Custom identity and trust

Edited by shaikss at 03/16/2008 7:08 PM
Edited by shaikss at 03/16/2008 7:10 PM

SecureListener=falseYou have turned off secure listener for node manager, hence it will accepting 'plain' requests only and cant handle ssl handshakes
nmConnect('weblogic','welcome1','x.x.x.x',5556,'MyOSBDomain')Here you have left the 6th parameter to nmConnect as blank. The default in this case will be ssl and nmConnect is excepting ssl handshake response back from nodemanager, but nm cant reply ssl because it is not enabled.
Solution
1) Turn on Secure Listener = true. Then you can use this exact syntax for nmConnect.
2) Keep secure listener to false. use nmConnect() with all 6 parameters
nmConnect([username, password], [host], [port], [domainName], [domainDir] [nmType])
Pass 'plain' for the nmType attribute
Refer: http://download.oracle.com/docs/cd/E13222_01/wls/docs91/config_scripting/reference.html#1030962

Similar Messages

  • Changing the Demo identity to custom identity

    Hi All,
    I am configuring an Oracle Business Process Management (11.1.1.4.0) environment to be used for production within our organisation. Out-of-the-box the domain successfully starts, with a soa, bam and AdminServer. However, when I change the certificates (from the demo identity) to certificates from a trusted CA I start seeing errors in the log file. Also, BPM composer does not behave correctly... it only shows the Help menu item instead of 'Open a Project', 'Create New Project' etc.
    I have replaced the Demo identity for the AdminServer and the 2 managed servers (soa_server, bam_server) through the WLS Console. Servers -> server -> Keystores -> Custom Identity and standard trust
    and setting the SSL information in Servers -> server -> SSL.
    Error message:
    peh = oracle.bpm.composer.beans.editor.process.DefaultProcessEditorHost@907a1c
    <Mar 1, 2011 5:25:47 PM NZDT> <Warning> <oracle.adfinternal.view.faces.renderkit.rich.NavigationPaneRenderer> <BEA-000000> <Warning: There are no items to render for this level>
    Mds Config File URL = MdsInstanceType{instanceName='obpm', configFile='/mds-config.xml'}
    Mds SOA Config File URL = MdsInstanceType{instanceName='SOAINFRA_MDS', configFile='/mds-soa-config.xml'}
    ====== Using DB MDS ======
    java.io.IOException: Invalid keystore format
    at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:633)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
    at java.security.KeyStore.load(KeyStore.java:1185)
    at com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(TrustManagerFactoryImpl.java:202)
    at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultTrustManager(DefaultSSLContextImpl.java:70)
    at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(DefaultSSLContextImpl.java:40)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
    at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
    at java.lang.Class.newInstance0(Class.java:355)
    at java.lang.Class.newInstance(Class.java:308)
    at java.security.Provider$Service.newInstance(Provider.java:1221)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:220)
    at sun.security.jca.GetInstance.getInstance(GetInstance.java:147)
    at javax.net.ssl.SSLContext.getInstance(SSLContext.java:125)
    at javax.net.ssl.SSLContext.getDefault(SSLContext.java:68)
    at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:102)
    at HTTPClient.JsseSSL.<init>(JsseSSL.java:48)
    at HTTPClient.HTTPClientSSLFactory.mk(HTTPClientSSLFactory.java:98)
    at HTTPClient.HTTPConnection$15.run(HTTPConnection.java:4571)
    at HTTPClient.HTTPConnection$15.run(HTTPConnection.java:4553)
    at HTTPClient.HttpClientConfiguration.doAction(HttpClientConfiguration.java:708)
    at HTTPClient.HTTPConnection.doAction(HTTPConnection.java:5379)
    at HTTPClient.HTTPConnection.getSSL(HTTPConnection.java:4553)
    at HTTPClient.HTTPConnection$19.run(HTTPConnection.java:4652)
    at HTTPClient.HTTPConnection$19.run(HTTPConnection.java:4650)
    at HTTPClient.HttpClientConfiguration.doAction(HttpClientConfiguration.java:666)
    at HTTPClient.HTTPConnection.doAction(HTTPConnection.java:5401)
    at HTTPClient.HTTPConnection.getSSLSocket(HTTPConnection.java:4650)
    at HTTPClient.HTTPConnection.doConnect(HTTPConnection.java:4378)
    at HTTPClient.HTTPConnection.sendRequest(HTTPConnection.java:3358)
    at HTTPClient.HttpOutputStream.closeImpl(HttpOutputStream.java:461)
    at HTTPClient.HttpOutputStream.access$000(HttpOutputStream.java:99)
    at HTTPClient.HttpOutputStream$1.run(HttpOutputStream.java:417)
