How to unconfigure a Custom Authentication Module for Convergence
After flailing with the incomplete instructions for [Writing a Custom Authentication Module for Convergence|http://wikis.sun.com/display/CommSuite/Writing+a+Custom+Authentication+Module+for+Convergence]
, I decided to try to revert back to the default.
How do you remove the module and go back to the default? I tried to unset the options, but they did not seem to take effect.
sudo /opt/sun/comms/iwc/sbin/iwcadmin -w xxxxx -o auth.custom.servicename -v ""
sudo /opt/sun/comms/iwc/sbin/iwcadmin -w xxxxx -o auth.custom.callbackhandler -v ""
sudo /opt/sun/comms/iwc/sbin/iwcadmin -w xxxxx -o auth.custom.loginimpl -v ""
sudo /opt/SUNWappserver/bin/asadmin stop-appserv
sudo /opt/SUNWappserver/bin/asadmin start-appserv
AUTH: DEBUG from com.sun.comms.client.web.sso.SSOFilter Thread httpSSLWorkerThread-80-1 at 14:45:25,951 - SSO is disabled
AUTH: WARN from com.sun.comms.client.protocol.delegate.agent.LoginContextAgent Thread httpSSLWorkerThread-80-1 at 14:45:25,953 - Subject not found in session, creating one
AUTH: ERROR from com.sun.comms.client.protocol.delegate.agent.LoginContextAgent Thread httpSSLWorkerThread-80-1 at 14:45:25,954 - Unabled to load the class due to
AUTH: ERROR from com.sun.comms.client.protocol.delegate.agent.LoginContextAgent Thread httpSSLWorkerThread-80-1 at 14:45:25,956 - Unable to instantiate callback handler
AUTH: ERROR from com.sun.comms.client.protocol.delegate.LoginCommandDelegate Thread httpSSLWorkerThread-80-1 at 14:45:25,957 - Failed to Login the user: Unable to instantiate callback handler
PROTOCOL: ERROR from com.sun.comms.client.protocol.delegate.LoginCommandDelegate Thread httpSSLWorkerThread-80-1 at 14:45:25,960 - Protocol Error while login : Unknown Reason
jessethompson wrote:
After flailing with the incomplete instructions for [Writing a Custom Authentication Module for Convergence|http://wikis.sun.com/display/CommSuite/Writing+a+Custom+Authentication+Module+for+Convergence]
, I decided to try to revert back to the default.
How do you remove the module and go back to the default? I tried to unset the options, but they did not seem to take effect.After enabling the custom login module using the steps in the earlier thread (http://forums.sun.com/thread.jspa?threadID=5318615), I performed the following steps to disable the custom module and re-enable the ldap auth module:
# Disable custom auth-module
cd /opt/sun/comms/iwc/sbin
./iwcadmin -w <admin password> -o auth.custom.servicename -v ""
./iwcadmin -w <admin password> -o auth.custom.loginimpl -v ""
./iwcadmin -w <admin password> -o auth.custom.callbackhandler -v ""
./iwcadmin -w <admin password> -o auth.misc.CredentialFile -v ""# Re-enable the LDAP auth-module
cd /opt/sun/comms/iwc/sbin
./iwcadmin -w <admin password> -o auth.ldap.callbackhandler -v com.sun.comms.client.security.auth.AppCallbackHandler
./iwcadmin -w <admin password> -o auth.ldap.loginimpl -v com.sun.comms.client.security.auth.modules.impl.SunLDAPLoginModule# Restarte App Server
cd /opt/SUNWappserver/bin/
./asadmin stop-domain; ./asadmin start-domain# Login to iwc interface as user shjorth with password oldpwd
# Login successful with oldpwd -- custom auth module successfully disabled, LDAP re-enabled
Regards,
Shane.
Similar Messages
-
Custom Authentication Module on Identity Server
Hi,
I have a custom authentication module which I am trying to access through the policy agent.
I have set the following property in AMAgent.properties file
com.sun.am.policy.am.loginURL= http://host:port/amserver/UI/Login?module=CustomLoginModule.
