How to do LDAP authentication in OC4J instance?
Need to configure third party LDAP authentication for an application deployed in OC4J instance. How to configure this?
Hi,
I think that links will be useful to you!
http://download-uk.oracle.com/docs/cd/B15904_01/web.1012/b14013/configoc4j.htm
http://www.oracle.com/technology/sample_code/tech/java/codesnippet/security/jaznldap/index.html
Afonso
Similar Messages
-
How to fetch env. variable from OC4J instance
At the launch of my application I want to fetch a variable value we have created on the iAS server at the application's OC4J instance level and under "Server Properties". I am unable to fetch anything using getHttpServletRequest() method. Does anyone know how to access OC4J server environment variables from an application?
TIA,
SSee metalink note 268481.1 Re-creating ASM Instances and Diskgroups.
-
How to enable LDAP authentication for APEX
How do I enable LDAP authentication for APEX 4.2? Thank for your help.
Kevinyou need to create new authentication based on predefined LDAP authentication from shared components => Authentication
and provide your company LDAP authentication credentials -
How can I create a new OC4J Instance in Application Server Control
Hi All,
Is there any way to create a new OC4J Instance in Application Server Control of installed SOA Suite, so that it gets listed in Cluster Topology page.
Thanks
KrrishHi Eric,
Thanks for the reply.
it is pretty simple..which I didnt try earlier..
Thanks
Krrish -
How to use LDAP authentication in Oracle Linux
Hi All,
In Oracle Linux 2.6.18-194 el5, goes to system->Administration->Authentication, enabled LDAP in both User Information and Authentication, tried to use network user account information to log in the linux machine but it did not work.
The login screen waits over 10 minutes after enter username and password each and then says usename and password is not corrent.
LDAP Settings only asked two information LDAP Search Base on and LDAP Server. We have another application which uses same LDAP server works fine.
How to make Oracle linux server as LDAP client for user longin?
Tanks in advance for yur help.I have no idea, but you might find it helpful to read Redhat's documentation concerning this subject:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/ch-ldap.html -
How does the LDAP authentication process?
Hi All,
In SAP KB1384915(https://bosap-support.wdf.sap.corp/sap/support/notes/1384915), BOE client authentication's process is described as follows:
1. The BOXI SDK calls the login on the BOXI client plugin (passing username & password).
2. The BOXI client plugin passes the username and password to the third-party authentication server. This may be an LDAP server, or a Windows Active Directory server, or any other server that the BI Platform supports.
3. The third-party authentication server authenticates the credentials. This generates a security buffer needed by the BOXI server-side authentication plugin.
4. The SDK passes the security buffer to the CMS, which forwards it to the server-side plugin.
At this point the handshake process may be finished, or it may continue
5. This exchange continues until the server-side authentication system indicates that the authentication process has completed.
Authentication always ends on the server side.
6. The user has been authenticated. The CMS must verify that the user is a member of a mapped group before the logon process can complete.
Question about LDAP auth,
I think that the client plugin doesn't know LDAP server's hostname & portnumber at the time of step2.(BOE server only knows it)
So I think, the client will access to BOE server to get the LDAP-related informations before the step.
Would you please tell me whether the following process is correct?
1. The BOXI SDK calls the login on the BOXI client plugin.
2. The client plugin gets LDAP-related information (LDAP hostname, portnum, base DN etc) from BOE server.
At this step, client plugin DOESN'T pass the username&password to BOE Server. Only get informations.
3. The client plugin passes the username and password to the LDAP server.
4. The LDAP server authenticates the credentials. This generates a security buffer needed by the BOXI server-side authentication plugin.
5. The SDK passes the security buffer to the CMS, which forwards it to the server-side plugin.
At this point the handshake process may be finished, or it may continue
6. This exchange continues until the server-side authentication system indicates that the authentication process has completed.
Authentication always ends on the server side.
7. The user has been authenticated. The CMS must verify that the user is a member of a mapped group before the logon process can complete.
Thanks®ards,
TadashiHi,
in a BOE Environment the CMS does all of the authentication processes. So i would say that the Client passes the LDAP informations entered by the user to the CMS and the CMS does the authentication on behalf of the client.
If you need an official Statement, i would recommend you open a Support Message with the SAP Support.
Otherwise you could monitor the network traffic during the Authentication of the Client. There you should see if the Client communicates directly with the LDAP Host or only with the CMS.
