Custom authentication in WL 8.1
I have a web app that uses BASIC authentication.
What I want is for the standard web app login box to be used,
but then I want to use a custom database table to verify the username password.
How do I do this in weblogic 8.1.
"beaglebuddy" <[email protected]> wrote in message
news:3f4394e9$[email protected]..
>
I have a web app that uses BASIC authentication.
What I want is for the standard web app login box to be used,
but then I want to use a custom database table to verify the usernamepassword.
How do I do this in weblogic 8.1.On dev2dev, there is a sample dbms authentication provider that you can use
as a starting point
for a custom provider. You then configure this authentication provider in
WLS and authentication
will be handled by your provider.
Similar Messages
-
Custom Authenticator not returning correctly
Hi,
I have written a custom authenticator to automatically migrate users from an oracle
SSO database into the default WLS8.1 realm (and ultimately to an LDAP Realm).
It all works fine, except that the over all login process fails.
The server is set up to use the default Authenticator initially (set to SUFFICIENT),
then, if this fails, the Migration authenticator (set to REQUIRED) is called.
If this finds the user on the Oracle db, it creates a user for them in the default
realm, and logs them in.
The problem is that even though my Migration Authenticator finishes successfully
(ie the commit() method is executed and returns true) WLS still calls the login
error page as set up in the web.xml file.
The last few lines of the login() method of the authenticator are :
loginSucceeded = true;
addUserToWLSRealm(userId, userPassword);
principalsForSubject.add(new WLSUserImpl(userId));
then the commit() method is :
public boolean commit() throws LoginException {
if(loginSucceeded) {
subject.getPrincipals().addAll(principalsForSubject);
principalsInSubject = true;
System.out.println("OracleSSOLoginModule.commit - true");
return true;
} else {
System.out.println("OracleSSOLoginModule.commit - false");
return false;
If the user then tries to log in again, since they have been added to the WLS
realm, they are let in, but it should happen on the first attempt.
Any Ideas...?
TIA
Paul"Paul Davies" <[email protected]> wrote in message
news:3f4f37b3$[email protected]..
>
Hi,
I have written a custom authenticator to automatically migrate users froman oracle
SSO database into the default WLS8.1 realm (and ultimately to an LDAPRealm).
It all works fine, except that the over all login process fails.
The server is set up to use the default Authenticator initially (set toSUFFICIENT),
then, if this fails, the Migration authenticator (set to REQUIRED) iscalled.
If this finds the user on the Oracle db, it creates a user for them in thedefault
realm, and logs them in.
The problem is that even though my Migration Authenticator finishessuccessfully
(ie the commit() method is executed and returns true) WLS still calls thelogin
error page as set up in the web.xml file.
Turn on security debugging and see if you are getting a login exception
in the debug output - set the DebugSecurityAtn attribute in the ServerDebug
mbean. -
URGENT help required : Custom Authentication Plugin for validation of users
Hi Experts.
I'm a newbie and am stuck in middle of nowhere.
I have been asked to develop a custom authentication plug-in which would validate a user using the attributes such as a userid and a shared-userid.
shared-userid is just a custom id that would be generated on the basis of some logic.
Currently I'm using OAM 10.1.4.3.0 on WINDOWS server and as everybody, I'm also not able to find any sample files or sample folder structure.
As per one of the other threads https://forums.oracle.com/forums/thread.jspa?messageID=3838474, sample code and sample folders are removed from this particular version and were present in some previous version.
So, can anyone please help me out with the following:
1. How can I proceed to accomplish this task, i.e. to check whether a user-id and a shared-userid both are validated and a user is granted access.
2. Are all of these files required to create a custom authentication plug-in or can we proceed only with the ".c" file (i.e. make file, authn.c, and a dll file made using the make file and .c file)
3. Can anybody provide me with a sample file or a sample code written in "C" wherein the plug-in connects to the LDAP and searches for a particular dn for comparison or something. Also a sample make file for windows to convert the .c file to .dll.
PLEASEEEE help me ASAP.
Regards
Edited by: 805912 on Nov 15, 2011 7:18 PMHi,
Regarding question 2, you also need the header file is supplied in the Access Server installation directory, under ...access\oblix\sdk\authn_api and is called authn_api.h. you need this to build the dll which must then be placed in the Access Server's ...\access\oblix\lib directory.
Regarding question 3, if you install an earlier version of the Access Server, ie 10.1.4.2 or less, then you will get a \access\oblix\sdk\authentication\samples\authn_api directory that contains a basic sample authentication plugin. However, there is still documented in the 10.1.4.3 Developer Guide another sample plugin, simplapi.c, in the 10.1.4.3 Developer Guide with instructions on how to use it. It does work, but unfortunately requires a couple of edits to get it working after copy&pasting it (no code changes, just fairly obvious case changes eg changing ObanPlugin* to ObAnPlugin*). I used the following commands to get it to compile into a .so file on unix:
g++44 -c -fPIC -Wno-deprecated -m32 simpleapi.c
g++44 -shared -nostdlib -lc -m32 simpleapi.o -o simpleapi.so
but I really would not know if or how these translate into a Windows environment.
Regards,
Colin
Edited by: ColinPurdon on Nov 15, 2011 2:50 PM -
Custom Authentication Module on Identity Server
Hi,
I have a custom authentication module which I am trying to access through the policy agent.
I have set the following property in AMAgent.properties file
com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login?module=CustomLoginModule.
My login module code is something like this:
package com.iplanet.am.samples.authentication.providers;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import java.rmi.RemoteException;
import java.io.FileInputStream;
import java.util.Properties;
public class LoginModule1 extends AMLoginModule
private String userName;
private String userTokenId;
private HashMap usersMap;
private java.security.Principal userPrincipal = null;
public LoginModule1() throws LoginException
public void init(Subject subject, Map sharedState, Map options)
System.out.println("LoginModule1 initialization");
usersMap = new HashMap();
ResourceBundle bundle = ResourceBundle.getBundle("users");
Enumeration users = bundle.getKeys();
while (users.hasMoreElements())
String user = (String)users.nextElement();
String password = bundle.getString(user.trim());
usersMap.put(user, password);
public int process(Callback[] callbacks, int state) throws AuthLoginException
int currentState = state;
if (currentState == 1)
userName = ((NameCallback) callbacks[0]).getName().trim();
char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
String passwdString = new String (passwd);
if (userName.equals(""))
throw new AuthLoginException("names must not be empty");
if (userName.equals("testuser") && passwdString.equals("testuser"))
userTokenId = userName;
return -1;
if (usersMap.containsKey(userName))
if (usersMap.get(userName).equals(new String(passwd)))
userTokenId = userName;
return -1;
return 0;
public java.security.Principal getPrincipal()
if (userPrincipal != null)
return userPrincipal;
else
if (userTokenId != null)
userPrincipal = new SamplePrincipal("testuser");
return userPrincipal;
else
return null;
So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication does not succeed and I get the following error message in the agent log file.
