EXTPROC security with Oracle 9i ?

Hi
I would like to know if ther are any look holes with using EXTPROC in oracle 9i. I have been told by the DBA in my organisation that they do not allow extproc due to security issues.
We do not allow extended procedures using EXTPROC in Oracle, this is a potential security issue in Oracle 9i where ESP, any user call made for executing Extended Procedure, is executed using instance owner and that's the reason we do not allow itI would like to if this is really a security loop hole and what can be the alternative for this. If so, is there any way we can restrict the use to specific commands that will be executed from OS ?
Reagrds
Akshay

Depending on your needsm you can always have the SQLNET Valid Node Checking option, even in standard edition. This will eliminate the need for a firewall between the DB server and the app server.
However, why you can't use this simple setup?
<pre>
| 9iAS | Other servers in your company
Outside | |
| Oracle DB |
Firewall-^ ^ ^-Firewall
|
Demilitarized Zone
</pre>
This will be protection enough for your servers.
Arup Nanda

Similar Messages

Data level Security with Oracle Apps as Source

Hi all
I am implementing Data level Security with Apps as Source(OLTP) on Single Sign On.(Oracle has provided the Vanila rpd & we are working on that)
I need to Filter data based on Business Group, Users are created in Apps and they are registered with some Responsibilities.
(for eg, OBI User CHINA is a Responsibility; Now he will get only Business Group ID for China)
I have created Groups in rpd with same name as the responsibility in Apps.
I have created Initialization Blocks from which I m getting only 1 business group ID for every :USER.(I tried the code in TOAD & I m getting the correct BG ID)
I have created Group in WEB with the same name as the Group name in rpd.
If I say show all Users and Groups in WEB, I m getting the APPS Users.
I hv Reloaded the server metadata files and restarted the BI Server/WEB Server also...
But in the Report, I m getting all the Business Group Ids,
Plz advice if I m doing something wrong.
ThanQ
Anand

You need to be creating your "business groups" as a group in the RPD, init blocks to retrieve the user business group at login. Filters in the Logical table sources to restrict data to relevant business groups only.
Presentation 'Web Cat' groups with the same name as the RPD groups so a user inherits membership automatically.
I'd suggest sourcing a vanilla OBIA rpd to see how it is implemented out of the box.

WS-Security with Oracle BPEL

Is it possible to apply WS-Policy or encryption with Oracle BPEL without uing web services manager.
So if a BPEL process is exposed as a web service then how do I apply WS-Policy etc on that web services ?

Hi.
I don't know anything about WS-Policy support in BPEL or WSM, but regarding WS-Security aspects like encryption/decryption, certificates, etc, I can tell you the following:
1 - If your BPEL Process needs to call a web service and pass WS-Security credentials through a partner link, I only know about (and it seems the only option) sending WS-Security username/password authentication
http://download-east.oracle.com/docs/cd/B31017_01/core.1013/b28764/owsm003.htm#sthref1082
Additional information found here:
http://download-east.oracle.com/docs/cd/B31017_01/integrate.1013/b28982/security.htm#sthref10
For the other features like encryption and certificates, I have only used web services manager gateway so far.
2 - All Web Services exposed by your Oracle Application Server (be it a BPEL Process or any other web service) can have an interceptor configuration to validate certificates, apply decryption, etc, when a message arrives. You can verify this by going to your Application Server Control Console->Your OC4J->Web Services->Your Web Service->Administration->Security
3 - If you need to pass WS-Security information when calling your BPEL Processes from an application, you can protect your BPEL process as described in step 2, and then use JDeveloper to configure a web service proxy that encrypts or put certificates in your messages, also using an interceptor mechanism. After creating your web service proxy, right click it and Select the option "Secure Proxy" option.
Hope someone can give more information about WS-Security and WS-Policy.
Denis

Network security with Oracle Database Cloud Service

Does the Oracle Database Cloud service support SSL? Or, any form of network encryption/authentication between a client and the service across the Internet?

Thank you Rick. I'm intending to use Oracle Database Cloud Service as a "Database-as-a-Service", however I have read that it is actually more of a "Platform-as-a-Service" offering.
What I would like to do is to interact with the Oracle Database Cloud Service via a local JDBC client. However, from further reading, it looks like the only way to interact with the Oracle Database Cloud Service from a non-Oracle-cloud-based client is via its RESTful web services (which, as you said, support SSL).
That is to say, I cannot simply connect to the Oracle Database Cloud Service from a local client just through JDBC alone. It looks like I would have to configure my client to make the relevant RESTful web service calls instead, and likewise configure my settings on the Oracle Database Cloud Service to make the necessary translations (from REST to SQL).
Just to finally clarify, is my above understanding correct?

OID-Integrated Label Security with HTMLDB?

Hi,
I've followed the how-to document to integrate Oracle Label Security with Oracle Internet Directory.(http://www.oracle.com/technology/deploy/security/database-security/howtos/ols_oid-how-to.html).
I've successfully created a label security policy for the HR.LOCATIONS table. I would like that same policy to be effective on any query regions in an HTMLDB application.
I created a test application in HTMLDB, and changed the authentication scheme to be LDAP. It uses Oracle Internet Directory to authenticate the users, and this works successfully.
However, when I login with an OID user that has been assigned to use the policy, I get no rows returned.
What is a good way to integrate my label security policy with my htmldb applicaton so that it works within HTMLDB and outside of HTMLDB?
I saw the technote to use VPD, but when I tried this, it caused my label security policy to stop working. I somehow made it conflict...(http://www.oracle.com/technology/pub/notes/technote_htmldb_vpd.html)
I guess I'm just not sure what the VPD function should look like after I've already created a Label Security Policy.
I basically want it to look at the APP_USER and then apply the policy appropriately.
Thanks,
Nora