My login module code is something like this:
package com.iplanet.am.samples.authentication.providers;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.LoginException;
import com.sun.identity.authentication.spi.AMLoginModule;
import com.sun.identity.authentication.spi.AuthLoginException;
import java.rmi.RemoteException;
import java.io.FileInputStream;
import java.util.Properties;
public class LoginModule1 extends AMLoginModule
private String userName;
private String userTokenId;
private HashMap usersMap;
private java.security.Principal userPrincipal = null;
public LoginModule1() throws LoginException
public void init(Subject subject, Map sharedState, Map options)
System.out.println("LoginModule1 initialization");
usersMap = new HashMap();
ResourceBundle bundle = ResourceBundle.getBundle("users");
Enumeration users = bundle.getKeys();
while (users.hasMoreElements())
String user = (String)users.nextElement();
String password = bundle.getString(user.trim());
usersMap.put(user, password);
public int process(Callback[] callbacks, int state) throws AuthLoginException
int currentState = state;
if (currentState == 1)
userName = ((NameCallback) callbacks[0]).getName().trim();
char[] passwd = ((PasswordCallback) callbacks[1]).getPassword();
String passwdString = new String (passwd);
if (userName.equals(""))
throw new AuthLoginException("names must not be empty");
if (userName.equals("testuser") && passwdString.equals("testuser"))
userTokenId = userName;
return -1;
if (usersMap.containsKey(userName))
if (usersMap.get(userName).equals(new String(passwd)))
userTokenId = userName;
return -1;
return 0;
public java.security.Principal getPrincipal()
if (userPrincipal != null)
return userPrincipal;
else
if (userTokenId != null)
userPrincipal = new SamplePrincipal("testuser");
return userPrincipal;
else
return null;
So When the user requests a protected resource, the policy agent forwards the user to Identity Server with the module as CustomLoginModule. However, after this, authentication does not succeed and I get the following error message in the agent log file.
2004-08-09 15:24:08.640 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:09.030 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:23.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:28.281 Error 2712:24fda5e8 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.484 Error 2712:130f060 PolicyAgent: validate_session_policy() access allowed to unknown user
2004-08-09 15:24:29.499 Error 2712:24fda5e8 PolicyEngine: am_policy_evaluate: InternalException in Service::construct_auth_svc with error message:Application authentication failed during service creation. and code:20
2004-08-09 15:24:29.499 128 2712:24fda5e8 RemoteLog: User unknown was denied access to http://ps0391.persistent.co.in:80/test/index.html.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 LogService: LogService::logMessage() loggedBy SSOTokenID is invalid.
2004-08-09 15:24:29.499 Error 2712:24fda5e8 all: am_log_vlog() failed with status AM_REMOTE_LOG_FAILURE.
2004-08-09 15:24:29.499 -1 2712:24fda5e8 PolicyAgent: validate_session_policy() access denied to unknown user
The necessary policy object is already created in Identity Server. Please send your suggestions to fix this problem.
Thanks
SrinivasDoes the principal "testuser" exist in your realm? If I understand your module correctly, it looks like it always returns "testuser".
I am guessing that Access Manager is not finding your principal. Typically if access manager cannot associate the principal returned by the custom AMLoginModule it will fail the authentication.
I am wondering if this is related to a seperate problem I have seen with custom login modules. Try chaning the code to return an LDAP style principal it may work:
so return "uid=testuser,ou=People,dc=yourdomain,dc=com" for example. In theory this should not be necessary but it solved some problems for me, though I am not sure why. -
How to config Check Digits function module for Student Number Validation
Hi SLCM Experts,
In the SAP-SLCM, How to use check digits function module for validate student number. Just only config it or need to customizing program.
*Any idea to student number validation in SLCM?*
Best Regards,
Suvatchai K.Hi ,
Can you expalin it further ?
You configure the St. no in piq_matr . And set it as external or internal no. range which suits your business .
What is the validation you are looking for ?