2004-08-09 15:24:08.640 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:09.030 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:23.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.499 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:29.499 128 2712:24fda5e8 RemoteLog: User unknown was denied access to http://ps0391.persistent.co.in:80/test/index.html.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
2004-08-09 15:24:29.499 -1 2712:24fda5e8 PolicyAgent: validate_session_policy() access denied to unknown user
The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
Thanks
SrinivasDoes the principal "testuser" exist in your realm? If I understand your module correctly, it looks like it always returns "testuser".
I am guessing that Access Manager is not finding your principal. Typically if access manager cannot associate the principal returned by the custom AMLoginModule it will fail the authentication.
I am wondering if this is related to a seperate problem I have seen with custom login modules. Try chaning the code to return an LDAP style principal it may work:
so return "uid=testuser,ou=People,dc=yourdomain,dc=com" for example. In theory this should not be necessary but it solved some problems for me, though I am not sure why. -
New server and/or CA certificate for connection from custom authentication
We are running Access Manager version 72005Q4 in the Sun ONE Web Server 6.1SP5 B06/23/2005 container with java build 1.5.0_07-b03. I run a custom authentication module which checks sessions against our university single sign on system which is CAS (from Yale/Jasig). The checks are essentially https calls. All this has been working well for us for the last couple of years.
I would like to migrate the certificate used on the university CAS system from a Verisign certificate to a wildcard certificate issued by the IPS CA in spain -- these are in most browsers but are not in the standard batch of cacerts CA's -- and are free for .edu domains.
My other java based authentication plugins (Blackboard, custom apps etc) have worked fine once I import the certificate into the cacerts for the java container, but I'm missing something (obvious probably) about importing this certificate so that my amserver custom authentication module can connect to the CAS server once the CAS server is using the new certificate.
Could anyone provide guidance on where I need to import this server certificate (or preferably the IPS CA) in order to allow the custom authentication module to work properly? I assume this same problem has been solved by people wishing to connect from the amserver to services with self signed certificates. For some reason I'm finding the debugging unexpectedly difficult, I'll outline some of those details below.
Relevant things I've tried so far:
Import both the server cert and the IPS CA into the cacerts of the java container identified in the web server server.xml /usr/jdk/entsys-j2se.
Import the IPS CA into the web server cert8 style db via the web admin server.
The debugging has surprised me a bit, as I'm not getting an error that is explicitly SSL related error. It almost seems like the URLConnection object ends up using a HttpURLConnection rather than an HttpsURLConnection and never gives me a cert error, rather a connection refused since there is no non SSL service running on CAS. The same code pointed to the server running the verisign cert works as expected.
Part of the stack:
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: java.net.ConnectException: Connection refused
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.socketConnect(Native Method)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:516)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at java.net.Socket.connect(Socket.java:466)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.NetworkClient.doConnect(NetworkClient.java:157)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:365)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.openServer(HttpClient.java:477)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.<init>(HttpClient.java:214)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:287)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.http.HttpClient.New(HttpClient.java:311)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:489)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.setNewClient(HttpURLConnection.java:477)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.writeRequests(HttpURLConnection.java:422)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:937)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.util.SecureURL.retrieve(Unknown Source)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.yale.its.tp.cas.client.ServiceTicketValidator.validate(Unknown Source)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at edu.fsu.ucs.authentication.providers.CASAMLoginModule.process(CASAMLoginModule.java:86)
[28/Mar/2008:17:21:54] warning (25335): CORE3283: stderr: at com.sun.identity.authentication.spi.AMLoginModule.wrapProcess(AMLoginModule.java:729)
The relevent bit of code from the SecureURL.retrieve looks as follows:
URL u = new URL(url);
if (!u.getProtocol().equals("https"))
throw new IOException("only 'https' URLs are valid for this method");
URLConnection uc = u.openConnection();
uc.setRequestProperty("Connection", "close");
r = new BufferedReader(new InputStreamReader(uc.getInputStream()));
String line;
StringBuffer buf = new StringBuffer();
while ((line = r.readLine()) != null)
buf.append(line + "\n");
return buf.toString();
} finally { ...
The fact that this same code in other authentication modules running outside the amserver (in other web containers as well, tomcat and resin for example) running java 1.5 works fine with the new CA, as well as with self signed certs that I've imported into the appropriate cacerts file leads me to believe that I'm either importing the certificate into the wrong store, or that there is some additional step needed for the amserver in the Sun Web container.
Thank you very much for any insights and help,
EthanI thought since this has had a fair number of views I would give an update.
I have been able to confirm that the custom authentication module is using the cert8 db defined in the AMConfig property com.iplanet.am.admin.cli.certdb.dir as documented. I do seem to have a problem using the certificate to make outgoing connections, even though the certificate verifies correctly for use as a server certificate. This is likely a question for a different forum, but just to show what I'm looking at:
root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u V
certutil: certificate is valid
root@jbc1 providers#/usr/sfw/bin/certutil -V -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
certutil: certificate is invalid: Certificate type not approved for application.
root@jbc1 providers#/usr/sfw/bin/certutil -M -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -t uP,uP,uP
root@jbc1 providers#/usr/sfw/bin/certutil -V -l -n "FSU Wildcard Certificate" -d /opt/SUNWwbsvr/alias -P https-jbc1.ucs.fsu.edu-jbc1- -u C
FSU Wildcard Certificate : Certificate type not approved for application.
So it could be that I don't understand how to use the certutiil to get the permissions I want, or it could be that using the same certificate for both server and client functions is not supported -- though you can see why this would be a common case with wildcard certificates.
BTW for those interested, it did seem to be the case that when the certificate failure occurred that the attempt was then made by the URLConnection to bind to port 80 in cleartext even though the URL was clearly https. I'm sure this was just an attempt to help out misformed URL, but it seemed that the URLConnection implementation in the amserver would swapped traffic over cleartext if that port had been open on the server I was making the https connection to; that seems dangerous to me, I would not have wanted it to quietly work that way exposing sensitive information to the network.