    at HTTPClient.HttpClientConfiguration.doAction(HttpClientConfiguration.java:666)
    at HTTPClient.HttpOutputStream.close(HttpOutputStream.java:415)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection.sendMessage(HttpSOAPConnection.java:1059)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection.post2(HttpSOAPConnection.java:495)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection$PrivilegedPost.run(HttpSOAPConnection.java:1261)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection.call2(HttpSOAPConnection.java:229)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:138)
    at oracle.j2ee.ws.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPConnection.java:131)
    at oracle.bpel.services.identity.client.IdentityServiceSOAPClient.invoke(IdentityServiceSOAPClient.java:212)
    at oracle.bpel.services.identity.client.IdentityServiceSOAPClient.getGrantedRolesToUser(IdentityServiceSOAPClient.java:518)
    at oracle.bpel.services.identity.client.AbstractIdentityServiceClient.getGrantedRolesToUser(AbstractIdentityServiceClient.java:788)
    at oracle.bpm.composer.authentication.MetadaServiceFactory.getUserAbstractRoles(MetadaServiceFactory.java:127)
    at oracle.bpm.composer.authentication.MetadaServiceFactory.getDBService(MetadaServiceFactory.java:75)
    at oracle.bpm.composer.authentication.ComposerPrincipal.initDBMetadataService(ComposerPrincipal.java:192)
    at oracle.bpm.composer.authentication.ComposerPrincipal.init(ComposerPrincipal.java:152)
    at oracle.bpm.composer.authentication.ComposerPrincipal.<init>(ComposerPrincipal.java:71)
    at oracle.bpm.composer.authentication.ComposerPrincipal.<init>(ComposerPrincipal.java:62)
    at oracle.bpm.composer.authentication.ComposerPrincipal.wlsPrincipal(ComposerPrincipal.java:79)
    at oracle.bpm.composer.beans.security.ComposerLoginBean.initPrincipal(ComposerLoginBean.java:128)
    at oracle.bpm.web.security.LoginBean.initPrincipal(LoginBean.java:393)
    at oracle.bpm.web.security.LoginBean.login(LoginBean.java:182)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.sun.el.parser.AstValue.invoke(Unknown Source)
    at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
    at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
    at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
    at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:102)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:92)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:361)
    at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:96)
    at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:96)
    at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
    at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:765)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:305)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:185)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.bpm.web.security.filter.SessionTimeoutFilter.doFilter(SessionTimeoutFilter.java:56)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.bpm.composer.filter.MdsInitializationFilter.doFilter(MdsInitializationFilter.java:50)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:175)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.bpm.composer.filter.UrlHandlerFilter.doFilter(UrlHandlerFilter.java:40)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.caching.filter.AdfFacesCachingFilter.doFilter(AdfFacesCachingFilter.java:135)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
    -------------- soa.oracle.home = /apps/oracle/middleware/Oracle_SOA
    This also appears in the logs a lot:
    INFO: SSLSocketFactoryManagerImpl.getKeystoreLocation Expected SOA Keystore location: /apps/domains/Domain/config/fmwconfig/default-keystore.jks
    INFO: SSLSocketFactoryManagerImpl.getKeystorePassword Obtained null or empty keystore password
    INFO: SSLSocketFactoryManagerImpl.getKeyPassword Obtained null or empty key password
    INFO: SSLSocketFactoryManagerImpl.getSSLSocketFactory Could not obtain keystore location or password
    So far I have
    * copied our identity keystore to the default-keystore.jks file.
    * edited the setDomainEnv.sh script to use the default-keystore.jks as the -Djavax.net.ssl.trustStore java property
    * removed references to the keystore in the jps configation files.
    * Java Standard Trust Keystore: /apps/oracle/middleware/jdk160_21/jre/lib/security/cacerts
    Does any one have experience in replacing the Demo certificates successfully? What are the steps in doing so?
    Many thanks