Regards
Gajalakshmi -
Hello Experts,
i have a requirement to develop a custom Login Module for EP7. I am fine with the programming part and on this side everything should be fine. I am puzzling about the configuration. My LoginModule is configured according to this link: [SAP HELP|http://help.sap.com/saphelp_nw2004s/helpdata/en/46/3ce9402f3f8031e10000000a1550b0/content.htm]. But when i configure sap.com/irj*irj in SecurityProvider in Visual Admin, the changes do not take affect. I restarted the portal as well as the Server. I am on NW2004s SP 14.
What am I missing.
Thanks for any help,
best Regards,
ReneHello Laura,
thank you for your reply. I have read you link and I doubt that this is the solution. In authschemes.xml you define the user interface for authentication and priority. In Visual admin, you can define the loginModule for your Scheme. But this must be possible without defining an authscheme. Am I right? In my understanding you only have to declare the loginmodule for the application in Visual Admin. And thats it.
So what i have to do to change the login module for the Portal (irj).
Any help will be appreciated,
best regards,
Rene -
How to find out custom enhancements module wise
Hi ,
How to find out custom enhancements module wise (sd, mm,hr,fico).Hi
Enter Tcode SMOD.
In the next screen click on F4 help for enhancements:
A Pop-up will come .
Click on SAP Application.
You will get list of application .
Just click on any of the nodes and you can see the enhancements for that module.
Regards
Neha -
How to create a custom function module with the records in SAP R/3?
Hi All,
How to create a custom function module with the records in SAP R/3? Using RFC Adapter I have to fetch the custom function module records.
Regards
SaraHi
goto se37...here u need to create a function group... then u need to create a function module. inside assign import/export parameters. assign tables/exceptions. activate the same. now write ur code within the function module
http://help.sap.com/saphelp_nw04/helpdata/en/9f/db98fc35c111d1829f0000e829fbfe/content.htm
Look at the below SAP HELP links, These links will show you the way to create a Function Module
http://help.sap.com/saphelp_nw04/helpdata/en/26/64f623fa8911d386e70000e82011b8/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/9f/db98fc35c111d1829f0000e829fbfe/content.htm -
In Yosemite this no longer works, has anyone figured this out? How to set a custom default umask for all applications?
I've tried everything to get a custom umask set for all apps. It just seems impossible...
Is there a replacement for launchd-user.conf?Please file a bug report: https://bugreport.apple.com
I am sure this is something that got lost, like environment variables, in the Yosemite/iOS merger. -
How to trigger inbound custom function module?
Hello Experts,
Could someone help me with my dilemma?
I have created a custom process code which is linked to a custom function module for processing inbound IDocs. I have tested the function module successfully and I have set up the partner profile accordingly. The IDocs are coming in but get stuck at status "64". My function module never gets triggered even though in the partner profile it is set up to be triggered immediately. Any idea what I am missing?
Thanks,
MarlinHi marlin ,
just go for these checks and let us know the status ..
1.Check here .
Bd51 assignment of Inbound function module. Present or not
Check here .
2.Bd67 assignment of process code to inbound function module /present or not.
3.
Check here.
In the object for the message type u need to give the BUS object as the application object.
like bus2032
4.
Now place a break-point in ur function module and run it in debugging mode ..
Now check whether this one is getting into ur function module , next check the status record of the document number .
regards,
vijay.
take an idoc , populate it from we19 and then there call the function module in debugging mode in back ground ..
we'll see if this is actually picking the Fm or not.
Message was edited by: Vijay -
NAM 3.2.1 Custom Authentication Class for BASIC not loaded
Hi!
Im trying to write a custom authentication class for
BASIC/PROTECTED_BASIC, so I started with the PasswordClass sample from
SDK novell-nacm3_2-devel-2012.08.10.tar.gz, stripped out the
STSAuthenticationClass and changed the type to
AuthnConstants.PROTECTED_PASSWORD --> and it works!
public String getType() {
return AuthnConstants.PROTECTED_PASSWORD;
Next I wanted to create a custom BASIC auth class by changing the type
to AuthnConstants.BASIC / AuthnConstants.PROTECTED_BASIC
public String getType() {
return AuthnConstants.PROTECTED_BASIC;
but now IDP complains about the unsupported type.
