How to get ADF authentication and authorization working on server

Similar Messages

• How to implement Custom Authentication and Authorization in Oracle SOA 11g

  Can anyone please tell me, how to implement Custom Authentication in Oracle SOA 11g ?
  Because in Oracle SOA 10.1.3.4 , i have implemented this custom authentication and authorization by implementing BPMAuthenticationService, BPMAuthorizationService, BPMIdentityService to verify againt my database systems.
  implementation classes like the mentioned below
  1).
  public class SampleAuthenticationService extends SampleServiceBase implements BPMAuthenticationService {
  2).
  public class SampleAuthorizationService extends SampleServiceBase implements BPMAuthorizationService {
  3).
  public class SampleIdentityService extends SampleServiceBase implements BPMIdentityService {
  Please help me to implement the authentication and authorization in Oracle SOA 11g .
  thanks in advance

  To start with please go through following document
  http://docs.oracle.com/cd/E21764_01/integration.1111/e10231/adptr_jms.htm
  http://docs.oracle.com/cd/E23943_01/integration.1111/e10231/adptr_file.htm
  Regards
  Arpit

• How authentication and authorization works in webdynpro for abap and portal

  Hi Experts,
  I have to create an webdynpro abap application for portal which will update the user information in the backend HR standard table.
  The SSO  (certificate)setup is already doen between portal and backend sap system . Do I need to pass the portal userID to the webDynpro ABAP application, via IView created to update the table. OR SSO will take care itself.
  Thanks and regards,
  Ajay

  Dear Ajay
  If SSO is configured as you have mentioned, then all is ok and you don't need do pass the user ID.
  It will be done automatically.
  Just try for yourself - create a simple WD ABAP and put it inside an iView.
  Then have this WD to write the SY-UNAME on the screen.
  That way you will confirm what I'm saying
  Kind Regards
  /Ricardo Quintas

• How can I get authentication and authorization through OS X open directory with the Sun ZFS STOR ZS3-2

  how can I get authentication and authorization through OS X open directory with the Sun ZFS STOR ZS3-2
  I have configure NFS, I need help configuring the share that I created in the Sun ZFS STOR ZS3-2 to connect with the OS X Open Directory

  Hi,
      You may  try checking the help page for ldap configuration :
  https://<Appliance_IP>:215/wiki/index.php/Configuration:Services:LDAP
  ZFS Storage supports LDAP, NIS, AD as directory service.
  Hope Open Directory is also based on LDAP and may work in similar fashion.
  Thanks
  Nitin

• How-can-I-get-my-spacebar-and-backspacer-working?

  H.E.L.P.----Only-the-letters-and-numbers-are-functioning.--i-have-obviously-touc hed-a-function-key-or-a-combination-of-keys-but-dont-know-what,-or-how-to-revers e-it.
  Please,-I-would-be-grateful-if-somebody-can-tell-me-how-to-get-the-spacebar-and- backspacer-etc-working.
  Thank-you-for-reading-this--.

  Please read this whole message before doing anything.
  This procedure is a test, not a solution. Don’t be disappointed when you find that nothing has changed after you complete it.
  Step 1
  The purpose of this step is to determine whether the problem is localized to your user account.
  Enable guest logins and log in as Guest. For instructions, launch the System Preferences application, select Help from the menu bar, and enter “Set up a guest account” (without the quotes) in the search box.
  While logged in as Guest, you won’t have access to any of your personal files or settings. Applications will behave as if you were running them for the first time. Don’t be alarmed by this; it’s normal. If you need any passwords or other personal data in order to complete the test, memorize, print, or write them down before you begin.
  As Guest, test. Same problem(s)?
  After testing, log out of the guest account and, in your own account, disable it if you wish. Any files you created in the guest account will be deleted automatically when you log out of it.
  Step 2
  The purpose of this step is to determine whether the problem is caused by third-party system modifications that load automatically at startup or login.
  Disconnect all wired peripherals except those needed for the test, and remove all aftermarket expansion cards. Boot in safe mode and log in to the account with the problem. The instructions provided by Apple are as follows:
  Be sure your Mac is shut down.
  Press the power button.
  Immediately after you hear the startup tone, hold the Shift key. The Shift key should be held as soon as possible after the startup tone, but not before the tone.
  Release the Shift key when you see the gray Apple icon and the progress indicator (looks like a spinning gear).
  Safe mode is much slower to boot and run than normal, and some things won’t work at all, including wireless networking on some Macs.
  The login screen appears even if you usually log in automatically. You must know your login password in order to log in. If you’ve forgotten the password, you will need to reset it before you begin.
  Test while in safe mode. Same problem(s)?
  After testing, reboot as usual (i.e., not in safe mode.) Post the results of steps 1 and 2.