Scott,
It still worked in SQLPLUS when I typed 'set role none' first.
The way I granted PROFILE_ACCESS was through a label security command:
SQL> exec sa_user_admin.set_user_privs('senspolicy','parse_schema','FULL,PROFILE_ACCESS');
It seems like this is the only way..
It just seems strange that it works in SQLPLUS. I'm trying to figure out what other permissions I need for HTMLDB.
Thanks again,
Nora
SQL*Plus: Release 10.2.0.1.0 - Production on Wed May 16 16:38:20 2007
Copyright (c) 1982, 2005, Oracle. All rights reserved.
Enter user-name: parse_schema/<password>@testls
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Production
With the Partitioning, Oracle Label Security, OLAP and Data Mining options
SQL> set role none;
Role set.
SQL> select count(*) from hr.locations;
COUNT(*)
23
SQL> exec sa_session.set_access_profile('senspolicy','PUB');
PL/SQL procedure successfully completed.
SQL> select count(*) from hr.locations;
COUNT(*)
17
SQL>

Get error while Integrating with Oracle's Enterprise User Security

Hi,
I am trying to create an Oracle Enterprise User integrating with OVD and MS Active Directory.
I am following all the steps in Integrating with Oracle's Enterprise User Security.
In the documentation section: "Configuring Oracle Virtual Directory for the Integration"
I have applied the steps successfully until:
Update and load the entries into the Local Store Adapters by performing the following steps:
I have successfully extended the Oracle Virtual Directory schema with the loadOVD.ldif
However I am getting errors in the next step: Update realmRoot.ldif to use your namespaces
The next step states the following:
Update realmRoot.ldif to use your namespaces, including the dn, dc, o, orclsubscriberfullname,
and memberurl attributes in the file. If you have a DN mapping between Active Directory and
Oracle Virtual Directory, use the DN that you see from Oracle Virtual Directory.
The realmRoot.ldif file is located in ORACLE_VIRTUAL_DIRECTORY_HOME/eus,
where ORACLE_VIRTUAL_DIRECTORY_HOME represents the location where Oracle Virtual Directory is installed.
The realmRoot.ldif file contains core entries in the directory namespace that Enterprise User Security queries. The realmRoot.ldif file also contains the dynamic group that contains the registered Enterprise User Security databases to allow secured access to sensitive Enterprise User Security related attributes, like the user's Enterprise User Security hashed password attribute.
Load your domain root information in the realmRoot.ldif file into Oracle Virtual Directory using the following command:
ldapmodify -h Oracle_Virtual_Directory_Host –p OVD_Port -D cn=admin -w Admin_Password -v -a –f realmRoot.ldif
When I run the ldapmodify command I get the following error:
add dc:
testldap
add objectclass:
top
domain
domainDNS
adding new entry DC=testldap,DC=local
ldap_add: Operations error
ldap_add: additional info: LDAP Error 1 : null
The actual realmRoot.ldif looks like this:
# Please uncomment the following one line if you are importing this
# LDIF file via OVD Manager or OVD Server's ldapmodify tool.
#version: 1
#dn: dc=com
#dc: com
#objectclass: domain
dn: DC=testldap,DC=local
changetype: add
dc: testldap
#o: subarashii
objectclass: top
objectclass: domain
objectclass: domainDNS
#objectclass: orclSubscriber
#orclsubscriberfullname: subarashii
#orclVersion: 90400
# If your domain structure has more layers than dc=subarashii,dc=com,
# for example, it's dc=us,dc=subarashii,dc=com, you will need to load
# the following ldif entry/entries too.
# Uncomment out the following, if required.
#dn: dc=us,dc=subarashii,dc=com
#orclversion: 90400
#orclsubscriberfullname: us
#objectclass: domain
#objectclass: top
#objectclass: orclSubscriber
#dc: us
# Adding EUSDBGroup entry
# Modify the memberurl attribute and replace it with your own domain name
#dn: cn=EUSDBGROUP,dc=subarashii,dc=com
#cn: EUSDBGROUP
#memberurl:ldap:///dc=subarashii,dc=com??sub?(&(objectclass=orclService)(objectclass=orclDBServer))
#objectclass:groupofuniquenames
#objectclass:groupofurls
#objectclass:top

Did you ever get your questions answered about the realmRoot.ldif file? Did you manage to configure a successful integration of OVD with EUS? I am battling with trying to get Oracle Virtual Directory integrated with Enterprise User Security, but every step I take in Chapter 7 of the OVD manual fails in some way, and the instructions are often vague. I am not sure how to modify the realmRoot.ldif file. Is there any improved documentation on this? I have logged a Service Request, but not getting any help. Any resources or documentation you know of that provides better guidance would be much appreciated. I am way behind my schedule now and this is a very frustrating exercise.
Thanks.

Integrating Oracle BI Publisher with Oracle Single Sign-on security.

I am trying to integrate BI Publisher with Oracle Single Sign-on running on a different machine.
The BI Publisher is installed with an Oracle application server 10.3.1 (includes a HTTP server). These are the steps I followed:
1) Registered BI publisher as a partner application in the Oracle SSO admin console which generated a single sign-off url.
2) Made the required modifications in the mod_osso.xml config file.
3) On the BI publisher admin page went to the securities tab and opted the SSO security and entered the single sign-off url generated in the previous step.
4) Restarted the Oracle ID mgt infrastructure and the BI pub server.
The BI pub login is not getting redirected to the SSO page.
Please let me know as what is that I am missing. I've been cracking my head with this for quite long - any help will be highly appreciated.

"user589320"
APEX is only using BI Publisher to transform the XML data of your report and the template you provide into PDF, Word or Excel. For this, APEX sends the XML data and the template to BI Publisher, and BI Publisher sends back to completed document. So there's nothing stored in BI Publisher, all templates, report definitions, etc are stored in the APEX schema. This has the advantage that you can reference item values and other information in your print documents, and it also ensures that you don't have to access the database again from within BI Publisher, i.e. you don't need to communicate any authentication information to BI Publisher.
Of course BI Publisher itself also provide the ability to store reports and to store templates. But those are not accessible from APEX through the built-in integration. You can however use the same templates you use for BI Publisher directly on load them into APEX for use there.
Lastly, if you want to use and print reports in both BI Publisher and your APEX applications, you can do that through web services, take a look at Tyler Muth's BLOG for more information on this topic:
http://tylermuth.wordpress.com/2008/03/31/call-bi-publisher-web-services-from-apex/
Regards,
Marc

