How to do LDAP authentication in OC4J instance?

Need to configure third party LDAP authentication for an application deployed in OC4J instance. How to configure this?

Hi,
I think that links will be useful to you!
http://download-uk.oracle.com/docs/cd/B15904_01/web.1012/b14013/configoc4j.htm
http://www.oracle.com/technology/sample_code/tech/java/codesnippet/security/jaznldap/index.html
Afonso

Similar Messages

  • How to fetch env. variable from OC4J instance

    At the launch of my application I want to fetch a variable value we have created on the iAS server at the application's OC4J instance level and under "Server Properties". I am unable to fetch anything using getHttpServletRequest() method. Does anyone know how to access OC4J server environment variables from an application?
    TIA,
    S

    See metalink note 268481.1 Re-creating ASM Instances and Diskgroups.

  • How to enable LDAP authentication for APEX

    How do I enable LDAP authentication for APEX 4.2? Thank for your help.
    Kevin

    you need to create new authentication based on predefined LDAP authentication from shared components => Authentication
    and provide your company LDAP authentication credentials

  • How can I create a new OC4J Instance in Application Server Control

    Hi All,
    Is there any way to create a new OC4J Instance in Application Server Control of installed SOA Suite, so that it gets listed in Cluster Topology page.
    Thanks
    Krrish

    Hi Eric,
    Thanks for the reply.
    it is pretty simple..which I didnt try earlier..
    Thanks
    Krrish

  • How to use LDAP authentication in Oracle Linux

    Hi All,
    In Oracle Linux 2.6.18-194 el5, goes to system->Administration->Authentication, enabled LDAP in both User Information and Authentication, tried to use network user account information to log in the linux machine but it did not work.
    The login screen waits over 10 minutes after enter username and password each and then says usename and password is not corrent.
    LDAP Settings only asked two information LDAP Search Base on and LDAP Server. We have another application which uses same LDAP server works fine.
    How to make Oracle linux server as LDAP client for user longin?
    Tanks in advance for yur help.

    I have no idea, but you might find it helpful to read Redhat's documentation concerning this subject:
    http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/ch-ldap.html

  • How does the LDAP authentication process?

    Hi All,
    In SAP KB1384915(https://bosap-support.wdf.sap.corp/sap/support/notes/1384915), BOE client authentication's process is described as follows:
    1. The BOXI SDK calls the login on the BOXI client plugin (passing username & password).
    2. The BOXI client plugin passes the username and password to the third-party authentication server. This may be an LDAP server, or a Windows Active Directory server, or any other server that the BI Platform supports.
    3. The third-party authentication server authenticates the credentials. This generates a security buffer needed by the BOXI server-side authentication plugin.
    4. The SDK passes the security buffer to the CMS, which forwards it to the server-side plugin.
    At this point the handshake process may be finished, or it may continue
    5. This exchange continues until the server-side authentication system indicates that the authentication process has completed.
    Authentication always ends on the server side.
    6. The user has been authenticated. The CMS must verify that the user is a member of a mapped group before the logon process can complete.
    Question about LDAP auth,
    I think that the client plugin doesn't know LDAP server's hostname & portnumber at the time of step2.(BOE server only knows it)
    So I think, the client will access to BOE server to get the LDAP-related informations before the step.
    Would you please tell me whether the following process is correct?
    1. The BOXI SDK calls the login on the BOXI client plugin.
    2. The client plugin gets LDAP-related information (LDAP hostname, portnum, base DN etc) from BOE server.
       At this step, client plugin DOESN'T pass the username&password to BOE Server. Only get informations.
    3. The client plugin passes the username and password to the LDAP server.
    4. The LDAP server authenticates the credentials. This generates a security buffer needed by the BOXI server-side authentication plugin.
    5. The SDK passes the security buffer to the CMS, which forwards it to the server-side plugin.
       At this point the handshake process may be finished, or it may continue
    6. This exchange continues until the server-side authentication system indicates that the authentication process has completed.
       Authentication always ends on the server side.
    7. The user has been authenticated. The CMS must verify that the user is a member of a mapped group before the logon process can complete.
    Thanks&regards,
    Tadashi

    Hi,
    in a BOE Environment the CMS does all of the authentication processes. So i would say that the Client passes the LDAP informations entered by the user to the CMS and the CMS does the authentication on behalf of the client.
    If you need an official Statement, i would recommend you open a Support Message with the SAP Support.
    Otherwise you could monitor the network traffic during the Authentication of the Client. There you should see if the Client communicates directly with the LDAP Host or only with the CMS.
    Regards
    -Seb.