This was why I was getting back a connection refused instead of a certificate exception. The URLConnection implementation used by the amserver is defined by java.protocol.handler.pkgs=com.iplanet.services.comm argument passwd to the JVM, and I imagine this is done because the amserver pre-dates the inclusion of the sun.net.www.protocol handlers, but I don't know, there maybe reasons why the amserver wants it own handler. I only noticed that this is what was going on when I as casting the httpsURLConnection objects to other types trying to diagnose the certificate problem. I would be interested in hearing if anyone knows if there is a reason not to use sun.net.www.protocol with the amserver.
After switching to the sun.net.www.protocol handler I was able to get my certificate errors rather than the "Connection Refused" which is what lead me to the above questions about certutil. -
Custom Authenticator WL startup exception
Hi, I am using Weblogic 9.2 on Linux and have created an example custom authenticator.
I have followed several suggested method for creation/deployment, but still am having a exception upon startup and hoping someone could help.
from a previous post I have used the below instructions and have deployed the jar in $WL_HOME/server/lib/mbeantypes
$WL_HOME/server/providers: This is the base Directory for Customer security Provider.
$WL_HOME/server/providers/src This is the directory for the Source Code.
$WL_HOME/server/providers/providersjar This is the directory for the Custom Provider Jar file .
$WL_HOME/server/providers/created_files This is the Directory for the created schema file by Mbean maker.
After having the directory structure as mentioned above run the command as below:
cd $WL_HOME/server
$WL_HOME/samples/domains/wl_server/setExamplesEnv.sh
java -Dfiles=providers/created_files -DMDF=providers/src/MyAuthenticator.xml -DMJF=providers/providersjar/MyAuthenticator.jar -DpreserveStubs=true -DcreateStubs=true weblogic.management.commo.WebLogicMBeanMakerStarted the WL server with the following exception:
starting weblogic with Java version:
java version "1.5.0_12"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_12-b04)
BEA JRockit(R) (build R27.4.0-90_CR358515-94243-1.5.0_12-20080118-1154-linux-ia32, compiled mode)
Starting WLS with line:
/home/A470231/bea/jrockit_150_12/bin/java -jrockit -Xms256m -Xmx512m -Xverify:none -Xverify:none -da -Dplatform.home=/home/A470231/bea/weblogic92 -Dwls.home=/home/A470231/bea/weblogic92/server -Dwli.home=/home/A470231/bea/weblogic92/integration -Dweblogic.management.discover=true -Dwlw.iterativeDev= -Dwlw.testConsole= -Dwlw.logErrorsToConsole= -Dweblogic.ext.dirs=/home/A470231/bea/patch_weblogic923/profiles/default/sysext_manifest_classpath -Dweblogic.configuration.schemaValidationEnabled=false -Dweblogic.Name=examplesServer -Djava.security.policy=/home/A470231/bea/weblogic92/server/lib/weblogic.policy weblogic.Server
<Aug 2, 2010 1:14:57 PM EDT> <Notice> <WebLogicServer> <BEA-000395> <Following extensions directory contents added to the end of the classpath:
/home/A470231/bea/weblogic92/platform/lib/p13n/p13n-schemas.jar:/home/A470231/bea/weblogic92/platform/lib/p13n/p13n_common.jar:/home/A470231/bea/weblogic92/platform/lib/p13n/p13n_system.jar:/home/A470231/bea/weblogic92/platform/lib/wlp/netuix_common.jar:/home/A470231/bea/weblogic92/platform/lib/wlp/netuix_schemas.jar:/home/A470231/bea/weblogic92/platform/lib/wlp/netuix_system.jar:/home/A470231/bea/weblogic92/platform/lib/wlp/wsrp-common.jar>
<Aug 2, 2010 1:14:58 PM EDT> <Info> <WebLogicServer> <BEA-000377> <Starting WebLogic Server with BEA JRockit(R) Version R27.4.0-90_CR358515-94243-1.5.0_12-20080118-1154-linux-ia32 from BEA Systems, Inc.>
<Aug 2, 2010 1:14:59 PM EDT> <Info> <Management> <BEA-141107> <Version: WebLogic Server 9.2 MP3 Mon Mar 10 08:28:41 EDT 2008 1096261 >
<Aug 2, 2010 1:15:03 PM EDT> <Info> <WebLogicServer> <BEA-000215> <Loaded License : /home/A470231/bea/license.bea>
<Aug 2, 2010 1:15:03 PM EDT> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to STARTING>
<Aug 2, 2010 1:15:03 PM EDT> <Info> <WorkManager> <BEA-002900> <Initializing self-tuning thread pool>
<Aug 2, 2010 1:15:04 PM EDT> <Notice> <Log Management> <BEA-170019> <The server log file /home/A470231/bea/weblogic92/samples/domains/wl_server/servers/examplesServer/logs/examplesServer.log is opened. All server side log events will be written to this file.>
*****************SERVICE:>com.bea.common.security.internal.legacy.helper.CredentialMappingServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.ApplicationVersioningServiceConfigHelper_TestRealm<
*****************SERVICE:>com.bea.common.security.internal.legacy.helper.BulkRoleMappingServiceConfigHelper_TestRealm<
*****************SERVICE:>com.bea.common.security.internal.legacy.helper.BulkAuthorizationServiceConfigHelper_TestRealm<
*****************SERVICE:>com.bea.common.security.internal.legacy.helper.RoleMappingServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.RoleDeploymentServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.ApplicationVersioningServiceConfigHelper_TestRealm<
*****************REALM:TestRealm
*****************ProviderMBean length:2
*****************ProviderMBean[0]weblogic.security.providers.authorization.DefaultAuthorizerMBeanImpl@a27aaa68([wl_server]/SecurityConfiguration[wl_server]/Realms[TestRealm]/Authorizers[DefaultAuthorizer])
*****************ProviderMBean[1]weblogic.security.providers.authorization.DefaultAdjudicatorMBeanImpl@c6697d45([wl_server]/SecurityConfiguration[wl_server]/Realms[TestRealm]/Adjudicator[DefaultAdjudicator])
*****************SERVICE:>com.bea.common.security.internal.legacy.helper.AuthorizationServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.PolicyDeploymentServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.IsProtectedResourceServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.ApplicationVersioningServiceConfigHelper_TestRealm<
*****************SERVICE:>weblogic.security.service.internal.RoleConsumerServiceConfigHelper_TestRealm<
<Aug 2, 2010 1:15:07 PM EDT> <Critical> <WebLogicServer> <BEA-000362> <Server failed. Reason:
There are 1 nested errors:
weblogic.security.service.SecurityServiceRuntimeException: [Security:090877]Service Common AuthorizationService unavailable, see exception text: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name is not specified.
at weblogic.security.service.AuthorizationManager.initialize(AuthorizationManager.java:147)
at weblogic.security.service.AuthorizationManager.<init>(AuthorizationManager.java:83)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doATZ(CommonSecurityServiceManagerDelegateImpl.java:348)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:273)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:444)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:459)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:540)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:376)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
Caused by: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:342)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:292)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:263)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:71)
at weblogic.security.service.SecurityServiceManager.getService(SecurityServiceManager.java:95)
at weblogic.security.service.AuthorizationManager.initialize(AuthorizationManager.java:137)
... 11 more
Caused by: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:40)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:340)
... 16 more
Can anyone have any ideas?