Cisco Secure ACS 4.2 with Oracle

hi there...
Our campus using WisM (WS-SVC-WISM-1-K9) as wireless controller , Cisco 1130 access point and Cisco Secure ACS 4.2 Solution Engine 1113 Appliance as radius server. For username and password, ACS will export the data from Oracle database(production DB).
The problem that we are facing right now is password that store in oracle database is in encrypted format. Base feedback from our database administrator, the encryption is done by oracle - application layer and cannot be decrypt back. In Oracle they call it "Oracle Stored Procedures"
My questions :
1- Can Cisco Secure ACS 4.2 work with Oracle 10G or 11G?
2- Is there any option to tackle the encrypted password? Can ACS handle the "Oracle Stored Procedures" function?
Please advice.
Thanks

Microsoft SQL Server and Case-Sensitive Passwords
If you want your passwords to be case sensitive and are using Microsoft SQL Server as your ODBC-compliant relational database, configure your SQL Server to accommodate this feature. If your users are authenticating by using PPP via PAP or Telnet login, the password might not be case sensitive, depending on how you set the case-sensitivity option on the SQL Server. For example, an Oracle database will default to case sensitive, whereas Microsoft SQL Server defaults to case insensitive. However, in the case of CHAP/ARAP, the password is case sensitive if you configured the CHAP stored procedure.
For example, with Telnet or PAP authentication, the passwords cisco or CISCO or CiScO will all work if you configure the SQL Server to be case insensitive.
For CHAP/ARAP, the passwords cisco or CISCO or CiScO are not the same, regardless of whether the SQL Server is configured for case-sensitive passwords.
Sample Routine for Generating a PAP Authentication SQL Procedure
The following example routine creates a procedure named CSNTAuthUserPap in Microsoft SQL Server, the default procedure that ACS uses for PAP authentication. Table and column names that could vary for your database schema appear in variable text. For your convenience, the ACS product CD includes a stub routine for creating a procedure in SQL Server or Oracle. For more information about data type definitions, procedure parameters, and procedure results, see ODBC Database.
                         if exists (select * from sysobjects where id = object_id (`dbo.CSNTAuthUserPap') and
                         sysstat & 0xf = 4)drop procedure dbo.CSNTAuthUserPap
                         GO
                         CREATE PROCEDURE CSNTAuthUserPap
                         @username varchar(64), @pass varchar(255)
                         AS
                         SET NOCOUNT ON
                         IF EXISTS( SELECT username
                         FROM users
                         WHERE username = @username
                         AND csntpassword = @pass )
                         SELECT 0,csntgroup,csntacctinfo,"No Error"
                         FROM users
                         WHERE username = @username
                         ELSE
                         SELECT 3,0,"odbc","ODBC Authen Error"
                         GO
                         GRANT EXECUTE ON dbo.CSNTAuthUserPap TO ciscosecure
                         GO
Sample Routine for Generating an SQL CHAP Authentication Procedure
The following example routine creates in Microsoft SQL Server a procedure named CSNTExtractUserClearTextPw, the default procedure that ACS uses for CHAP/MS-CHAP/ARAP authentication. Table and column names that could vary for your database schema appear in variable text. For more information about data type definitions, procedure parameters, and procedure results, see ODBC Database.
                         if exists (select * from sysobjects where id = object_id(`dbo.CSNTExtractUserClearTextPw')
                         and sysstat & 0xf = 4) drop procedure dbo.CSNTExtractUserClearTextPw
                         GO
                         CREATE PROCEDURE CSNTExtractUserClearTextPw
                         @username varchar(64)
                         AS
                         SET NOCOUNT ON
                         IF EXISTS( SELECT username
                         FROM users
                         WHERE username = @username )
                         SELECT 0,csntgroup,csntacctinfo,"No Error",csntpassword
                         FROM users
                         WHERE username = @username
                         ELSE
                         SELECT 3,0,"odbc","ODBC Authen Error"
                         GO
                         GRANT EXECUTE ON dbo.CSNTExtractUserClearTextPw TO ciscosecure
                         GO
Sample Routine for Generating an EAP-TLS Authentication Procedure
The following example routine creates in Microsoft SQL Server a procedure named CSNTFindUser, the default procedure that ACS uses for EAP-TLS authentication. Table and column names that could vary for your database schema appear in variable text. For more information about data type definitions, procedure parameters, and procedure results, see ODBC Database.
                         if exists (select * from sysobjects where id = object_id(`dbo.CSNTFindUser') and
                         sysstat & 0xf = 4) drop procedure dbo.CSNTFindUser
                         GO
                         CREATE PROCEDURE CSNTFindUser
                         @username varchar(64)
                         AS
                         SET NOCOUNT ON
                         IF EXISTS( SELECT username
                         FROM users
                         WHERE username = @username )
                         SELECT 0,csntgroup,csntacctinfo,"No Error"
                         FROM users
                         WHERE username = @username
                         ELSE
                         SELECT 3,0,"odbc","ODBC Authen Error"
                         GO
                         GRANT EXECUTE ON dbo.CSNTFindUser TO ciscosecure
                         GO
Reference:
http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.0/user/guide/d.html#wp355420

Problem with Oracle external procedures and Microsoft Active Directory

Hi,
Our server was recently updated to use Microsoft Active Directory. However, we noticed that all external procedure calls keeps on failing with ORA-28575: unable to open RPC connection external procedure agent. Everything was working fine before we migrated to Active Directory which is why we can say that the listener is configured correctly.
Any idea on how we can make extproc calls with Active Directory?
thanks.

Michael,
Oracle Forms does support Single Sign-On (SSO). Take a look at Oracle Containers for J2EE Security Guide: OC4J Java Single Sing-On. Also take a look at the Oracle Forms 10g Sample Code and scroll to the SSO demo under the Forms Services Demo section. There are also, numerous other documents available via Google. ;-)
Craig B-)
If someone's response is helpful or correct, please mark it accordingly.