  • How create command-line a new OC4J instance?

    I have no access to OAS console and I need to create it with command-line.
    Do you know sintaxis?
    Thanks in advance.
    Message was edited by:
    JohnRC

    depends on version

  • How to Keep the "Start OC4J instance" window or Forms Server always up 24*7

    Gurus -
    Can you please tell me how could I have the "Start OC4J instance" always up and running in my server. I want the Forms server ( 10g) up and running all the the time. please advice how could I do that. My DB is 11g and using the Oracle Devsuite 10g. Please advice
    Gurus - Can you please advice on this. Basically have developed a form and couple of users want to access that but get error " page cannot be displayed" and I figured out the "Start OC4J instance" windows gets closed automatically after some hours.
    so I wanted this OC4J instance to run 24*7 ( always) without closing by itself. Please advice how could I do that.
    Thanks
    Sheik

    Thanks a lot Steve,
    Just wanted to find out if there is no other work around on this except to have the Oracle App Forms server to install and up and running?
    I have 11g DB , so do I have to have 11g Oracle Apps Server or 10g Oracle apps server will be sufficient as the installed Devsuite is in 10g. Please advice
    OR
    Is there way we can setup this Oracle Apps forms server from the OEM console? or we have to do a seperate install for this Apps server.
    Other option I thought, which I am not sure will work out is the creat a scheduled task in windows and have this "Start OC4j Instance" scheduled to run always. Any ideas/commments on this.
    Thanks again for your inputs.
    Rgds
    Sheik

  • How do I use Generic LDAP Authentication in JDeveloper?

    I have an existing JSP/Java Servlet application that uses a generic LDAP server for user authentication. Each JSP page checks the user name against a database entry for authorization to that page (it’s a legacy app).
    The following web.xml fragment describes the
    security/login configuration:
    <security-constraint>
    <display-name>I Security Constraint</display-name>
    <web-resource-collection>
    <web-resource-name>ALL</web-resource-name>
    <url-pattern>/*</url-pattern>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
    <description>I</description>
    <role-name>*</role-name>
    </auth-constraint>
    <user-data-constraint>
    <transport-guarantee>NONE</transport-guarantee>
    </user-data-constraint>
    </security-constraint>
    <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>I Enterprise Server</realm-name>
    </login-config>
    I want to use JDeveloper and the built-in OC4J environment for development/debugging. I have tried configuring jazn.xml to use a LDAP provider (both in **\j2ee\home\config\ and **\jdev\system9.0.3.1035\oc4j-config\)
    1) How do I configure the internal OC4J environment to use the generic LDAP service?
    2) Does the JAZN LDAP only work with Oracle OID?
    3) Is there a document or list-of-documents that consolidates the JDeveloper OC4J server administration functions? The existing OC4J administrative documentation is splattered about various web documents.
    Thanks
    Jake

    Todd,
    This how-to may help answer some of your questions
    http://otn.oracle.com/tech/java/oc4j/htdocs/how-to-jazn.html
    If you have additional questions on configuring jazn.xml for LDAP and OiD, I think your best bet is post to 9iAS J2EE forum.
    Thanks,
    Yvonne

  • How to use two different LDAP authentication for my Apex application login

    Hi,
    I have 2 user groups defined in the LDAP directory and I provided the DN string for apex authentication something like the below
    cn=%LDAP_USER%,ou=usergrp1,dc=oracle,dc=com
    cn=%LDAP_USER%,ou=usergrp2,dc=oracle,dc=com
    The problem is I couln't pointout both the groups in DN string, I am trying to allow both usergroups to access the application.
    Does anyone know how to define both the group in LDAP DN String ?.
    Thanx in advance
    Vijay.

