive information to the network.
  This was why I was getting back a connection refused instead of a certificate exception. The URLConnection implementation used by the amserver is defined by java.protocol.handler.pkgs=com.iplanet.services.comm argument passwd to the JVM, and I imagine this is done because the amserver pre-dates the inclusion of the sun.net.www.protocol handlers, but I don't know, there maybe reasons why the amserver wants it own handler. I only noticed that this is what was going on when I as casting the httpsURLConnection objects to other types trying to diagnose the certificate problem. I would be interested in hearing if anyone knows if there is a reason not to use sun.net.www.protocol with the amserver.
  After switching to the sun.net.www.protocol handler I was able to get my certificate errors rather than the "Connection Refused" which is what lead me to the above questions about certutil.

• Custom Authentication Provider and User Manage like SQLAuthenticator, How?

  Hi everyone,
  I faced a problem with login function of my portal (Webcenter Application). The Problem is:
  - Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
  - If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
  - View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
  Here are my work:
  - I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
  - I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
  Here are my Code:
  <?xml version="1.0" ?>
  <MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
             Package = "orkit"
             Extends = "weblogic.management.security.authentication.Authenticator"
             PersistPolicy = "OnUpdate">
      <MBeanAttribute
          Name        = "ProviderClassName"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;orkit.OrkitVASPortalProviderImpl&quot;"
  />
      <MBeanAttribute
          Name        = "Description"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;WebLogic Simple Sample Audit Provider&quot;"
  />
      <MBeanAttribute
          Name        = "Version"
          Type        = "java.lang.String"
          Writeable   = "false"
          Default     = "&quot;1.0&quot;"
  />
      <MBeanAttribute
          Name        = "LogFileName"
          Type        = "java.lang.String"
          Default     = "&quot;SimpleSampleAuditor.log&quot;"
  />
  </MBeanType>
  package orkit;
  import java.util.HashMap;
  import javax.security.auth.login.AppConfigurationEntry;
  import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
  import weblogic.management.security.ProviderMBean;
  import weblogic.security.provider.PrincipalValidatorImpl;
  import weblogic.security.spi.*;
  public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
      private String description;
      private LoginModuleControlFlag controlFlag;
      public OrkitVASPortalProviderImpl() {
          System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
      @Override
      public IdentityAsserterV2 getIdentityAsserter() {
          return null;
      // Our mapping of users to passwords/groups, instead of being in LDAP or in a
      // database, is represented by a HashMap of MyUserDetails objects..
      public class MyUserDetails {
          String pw;
          String group;
          // We use this to represent the user's groups and passwords
          public MyUserDetails(String pw, String group) {
              this.pw = pw;
              this.group = group;
          public String getPassword() {
              return pw;
          public String getGroup() {
              return group;
      // This is our database
      private HashMap userGroupMapping = null;
      public void initialize(ProviderMBean mbean, SecurityServices services) {
          System.out.println("The Orkit VASPortal Provider is intializing......");
          OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
          description = myMBean.getDescription() + "\n" + myMBean.getVersion();
          System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
          // We would typically use the realm name to find the database
          // we want to use for authentication. Here, we just create one.
          userGroupMapping = new HashMap();
          userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
          userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
          userGroupMapping.put("system", new MyUserDetails("12341234",
                  "Administrators"));
          String flag = myMBean.getControlFlag();
          if (flag.equalsIgnoreCase("REQUIRED")) {
              controlFlag = LoginModuleControlFlag.REQUIRED;
          } else if (flag.equalsIgnoreCase("OPTIONAL")) {
              controlFlag = LoginModuleControlFlag.OPTIONAL;
          } else if (flag.equalsIgnoreCase("REQUISITE")) {
              controlFlag = LoginModuleControlFlag.REQUISITE;
          } else if (flag.equalsIgnoreCase("SUFFICIENT")) {