How to use JavaMail 1.4 with Oracle Application Server 10g (9.0.4.0.0)

Hi all,
I'd like to know if it's possible and how to use JavaMail 1.4 with Oracle Application Server 10g (9.0.4.0.0), Windows version.
With the following code, I can see that the mail.jar used by the server is the one included in the jdk installation :
// I'm testing InternetAddress.class because I want to use commons-email-1.2.jar that requires mail.jar 1.4 (or higher) and activation.jar 1.1 (or higher)
// and I know that inside the commons-email-1.2.jar file, I need to call the InternetAddress.validate() method that throws a java.lang.NoSuchMethodError: javax.mail.internet.InternetAddress.validate()V if it is used with mail.jar 1.2.
Class cls = javax.mail.internet.InternetAddress.class;
java.security.ProtectionDomain pDomain = cls.getProtectionDomain();
java.security.CodeSource cSource = pDomain.getCodeSource();
java.net.URL location = cSource.getLocation();
System.out.println(location.toString());
This code returns : file:/C:/oracle/app/jdk/jre/lib/ext/mail.jar and this mail.jar file has an implementation version number: 1.2
- I've tried to include my own mail.jar (1.4.2) and activation.jar (1.1.1) files in the war file that I deploy, but it doesn't work (the server still uses the same mail.jar 1.2)
- I've tried to put the mail.jar (1.4.2) and activation.jar (1.1.1) files in the applib directory of my OC4J instance, but it doesn't work (the server still uses the same mail.jar 1.2)
- I know that a patch exists : I've read the following document: How to Make Libraries such as mail.jar and activation.jar Swappable ? [ID 552432.1]
This article talks about the Patch 6514136, but this patch only applies to : Oracle Containers for J2EE - Version: 10.1.3.3.0
Can you please help me ?
Thanks in advance for your answers,
Laurent

I strongly suggest to upgrade to AS 10.1.3 to get this.
Think of future support of AS 9.0.4. You will get not critical patch updates anymore.
--olaf

Error while "Enabling Security for Oracle Management Service"

Hi,
I have installed OEM 10GR1 on Solaris 9. I am using 9.2.0 database for repository.
My first installation of OEM and agent went smoothly, and everything was working fine.
Then, I tried to follow configurating security for Grid Control Framework. I got following error:
/oracle/app/oracle/product/10gEM>cd bin
/oracle/app/oracle/product/10gEM/bin>./emctl secure oms
Oracle Enterprise Manager 10g Release 10.1.0.3.0.
Copyright (c) 1996, 2004 Oracle Corporation. All rights reserved.
Enter Enterprise Manager Root Password :
Enter Agent Registration password :
Enter a Hostname for this OMS :
Checking Repository... Done.
Checking Repository for an existing Enterprise Manager Root Key... Done.
Generating Enterprise Manager Root Key (this takes a minute)... Done.
Fetching Root Certificate from the Repository... Done.
Generating Registration Password Verifier in the Repository... Done.
Generating Oracle Wallet Password for Enterprise Manager OMS... Done.
Generating Oracle Wallet for Enterprise Manager OMS...Missing /oracle/app/oracle/product/10gEM/sysman/wallets/oms.uxtora1/ewallet.p12
:/oracle/app/oracle/product/10gEM/bin>
Please help.

Thanks for response. I had temp space full issue with repository database. After bouncing database, the temp tablespace became empty, and the secure operation went smooth.

Pre-loading Oracle text in memory with Oracle 12c

There is a white paper from Roger Ford that explains how to load the Oracle index in memory : http://www.oracle.com/technetwork/database/enterprise-edition/mem-load-082296.html
In our application, Oracle 12c, we are indexing a big XML field (which is stored as XMLType with storage secure file) with the PATH_SECTION_GROUP. If I don't load the I table (DR$..$I) into memory using the technique explained in the white paper then I cannot have decent performance (and especially not predictable performance, it looks like if the blocks from the TOKEN_INFO columns are not memory then performance can fall sharply)
But after migrating to oracle 12c, I got a different problem, which I can reproduce: when I create the index it is relatively small (as seen with ctx_report.index_size) and by applying the technique from the whitepaper, I can pin the DR$ I table into memory. But as soon as I do a ctx_ddl.optimize_index('Index','REBUILD') the size becomes much bigger and I can't pin the index in memory. Not sure if it is bug or not.
What I found as work-around is to build the index with the following storage options:
ctx_ddl.create_preference('TEST_STO','BASIC_STORAGE');
ctx_ddl.set_attribute ('TEST_STO', 'BIG_IO', 'YES' );
ctx_ddl.set_attribute ('TEST_STO', 'SEPARATE_OFFSETS', 'NO' );