• An issue with authentication and authorization on ISE 1.2

  Hi, I'm new to ISE.
  I have an issue with authentication and authorization.
  I have ISE 1.2 plus patch 6 installed on VMware.
  I have built-in Windows XP supplicant and 2960 cisco switch with IOS c2960-lanbasek9-mz.150-2.SE5.bin
  On supplicant I use EAP(PEAP) with EAP-MSCHAP v2.
  I created  authentication and authorization rules with Active Directory  as External Identity Source. Also I applied  authorization profile with DACL.I login on Windows XP machine under different Active Directory accounts. Everything works fine (authentication, authorization ), but only for several hours. After several hours passed , authentication and authorization stop working . I can see that ISE trying authenticate and authorize users, but ISE always use only one account for  authentication and authorization . Even if I login under different accounts ISE continue to use only one last account.
  I traied to reboot switch and PC,but it didn’t help. Only rebooting of ISE helps. After ISE rebooting, authentication and authorization start to work properly for several hours.
  I don’t understand is it a glitch or I misconfigured ISE or switch, supplicant?
  What  should I do to resolve this issue?
  Switch configuration:
   testISE#sh runn
  Building configuration...
  Current configuration : 7103 bytes
  ! Last configuration change at 12:20:15Tue Apr 15 2014
  ! NVRAM config last updated at 10:35:02  Tue Apr 15 2014
  version 15.0
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname testISE
  boot-start-marker
  boot-end-marker
  no logging console
  logging monitor informational
  enable secret 5 ************
  enable password ********
  username radius-test password 0 ********
  username admin privilege 15 secret 5 ******************
  aaa new-model
  aaa authentication dot1x default group radius
  aaa authorization network default group radius
  aaa authorization auth-proxy default group radius
  aaa accounting update periodic 5
  aaa accounting dot1x default start-stop group radius
  aaa server radius dynamic-author
   client 172.16.0.90 server-key ********
  aaa session-id common
  clock timezone 4 0
  system mtu routing 1500
  authentication mac-move permit
  ip dhcp snooping vlan 1,22
  ip dhcp snooping
  ip domain-name elauloks
  ip device tracking probe use-svi
  ip device tracking
  epm logging
  crypto pki trustpoint TP-self-signed-1888913408
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-1888913408
   revocation-check none
   rsakeypair TP-self-signed-1888913408
  crypto pki certificate chain TP-self-signed-1888913408
  dot1x system-auth-control
  spanning-tree mode pvst
  spanning-tree extend system-id
  vlan internal allocation policy ascending
  ip ssh version 2
  interface FastEthernet0/5
   switchport mode access
   ip access-group ACL-ALLOW in
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan 1
   authentication event server alive action reinitialize
   authentication host-mode multi-auth
   authentication open
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication timer reauthenticate server
   authentication violation restrict
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 10
   spanning-tree portfast
  interface FastEthernet0/6
   switchport mode access
   ip access-group ACL-ALLOW in
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan 1
   authentication event server alive action reinitialize
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication periodic
   authentication timer reauthenticate server
   authentication violation restrict
   mab
   dot1x pae authenticator
   dot1x timeout tx-period 10
   spanning-tree portfast
  interface FastEthernet0/7
  interface Vlan1
   ip address 172.16.0.204 255.255.240.0
   no ip route-cache
  ip default-gateway 172.16.0.1
  ip http server
  ip http secure-server
  ip access-list extended ACL-ALLOW
   deny   icmp any host 172.16.0.1
   permit ip any any
  ip radius source-interface Vlan1
  logging origin-id ip
  logging source-interface Vlan1
  logging host 172.16.0.90 transport udp port 20514
  snmp-server community public RO
  snmp-server community ciscoro RO
  snmp-server trap-source Vlan1
  snmp-server source-interface informs Vlan1
  snmp-server enable traps snmp linkdown linkup
  snmp-server enable traps mac-notification change move
  snmp-server host 172.16.0.90 ciscoro
  radius-server attribute 6 on-for-login-auth
  radius-server attribute 6 support-multiple
  radius-server attribute 8 include-in-access-req
  radius-server attribute 25 access-request include
  radius-server dead-criteria time 5 tries 3
  radius-server vsa send accounting
  radius-server vsa send authentication
  radius server ISE-Alex
   address ipv4 172.16.0.90 auth-port 1812 acct-port 1813
   automate-tester username radius-test idle-time 15
   key ******
  ntp server 172.16.0.1
  ntp server 172.16.0.5
  end