I have narrowed it down to having a problem retrieving the role and policy consumer services I believe
Thanks,
Bobby.Hi All,
Found the reason for the exception. I was implementing the generated the CustomAuthenticatorImpl class (generated through WebLogic MBeanMaker utility) as the provider class by implementing the AuthenticationProvider interface. Keeping them separate solved the issue.
Able to create the jar without any issues and also no error or exception after restart.
Thanks. -
Custom Authentication Provider and User Manage like SQLAuthenticator, How?
Hi everyone,
I faced a problem with login function of my portal (Webcenter Application). The Problem is:
- Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
- If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
- View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
Here are my work:
- I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
- I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
Here are my Code:
<?xml version="1.0" ?>
<MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
Package = "orkit"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate">
<MBeanAttribute
Name = "ProviderClassName"
Type = "java.lang.String"
Writeable = "false"
Default = ""orkit.OrkitVASPortalProviderImpl""
/>
<MBeanAttribute
Name = "Description"
Type = "java.lang.String"
Writeable = "false"
Default = ""WebLogic Simple Sample Audit Provider""
/>
<MBeanAttribute
Name = "Version"
Type = "java.lang.String"
Writeable = "false"
Default = ""1.0""
/>
<MBeanAttribute
Name = "LogFileName"
Type = "java.lang.String"
Default = ""SimpleSampleAuditor.log""
/>
</MBeanType>
package orkit;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.*;
public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
private String description;
private LoginModuleControlFlag controlFlag;
public OrkitVASPortalProviderImpl() {
System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
@Override
public IdentityAsserterV2 getIdentityAsserter() {
return null;
// Our mapping of users to passwords/groups, instead of being in LDAP or in a
// database, is represented by a HashMap of MyUserDetails objects..
public class MyUserDetails {
String pw;
String group;
// We use this to represent the user's groups and passwords
public MyUserDetails(String pw, String group) {
this.pw = pw;
this.group = group;
public String getPassword() {
return pw;
public String getGroup() {
return group;
// This is our database
private HashMap userGroupMapping = null;
public void initialize(ProviderMBean mbean, SecurityServices services) {
System.out.println("The Orkit VASPortal Provider is intializing......");
OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
// We would typically use the realm name to find the database
// we want to use for authentication. Here, we just create one.
userGroupMapping = new HashMap();
userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
userGroupMapping.put("system", new MyUserDetails("12341234",
"Administrators"));
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("Invalid control flag " + flag);
public AppConfigurationEntry getLoginModuleConfiguration() {
HashMap options = new HashMap();
options.put("usermap", userGroupMapping);
System.out.println("UserMap: " + options);
return new AppConfigurationEntry(
"orkit.OrkitVASPortalLoginModule",
controlFlag, options);
public String getDescription() {
return description;
public PrincipalValidator getPrincipalValidator() {
return new PrincipalValidatorImpl();
public AppConfigurationEntry getAssertionModuleConfiguration() {
return null;
// public IdentityAsserter getIdentityAsserter() {
// return null;
public void shutdown() {
* To change this template, choose Tools | Templates
* and open the template in the editor.
package orkit;
import orkit.OrkitVASPortalProviderImpl;
import java.io.IOException;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.LoginModule;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* This login module will be called by our Authentication Provider. It assumes
* that the option, usermap, will be passed which contains the map of users to
* passwords and groups.
public class OrkitVASPortalLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private HashMap userMap;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsBeforeCommit = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// Fetch user/password map that should be set by the authenticator
userMap = (HashMap) options.get("usermap");
* Called once after initialize to try and log the person in
public boolean login() throws LoginException {
// First thing we do is create an array of callbacks so that
// we can get the data from the user
Callback[] callbacks;
callbacks = new Callback[2];
callbacks[0] = new NameCallback("username: ");
callbacks[1] = new PasswordCallback("password: ", false);
try {
callbackHandler.handle(callbacks);
} catch (IOException eio) {
throw new LoginException(eio.toString());
} catch (UnsupportedCallbackException eu) {
throw new LoginException(eu.toString());
String username = ((NameCallback) callbacks[0]).getName();
System.out.println("Username: " + username);
char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
String password = new String(pw);
System.out.println("PASSWORD: " + password);
if (username.length() > 0) {
if (!userMap.containsKey(username)) {
throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
}else{
System.out.println("Contstainded Username");
String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
if (realPassword == null || !realPassword.equals(password)) {
throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
}else{
System.out.println("Everyitng OKIE");
} else {
// No Username, so anonymous access is being attempted
loginSucceeded = true;
// We collect some principals that we would like to add to the user
// once this is committed.
// First, we add his username itself
principalsBeforeCommit.add(new WLSUserImpl(username));
// Now we add his group
principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
return loginSucceeded;
public boolean commit() throws LoginException {
if (loginSucceeded) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
return true;
}and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
Can someome help.
Thanks in advance!Hi ,
SQLAuthenticator is not yet supported with UCM 11g due to some JPS Provider limitations .
Currently there is an Enhancement request for this .
Thanks
Srinath -
Custom Authentication With Identity Store
Hi everyone,
I faced a problem with login function of my portal (Webcenter Application). The Problem is:
- Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
- If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
- View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
Here are my work:
- I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
- I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
Here are my Code:
<?xml version="1.0" ?>
<MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
Package = "orkit"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate">
<MBeanAttribute
Name = "ProviderClassName"
Type = "java.lang.String"
Writeable = "false"
Default = ""orkit.OrkitVASPortalProviderImpl""
/>
<MBeanAttribute
Name = "Description"
Type = "java.lang.String"
Writeable = "false"
Default = ""WebLogic Simple Sample Audit Provider""
/>
<MBeanAttribute
Name = "Version"
Type = "java.lang.String"
Writeable = "false"
Default = ""1.0""
/>
<MBeanAttribute
Name = "LogFileName"
Type = "java.lang.String"
Default = ""SimpleSampleAuditor.log""
/>
</MBeanType>
package orkit;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.*;
public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
private String description;
private LoginModuleControlFlag controlFlag;
public OrkitVASPortalProviderImpl() {
System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
@Override
public IdentityAsserterV2 getIdentityAsserter() {
return null;
// Our mapping of users to passwords/groups, instead of being in LDAP or in a
// database, is represented by a HashMap of MyUserDetails objects..