so that the token_info column will be stored in a secure file. Then I can change the storage of that column to put it in the keep buffer cache, and write a procedure to read the LOB so that it will be loaded in the keep cache. The size of the LOB column is more or less the same as when creating the index without the BIG_IO option but it remains constant even after a ctx_dll.optimize_index. The procedure to read the LOB and to load it into the cache is very similar to the loaddollarR procedure from the white paper.
Because of the SDATA section, there is a new DR table (S table) and an IOT on top of it. This is not documented in the white paper (the white paper was written for Oracle 10g). In my case this DR$ S table is much used, and the IOT also, but putting it in the keep cache is not as important as the token_info column of the DR I table. A final note: doing SEPARATE_OFFSETS = 'YES' was very bad in my case, the combined size of the two columns is much bigger than having only the TOKEN_INFO column and both columns are read.
Here is an example on how to reproduce the problem with the size increasing when doing ctx_optimize
1. create the table
drop table test;
CREATE TABLE test
(ID NUMBER(9,0) NOT NULL ENABLE,
XML_DATA XMLTYPE
XMLTYPE COLUMN XML_DATA STORE AS SECUREFILE BINARY XML (tablespace users disable storage in row);
2. insert a few records
insert into test values(1,'<Book><TITLE>Tale of Two Cities</TITLE>It was the best of times.<Author NAME="Charles Dickens"> Born in England in the town, Stratford_Upon_Avon </Author></Book>');
insert into test values(2,'<BOOK><TITLE>The House of Mirth</TITLE>Written in 1905<Author NAME="Edith Wharton"> Wharton was born to George Frederic Jones and Lucretia Stevens Rhinelander in New York City.</Author></BOOK>');
insert into test values(3,'<BOOK><TITLE>Age of innocence</TITLE>She got a prize for it.<Author NAME="Edith Wharton"> Wharton was born to George Frederic Jones and Lucretia Stevens Rhinelander in New York City.</Author></BOOK>');
3. create the text index
drop index i_test;
exec ctx_ddl.create_section_group('TEST_SGP','PATH_SECTION_GROUP');
begin
CTX_DDL.ADD_SDATA_SECTION(group_name => 'TEST_SGP',
                            section_name => 'SData_02',
                            tag => 'SData_02',
                            datatype => 'varchar2');
end;
exec ctx_ddl.create_preference('TEST_STO','BASIC_STORAGE');
exec ctx_ddl.set_attribute('TEST_STO','I_TABLE_CLAUSE','tablespace USERS storage (initial 64K)');
exec ctx_ddl.set_attribute('TEST_STO','I_INDEX_CLAUSE','tablespace USERS storage (initial 64K) compress 2');
exec ctx_ddl.set_attribute ('TEST_STO', 'BIG_IO', 'NO' );
exec ctx_ddl.set_attribute ('TEST_STO', 'SEPARATE_OFFSETS', 'NO' );
create index I_TEST
on TEST (XML_DATA)
indextype is ctxsys.context
parameters('
    section group   "TEST_SGP"
    storage         "TEST_STO"
') parallel 2;
4. check the index size
select ctx_report.index_size('I_TEST') from dual;
it says :
TOTALS FOR INDEX TEST.I_TEST
TOTAL BLOCKS ALLOCATED:                                                104
TOTAL BLOCKS USED:                                                      72
TOTAL BYTES ALLOCATED:                                 851,968 (832.00 KB)
TOTAL BYTES USED:                                      589,824 (576.00 KB)
4. optimize the index
exec ctx_ddl.optimize_index('I_TEST','REBUILD');
and now recompute the size, it says
TOTALS FOR INDEX TEST.I_TEST
TOTAL BLOCKS ALLOCATED:                                               1112
TOTAL BLOCKS USED:                                                    1080
TOTAL BYTES ALLOCATED:                                 9,109,504 (8.69 MB)
TOTAL BYTES USED:                                      8,847,360 (8.44 MB)
which shows that it went from 576KB to 8.44MB. With a big index the difference is not so big, but still from 14G to 19G.
5. Workaround: use the BIG_IO option, so that the token_info column of the DR$ I table will be stored in a secure file and the size will stay relatively small. Then you can load this column in the cache using a procedure similar to
alter table DR$I_TEST$I storage (buffer_pool keep);
alter table dr$i_test$i modify lob(token_info) (cache storage (buffer_pool keep));
rem: now we must read the lob so that it will be loaded in the keep buffer pool, use the prccedure below
create or replace procedure loadTokenInfo is
type c_type is ref cursor;
c2 c_type;
s varchar2(2000);
b blob;
buff varchar2(100);
siz number;
off number;
cntr number;
begin
    s := 'select token_info from DR$i_test$I';
    open c2 for s;
    loop
       fetch c2 into b;
       exit when c2%notfound;
       siz := 10;
       off := 1;
       cntr := 0;
       if dbms_lob.getlength(b) > 0 then
         begin
           loop
             dbms_lob.read(b, siz, off, buff);
             cntr := cntr + 1;
             off := off + 4096;
           end loop;
         exception when no_data_found then
           if cntr > 0 then
             dbms_output.put_line('4K chunks fetched: '||cntr);
           end if;
         end;
       end if;
    end loop;
end;
Rgds, Pierre