    Hi there
    That is something called a Favicon. WebHelp has a few of them. If you want all of them to reflect your company logo you should consider replacing all the seed icons with yours. You will typically find the seed icons in the following location:
    <RoboHelp Installation Folder>\RoboHTML\WebHelp5Ext\template_skin
    <RoboHelp Installation Folder>\RoboHTML\WildFireExt\template_stock
    Replace the ico files with yours. Just use the same names Adobe does and your icons should populate right into any WebHelp or FlashHelp output.
    I did find others, so just to be on the safe side you may need to  perform a search mission to locate all instances and replace them with yours.
    Cheers... Rick
    Helpful and Handy Links
    RoboHelp Wish Form/Bug Reporting Form
    Begin learning RoboHelp HTML 7 or 8 within the day - $24.95!
    Adobe Certified RoboHelp HTML Training
    SorcerStone Blog
    RoboHelp eBooks

  • Issue in setting custom identity service for soa 11.1.1.4

    Hello,
    I am facing issue in setting custom identity service for soa 11.1.1.4
    It is not picking up the implemented UserManager (in custom IDM) implemented via ServiceProvider and IdentityStoreService.
    This is configured in jps-config.xml
    The same setup was working in soa 11.1.1.2
    I believe there is a change done in JpsProvider in bpm-service.jar to authenticate via default login context from oracle.security.jps.internal.jaas.module.authentication.JpsUserAuthenticationLoginModule
    If my uderstanding is correct,
    Please guide me in implementing custom identity store and services for bpm services for soa 11.1.1.4
    Tried various work arounds but no luck.
    Thanks
    Bala

    Hi...
    Can u tell me how did u set up custom identity service for 11.1.1.2 ?
    Thanks

  • You have to love HP products and their customer service and technical support

    My daughter has one of your ZV5000 notebooks. She has been very happy with it until the last few months when she started having charging issues. After investigation I found out that HP had a class action suit over this very problem. I called customer support and I emailed customer support trying to get HP to live up to it's obligation and fix it. I got no where and after several hours I gave up. She decided to get a new notebook. She bought a Compact Presario CQ50-130US from Staples. When she got it home she tried to connect to my wireless router and couldn't. We called technical support and spend the following 2 hours trying to get it to connect. I spoke to several techs none of which knew what they were talking about. They would read step by step from some try this if that doesn't work try this directions they must have. If that wasn't bad enough we constantly had to ask for it to be repeated because we couldn't understand them. They spoke English but with such heavy accents you couldn't understand what they were saying. The last tech was going to call Comcast my internet provider. I told him they provided the internet service not the router. He couldn't understand that. After keeping me on the phone for 15 minutes he came back to say he couldn't get threw and would call me back when he did. There customer service must be as good as yours is to get threw to. I got a call 24hrs later to ask if everything was alright. They never fixed the problem how could it be alright? By then she had decided to return the new one and buy a product other than HP or Compact. I would up fixing her old laptop something HP should have paid for but didn't. I have always trusted and respected the HP name. I am very sorry to see what it has become to stand for. Inferior products that you don't stand behind and customer and technical support that can't speak English and don't have a clue as to what they are doing. How sad! Do you think any of my family or friends will be buying an HP product?

    well, this IS a means of finding a resolution for some issues. so why SHOULDNT they read this forum? i can assure you that there are people who are not just reading stuff off a book or a document. in fact, that is the biggest cliche's that exists today.
    Make it easier for other people to find solutions, by marking my answer with \'Accept as Solution\' if it solves your problem.
    Click on the BLUE KUDOS button on the left to say "Thanks"
    I am an ex-HP Employee.

  • Integration of custom identity services with JDeveloper BPEL designer

    Hi,
    I'd like to know if a custom user repository plugin will cause the 'Identity Lookup Dialog' (Step 6 of Human Workflow Wizard to generate a user task) to utilize the list of users and groups from a third party provider, when used as the Custom Identity Service provider.
    I'd like to have the custom list of users and groups at 'design time' of the BPEL process itself, as well as process runtime. Is this possible?
    This is with respect to both BPEL PM v10.2.0.2 and v 10.1.3.1.0.
    Regards,
    Vineet

    ok, thank you for the reply.
    But the installation of the Oracle BPEL Process Manger for Developers which includes the JDeveloper and the BPEL Designer doesn't come with 10.1.3.1.0?
    I have to install the JDeveloper and the BPEL Process Manager seperate?
    Thx

  • Can we enable licensing facility for our customized forms and report...?