public class MyUserDetails {
String pw;
String group;
// We use this to represent the user's groups and passwords
public MyUserDetails(String pw, String group) {
this.pw = pw;
this.group = group;
public String getPassword() {
return pw;
public String getGroup() {
return group;
// This is our database
private HashMap userGroupMapping = null;
public void initialize(ProviderMBean mbean, SecurityServices services) {
System.out.println("The Orkit VASPortal Provider is intializing......");
OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
// We would typically use the realm name to find the database
// we want to use for authentication. Here, we just create one.
userGroupMapping = new HashMap();
userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
userGroupMapping.put("system", new MyUserDetails("12341234",
"Administrators"));
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("Invalid control flag " + flag);
public AppConfigurationEntry getLoginModuleConfiguration() {
HashMap options = new HashMap();
options.put("usermap", userGroupMapping);
System.out.println("UserMap: " + options);
return new AppConfigurationEntry(
"orkit.OrkitVASPortalLoginModule",
controlFlag, options);
public String getDescription() {
return description;
public PrincipalValidator getPrincipalValidator() {
return new PrincipalValidatorImpl();
public AppConfigurationEntry getAssertionModuleConfiguration() {
return null;
// public IdentityAsserter getIdentityAsserter() {
// return null;
public void shutdown() {
* To change this template, choose Tools | Templates
* and open the template in the editor.
package orkit;
import orkit.OrkitVASPortalProviderImpl;
import java.io.IOException;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.LoginModule;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* This login module will be called by our Authentication Provider. It assumes
* that the option, usermap, will be passed which contains the map of users to
* passwords and groups.
public class OrkitVASPortalLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private HashMap userMap;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsBeforeCommit = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// Fetch user/password map that should be set by the authenticator
userMap = (HashMap) options.get("usermap");
* Called once after initialize to try and log the person in
public boolean login() throws LoginException {
// First thing we do is create an array of callbacks so that
// we can get the data from the user
Callback[] callbacks;
callbacks = new Callback[2];
callbacks[0] = new NameCallback("username: ");
callbacks[1] = new PasswordCallback("password: ", false);
try {
callbackHandler.handle(callbacks);
} catch (IOException eio) {
throw new LoginException(eio.toString());
} catch (UnsupportedCallbackException eu) {
throw new LoginException(eu.toString());
String username = ((NameCallback) callbacks[0]).getName();
System.out.println("Username: " + username);
char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
String password = new String(pw);
System.out.println("PASSWORD: " + password);
if (username.length() > 0) {
if (!userMap.containsKey(username)) {
throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
}else{
System.out.println("Contstainded Username");
String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
if (realPassword == null || !realPassword.equals(password)) {
throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
}else{
System.out.println("Everyitng OKIE");
} else {
// No Username, so anonymous access is being attempted
loginSucceeded = true;
// We collect some principals that we would like to add to the user
// once this is committed.
// First, we add his username itself
principalsBeforeCommit.add(new WLSUserImpl(username));
// Now we add his group
principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
return loginSucceeded;
public boolean commit() throws LoginException {
if (loginSucceeded) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
return true;
}and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
Can someome help.
Thank you very much!When i login with the password and username from my custom authentication provider, my login module check ok, but logon form still there.
-
Custom Authentication Issue with Policy Agent
Hi,
I have a custom authentication module which is hosted on the BEA application server and I am trying to access through the policy agent on apache.
I have set the following property in AMAgent.properties file
com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login
So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication is succeed, user sesion is being created and I get the following error message in the agent log file.
2004-10-19 16:20:26.908 Error 27620:e1140 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:3
2004-10-19 16:20:26.908 128 27620:e1140 RemoteLog: User unknown was denied access to http://hostname:port/weblogic/protapp/protected/a.html.
2004-10-19 16:20:26.908 Error 27620:e1140 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
2004-10-19 16:20:26.909 Error 27620:e1140 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
2004-10-19 16:20:26.909 -1 27620:e1140 PolicyAgent: URL Access Agent: access denied to unknown user
The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
Thanks
NeerajHi Neeraj,
I still have not been able to resolve that issue. Let me know If you find a solution for the same.
Thanks,
Srinivas -
Interactive Report - search does not work when using custom authentication
Apex 3.2.x
I can authenticate fine with my custom authentication and all of my pages work okay except for one page that uses the Interactive Report feature. When I click 'Filter' then enter the column name, operation (contains, =, like, etc.) and the expression, then click the 'Apply' button, the page just re-displays and my filter information is missing?
If I first login to Apex, select and run my application, the Interactive Report features work just fine. What's missing?More information:
After login into my Apex workspace (development environment), when I display the Interactive Report and click debug I see this debug message:
"using existing session report settings"
When I login using my application's custom authentication and click debug I see this debug message:
"creating session report settings as copy of public saved report"
Based on this, it appears that my session info in not set correctly when using custom authentication... but I'm not sure what needs to be set.
Edited by: user9108091 on Oct 22, 2010 6:44 AM -
Custom Authentication using WebService
Hi,
I am trying to create a way to Authenticate my users after calling a Webservice using Custom Authentication so that they don't have to Log on twice (SSO).
Here is a brief description of what I'm trying to do:
- End Users Login and get Authenticated in an iPlanet Portal.
- Once in - they hit a link which calls my APEX Application in a new window.
- I call the Web Service that return a response telling me if they have a valid Portal session along with username etc.
- If they are logged in to our Portal - I authenticate them in APEX using Custom Authentication and allow them to continue.
I have done this so far:
- Created an After Footer Process in the Login Page(101) that calls the Web Service.
- Created an automatic Page submit on page 101 with Javascript.
- Changed the After Submit Process 'Set Username Cookie' to use the Login returned in the Web Service.
- Changed the After Submit Process 'Login' to use the Login returned in the Web Service.
- Custom Authentication is run after Page is submitted.
- The user can then run the Application.
Everything was working fine when I was already logged in to APEX as a Developer, but when I tried to run the application as a non-developer I get the Error:
ORA-01400: cannot insert NULL into ("FLOWS_030100"."WWV_FLOW_COLLECTIONS$"."USER_ID")
I now realize that my Webservice Process is trying to store the result of the Web Service call before the Login has occured - so there is no APEX User at this point.
Does anyone have a way to accomplish what I'm trying to do?