I have been working a lot on that issue recently, I can give some more info.
First I totally agree with you, I don't like to use the keep_pool and I would love to avoid it. On the other hand, we have a specific use case : 90% of the activity in the DB is done by queuing and dbms_scheduler jobs where response time does not matter. All those processes are probably filling the buffer cache. We have a customer facing application that uses the text index to search the database : performance is critical for them.
What kind of performance do you have with your application ?
In my case, I have learned the hard way that having the index in memory (the DR$I table in fact) is the key : if it is not, then performance is poor. I find it reasonable to pin the DR$I table in memory and if you look at competitors this is what they do. With MongoDB they explicitly says that the index must be in memory. With elasticsearch, they use JVM's that are also in memory. And effectively, if you look at the awr report, you will see that Oracle is continuously accessing the DR$I table, there is a SQL similar to
SELECT /*+ DYNAMIC_SAMPLING(0) INDEX(i) */
TOKEN_FIRST, TOKEN_LAST, TOKEN_COUNT, ROWID
FROM DR$idxname$I
WHERE TOKEN_TEXT = :word AND TOKEN_TYPE = :wtype
ORDER BY TOKEN_TEXT, TOKEN_TYPE, TOKEN_FIRST
which is continuously done.
I think that the algorithm used by Oracle to keep blocks in cache is too complex. A just realized that in 12.1.0.2 (was released last week) there is finally a "killer" functionality, the in-memory parameters, with which you can pin tables or columns in memory with compression, etc. this looks ideal for the text index, I hope that R. Ford will finally update his white paper :-)
But my other problem was that the optimize_index in REBUILD mode caused the DR$I table to double in size : it seems crazy that this was closed as not a bug but it was and I can't do anything about it. It is a bug in my opinion, because the create index command and "alter index rebuild" command both result in a much smaller index, so why would the guys that developped the optimize function (is it another team, using another algorithm ?) make the index two times bigger ?
And for that the track I have been following is to put the index in a 16K tablespace : in this case the space used by the index remains more or less flat (increases but much more reasonably). The difficulty here is to pin the index in memory because the trick of R. Ford was not working anymore.
What worked:
first set the keep_pool to zero and set the db_16k_cache_size to instead. Then change the storage preference to make sure that everything you want to cache (mostly the DR$I) table come in the tablespace with the non-standard block size of 16k.
Then comes the tricky part : the pre-loading of the data in the buffer cache. The problem is that with Oracle 12c, Oracle will use direct_path_read for FTS which basically means that it bypasses the cache and read directory from file to the PGA !!! There is an event to avoid that, I was lucky to find it on a blog (I can't remember which, sorry for the credit).
I ended-up doing that. the events to 10949 is to avoid the direct path reads issue.
alter session set events '10949 trace name context forever, level 1';
alter table DR#idxname0001$I cache;
alter table DR#idxname0002$I cache;
alter table DR#idxname0003$I cache;
SELECT /*+ FULL(ITAB) CACHE(ITAB) */ SUM(TOKEN_COUNT), SUM(LENGTH(TOKEN_INFO)) FROM DR#idxname0001$I;
SELECT /*+ FULL(ITAB) CACHE(ITAB) */ SUM(TOKEN_COUNT), SUM(LENGTH(TOKEN_INFO)) FROM DR#idxname0002$I;
SELECT /*+ FULL(ITAB) CACHE(ITAB) */ SUM(TOKEN_COUNT), SUM(LENGTH(TOKEN_INFO)) FROM DR#idxname0003$I;
SELECT /*+ INDEX(ITAB) CACHE(ITAB) */ SUM(LENGTH(TOKEN_TEXT)) FROM DR#idxname0001$I ITAB;
SELECT /*+ INDEX(ITAB) CACHE(ITAB) */ SUM(LENGTH(TOKEN_TEXT)) FROM DR#idxname0002$I ITAB;
SELECT /*+ INDEX(ITAB) CACHE(ITAB) */ SUM(LENGTH(TOKEN_TEXT)) FROM DR#idxname0003$I ITAB;
It worked. With a big relief I expected to take some time out, but there was a last surprise. The command
exec ctx_ddl.optimize_index(idx_name=>'idxname',part_name=>'partname',optlevel=>'REBUILD');
gqve the following
ERROR at line 1:
ORA-20000: Oracle Text error:
DRG-50857: oracle error in drftoptrebxch
ORA-14097: column type or size mismatch in ALTER TABLE EXCHANGE PARTITION
ORA-06512: at "CTXSYS.DRUE", line 160
ORA-06512: at "CTXSYS.CTX_DDL", line 1141
ORA-06512: at line 1
Which is very much exactly described in a metalink note 1645634.1 but in the case of a non-partitioned index. The work-around given seemed very logical but it did not work in the case of a partitioned index. After experimenting, I found out that the bug occurs when the partitioned index is created with dbms_pclxutil.build_part_index procedure (this enables enables intra-partition parallelism in the index creation process). This is a very annoying and stupid bug, maybe there is a work-around, but did not find it on metalink
Other points of attention with the text index creation (stuff that surprised me at first !) ;
- if you use the dbms_pclxutil package, then the ctx_output logging does not work, because the index is created immediately and then populated in the background via dbms_jobs.
- this in combination with the fact that if you are on a RAC, you won't see any activity on the box can be very frightening : this is because oracle can choose to start the workers on the other node.
I understand much better how the text indexing works, I think it is a great technology which can scale via partitioning. But like always the design of the application is crucial, most of our problems come from the fact that we did not choose the right sectioning (we choosed PATH_SECTION_GROUP while XML_SECTION_GROUP is so much better IMO). Maybe later I can convince the dev to change the sectionining, especially because SDATA and MDATA section are not supported with PATCH_SECTION_GROUP (although it seems to work, even though we had one occurence of a bad result linked to the existence of SDATA in the index definition). Also the whole problematic of mixed structured/unstructured searches is completly tackled if one use XML_SECTION_GROUP with MDATA/SDATA (but of course the app was written for Oracle 10...)
Regards, Pierre