    Vijay,
    I don't think you'll be able to use the built-in LDAP authentication scheme. Just create a new authentication scheme that has its own authentication function. In that function code your calls to dbms_ldap however you need. Search the forum for dbms_ldap.simple_bind_s to find examples.
    Scott

  • How to deploy oracle forms + J2EE application in single OC4J instance

    We have ORACLE forms application, which is deployed in OC4J Instance in application server.
    There are some modules, which are developed in Java/J2EE, which are invoked from Oracle forms application. Currently this java application is
    deployed in separate OC4J instance.
    Could you please help us how to combine this forms +J2ee application in single ear file,
    And this ear file has to be deployed in one OC4J instance.

    Maybe have a look at :
    http://download.oracle.com/docs/cd/B14099_19/web.1012/b14032/basics.htm

  • How to create new OC4J instance in AS 10.1.3 with BC4J- and ADF-Libraries

    Hi
    I have done all the steps mentioned in this thread:
    How to create new OC4J instance in AS 10.1.3
    However, the new created OC4J instance obviously misses some libraries. If I deploy my Application to this OC4J I get an internal error: Class not found: oracle.jbo.JboException.
    The same Application runs well in the "home" Instance.
    What is the trick, to create a new OC4J instance, which more or less behaves the same way as the "home" instances (and especially has all the same libraries)?
    Thanks for your help
    Frank Brandstetter

    I encountered this last month. I definitely agree that it is a glaring omission to not have "Create Like" functionality when instantiating new containers. Here's my notes on the manual steps required after using createinstance to create the fresh container. Not too bad. I've been deploying ADF applications to the new container with no problems after this.
    ==============
    The default (home) OC4J container is pre-configured for ADF 10.1.3 applications; however, when $ORACLE_HOME/bin/createinstance is used to create additional containers, these containers are not configured automatically to host ADF 10.1.3 applications.
    I followed these manual steps:
    1. $ORACLE_HOME/j2ee/home/config/server.xml defines three shared libraries that "install" the needed JARs for Oracle ADF applications in your application server instance (container). Note that "install" does not necessarily mean available to applications (see Step 2). Copy the three shared library element definitions to the <application-server> element of your new container (in server.xml).
    <shared-library name="oracle.expression-evaluator" version="10.1.3" library-compatible="true">
         <code-source path="/usr2/oracle/as10130/jlib/commons-el.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/oracle-el.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/jsp-el-api.jar"/>
    </shared-library>
    <shared-library name="adf.oracle.domain" version="10.1.3" library-compatible="true">
         <code-source path="/usr2/oracle/as10130/BC4J/lib"/>
         <code-source path="/usr2/oracle/as10130/jlib/commons-cli-1.0.jar"/>
         <code-source path="/usr2/oracle/as10130/mds/lib/concurrent.jar"/>
         <code-source path="/usr2/oracle/as10130/mds/lib/mdsrt.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/share.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/regexp.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/xmlef.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adfmtl.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adfui.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adf-connections.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/dc-adapters.jar"/>
         <code-source path="/usr2/oracle/as10130/ord/jlib/ordim.jar"/>
         <code-source path="/usr2/oracle/as10130/ord/jlib/ordhttp.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/ojmisc.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/jdev-cm.jar"/>
         <code-source path="/usr2/oracle/as10130/lib/xsqlserializers.jar"/>
         <import-shared-library name="oracle.xml"/>
         <import-shared-library name="oracle.jdbc"/>
         <import-shared-library name="oracle.cache"/>
         <import-shared-library name="oracle.dms"/>
         <import-shared-library name="oracle.sqlj"/>
         <import-shared-library name="oracle.toplink"/>
         <import-shared-library name="oracle.ws.core"/>
         <import-shared-library name="oracle.ws.client"/>
         <import-shared-library name="oracle.xml.security"/>
         <import-shared-library name="oracle.ws.security"/>
         <import-shared-library name="oracle.ws.reliability"/>
         <import-shared-library name="oracle.jwsdl"/>
         <import-shared-library name="oracle.http.client"/>
         <import-shared-library name="oracle.expression-evaluator"/>
    </shared-library>
    <shared-library name="adf.generic.domain" version="10.1.3" library-compatible="true">
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/bc4jdomgnrc.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/lib"/>
         <code-source path="/usr2/oracle/as10130/jlib/commons-cli-1.0.jar"/>
         <code-source path="/usr2/oracle/as10130/mds/lib/concurrent.jar"/>
         <code-source path="/usr2/oracle/as10130/mds/lib/mdsrt.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/share.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/regexp.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/xmlef.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adfmtl.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adfui.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/adf-connections.jar"/>
         <code-source path="/usr2/oracle/as10130/BC4J/jlib/dc-adapters.jar"/>
         <code-source path="/usr2/oracle/as10130/ord/jlib/ordim.jar"/>
         <code-source path="/usr2/oracle/as10130/ord/jlib/ordhttp.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/ojmisc.jar"/>
         <code-source path="/usr2/oracle/as10130/jlib/jdev-cm.jar"/>
         <code-source path="/usr2/oracle/as10130/lib/xsqlserializers.jar"/>
         <import-shared-library name="oracle.xml"/>
         <import-shared-library name="oracle.jdbc"/>
         <import-shared-library name="oracle.cache"/>
         <import-shared-library name="oracle.dms"/>
         <import-shared-library name="oracle.sqlj"/>
         <import-shared-library name="oracle.toplink"/>
         <import-shared-library name="oracle.ws.core"/>
         <import-shared-library name="oracle.ws.client"/>
         <import-shared-library name="oracle.xml.security"/>
         <import-shared-library name="oracle.ws.security"/>
         <import-shared-library name="oracle.ws.reliability"/>
         <import-shared-library name="oracle.jwsdl"/>
         <import-shared-library name="oracle.http.client"/>
         <import-shared-library name="oracle.expression-evaluator"/>
    </shared-library>
    2. To make the necessary ADF and JSF support libraries available to your deployed ADF application, the default application (that your ADF application and the majority of applications should inherit from) should explicitly import the shared library in the <orion-application> element of $ORACLE_HOME/j2ee/<your container>/config/application.xml.
    <imported-shared-libraries>
         <import-shared-library name="adf.oracle.domain"/>
    </imported-shared-libraries>
    Note: the adf.oracle.domain shared library imports several other shared libraries including oracle.expression-evaluator.