Thanks,
BillYou should create a page sentry function based on the often-cited ntlm page sentry function discussed in this forum. That has the framework you need. Here is an example, although it's kind of old:
function modntlm_page_sentry return boolean as
l_current_sid number;
l_authenticated_username varchar2(256) := OWA_UTIL.GET_CGI_ENV('REMOTE_USER');
begin
if l_authenticated_username is null then
return false;
end if;
l_current_sid := wwv_flow_custom_auth_std.get_session_id_from_cookie;
if wwv_flow_custom_auth_std.is_session_valid then
htmldb_application.g_instance := l_current_sid;
if l_authenticated_username = wwv_flow_custom_auth_std.get_username then
wwv_flow_custom_auth.define_user_session(
p_user=>l_authenticated_username,
p_session_id=>l_current_sid);
return true;
else -- username mismatch. Unset the session cookie and redirect back here to take other branch
wwv_flow_custom_auth_std.logout(
p_this_flow=>v('FLOW_ID'),
p_next_flow_page_sess=>v('FLOW_ID')||':'||nvl(v('FLOW_PAGE_ID'),0)||':'||l_current_sid);
htmldb_application.g_unrecoverable_error := true; -- tell htmldb engine to quit
return false;
end if;
else -- application session cookie not valid; we need a new htmldb session
wwv_flow_custom_auth.define_user_session(
p_user=>l_authenticated_username,
p_session_id=>wwv_flow_custom_auth.get_next_session_id);
htmldb_application.g_unrecoverable_error := true; -- tell htmldb engine to quit
if owa_util.get_cgi_env('REQUEST_METHOD') = 'GET' then
wwv_flow_custom_auth.remember_deep_link(p_url=>'f?'||wwv_flow_utilities.get_cgi_query_string_decoded);
else
wwv_flow_custom_auth.remember_deep_link(p_url=>'f?p='||
to_char(htmldb_application.g_flow_id)||':'||
to_char(nvl(htmldb_application.g_flow_step_id,0))||':'||
to_char(htmldb_application.g_instance));
end if;
wwv_flow_custom_auth_std.post_login( -- register session in htmldb sessions table,set cookie,redirect back
p_uname => l_authenticated_username,
p_flow_page => htmldb_application.g_flow_id||':'||nvl(htmldb_application.g_flow_step_id,0));
return false;
end if;
end modntlm_page_sentry;You would replace this:
l_authenticated_username varchar2(256) := OWA_UTIL.GET_CGI_ENV('REMOTE_USER');
...with whatever statement will allow you to get the authentication status and authenticated user name from the environment, from HTTP headers, or from some other external source.
Then you would put this into the page sentry function attribute of the authentication scheme for your application:
return modntlm_page_sentry;
Of course you can name it anything you like but it should be compiled in your applicaiton's parsing schema.
Scott -
How to remove custom authentication provider in weblogic server 11g
Hi ,
I am trying to remove the custom authentication provider in weblogic server 11g, It disappears when i delete it from list of authentication providers. But upon server restart it appears again.
Documentation for 10g says delete it from service administration but i couldn't find one in 11g. Please help me in removing the custom authentication provider
Thanks
SandeepYou can try editing the config.xml file and removing it there. (Re: After provider reorder I cannot login admin server console
If you are referring to a jar file - custom authenticators are usually placed in the <middleware-home>wlserver_10.3/server/lib/mbeantypes/ directory. -
OAM 11g: Error while importing Custom Authentication Plug-in.
We are trying to create a sample custom authentication plugin in OAM 11g as per the 11.1.1.5.0 doc.
But while trying to import the plugin via oamconsole (system configuration->Plugins->Import Plugin) we receive an error "Invalid XML Structure".
Do we have to embed the XSD (XML Schema Definition) as well ?
-------------------------SamplePlugin.java-------------------------------------
import oracle.security.am.plugin.ExecutionStatus;
import oracle.security.am.plugin.MonitoringData;
import oracle.security.am.plugin.PluginConfig;
import oracle.security.am.plugin.authn.AuthenticationContext;
import oracle.security.am.plugin.authn.AuthenticationException;
import oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn;
import java.util.Map;
import java.util.logging.Level;
class SamplePlugin extends AbstractAuthenticationPlugIn {
private static final String CLASS_NAME = "FirstTestClass";
public ExecutionStatus initialize (PluginConfig config){
super.initialize(config);
if(LOGGER.isLoggable(Level.FINE)){
LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering initialize");
return ExecutionStatus.SUCCESS;
@Override
public String getDescription() {
// TODO Auto-generated method stub
return null;
@Override
public Map<String, MonitoringData> getMonitoringData() {
// TODO Auto-generated method stub
return null;
@Override
public String getPluginName() {
// TODO Auto-generated method stub
return null;
@Override
public int getRevision() {
// TODO Auto-generated method stub
return 0;
@Override
public ExecutionStatus process(AuthenticationContext arg0)
throws AuthenticationException {
if(LOGGER.isLoggable(Level.FINE)){
LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering process");
return ExecutionStatus.SUCCESS;
@Override
public void setMonitoringStatus(boolean arg0) {
// TODO Auto-generated method stub
@Override
public boolean getMonitoringStatus() {
// TODO Auto-generated method stub
return false;
-------------------------SamplePlugin.java-------------------------------------
------------------------SamplePlugin.xml--------------------------------
<?xml version="1.0" encoding="UTF-8" ?>
<Plugin name="SamplePlugin" type="Authentication">
<author>Self</author>
<email>[email protected]</email>
<creationDate>09:41:22, 2012-02-05</creationDate>
<version>1</version>
<description>SamplePlugin</description>
<interface>oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn</interface>
<implementation>SamplePlugin</implementation>
</Plugin>
------------------------SamplePlugin.xml--------------------------------
------------------------MANIFEST.MF--------------------------------
Manifest-Version: 1.0
Ant-Version: Apache Ant 1.8.2
Bundle-Version: 1.0.0.qualifier
Bundle-Name: SamplePlugin
Bundle-Activator: SamplePlugin
Bundle-ManifestVersion: 2
Created-By: 1.6.0_24-b07 (Sun Microsystems Inc.)
Import-Package: org.osgi.framework;version="1.3.0",oracle.security.am.
plugin,oracle.security.am.plugin.authn,oracle.security.am.plugin.api,
oracle.security.am.common.utilities.principal,oracle.security.idm,jav
ax.naming,javax.sql,java.management,javax.security.auth
Bundle-SymbolicName: SamplePlugin
Bundle-RequiredExecutionEnvironment: JavaSE-1.6
------------------------MANIFEST.MF--------------------------------
Contents of SamplePlugin.jar
1. SamplePlugin.xml
2. SamplePlugin.class
3. META-INF/
MANIFEST.MFI build the Plugin.jar file similarly as above(followed the same steps)..