Regards
-Seb. -
How create command-line a new OC4J instance?
I have no access to OAS console and I need to create it with command-line.
Do you know sintaxis?
Thanks in advance.
Message was edited by:
JohnRCdepends on version
-
How to Keep the "Start OC4J instance" window or Forms Server always up 24*7
Gurus -
Can you please tell me how could I have the "Start OC4J instance" always up and running in my server. I want the Forms server ( 10g) up and running all the the time. please advice how could I do that. My DB is 11g and using the Oracle Devsuite 10g. Please advice
Gurus - Can you please advice on this. Basically have developed a form and couple of users want to access that but get error " page cannot be displayed" and I figured out the "Start OC4J instance" windows gets closed automatically after some hours.
so I wanted this OC4J instance to run 24*7 ( always) without closing by itself. Please advice how could I do that.
Thanks
SheikThanks a lot Steve,
Just wanted to find out if there is no other work around on this except to have the Oracle App Forms server to install and up and running?
I have 11g DB , so do I have to have 11g Oracle Apps Server or 10g Oracle apps server will be sufficient as the installed Devsuite is in 10g. Please advice
OR
Is there way we can setup this Oracle Apps forms server from the OEM console? or we have to do a seperate install for this Apps server.
Other option I thought, which I am not sure will work out is the creat a scheduled task in windows and have this "Start OC4j Instance" scheduled to run always. Any ideas/commments on this.
Thanks again for your inputs.
Rgds
Sheik -
How do I use Generic LDAP Authentication in JDeveloper?
I have an existing JSP/Java Servlet application that uses a generic LDAP server for user authentication. Each JSP page checks the user name against a database entry for authorization to that page (itâs a legacy app).
The following web.xml fragment describes the
security/login configuration:
<security-constraint>
<display-name>I Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>ALL</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description>I</description>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>I Enterprise Server</realm-name>
</login-config>
I want to use JDeveloper and the built-in OC4J environment for development/debugging. I have tried configuring jazn.xml to use a LDAP provider (both in **\j2ee\home\config\ and **\jdev\system9.0.3.1035\oc4j-config\)
1) How do I configure the internal OC4J environment to use the generic LDAP service?
2) Does the JAZN LDAP only work with Oracle OID?
3) Is there a document or list-of-documents that consolidates the JDeveloper OC4J server administration functions? The existing OC4J administrative documentation is splattered about various web documents.
Thanks
JakeTodd,
This how-to may help answer some of your questions
http://otn.oracle.com/tech/java/oc4j/htdocs/how-to-jazn.html
If you have additional questions on configuring jazn.xml for LDAP and OiD, I think your best bet is post to 9iAS J2EE forum.
Thanks,
Yvonne -
How to use two different LDAP authentication for my Apex application login
Hi,
I have 2 user groups defined in the LDAP directory and I provided the DN string for apex authentication something like the below
cn=%LDAP_USER%,ou=usergrp1,dc=oracle,dc=com
cn=%LDAP_USER%,ou=usergrp2,dc=oracle,dc=com
The problem is I couln't pointout both the groups in DN string, I am trying to allow both usergroups to access the application.
Does anyone know how to define both the group in LDAP DN String ?.
Thanx in advance
Vijay.Vijay,
I don't think you'll be able to use the built-in LDAP authentication scheme. Just create a new authentication scheme that has its own authentication function. In that function code your calls to dbms_ldap however you need. Search the forum for dbms_ldap.simple_bind_s to find examples.
Scott -
How to deploy oracle forms + J2EE application in single OC4J instance
We have ORACLE forms application, which is deployed in OC4J Instance in application server.
There are some modules, which are developed in Java/J2EE, which are invoked from Oracle forms application. Currently this java application is
deployed in separate OC4J instance.
Could you please help us how to combine this forms +J2ee application in single ear file,
And this ear file has to be deployed in one OC4J instance.Maybe have a look at :
http://download.oracle.com/docs/cd/B14099_19/web.1012/b14032/basics.htm -
How to create new OC4J instance in AS 10.1.3 with BC4J- and ADF-Libraries
Hi
I have done all the steps mentioned in this thread:
How to create new OC4J instance in AS 10.1.3
However, the new created OC4J instance obviously misses some libraries. If I deploy my Application to this OC4J I get an internal error: Class not found: oracle.jbo.JboException.
The same Application runs well in the "home" Instance.