    He All,
    We have a product and we frequently used to send customized forms and reports to our customers through the shipment team after QC certified. But some of the customized forms and reports have sent to the customers without their knowledge from the development team, it is creating a big problem in the customer site.
    We would like to know that is there any facilities to verify that this shipment has come from through proper channel or not if not they should not open. Is there any license kind of thing that we can do..? If I run some exe file which will check that and let the customer to use it..?
    If any one have the knowledge about this kindly share with us. any kind of information regarding this can be appreciated.
    With Best Regards
    Thangaraj

    So you want the customer to be able to check if the forms where shipped through the proper department from your company?
    First thing that comes to my mind is to pack all the Forms in a JAR file (which is basically a ZIP file) and sign the JAR file with the jarsigner tool. To sign the JAR you need access to the private key that is in a keystore that's only available to this single department. The customer can verify if the JAR was signed with a proper certificate.
    You could issue your own certificate to do this but requires the user to also first import this certificate so it is trusted. You could also buy a commercial certificate from a vendor like Verisign but there are costs involved.
    Just google for jarsigner and keytool to get the idea.

  • User Task: Custom Identity Service

    Hi my friends
    Have anyone tried to use a custom Identity Service with BPEL User Tasks (I meam other than LDAP or JAZN)? Problems? Issues? Limitations?
    I know I have to implement a set of interfaces (BPMIdentityService interface and others)...
    Thanks.
    Message was edited by:
    mmenezes

    Pablo;
    I just read your post and hearing that you have the basic methods working has me very interested - I implemented all the Interfaces (BPMIdentityService, BPMProvider, BPMUser, BPMRole, BPMGroup) and changed the is_config.xml file. My realm showed up, and the connection pool I'm using seemed to work just fine, but when I tried to setup a Human Workflow using the new realm, I get an error on my searchUsers method (just hardcoded).
    I read that you need to add your classes to the application.xml file and that makes sense - but when I add them, no realms show up at all - one step backward - AND the method still doesn't work.
    Could you spare a desperate developer some advice on how you got yours working - a brief description of how to register your classes, if there's more than adding them to application.xml would be wonderful!
    Cheers -

  • Simple Custom Identity Service running on windows OK, but not on linux, y?

    In <Oracle® BPEL Process Manager Developer's Guide 10g Release 2 (10.1.2)
    B14448-03>,
    Part III, 16<Oracle BPEL Process Manager Workflow
    Services, Identity Service, Creating a Custom Identity Service Plug-in>
    My pc, OS:windows 2003+BPEL PM Server10.1.2
    Server, OS:linux+ias+OC4J_BPEL, i can't make sure the version, may be:10.1.2
    In the Developer's Guide say:
    Identity Service has 3 provider:
    1, JAZN Provider
    2,Third-party LDAP Directories
    3,CUSTOM Repository LDAP-Based Plug-ins
    so i like the third one.
    1, i compile the project in Oracle_Home\integration\orabpel\samples\hw\isplugin\db.
    Then it create a jar file(IS-DBPlugin.jar) in Oracle_Home\integration\orabpel\system\services\lib
    2,Modify the provider config file: is_config.xml
    modify the config file: application.xml
    restart the Oracle BPEL server
    3,run the sql files it provider int the polsql.cmd
    OK, now the Identity Service work on Oracle lite database, it's my needs.
    add a user into the tables
    use the url:http://localhost:9700/integration/worklistapp/Login
    i can login the worklist service use my custom user and password.
    when the Identity Service use the JAZN Provider(XML), it's default choice.i add a user into the xml files, i mast restart my server if i want use the user login.
    use the database plugin,when i insert a user name into the tables,i can login the service use the username immediately.
    So i think it's easy to move it to my server(linux os). but when i copy the jar file to the folder,modify the config files,run ths sql files in the oracle database.
    but when i open the url :http://server_ip:port/integration/worklistapp/Login
    it can not work with a simple error message:Worklist service Identity Service error.
    in the log files i find some message like this :
    SOAP-ENV:Server.Exception
    BPEL-10551 can not load the Custom Identity Service Class:
    "IdentityServiceCustomPlugin.CustomIdentityService"
    it has wasted me one week time. and i can't find the reason now.
    who can help me ?
    thanks
    cnboy

    clemens,thanks.
    i'm sorry that my English is poor.so i can't understand you mean completely.
    you say it might be a linux jvm reason, can the metter be resolved?
    and you say extract the jar file .which files i would extract,can you say particular?
    thx!