But when i log into OAM and trying to import the plugin (System Configuration->Plugins- Import Plugin) the browser goes to hung state and i see below error in logs (domain log and in diag log)
I see the jar file created in this location (\Middleware\user_projects\domains\IAMdomain\oam\plugins)
Please let me know if you have any idea..Thanks!
####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adf.controller.internal.metadata.MetadataService> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-00000000000003fe> <1330549803273> <BEA-000000> <ADFc: /WEB-INF/adfc-config.xml: >
####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adf.controller.internal.metadata.MetadataService> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-00000000000003fe> <1330549803274> <ADFC-52024> <ADFc: Duplicate managed bean definition for 'accessCheck' detected.>
####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adfinternal.view.faces.renderkit.rich.RegionRenderer> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000402> <1330549803479> <ADF_FACES-60099> <The region component with id: pt1:_lar has detected a page fragment with multiple root components. Fragments with more than one root component may not display correctly in a region and may have a negative impact on performance. It is recommended that you restructure the page fragment to have a single root component.>
####<Feb 29, 2012 1:10:33 PM PST> <Error> <javax.enterprise.resource.webcontainer.jsf.application> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833253> <BEA-000000> <java.lang.NullPointerException
javax.faces.el.EvaluationException: java.lang.NullPointerException
at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:51)
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190
####<Feb 29, 2012 1:10:33 PM PST> <Warning> <oracle.adfinternal.view.faces.lifecycle.LifecycleImpl> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833316> <BEA-000000> <ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase INVOKE_APPLICATION 5
javax.faces.FacesException: #{FileProcessor.doUpload}: java.lang.NullPointerException
at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
at oracle.adf.view.rich.component.rich.RichPopup$BroadcastContextCallback.invokeContextCallback(RichPopup.java:666)
at org.apache.myfaces.trinidad.component.UIXComponentBase.invokeOnComponent(UIXComponentBa
>
####<Feb 29, 2012 1:10:33 PM PST> <Error> <oracle.oam.admin.console.policy> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833361> <OAM-400016> <Failed to authenticate the user
javax.servlet.ServletException: java.lang.NullPointerException
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)
####<Feb 29, 2012 1:10:34 PM PST> <Warning> <oracle.adf.view.rich.component.fragment.UIXRegion> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-000000000000059a> <1330549834008> <ADF_FACES-00009> <Error processing viewId: /plugin-taskflow/authplugins URI: /oracle/security/am/taskflows/authplugin.jsff actual-URI: /oracle/security/am/taskflows/authplugin.jsff.
javax.el.ELException: java.lang.NullPointerException
at javax.el.BeanELResolver.getValue(BeanELResolver.java:266)
at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer$PanelCollectionHelper._encodeAll(PanelCollectionRenderer.java:728)
at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer$PanelCollectionHelper.access$500(PanelCollectionRenderer.java:537)
at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer.encodeAll(PanelCollectionRenderer.java:402)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1396)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:335)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:767)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:937)
####<Feb 29, 2012 1:10:34 PM PST> <Warning> <oracle.adfinternal.view.faces.lifecycle.LifecycleImpl> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-000000000000059a> <1330549834020> <BEA-000000> <ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
javax.faces.FacesException: javax.el.ELException: java.lang.NullPointerException
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:804)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214) -
Issue in Custom Authentication
Hi All,
I created a new custom authentication. I specified the function name in the authentication scheme. My code seems to be working fine(boolean condition works) but the authentication fails. Below is the package. Is there any other conditions I need to setup when creating authenticate.
can anyone please suggest.
create or replace package body app_login
is
Function get_hash(p_input IN varchar2)
return varchar2
is
begin
RETURN UPPER(DBMS_OBFUSCATION_TOOLKIT.MD5 (
INPUT => UTL_I18N.STRING_TO_RAW(P_INPUT)));
-- return p_input;
end get_hash;
FUNCTION valid_user(p_username IN VARCHAR2 ,p_password IN VARCHAR2)
return boolean
is
v_hash varchar2(200);
V_RESULT number;
v_pwd DEMO1_USER.PASSWORD%type;
begin
v_hash:=app_login.get_hash(P_USERNAME || P_PASSWORD);
SELECT COUNT(*)
INTO V_RESULT
FROM DEMO1_USER
WHERE UPPER(USERNAME) = UPPER(P_USERNAME)
AND UPPER(PASSWORD) = UPPER(V_HASH);
IF V_RESULT > 0 THEN
RETURN TRUE;
ELSE
RETURN FALSE;
END IF;
end valid_user;
Procedure add_user(p_username IN VARCHAR2 ,p_password IN VARCHAR2)
is
v_pwd_hash varchar2(200);
begin
v_pwd_hash:=app_login.get_hash(P_USERNAME || P_PASSWORD);
insert into demo1_user values(APP_USER_SEQ.nextval,p_username,v_pwd_hash);
commit;
end add_user;
end app_login;
Thanks
RajHello Raj,
It's working now..
try hari1/hari1 to log-in to your application.
CREATE OR REPLACE
PACKAGE body app_login
IS
FUNCTION get_hash(
p_input IN VARCHAR2)
RETURN VARCHAR2
IS
--v_hash varchar2(200);
BEGIN
RETURN UPPER(DBMS_OBFUSCATION_TOOLKIT.MD5 (
INPUT => UTL_I18N.STRING_TO_RAW(P_INPUT)));
-- return p_input;
END get_hash;
FUNCTION valid_user(
p_username IN VARCHAR2 ,
p_password IN VARCHAR2)
RETURN BOOLEAN
IS
--v_username DEMO1_USER.USERNAME%type;
--v_password DEMO1_USER.PASSWORD%rowtype;
v_hash VARCHAR2(200);
V_RESULT NUMBER;
v_pwd DEMO1_USER.PASSWORD%type;
BEGIN
/*Added UPPER to p_username*/
v_hash:=app_login.get_hash(UPPER(P_USERNAME) || P_PASSWORD);
--select count(*) into v_exists from DEMO1_USER where password=v_hash and upper(username)=upper(p_username);
SELECT COUNT(*)
INTO V_RESULT
FROM DEMO1_USER
WHERE UPPER(USERNAME) = UPPER(P_USERNAME)
AND UPPER(PASSWORD) = UPPER(V_HASH);
/*Here condition was V_RESULT < 0 which will always fail */
IF V_RESULT = 1 THEN
RETURN TRUE;
ELSE
RETURN FALSE;
END IF;
END valid_user;
PROCEDURE add_user(
p_username IN VARCHAR2 ,
p_password IN VARCHAR2)
IS
v_pwd_hash VARCHAR2(200);
BEGIN
/*Added UPPER to p_username*/
v_pwd_hash:=app_login.get_hash(UPPER(P_USERNAME) || P_PASSWORD);
INSERT INTO demo1_user VALUES
(APP_USER_SEQ.nextval,p_username,v_pwd_hash
COMMIT;
END add_user;
END app_login;Regards,
Hari -
Unable to login using OAM Custom Authentication Plugin
Hi,
I have a problem with OAM Custom Authentication Plugin, My Plugin is Activate successfully. When try to login from Access Manager SSO login page, it is unable to login. I am getting followiing message in the log file.