              controlFlag = LoginModuleControlFlag.SUFFICIENT;
          } else {
              throw new IllegalArgumentException("Invalid control flag " + flag);
      public AppConfigurationEntry getLoginModuleConfiguration() {
          HashMap options = new HashMap();
          options.put("usermap", userGroupMapping);
          System.out.println("UserMap: " + options);
          return new AppConfigurationEntry(
                  "orkit.OrkitVASPortalLoginModule",
                  controlFlag, options);
      public String getDescription() {
          return description;
      public PrincipalValidator getPrincipalValidator() {
          return new PrincipalValidatorImpl();
      public AppConfigurationEntry getAssertionModuleConfiguration() {
          return null;
  //    public IdentityAsserter getIdentityAsserter() {
  //        return null;
      public void shutdown() {
  * To change this template, choose Tools | Templates
  * and open the template in the editor.
  package orkit;
  import orkit.OrkitVASPortalProviderImpl;
  import java.io.IOException;
  import java.util.*;
  import javax.security.auth.Subject;
  import javax.security.auth.callback.*;
  import javax.security.auth.login.*;
  import javax.security.auth.spi.LoginModule;
  import weblogic.security.principal.WLSGroupImpl;
  import weblogic.security.principal.WLSUserImpl;
  * This login module will be called by our Authentication Provider. It assumes
  * that the option, usermap, will be passed which contains the map of users to
  * passwords and groups.
  public class OrkitVASPortalLoginModule implements LoginModule {
      private Subject subject;
      private CallbackHandler callbackHandler;
      private HashMap userMap;
      // Authentication status
      private boolean loginSucceeded;
      private boolean principalsInSubject;
      private Vector principalsBeforeCommit = new Vector();
      public void initialize(Subject subject, CallbackHandler callbackHandler,
              Map sharedState, Map options) {
          this.subject = subject;
          this.callbackHandler = callbackHandler;
          // Fetch user/password map that should be set by the authenticator
          userMap = (HashMap) options.get("usermap");
       * Called once after initialize to try and log the person in
      public boolean login() throws LoginException {
          // First thing we do is create an array of callbacks so that
          // we can get the data from the user
          Callback[] callbacks;
          callbacks = new Callback[2];
          callbacks[0] = new NameCallback("username: ");
          callbacks[1] = new PasswordCallback("password: ", false);
          try {
              callbackHandler.handle(callbacks);
          } catch (IOException eio) {
              throw new LoginException(eio.toString());
          } catch (UnsupportedCallbackException eu) {
              throw new LoginException(eu.toString());
          String username = ((NameCallback) callbacks[0]).getName();
          System.out.println("Username: " + username);
          char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
          String password = new String(pw);
          System.out.println("PASSWORD: " + password);
          if (username.length() > 0) {
              if (!userMap.containsKey(username)) {
                  throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
              }else{
                  System.out.println("Contstainded Username");
              String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
              if (realPassword == null || !realPassword.equals(password)) {
                  throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
              }else{
                  System.out.println("Everyitng OKIE");
          } else {
              // No Username, so anonymous access is being attempted
          loginSucceeded = true;
          // We collect some principals that we would like to add to the user
          // once this is committed.
          // First, we add his username itself
          principalsBeforeCommit.add(new WLSUserImpl(username));
          // Now we add his group
          principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
          return loginSucceeded;
      public boolean commit() throws LoginException {
          if (loginSucceeded) {
              subject.getPrincipals().removeAll(principalsBeforeCommit);
              principalsInSubject = true;
              return true;
          } else {
              return false;
      public boolean abort() throws LoginException {
          if (principalsInSubject) {
              subject.getPrincipals().removeAll(principalsBeforeCommit);
              principalsInSubject = false;
          return true;
      public boolean logout() throws LoginException {
          return true;
  }and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
  Can someome help.
  Thanks in advance!