  Yes. Tried that (several times) didn't work.  5 people in my office, all with vers. 6.0.1 couldn't access their gmail accounts.  Kept getting error message that username and password invalid.  Finally solved the issue by using Microsoft Exchange and "m.google.com" as server and domain and that the trick.  Think there is an issue with imap.gmail.com and IOS 6.0.1.  I'm sure the 5 of us suddently experiencing this issue aren't the only ones.  Apple will figure it out.  Thanks.

• Sun Ray - How to get external USB Card Reader working

  Dear All,
  i have the following problem. Maybe someone could help me or give me a clue to solve it.
  SunRay Software 5 installed
  Window 2003 R2 TerminalServer
  Here my question:
  I use a kiosk session with a smart card to conncet to the windows server - works perfect.
  Login Screen and go.
  Now i have to have to authenticate myself with an external usb card reader and smart
  card (connected to the sun ray) to use a certain application on my win2003 server.
  Via the windows rdp session (from the laptops) everthing is ok. The information from
  the card reader is transferred to the server.
  If i use the Sun Ray nothing happens. So here is my problem:
  How do get the authentication information from the smart card to the server?
  Thanks in advance
  Best regards
  Hans-Peter

  Basically, reinstall the Boot Camp video drivers manually and if that doesn't work then go to the AMD/Radeon website and install the Windows drivers directly for your video card model.
  If you want to do a search you will find others that have pretty good luck doing it either way.

• Authentication and Authorization question.

  Hi All,
  I require your help in getting validated my understanding on Authentication and Authorization. This is wrt to WebLogic Server and WebLogic Portal.
  Authentication.
  1. The custom authentication provider can authenticate(user and group) against any datastore(LDAP OR DB). The LoginModule is a kind of blockbox and it can return true/false depending on authentication.
  2. The end result of this process is true/false.
  Authorization.
  1. The custom authorization providers can authorize the authenticated user based on role. All these entities ie(user,group,role) can be either in LDAP OR DB.
  2. The end result of this process is true/false.
  Role mapping.
  1. The custom role mapper can put all the roles that a user belongs and returns all Role. This can happen agaist LDAP OR DB.
  2. The end result is list of roles for a user.
  Security policy configuration.
  Is it mandatory that a user/group/role should be existing in WebLogic Server LDAP server(OR Portal LDAP server) to create these policies and authorization rules. What i mean by is that can user,group,role can exist in application specific database and still can be used for creatiing security policies??
  Thanks,
  Prashanth Bhat.

  The Security Providers are useful/can be used for developing a standard j2ee application , which will be deployed as standard j2ee application.
  The DA means Delegated Administrator, which is way how portal components are restricted to different types of administrators.
  The VE means Visitor Entitlemens, which is way how portal components are restricted to end users.
  My question is whether thess(DAs and VEs) can also be put
  our datastore for access rights??
  Thanks,
  Prashanth Bhat.