  • Replacement of Custom Identity Service in 11g

    Hi,
    I have several BPEL processes (10.1.2) with workflow and have been using Custom Identity Service (configuring is_config.xml) which talks to my database for user and groups etc. What is the mechanism for this in 11g now that is_config.xml is gone?
    Any documentation will be great.
    Thanks in advance.
    Bipul.

    I have been able to successfully implement a custom identity service (pulls users from an Oracle DB). I can select it from the SOA Worklist Application realm drop down and log in with my users.
    I'm wondering, however, if there is a way to mimic this behavior from the BPEL Console and/or from a Java program that utilizes the Worklist APIs. From the BPEL Console, I can initiate my process with no problem but in the Audit trail, it complains about the task not being assigned to a user in the "jazn.com" realm. (That's because the user is defined in my Custom Realm.)
    In my Java application, although I created a workflowContext by passing in the name of my custom realm, I get the same error mentioned above.
    I ended up having to change the default realm in my local server's is_config.xml from jazn to my Custom Realm. Is there a way to specify what realm to use for each process without having to change the default each time?

  • Developing Custom User and Role Providers

    Hi
    I am new to Fusion Middleware and trying to develope a Custom User and Role Providers based on the pdf "Oracle® Fusion Middleware Application Security Guide 11g Release 1 (11.1.1) E10043-06"
    It mentioned a sample code "sampleprovider.zip" in chapter 18.10.7 Example: Implementing an Identity Provider
    I couldn't find this zip file anywhere, Can someone know this please let me know how to get this zip?
    Many Thanks
    djia002

    URL:
    http://download.oracle.com/docs/cd/E14571_01/core.1111/e10043/devuserole.htm#CHDEBAEB
    18.10.7.1 About the Sample Provider
    The sample provider is bundled in <b>sampleprovider.zip</b>. Unzip the file. It should generate the following structure (...)

  • Realm of my application for identity and access

    I plan to replace Azure cloud services’ provided subdomain (myapp.cloudapp.net) with our own domain, customDomain.com. I eventually find out that I cannot do that. I have to configure a custom domain name to route traffic to myapp.cloudapp.net. Why does
    not Azure allow me to replace myapp.cloudapp.net with my own custom domain? I end up having two domains for one site. Please look at this site:
    http://azure.microsoft.com/en-us/documentation/articles/cloud-services-custom-domain-name/
    That custom domain name also has an SSL certificate from a CA. In addition to that, I also use single sign on for my application (Identity and Access). In this case, I configure the Identity and Access (realm of my application) with my custom domain name.
    Is this the right way? It does not make sense to configure this with myapp.cloudapp.net. I currently have issues with ADFS but I could not figure out why. 

    Hi,
    Here providing article might helpful for your case.
    Domain mapping, Domain forwarding, SSL certificate for Windows Azure
    http://blogs.msdn.com/b/sriharsha/archive/2012/02/25/domain-mapping-on-windows-azure.aspx
    Hope it helps!
    Thanks.
    Dharmesh Solanki
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Error deploying custom identity asserter

    I'm getting the following error when trying to deploy my custom identity asserter.
    An unexpected error occurred while setting Active Types Chooser to .
    Partial stack trace is as follows:
    [Management:145019]An error occurred while setting attribute:java.lang.NoSuchMethodException: com.foo.security.provider.FooIdentityAsserterImpl.validateActiveTypes([Ljava.lang.String;)
    I've been back and forth through the mbean xml file and can't see anything wrong (despite the funky type in the dump).
    I'm on 8.1 SP2.
    Any ideas as to what would cause this?
    Thanks,
    Jim

    The problem was with the name I was using for the implementation class of the identity asserter. Was calling it XXXIdentityAsserterImpl. This conflicted with the name of a class that was being generated by the MBean tool apparently. Changed it to XXXIdentityAsserterProviderImpl and the issue was resolved.