<amLogEntry> 2012-12-20T15:11:17Z WARNING NIDS Application:
AM#300105006: AMDEVICEID#FC77EC2A45509E7B: Failed to load
authentication class due to unsupported type: ITdBasicTestClass
</amLogEntry>
Im running NAM 3.2.1 single box appliance for development/testing.
There is an old thread here, that looks like the same issue:
http://tinyurl.com/c6eawj6
Any hits?
regards
Thomas
PS: What i really want to solve is strip out the Domain from the
username on basic authentication since most MS apps/clients provide the
username in format DOMAIN\USER...
reibenwein
reibenwein's Profile: https://forums.netiq.com/member.php?userid=1382
View this thread: https://forums.netiq.com/showthread.php?t=46430hmmm, well try writing the value out to stderr and see if you can at least make sure you are getting
a good read.
Like a System.out.println(AuthnConstants.PROTECTED_PASSWO RD);
I ran into some strange stuff where some constants had no values for no apparent reason when they
should.
I would also try supplying the actual value instead of the constant and see if it goes through that
way. ("ProtectedBasic")
On 1/10/2013 11:14 AM, reibenwein wrote:
>
> Hi!
>
>
> I copied com.novell.nam.authentication.PasswordClass to start with my
> test custom auth class. It includes a method getType() like this:
>
> /**
> * Get the authentication type this class implements
> *
> * @return returns the authentication type represented by this
> class
> */
> public String getType() {
> return AuthnConstants.PROTECTED_PASSWORD;
> }
>
>
> --> IDP loads my custom auth class, as long as a leave getType()
> returning AuthnConstants.PROTECTED_PASSWORD! But this is form base
> authentication. According to the API documentation (see page 17 in
> namc_enu.pfd within the sdk download), getType should
> returnAuthnConstants. PROTECTED_BASIC for secure Basic authentication
> (or AuthnConstants.BASIC for non SSL Basic auth). So i changed getType()
> like this:
>
>
> /**
> * Get the authentication type this class implements
> *
> * @return returns the authentication type represented by this class
> */
> public String getType() {
> return AuthnConstants.PROTECTED_BASIC;
> }
>
>
> --> and then IPD comes with the error "Failed to load authentication
> class due to unsupported type"...
>
>
> regards,
> Thomas
>
> -
Custom login module for EP7.4 with Captcha
Hi
I am trying to create a custom login module which validates the captcha shown at the login screen using SAP help link:
http://help.sap.com/saphelp_nw73/helpdata/en/48/ff4faf222b3697e10000000a42189b/content.htm?frameset=/en/48/fcea4f62944e88e10000000a421937/frameset.htm¤t_toc=/en/74/8ff534d56846e2abc61fe5612927bf/plain.htm&node_id=20
The session is being set in the Captcha servlet which is used to render the image on the login page.
However when I am trying to compare it with input or print the session value, its throwing an exception.
I checked in the NWA logs and it just shows the following error message:
6. com.temp.loginModule.MyLoginModuleClass OPTIONAL ok exception true Authentication did not succeed.
Please help me analyse the error stack. Can someone point where do i check the detailed logs to trace the issue?
Please find below source of my login module.
package com.temp.loginModule;
import java.io.IOException;
import java.util.Map;
import javax.security.auth.login.LoginException;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import nl.captcha.Captcha;
import com.sap.engine.interfaces.security.auth.AbstractLoginModule;
import com.sap.engine.lib.security.http.HttpGetterCallback;
import com.sap.engine.lib.security.http.HttpCallback;
import com.sap.engine.lib.security.LoginExceptionDetails;
import com.sap.engine.lib.security.Principal;
public class MyLoginModuleClass extends AbstractLoginModule{
private CallbackHandler callbackHandler = null;
private Subject subject = null;
private Map sharedState = null;
private Map options = null;
// This is the name of the user you have created on
// the AS Java so you can test the login module
private String userName = null;
private boolean successful;
private boolean nameSet;
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
// This is the only required step for the method
super.initialize(subject, callbackHandler, sharedState, options);
// Initializing the values of the variables
this.callbackHandler = callbackHandler;
this.subject = subject;
this.sharedState = sharedState;
this.options = options;
this.successful = false;
this.nameSet = false;
* Retrieves the user credentials and checks them. This is
* the first part of the authentication process.