• How to get the user and groups information from http header

  Hi All,
  In my current scneario, we are using Siteminder for SSO setup.. And in this process, after authentication and authorization, they are going to append the user information and group information of the user into a HTTP header and it will be sent back to our presentation services.. We have to extract the user information and group information from the http header.
  My HTTP header will look like as follows..
  SM_USER XYZ
  SM_USERDN CN=Firstname\, Lastname\, xyz, OU=GPO-Low Level Security,OU=Domain Users,OU=BU FDT,
  SM_USERGROUPS CN=GG-CA-SiteminderAdmins, OU=Global,OU=Domain Groups, DC=com^CN=GG-ServiceDeskAdmin-TCCORPCEFS
  And also if anyone explain me the overall working of SSO in detail like how presentation services will make a connection to BI server( I guess using Impersonator User), and also how our BI server will read the URL from presentation services and the over all working flow in our OBIEE..
  Thanks a lot....

  Please use the search! this topic has come up lots of times already.

• Issue in External Table Authentication and Authorization in OBIEE11G

  Hello Gurus,
  Can anyone help me how to configure External Table Authentication and Authorization in OBIEE11g through weblogic server not like in 10g style(Through INIT Blocks).
  I've followed the (Doc ID 1338007.1) document. But when i'm restart the Managed servers and Admin servers after configuring the SQLAuthenticator all my services are showing down.
  I already raised the SR (SR 3-6286054151) on this issue. But still i didn't get any reply from them.
  Can anyone help me out on this issue or can anyone me send the document for "how to configure External Table Authentication and Authorization in OBIEE11g" . It's really appreciate for your quick response.
  my mail ID [email protected]
  Thanks,
  Syam.
  Edited by: 942658 on Oct 13, 2012 10:55 AM

  Hi John,
  Thanks for your quick response.
  We configured "ReadOnlySQL Provider" by following the Oracle's white paper(Doc ID 1338007.1) Please find the below steps what we configured in weblogic console.
  1. Created the Data Source
  2. In the data source specified the Database driver--> *Oracle's Driver Thin for service connections: Versions:9.0.1 and later.
  3. Defined the connection Properties .
  4. Selected targets as Admin server and bi_server.
  Then Activate changes
  5. Created new provider by using ReadOnlySQL Authenticator
  6. In the provider specific tab we given the SQL statements and saved it.
  7. Restarted the Admin and Managed servers.
  After restarted the services when we open the Enterprise Manager page all the services are showed as Undefined - means red.
  Apart from that we followed your suggested link http://askjohnobiee.blogspot.com/2012/09/how-to-oid-authentication-with-groups.html
  For External table authentication do we need to configure BISQLAuthenticator or ReadOnlySQLAuthenticator ?
  If we configure BISQLAuthenticator we just import Groups from database to Console application. Then how can it Authenticated to the User ?
  Please let me know your ideas on this.
  Thanks,
  Syam

• JAXWS EJB3.0 Based WebService Authentication and Authorization - Weblogic

  Hi Experts,
  I need to Create a EJB3.0 WS where this Service has static Authentication and Authorization. How can I achieve it, any pointer.
  TIA