  • Customer TIN and CST In PLD

    Dear Members,
       In PLD I want to include the customer TIN and CST No. In PLD i could not view the CRD7 Or DLN12 tables.Anyone could tell the varaible Name for the same.Please tell me the work around for this.
    Jai
    Edited by: JaiShankarRaman on Dec 12, 2009 8:19 AM
    Edited by: JaiShankarRaman on Dec 12, 2009 8:20 AM

    Dear Jai,
    You have created 3 identical threads for your question.  However, none of them is one the right forum.  You would be better post one question on this forum:
    Reporting and Printing
    As for the duplicates, please close them and leave only one open.
    Thanks,
    Gordon

  • Custom Identity Service for BPEL

    Hi
    Has anyone created a Custom Identity Service for BPEL workflow authentication.
    Please reply back.
    Thanks
    Mudassar

    Is there a document somewhere that actually describes how to add the plugin to the Process Manager Identity Service? More specifically, requirements for packaging up the plugin module, which folder to place the module in, ALL of the configuration files that need to be updated, etc.?
    So far documents such as the BPEL Developers Guide, BPEL Process Manager Administrator's Guide, and various online sources have been moderately helpful but it seems like there are a lot of missing details as to actually getting a custom Identity Service plugin module working.

  • My custom identity asserter is ignored - what did I miss?

    Hello -
    My custom identity asserter's assertIdentity method is never called - even though I've verified that the correct token is added to the request header. I am hoping for some guidance as to what I am missing.
    1. I downloaded this sample app which uses ADF security: http://jdevsamples.googlecode.com/files/ADFSecurityWL.zip
    I changed the app to:
    - add a filter to dump request headers to System.out so I could verify that the token is correctly added to the request headers
    - changed the auth-method in web.xml from BASIC to CLIENT-CERT
    2. I also downloaded the sample authentication providers (for WLS 9.1) from here: https://codesamples.samplecode.oracle.com/servlets/tracking?id=S224
    and created a custom identity asserter based on the sample identity asserter provider in the app.
    3. I created an EAR file for the app and an mbean jar for the custom identity assertion provider.
    4. I added the mbean jar to the correct directory under weblogic, restarted weblogic, and created an instance of my provider in the security realm. I also reordered the providers so mine would be first (not sure if that matters). Then I restarted weblogic again. I verified that my provider was in the list of providers and that the chosen "Active Types" included my token type.
    5. I deployed the app EAR file to weblogic.
    6. I created a test program based on the test program in the sample providers download (above) and connected to the deployed app. I verified that the test program added the correct token to the request. My app's filter dumped the headers and I could see the token there.
    7. My custom identity assertion provider has System.out.println calls in the initialize() and assertIdentity() methods. I can see that the initialize() method is called when I start weblogic. However, I never see the assertIdentity() method's calls to System.out.println when I try to reach the app and those calls are the 1st thing in the method.
    8. I am using WebLogic Server version 10.3.3.0
    So, is there some obvious step I missed? (I am new to using WLS so it wouldn't surprise me if I got something really obvious wrong...)
    Thanks for reading my question,
    -- Scott

    Thanks Faisal.
    When I compared my mbean declaration with yours I discovered that I had set the Extends attribute to "weblogic.management.security.authentication.Authenticator" instead of "weblogic.management.security.authentication.IdentityAsserter". Using the correct value fixed my problem.

Maybe you are looking for

  • After upgrade to iTunes 11.1.4 - no longer see/sync with iPhone 4

    recently upgrade iTunes to 11.1.4 - but can no longer sync iPhone 4.  Use Windows 8.   The phone is still viewable on MS files - and can access iPhone directories (ie photos).   Other Apple devises (iPod) have not been affected -- they appear and syn

  • Creation of Vendor Registration Questionnaire

    Hi SRM Gurus, We need to Customize the questionnaire. We are able to Create the Questionnaire with some simple options like Question group, Question. However, We are unable to control the alignment. Can anyone send some documents for How to Create a

  • Content accessible only in application, not in UCM

    Hi, is it possible to create such environment, that user can access some content only in application (custom portal and/or webcenter spaces) but not in UCM? Content should be obviously stored in UCM. I have no experience with task like this, please p

  • I cannot download Firefox on my iMac MacOs X.5.8

    I had Firefox 3.6 on my iMac but i got a message there is Firefox 4 so i downloaded 4 and changed it but it do not work, so i am looking for firefox 3.6 but i cannot find it.

  • Domain Re-Directs

    Appologies if this is in the wrong place but i'm not really sure where to start. I dont do a lot of web developing so wondered if someone could answer my question. A friend of mine has got a website but he wants to use a domina alias. For example he