What is the trick, to create a new OC4J instance, which more or less behaves the same way as the "home" instances (and especially has all the same libraries)?
Thanks for your help
Frank BrandstetterI encountered this last month. I definitely agree that it is a glaring omission to not have "Create Like" functionality when instantiating new containers. Here's my notes on the manual steps required after using createinstance to create the fresh container. Not too bad. I've been deploying ADF applications to the new container with no problems after this.
==============
The default (home) OC4J container is pre-configured for ADF 10.1.3 applications; however, when $ORACLE_HOME/bin/createinstance is used to create additional containers, these containers are not configured automatically to host ADF 10.1.3 applications.
I followed these manual steps:
1. $ORACLE_HOME/j2ee/home/config/server.xml defines three shared libraries that "install" the needed JARs for Oracle ADF applications in your application server instance (container). Note that "install" does not necessarily mean available to applications (see Step 2). Copy the three shared library element definitions to the <application-server> element of your new container (in server.xml).
<shared-library name="oracle.expression-evaluator" version="10.1.3" library-compatible="true">
<code-source path="/usr2/oracle/as10130/jlib/commons-el.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/oracle-el.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/jsp-el-api.jar"/>
</shared-library>
<shared-library name="adf.oracle.domain" version="10.1.3" library-compatible="true">
<code-source path="/usr2/oracle/as10130/BC4J/lib"/>
<code-source path="/usr2/oracle/as10130/jlib/commons-cli-1.0.jar"/>
<code-source path="/usr2/oracle/as10130/mds/lib/concurrent.jar"/>
<code-source path="/usr2/oracle/as10130/mds/lib/mdsrt.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/share.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/regexp.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/xmlef.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adfmtl.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adfui.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adf-connections.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/dc-adapters.jar"/>
<code-source path="/usr2/oracle/as10130/ord/jlib/ordim.jar"/>
<code-source path="/usr2/oracle/as10130/ord/jlib/ordhttp.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/ojmisc.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/jdev-cm.jar"/>
<code-source path="/usr2/oracle/as10130/lib/xsqlserializers.jar"/>
<import-shared-library name="oracle.xml"/>
<import-shared-library name="oracle.jdbc"/>
<import-shared-library name="oracle.cache"/>
<import-shared-library name="oracle.dms"/>
<import-shared-library name="oracle.sqlj"/>
<import-shared-library name="oracle.toplink"/>
<import-shared-library name="oracle.ws.core"/>
<import-shared-library name="oracle.ws.client"/>
<import-shared-library name="oracle.xml.security"/>
<import-shared-library name="oracle.ws.security"/>
<import-shared-library name="oracle.ws.reliability"/>
<import-shared-library name="oracle.jwsdl"/>
<import-shared-library name="oracle.http.client"/>
<import-shared-library name="oracle.expression-evaluator"/>
</shared-library>
<shared-library name="adf.generic.domain" version="10.1.3" library-compatible="true">
<code-source path="/usr2/oracle/as10130/BC4J/jlib/bc4jdomgnrc.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/lib"/>
<code-source path="/usr2/oracle/as10130/jlib/commons-cli-1.0.jar"/>
<code-source path="/usr2/oracle/as10130/mds/lib/concurrent.jar"/>
<code-source path="/usr2/oracle/as10130/mds/lib/mdsrt.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/share.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/regexp.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/xmlef.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adfmtl.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adfui.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/adf-connections.jar"/>
<code-source path="/usr2/oracle/as10130/BC4J/jlib/dc-adapters.jar"/>
<code-source path="/usr2/oracle/as10130/ord/jlib/ordim.jar"/>
<code-source path="/usr2/oracle/as10130/ord/jlib/ordhttp.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/ojmisc.jar"/>
<code-source path="/usr2/oracle/as10130/jlib/jdev-cm.jar"/>
<code-source path="/usr2/oracle/as10130/lib/xsqlserializers.jar"/>
<import-shared-library name="oracle.xml"/>
<import-shared-library name="oracle.jdbc"/>
<import-shared-library name="oracle.cache"/>
<import-shared-library name="oracle.dms"/>
<import-shared-library name="oracle.sqlj"/>
<import-shared-library name="oracle.toplink"/>
<import-shared-library name="oracle.ws.core"/>
<import-shared-library name="oracle.ws.client"/>
<import-shared-library name="oracle.xml.security"/>
<import-shared-library name="oracle.ws.security"/>
<import-shared-library name="oracle.ws.reliability"/>
<import-shared-library name="oracle.jwsdl"/>
<import-shared-library name="oracle.http.client"/>
<import-shared-library name="oracle.expression-evaluator"/>
</shared-library>
2. To make the necessary ADF and JSF support libraries available to your deployed ADF application, the default application (that your ADF application and the majority of applications should inherit from) should explicitly import the shared library in the <orion-application> element of $ORACLE_HOME/j2ee/<your container>/config/application.xml.