Facing Issue With Oracle SOA Suite 11.1.1.3.0

Hi All,
I am facing some issues with ORACLE SOA SUITE 11.1.1.3.0.
Hope you people can help us out.
Please find the issue details below along with all the relevant information’s
I have following SOA suite installation at my server:
Oracle 10g Express Edition Universal 10.2.0.1
RCU 11.1.1.3.3
Web Logic Server 10.3.3.0
SOA suite 11.1.1.3.0
JDeveloper 11.1.1.3.0
The first thing what I have done is created a web service and deployed it to server without any issue.
After that I created proxy client for that service and accessed it successfully from the client end.
Till here no issue occurs.
After that I applied few policies on top of web service and deployed it to server.
The policy I had chosen was “oracle/wss_username_token_service_policy” [coming under OWSM policies list]
While deploying there was no issue, all went well.
2nd step I had created client using “oracle/wss_username_token_client_policy” policy which is counter part of above policy and tried to access the web service but failed.
I have followed this blog:
[http://biemond.blogspot.com/2010/08/things-you-need-to-do-for-owsm-11g.html ]
Please have a look on service and client code:
Service Code:
package Demo_ScoreCard;
import javax.jws.WebService;
import weblogic.wsee.jws.jaxws.owsm.SecurityPolicy;
@WebService
@SecurityPolicy(uri = "oracle/wss_username_token_service_policy")
public class ScoreCardWithPolicy {
public double getPercentageWithPolicy(double markEng,double markMath,double markHindi,double markScience,double markSsc)
double result;
result= ((markEng+markHindi+markMath+markScience+markSsc)/500)*100;
return result;
Client Code:
package com.tec.proxy.client;
import java.util.Map;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.WebServiceRef;
import weblogic.wsee.jws.jaxws.owsm.SecurityPolicyFeature;
public class ScoreCardWithPolicyPortClient {
@WebServiceRef
private static ScoreCardWithPolicyService scoreCardWithPolicyService;
public static void main(String[] args) {
scoreCardWithPolicyService = new ScoreCardWithPolicyService();
SecurityPolicyFeature[] securityFeatures =new SecurityPolicyFeature[] { new SecurityPolicyFeature("oracle/wss_http_token_client_policy") };
ScoreCardWithPolicy scoreCardWithPolicy =scoreCardWithPolicyService.getScoreCardWithPolicyPort(securityFeatures);
Map<String, Object> reqContext =((BindingProvider)scoreCardWithPolicy).getRequestContext();
reqContext.put(BindingProvider.USERNAME_PROPERTY, "testclient");
reqContext.put(BindingProvider.PASSWORD_PROPERTY, "test12345"); // I have added this to the myrealm from console under security realms
double arg1 = 77.2;
double arg2 = 79.2;
double arg3 = 77.2;
double arg4 = 76.2;
double arg5 = 67.2;
double clientResult =scoreCardWithPolicy.getPercentageWithPolicy(arg1, arg2, arg3, arg4,arg5);
System.out.println("clientResult with policy =====> " + clientResult);
Error Log:
SEVERE: WSM-07617 Policy: oracle/wss_http_token_client_policy contains unsupported assertions.
SEVERE: WSMAgentHook: An Exception is thrown: WSM-07617 Policy Policy: oracle/wss_http_token_client_policy contains unsupported assertions.
Exception in thread "main" javax.xml.rpc.JAXRPCException: oracle.wsm.common.sdk.WSMException: WSM-07617 Policy Policy: oracle/wss_http_token_client_policy contains unsupported assertions.
at oracle.wsm.agent.handler.wls.WSMAgentHook.handleException(WSMAgentHook.java:395)
at oracle.wsm.agent.handler.wls.WSMAgentHook.init(WSMAgentHook.java:206)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory.newHandler(TubeFactory.java:105)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory.createClient(TubeFactory.java:68)
at weblogic.wsee.jaxws.WLSTubelineAssemblerFactory$TubelineAssemblerImpl.createClient(WLSTubelineAssemblerFactory.java:148)
at com.sun.xml.ws.client.WSServiceDelegate.createPipeline(WSServiceDelegate.java:467)
at com.sun.xml.ws.client.WSServiceDelegate.getStubHandler(WSServiceDelegate.java:689)
at com.sun.xml.ws.client.WSServiceDelegate.createEndpointIFBaseProxy(WSServiceDelegate.java:667)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:362)
at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.internalGetPort(WLSProvider.java:855)
at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate$PortClientInstanceFactory.createClientInstance(WLSProvider.java:967)
at weblogic.wsee.jaxws.spi.ClientInstancePool.takeSimpleClientInstance(ClientInstancePool.java:621)
at weblogic.wsee.jaxws.spi.ClientInstancePool.take(ClientInstancePool.java:486)
at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.getPort(WLSProvider.java:782)
at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:344)
at javax.xml.ws.Service.getPort(Service.java:133)
at com.tec.proxy.client.ScoreCardWithPolicyService.getScoreCardWithPolicyPort(ScoreCardWithPolicyService.java:86)
at com.tec.proxy.client.ScoreCardWithPolicyPortClient.main(ScoreCardWithPolicyPortClient.java:23)
Process exited with exit code 1.
Not getting any help from any blog. Just wondering why this error is coming. I would be glad if you can help us in this regard.
Apart from above issue I have few queries like:
1.What is difference between OWSM policies and WLS policies?
2.Are these the only policies we can apply on top of services?
3.If some one wants to configure his own custom policies than what need to be done
4.Could anyone please provide some useful links to implement ENCYPTION and SIGNATURE on top of web services?
5.And If I am not wrong, I guess Oracle Service BUS OSB 11.1.1.3 has been removed from the main download link and version 11.1.1.4 has been provided. Is it
compatible with SOA suite 11.1.1.3.0? If not where can I get OSB 11.1.1.3?
Looking forward to hear from you people.
Thanks
Arvind
Edited by: user8490871 on Apr 15, 2011 12:53 AM
Edited by: user8490871 on Apr 15, 2011 12:53 AM