  Hi ,
  SQLAuthenticator is not yet supported with UCM 11g due to some JPS Provider limitations .
  Currently there is an Enhancement request for this .
  Thanks
  Srinath

• Free Visual Composer session for BPM Users (and win an iPod!)

  Hello to all BPM fans and users!
  We would like to invite you to a free online session that focuses on creating UIs for your human tasks in BPM, using Visual Composer ! Forget all these Web Dynpro APIs and focus on what's really important - your user. With Visual Composer, you can seamlessly create UIs that use data coming from the BPM process and send data from the task to the process.
  You can integrate a variety of UI elements and manipulate data inside the Visual Composer model, insert Flex elements, and also add Web Dynpro components and UI if you realize that something is still missing.
  The first of several online sessions will take place on Thursday 3/6/2010 13:00 GMT+2 and you're all invited. Attend the session for a chance to win an iPod !
  Weu2019ll have more of these sessions, focusing on other more advanced topics of Visual Composer. To receive the session connection data, please send us an email to visualcomposer @ sap.com and tell us a bit about yourself: your role in your company, the kind of projects you usually do, and the level of knowledge and experience you have with Visual Composer (if any).

  Hello to all BPM fans and users!
  We would like to invite you to a free online session that focuses on creating UIs for your human tasks in BPM, using Visual Composer ! Forget all these Web Dynpro APIs and focus on what's really important - your user. With Visual Composer, you can seamlessly create UIs that use data coming from the BPM process and send data from the task to the process.
  You can integrate a variety of UI elements and manipulate data inside the Visual Composer model, insert Flex elements, and also add Web Dynpro components and UI if you realize that something is still missing.
  The first of several online sessions will take place on Thursday 3/6/2010 13:00 GMT+2 and you're all invited. Attend the session for a chance to win an iPod !
  Weu2019ll have more of these sessions, focusing on other more advanced topics of Visual Composer. To receive the session connection data, please send us an email to visualcomposer @ sap.com and tell us a bit about yourself: your role in your company, the kind of projects you usually do, and the level of knowledge and experience you have with Visual Composer (if any).

• Oracle BPM Composer Authentication Failing.

  Hi,
  I have installed the Oracle BPM in our server,but facing some problem while login..
  1)Installed Software.
  Database Oracle 119 version (11.1.0.7.0) ---64bit Release1 and (11.2.0.1.0) ---64bit Release2
  Weblogic Server wls1033_oepe111150_win32
  Repository Creation Utility (11.1.1.3.3)
  BPM Suite & Patch SOA Suite (11.1.1.2.0) and SOA Suite (11.1.1.3.0)
  Oracle JDeveloper 11 g (11.1.1.3.0) (Build 5660)
  Able to Browse
  Oracle EM FMW Control ......... http://localhost:7001/em Able to login with weblogic id and pwd
  Oracle WLS Console ............ http://localhost:7001/console Able to login with weblogic id and pwd
  Oracle BPM Workspace .......... http://localhost:7001/bpm/workspace Not Able to login with weblogic id and pwd
  Oracle Process Composer ....... http://localhost:7001/bpm/composer Not Able to login with weblogic id and pwd
  I am not able to login into the composer and workspace ,i try adding the users in the securityrelam but also this is not helping..
  Please suggest a way to debugg and rectify this issue.
  Thanks in advance for your help.
  Regards,
  Shyam

  If you are using managed server (default), the URLs will be:
  Oracle BPM Workspace .......... http://localhost:8001/bpm/workspace
  Oracle Process Composer ....... http://localhost:8001/bpm/composer
  That is port 8001 instead of 7001

• Integration Visual Composer and BPM (netwearver CE7.11)

  Hi Guys.
  System: netwearver CE7.11
  We have a problem with the process of integration between Visual Composer and BPM. We have found a message  |https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/2011e628-b317-2c10-9fa7-952155e10705] explaining the step by step to join my visual compeser with BPM.
  The steps from guide(the guide includes a video) already have been implemented and the final result looks fine, but it is in this moment, when we want to create and deploy the BPM process with the result from guide(Web dynpro wrapp with the visual composer), when the error happens, the BPM process is created OK but not properly deployed.
  Could anyone help us?, thank you in advanced.
  The message error is:
  Status ERROR
  Plugin : com.sap.ide.tools.services
  code=0
  children=[
  Status ERROR
  Plugin : com.sap.ide.tools.services
  code=0
  Deploy Exception.
  com.sap.engine.services.dc.api.deploy.DeployException: [ERROR CODE DPL.DCAPI.1027] DependenciesResolvingException.
  Reason: ASJ.dpl_dc.006505 [ERROR CODE DPL.DC.3033] An unresolved dependencies error occurred while sorting the deployment batch items regarding the dependencies.; nested exception is:
       com.sap.engine.services.dc.cm.deploy.sdu_deps_resolver.UnresolvedDependenciesException: [ERROR CODE DPL.DC.3437] Unresolved dependencies found for the following deployment items: [
  1. Component: name: [firsttask], vendor: [demo.sap.com], location: [localDevelopment], version: [20090617122840], software type: [J2EE], csn component: [], dependencies: [[name: 'tcblloggingapi', vendor: 'sap.com', name: 'tcddicruntimefacade', vendor: 'sap.com', name: 'tcaiibaseofflinefacade', vendor: 'sap.com', name: 'tccmi', vendor: 'sap.com', name: 'tcvcglxbridgecomp', vendor: 'test.sap.com', name: 'tcblexceptionlib', vendor: 'sap.com', name: 'tcbljrfcapi', vendor: 'sap.com', name: 'tcwdapi', vendor: 'sap.com']]
  Unresolved dependency:
  name: 'tcvcglx~bridgecomp', vendor: 'test.sap.com'     ( not found in the admitted batch items and the repository)
  Edited by: iaspano on Jun 18, 2009 5:31 PM

  Hi,
  Is 'tcvcglx~bridgecomp' already deployed or part of the deployment? There is a deploy time dependency specified. Thus without this DC the other DC won't deploy.
  Cheers
  Martin