  • How to include all the child OU groups of a master OU group in LDAP authentication

    Dear All,
    I am using Apex 4.2 on windows server 2012 on internet explorer with database 11g R2 all 64 bit.
    we are using Microsoft Active Directory Authentication in our domain.
    I have created two protals, Staff Portal and Student Portal
    I have two groups, Staff and Students. these two groups coming under HCT group.
    I want to configure LDAP authentication for these groups, so that student cannot login to staff portal and vice versa.
    I had created on authentication schema in apex.
    inititally I configured as below
    for example I have a group ETC, inside ETC I have CSS in active directory,
    DN String=cn=%LDAP_USER%,dc=hct,dc=org
    Use Exact distinguish name=YES
    LDAP Username edit function=
    return apex_escape.ldap_dn (
                 p_string => :USERNAME,
                 p_escape_non_ascii => false ) || ',ou=users,ou=css,ou=etc,ou=staff,ou=hct'   ;
    Username Escaping=NO ESCAPING
    and it is working,
    now I have another group under ETC, which is ESS. how to include ESS also? I mean how to include all the child groups of a master group?
    because I will then only include the STAFF ou and the rest of the ou which coming under staff will come automatically.
    please refer to this thread for more details.
    Re: Re: Different LDAP authentication for Student and Staff Active directory groups
    Thank you.

    Powershell (or vbscript if you want to be old school).
    You can trigger a powershell script which will remove the offending user(s) easily enough with out resorting to a TOLDAP pass.  Nearly any script type thing would work but powershell is preferred.  It can be triggered separately from the TO AD stuff and will take multiple objects to run in one pass if you can construct the command line (or create a text file and feed it in).
    Otherwise, TOLDAP is the way to write to AD...
    Peter

  • How to attach a new servlet on my OC4J instance ?

    Hi there
    How to attach a new servlet on my OC4J instance ?
    Regards
    Den

    You can deploy your using JDeveloper:
    http://download.oracle.com/otndocs/tech/ias/portal/files/RG/OBE/deployToAppServer/lesson_Deployment.htm
    Or you can use the Application Server Control:
    http://download.oracle.com/docs/cd/B31017_01/core.1013/b28764/deploy_em003.htm
    Maurits

  • How i can Start OC4J Instance as window service

    hi ,
    How i can Start OC4J Instance as window service ?
    Regards
    Omar

    Omar,
    check
    http://www.taltech.com/TALtech_web/support/sw_tricks/NTService.htm
    Frank

Maybe you are looking for