Hi,
I don't know why u get an error. Here are answers for additional questions:
1. OWSM policies are for web services. WLS policies are based on Java EE security. They are used to protect resources e.g. URL, EJB
2. I don't know about other policies
3. See http://download.oracle.com/docs/cd/E14571_01/web.1111/e13713/owsm_appendix.htm#CHDCHFBH
4. See http://download.oracle.com/docs/cd/E14571_01/security.1111/e10037/toc.htm
5. I can see OSB 11.1.1.3 download link here
http://www.oracle.com/technetwork/middleware/downloads/fmw-11-download-092893.html
Regards,
Milan

Web connectivity and security in Oracle 8i

How can i make Web Connectivity with Oracle 8i database.
Junaid Tareen

<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by [email protected] ():
What do you mean by data level security?
Can you give an example and explain your query?<HR></BLOCKQUOTE>
When giving him permissions to users on a table I want that the user can manipulate only certain columns and that the others are restricted for him. If it is connected by application, SQL, ODBC, etc. That it always has activates the restrictions on the data of those columns.
Ej.
I have a table with 5 columns, need to give permissions him of select to users on that table but single desire to show the users columns to him the 1,2 and 3.Las others will remain restricted for those users until it is decided to assign them.

PeopleSoft 8.53 Integration Error with Oracle SES

My System Details are :
Machine 1
Hostname : host1
Port : port1
Application : PeopleSoft 8.53 + HCM 9.2 + Oracle 11g
OS : Windows 7 (64 Bit)
Machine 2
Hostname : host2
Port : port2
Application :Oracle Secure Enterprise Search 11.1.2.2.0
OS : Windows 2008 Server (64 Bit)
No Error was encountered while installation and systems started without any error.
Now when trying to integrate PeopleSoft with Oracle SES.
I entered all the details as per installation docs at PeopleTools->Search Framework->administration->Search Instance
When I click on Ping I encounter the following error :
Ping Test Result: Failure. Exception caught GetMessageText: No default message. (0,0) (262,612)
I am behind a proxy server and have made the required entries in integrationGateway.properties files for proxy server.
Also have added userid:pwd in Proxy-Authorization property for HTTPTARGET connector ID.
The Errorlog.html contains the following error:
Type - Error
ErrorLevel - Standard Gateway Exception
Description - HttpTargetConnector:ExternalApplicationException. External System responded with an Error status.
Exception - PeoplesoftListeningConnector: GeneralFrameworkException
MessageCatalog
MessageSet: 158 MessageID: 10623 MessageParms: HttpStatusCode returned : 407
Stack Trace
com.peoplesoft.pt.integrationgateway.common.ExternalApplicationException: HttpTargetConnector:ExternalApplicationException. External System responded with an Error status.
at com.peoplesoft.pt.integrationgateway.targetconnector.HttpTargetConnector.send(HttpTargetConnector.java:1159)
at com.peoplesoft.pt.integrationgateway.service.BasicConnectorInvocator.execute(BasicConnectorInvocator.java:131)
at com.peoplesoft.pt.integrationgateway.framework.GatewayManager.invokeService(GatewayManager.java:147)
at com.peoplesoft.pt.integrationgateway.framework.GatewayManager.connect(GatewayManager.java:191)
at com.peoplesoft.pt.integrationgateway.listeningconnector.PeopleSoftListeningConnector.doPost(PeopleSoftListeningConnector.java:183)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at com.peoplesoft.pt.integrationgateway.listeningconnector.PeopleSoftListeningConnector.service(PeopleSoftListeningConnector.java:86)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at com.peoplesoft.pt.integrationgateway.common.IBFilter.doFilter(IBFilter.java:84)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Request
Message-ID: <1975883609.1375092327640.JavaMail.userId@host1>
Date: Mon, 29 Jul 2013 15:35:27 +0530 (IST)
Mime-Version: 1.0
Content-Type: multipart/related; boundary="Integration_Server_MIME_Boundary"
Content-ID: PeopleSoft-Integration-Broker-Internal-Mime-Message
PeopleSoft-ToolsRelease: 8.48
--Integration_Server_MIME_Boundary
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Content-ID: IBInfo
<?xml version="1.0"?><IBInfo><ExternalOperationName><![CDATA[GETAPIVERSION.V1]]></ExternalOperationName><OperationType>sync</OperationType><From><RequestingNode><![CDATA[PSFT_HR]]></RequestingNode><Protocol>http</Protocol><WS-Security><WSTokenType><![CDATA[]]></WSTokenType><WSTokenEncrypted></WSTokenEncrypted><WSTokenSigned></WSTokenSigned><WSTokenEncryptLevel></WSTokenEncryptLevel><WSRequestAliasName><![CDATA[]]></WSRequestAliasName></WS-Security><SAML-CertAlias><![CDATA[]]></SAML-CertAlias><SAML-QualifierName><![CDATA[]]></SAML-QualifierName><SAML-Issuer><![CDATA[]]></SAML-Issuer><SAML-SubjectName><![CDATA[]]></SAML-SubjectName><SAML-Signature><![CDATA[]]></SAML-Signature><SAML-TokenData>***deleted for security purposes****</SAML-TokenData><URIResourceIndex>-1</URIResourceIndex><SegmentsUnOrder>N</SegmentsUnOrder></From><ContentSections><ContentSection><ID>ContentSection0</ID><ContentType>text/plain; charset=UTF-8</ContentType><ContentTransfer>8bit</ContentTransfer><NonRepudiation>N</NonRepudiation></ContentSection></ContentSections><Connector><ConnectorClassName><![CDATA[HttpTargetConnector]]></ConnectorClassName><ConnectorParameters><ConnectorParam><Name><![CDATA[Method]]></Name><Value><![CDATA[POST]]></Value></ConnectorParam><ConnectorParam><Name><![CDATA[URL]]></Name><Value><![CDATA[http://host2:port2/search/api/admin/AdminService]]></Value></ConnectorParam><ConnectorParam><Name><![CDATA[SOAPUpContent]]></Name><Value><![CDATA[Y]]></Value></ConnectorParam></ConnectorParameters><ConnectorHeaders><Header><Name><![CDATA[sendUncompressed]]></Name><Value><![CDATA[Y]]></Value></Header><Header><Name><![CDATA[Content-Type]]></Name><Value><![CDATA[text/xml; charset=utf-8]]></Value></Header></ConnectorHeaders></Connector><AttachmentSection ResponseAsAttachment="N"></AttachmentSection></IBInfo>
--Integration_Server_MIME_Boundary
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-ID: ContentSection0
Content-Disposition: inline
<?xml version="1.0"?>
<getAPIVersion xmlns="http://search.oracle.com/Admin"><credentials xmlns=""><userName>eqsys</userName><password>***deleted for security purposes****</password></credentials></getAPIVersion>
--Integration_Server_MIME_Boundary--
Response
Message-ID: <2136182902.1375092327641.JavaMail.userId@host1>
Date: Mon, 29 Jul 2013 15:35:27 +0530 (IST)
Mime-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_8_1450854121.1375092327639"
Content-ID: PeopleSoft-Integration-Broker-Internal-Mime-Message
------=_Part_8_1450854121.1375092327639
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Content-ID: IBInfo
<?xml version="1.0"?><IBInfo><Status><StatusCode>40</StatusCode><MsgSet>158</MsgSet><MsgID>10623</MsgID><Parameters count="1"><Parm>HttpStatusCode returned : 407</Parm></Parameters><DefaultTitle>Integration Gateway Error</DefaultTitle></Status><ContentSections><ContentSection><ID>ContentSection0</ID><ContentType>text/plain; charset=UTF-8</ContentType><ContentTransfer>8bit</ContentTransfer><NonRepudiation>N</NonRepudiation></ContentSection></ContentSections></IBInfo>
------=_Part_8_1450854121.1375092327639
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Content-ID: ContentSection0
<HEAD><TITLE>Proxy Authorization Required</TITLE></HEAD>
<BODY BGCOLOR="white" FGCOLOR="black"><H1>Proxy Authorization Required</H1><HR>
<FONT FACE="Helvetica,Arial"><B>
Description: Authorization is required for access to this proxy</B></FONT>
<HR>

</BODY>
------=_Part_8_1450854121.1375092327639--
I have checked the required entries in integrationGateway.properties files for proxy server.
Also have checked the userid:pwd entered in Proxy-Authorization property for HTTPTARGET connector ID.
I have restarted the servers and machines as well but still the same error.
Kindly help me ?

RCC wrote:
I agree with Hakan, sounds like your problem is getting to the proxy.
Is the SES server on the same network as PS? Or is it really somewhere else? Is this some kind of home setup since you are running PS on Win 7? If SES is on the same network as PS, I would drop the proxy config and test that way first. Get it working without the extra complexity, then add in Proxy. You can test connectivity from PS to SES with telnet or just browsing to SES.
Thanks for the response RCC.
The PS is a Demo Instance being used for study purpose. Both the machines are on the same network.
I tried the ping after removing the entries in integrationGateway.properties files for proxy server and it worked.
Ping, Test Login and Validate are successful.
I get the following error when I check Proxy Login.
Proxy login failed : Invalid credentials for the federation entity (262,1317) (262,1318)
I have created Federation Trusted Entity key by the name HCM92 on Oracle SES side and am using the same ID and password in the Query Service Credentials on the Search Instance Properties Page.
I was not getting any error in any log file related to this.
Kindly help.

EXTPROC security with Oracle 9i ?

Similar Messages

Maybe you are looking for