  The below sample is for basic authentication and authorization.
  Web service
  ========
  import javax.ejb.Stateless;
  import javax.ejb.TransactionAttribute;
  import javax.ejb.Remote;
  import javax.jws.WebMethod;
  import javax.jws.WebService;
  import javax.annotation.security.RolesAllowed;
  import javax.ejb.SecurityRoles;
  @Stateless(mappedName="com.slsbBean")
  @Remote( { com.bea.Service.class})
  @WebService(name="TransactionPortType", serviceName="TransactionService",
  targetNamespace="http://example.org")
  public class ServiceBean implements Service {
  @WebMethod()
  @RolesAllowed ( {"Admin","Manager"})
  public void testMethod(String s) {
  System.out.println("inside ejb method");
  System.out.println("username : " + weblogic.security.SubjectUtils.getUserPrincipal(weblogic.security.Security.getCurrentSubject()));
  Client
  ====
  import java.util.Map;
  import javax.xml.ws.BindingProvider;
  public class Test {
  public static void main(String[] args) {
  TransactionService simple = new TransactionService();
  TransactionPortType port = simple.getTransactionPortTypePort();
  BindingProvider bindingProvider = (BindingProvider) port;
  Map<String, Object> reqContext = bindingProvider.getRequestContext();
  reqContext.put(BindingProvider.USERNAME_PROPERTY, "XXXXXX");
  reqContext.put(BindingProvider.PASSWORD_PROPERTY, "XXXXXX");
  port.testMethod("hello");
  Regards,
  Sunil P

• How to get micro sd card to work

  how to get micro sd card to work.. my phone says total space 7.40GB for sSD card and that's whats available. I put a micro SD card in but no change?

  You put the card in and go to settings and go to storage and scroll down to sd card and click mount ad card

• How to get system date and time?

  Can someone show me a code on how to get system date and time.
  Thanks!

  there is one really easy way to get system time, the api gives a great example of code on this. use gregorian calendar, which you'll find in the api under GregorianCalendar. You only need to create one instance of GC, ie Calendar time = new GregorianCalendar();
  you save seconds, minute and hours into int values, so you don't have to access the system time every second, you can create a thread which adds one to the int second value, if oyu see what i mean, for example, i have saved the hours, minutes and seconds as int values;
  int hour, minute, second;
  i can then create a thread (Thread thread = new Thread(this) and run it like:
  Calendar time;
  int hour, minute, second;
  Thread thread = null;
  public MyTime() {
  hour= time.get(Calendar.HOUR_OF_DAY);
  minute = time.get(Calendar.MINUTE);
  second = time.get(Calendar.SECOND);
  if(thread == null) {
  thread = new Thread(this);
  thread.start();
  public void run() {
  Thread t = Thread.currentThread();
  while(thread == t) {
  thread.sleep(1000);
  second++;
  if(second > 59)
  minute++;
  if(minute>59)
  hour++;
  formatTime();
  public void formatTime() {
  second = (second > 59? 0 : second);
  minute = (minute > 59? 0 : minute);
  hour = (hour > 23? 0 : hour);
  System.out.println(hour+":"+minute+":"+second);
  public static void main(String[] args) {
  new MyTime();
  I know this looks like gibberish but it should work. If not, try to fix the problem, i have written from memory really but i guarantee you, this gets the time then every second, simply adds one to the second and then formats time. You can also access the day, month and year then format them using the above code. I don't like giving code since you should really do these things yourself but it is 2:04am, i have nothing better to do and i am not tired so i did you a favour - i have become what i always did not want to, someone ho stays upall night writing code.

• How to get imac 27 inch to work with asus triple mionitors to work through matro triple head 2 go

  how to get imac 27 inch to work with asus triple mionitors to work through matro triple head 2 go

  I think I got a little ahead of myself explaining my problem, so let me clarify...
  Only the one iMac is having the network file deletion problem, but it is included in the network user logon problem.  So 4 out of 5 of the iMacs have had or are having logon problems with network users accounts using mobile accounts on the systems.  2 of the 4 I have wiped and started over on and the other 2 have different network accounts being used by the primary system users.  The 5th iMac has not caused any problems except I forgot to mention that the USB on it seems flaky.
  So we are apparently full of problems. 

• How to get an authenticated IUser from an EJBContext

  Hi,
  i want to use the KM API from Session and Message Driven Bean.
  I do not want to use a Systemuser for traceability reasons, therefore i need the actual user who started the process.
  I thought that myContext.getCallerPrincipal() should do the job, but i am not sure how to get a authenticated IUser object from that.
  Thank you very much for any help!
  Best regards
  Jochen

  Is this problem solved?