I am return ExecutionStatus.SUCCESS from my Java code and I have only one step where I have attached Plugin and my Steps Orchestration is
On Success -> Success
On Failure -> Failure
On Error -> Failure
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:is_resource_protected.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Processing Event is_resource_protected
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthzEngineController processEvent
INFO: Is Resource Protected status : success
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :is_resource_protected with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_valid_session.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.sso.SSOEngineController processEvent
INFO: Processing Event check_valid_session
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_valid_session with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB User Authentication Scheme
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB User Authentication Scheme.
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB User Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=default, username=string, contextValue=OAM, password=sercure_string, challenge_url=/pages/login.jsp}
Authentication Module Name: = DB Authentication module
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication module.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector: ["PluginPhaseEvent.oracle.security.am.plugin.diagnostic.PluginPhaseEvent@6d6a08fb":" Collector : OAMS/OAM/Plugin/AUTHN/Plugin_SamplePlugin/PluginLocate
Type : PHASE_EVENT
Metrics : 511
LogLevel : OFF
EnableRate : false EnablePersistence : false"], registered at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 12, 2013 9:06:22 AM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 12, 2013 9:06:22 AM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: false.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 12, 2013 9:06:22 AM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 12, 2013 9:06:22 AM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Can anyone help me regarding this issue.
Thanks
Tamim KhanHi,
Little update about authentication plugin, please see the log file below, Result of Authentication Scheme Execution:true, now but, still the cookie is LOGGEDOUTCONTINUE and still I am unable to login.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:process_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleProcessCredentials
INFO: Successfully validated the submitted credentials.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :process_creds with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:validate_creds.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.AuthnEngineController processEvent
INFO: Processing Event validate_creds
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.authn processEvent
INFO: Policy ID : DB Authentication Scheme
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Authentication Scheme Id: DB Authentication Scheme.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Runtime Authentication Scheme: Scheme name: = DB Authentication Scheme
Scheme Challenge URL: = http://idmlab.tigerit.com:14100/oam/server/
Scheme Challenge Mec: = FORM
Scheme Challenge Par: = {contextType=external, username=string, contextValue=/oam, password=sercure_string, challenge_url=http://192.168.1.220:14100/ssologin/ssologin.jsp}
Authentication Module Name: = DB Authentication Module
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.executor.AuthenticationSchemeExecutor execute
INFO: Authentication Module Factory Class: DB Authentication Module.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
User Name: test and Password : test
Set 1st Responce
Set 2nd Responce
Set 3rd Responce
Setting cookie
Authentication Successfull return ExecutionStatus.SUCCESS
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.DiagnosticUtil getDynamicPath
INFO: DiagnosticUtil: enetered getDynamicPath
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.common.adapters.OAMLoggerImpl info
INFO: Registering collector at runtime.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.diagnostic.impl.MetricHierarchy getOrCreateCollector
INFO: Collector already exists, reusing existing.
Jun 19, 2013 1:51:44 PM oracle.security.am.engine.authn.internal.controller.AuthenticationEngineControllerImpl validateUser
INFO: Result of Authentication Scheme Execution: true.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :validate_creds with status fail.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:check_authn_retry.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :check_authn_retry with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:cred_collect.
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Processing Event cred_collect
Jun 19, 2013 1:51:44 PM oracle.security.am.engines.enginecontroller.credcollect.CredCollectEngineController handleCollectCredentials
INFO: Credential collection process success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :cred_collect with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: processing Event:PBL_return.
Jun 19, 2013 1:51:44 PM oracle.security.am.controller.MasterController processEvent
INFO: Master Controller: Event processing finished :PBL_return with status success.
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:InProcess for request -414941018507193158;
Jun 19, 2013 1:51:44 PM oracle.security.am.common.controller.util.BasicCacheHandler sync
INFO: Cache data sync:Success for request -414941018507193158;
Can anyone help me please.
Thanks
Tamim Khan -
Clearing Interactive Report, custom authentication problem
I have written my own custom authentication for my apex app. It calls a custom function in the db that looks in a table for user/password. It works fine. Login works and when I save sort order for standard reports, they are saved between sessions.
However, for my interactive report the sort orders on my Interactive reports are being reset each time the user gets a new session id.
I'm not sure why this is happening. Any suggestions or ideas on why this happens when I don't use 'user cookies' (standard apex login)?
-Thanks,
-Ben Goodwin
Edited by: r0ckflite on Jan 26, 2012 4:19 PMHi r0ckflite,
are you sure you press on action (at report) --> save report --> change save "as named report" to "as default report settings" primary should be already marked the press Apply
this should work iam pretty sure...
regards,
blacksev
Maybe you are looking for
-
Hi Experts, I am just wondering that is there any standard SAP report for the PO Accrual details. Appreciate your valued suggestions. Thanks, RPC.
-
Using ipod charge adapter with an iphone?
I was wondering if the ipod charge cable is compatiable with my iphone and vice versa? The man at att said no. What can someone else tell me about this question?
-
How could I create a "Linked Server" link from SQL Server 2008R2 64-Bit to Oracle Database 11.2 64-Bit? Let's say the SQL Server and Oracle Database are in the same Company Internet Network. I have the code, but I do not know how to use it. Such as w
-
This is my first time doing home sharing and I just got a new computer. I had about 8300 songs on the old computer. I selected all the songs to import on the new computer and it shows that it is downloading 16600 or double the amount. When I look
-
Integrating Exchange 2013 & Lync Server 2013: can't use a certificate with Seth-AuthConfig
I'm trying to integrate Exchange and Lyn Server. One of the first steps is to bind a correct certificate to IIS on all of the CAS servers and set it as a main certificate in the global AuthConfig object. The certificate must be the same on all of the