<imported-shared-libraries>
<import-shared-library name="adf.oracle.domain"/>
</imported-shared-libraries>
Note: the adf.oracle.domain shared library imports several other shared libraries including oracle.expression-evaluator. -
How to include all the child OU groups of a master OU group in LDAP authentication
Dear All,
I am using Apex 4.2 on windows server 2012 on internet explorer with database 11g R2 all 64 bit.
we are using Microsoft Active Directory Authentication in our domain.
I have created two protals, Staff Portal and Student Portal
I have two groups, Staff and Students. these two groups coming under HCT group.
I want to configure LDAP authentication for these groups, so that student cannot login to staff portal and vice versa.
I had created on authentication schema in apex.
inititally I configured as below
for example I have a group ETC, inside ETC I have CSS in active directory,
DN String=cn=%LDAP_USER%,dc=hct,dc=org
Use Exact distinguish name=YES
LDAP Username edit function=
return apex_escape.ldap_dn (
p_string => :USERNAME,
p_escape_non_ascii => false ) || ',ou=users,ou=css,ou=etc,ou=staff,ou=hct' ;
Username Escaping=NO ESCAPING
and it is working,
now I have another group under ETC, which is ESS. how to include ESS also? I mean how to include all the child groups of a master group?
because I will then only include the STAFF ou and the rest of the ou which coming under staff will come automatically.
please refer to this thread for more details.
Re: Re: Different LDAP authentication for Student and Staff Active directory groups
Thank you.Powershell (or vbscript if you want to be old school).
You can trigger a powershell script which will remove the offending user(s) easily enough with out resorting to a TOLDAP pass. Nearly any script type thing would work but powershell is preferred. It can be triggered separately from the TO AD stuff and will take multiple objects to run in one pass if you can construct the command line (or create a text file and feed it in).
Otherwise, TOLDAP is the way to write to AD...
Peter -
How to attach a new servlet on my OC4J instance ?
Hi there
How to attach a new servlet on my OC4J instance ?
Regards
DenYou can deploy your using JDeveloper:
http://download.oracle.com/otndocs/tech/ias/portal/files/RG/OBE/deployToAppServer/lesson_Deployment.htm
Or you can use the Application Server Control:
http://download.oracle.com/docs/cd/B31017_01/core.1013/b28764/deploy_em003.htm
Maurits -
How i can Start OC4J Instance as window service
hi ,
How i can Start OC4J Instance as window service ?
Regards
OmarOmar,
check
http://www.taltech.com/TALtech_web/support/sw_tricks/NTService.htm
Frank
Maybe you are looking for
-
I have a new computer with Windows 7 and get an error message 7 when trying to install iTunes 64 bit
I have a new PC with Windows 7 and when I try to download iTunes, 64 bit I get Error 7 (Windows error 127). Any help would be appreciated
-
How to create a link to web page (URL) to a billing document
Hi, I have an urgent requirement of creating a link to web page (URL) to a billing document. I call the function module "GOS_EXECUTE_SERVICE" with : ip_service = 'URL_CREA' is_object-objkey = no billing document is_object-objtype = 'VBRK' is_object-l
-
Unable to Play Video in Acrobat X
I am trying to place some video in Indesign CS5.5 then export as an interactive PDF for use in Acrobat X. I have tried encoding the source video in both Apple Compressor and Adobe Media Encoder. Have tried different formats such as FLV, mp4 and H.264
-
Hi guys, When my thinkpad wakes it takes a couple of seconds to find the mouse. I do not have one plugged in and it is finding the touch pad. It plays the "bing bong" noise as if I was plugging in a usb key. Is there any way to speed this up?!
-
Acrobat email archive - after appending old emais disappear from archive
Greetings, We have created an email archive with the new Acrobat 10/Outlook 2010. When emails are appended to the archive, older emails in the archive disappear. If the archive is sent to someone else with either Acrobat 10 or Acrobat 9, they have