public boolean login() throws LoginException {
// HttpGetterCallback httpGetterCallback = new HttpGetterCallback();
// httpGetterCallback.setType(HttpCallback.REQUEST_PARAMETER);
// httpGetterCallback.setName("captchaInput");
String value = null;
// try {
// callbackHandler.handle(new Callback[] { httpGetterCallback });
// String[] arrayRequestparam = (String[]) httpGetterCallback.getValue();
// if(arrayRequestparam!=null && arrayRequestparam.length>0)
// value = arrayRequestparam[0];
// } catch (UnsupportedCallbackException e) {
// throwNewLoginException("An error occurred while trying to validate credentials.");
// } catch (IOException e) {
// throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
value = getRequestValue("captchaInput");
userName = getRequestValue("j_username");
HttpGetterCallback httpGetterCallbackSessionCaptcha = new HttpGetterCallback();
httpGetterCallbackSessionCaptcha.setType(HttpCallback.SESSION_ATTRIBUTE);
httpGetterCallbackSessionCaptcha.setName("myCaptchaLogin");
try {
callbackHandler.handle(new Callback[] { httpGetterCallbackSessionCaptcha });
Captcha arraySessionParam = (Captcha) httpGetterCallbackSessionCaptcha.getValue();
// System.out.println("****************************************************httpGetterCallbackSessionCaptcha" + (arraySessionParam==null?"null session":arraySessionParam.getAnswer())+
// "\n captchaInput" + value+"*********************");
if(arraySessionParam==null || !arraySessionParam.isCorrect(value)){
throwNewLoginException("Entered code does not match with the image code.Session:"+(arraySessionParam==null?"null":arraySessionParam.getAnswer())+" Param:"+ value);
// throwUserLoginException(new Exception("Entered code does not match with the image code."));
httpGetterCallbackSessionCaptcha.setValue(null);
} catch (UnsupportedCallbackException e) {
throwNewLoginException("An error occurred while trying to validate credentials.");
} catch (IOException e) {
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
// Retrieve the user credentials via the callback
// handler.
// In this case we get the user name from the HTTP
// NameCallback.
// NameCallback nameCallback = new NameCallback("User name: ");
/* The type and the name specify which part of the HTTP request
* should be retrieved. For Web container authentication, the
* supported types are defined in the interface
* com.sap.engine.lib.security.http.HttpCallback.
* For programmatical authentication with custom callback
* handler the supported types depend on the used callback handler.
// try {
// callbackHandler.handle(new Callback[] {nameCallback});
// catch (UnsupportedCallbackException e) {
// return false;
// catch (IOException e) {
// throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
// userName = nameCallback.getName();
// if( userName == null || userName.length() == 0 ) {
// return false;
/* When you know the user name, update the user information
* using data from the persistence. The operation must
* be done before the user credentials checks. This method also
* checks the user name so that if a user with that name does not
* exist in the active user store, a
* java.lang.SecurityException is thrown.
// try {
// refreshUserInfo(userName);
// } catch (SecurityException e) {
// throwUserLoginException(e);
/* Checks if the given user name starts with the specified
* prefix in the login module options. If no prefix is specified,
* then all users are trusted.
// String prefix = (String) options.get("user_name_prefix");
// if ((prefix != null) && !userName.startsWith(prefix)) {
// throwNewLoginException("The user is not trusted.");
/* This is done if the authentication of the login module is
* successful.
* Only one and exactly one login module from the stack must put
* the user name in the shared state. This user name represents
* the authenticated user.
* For example if the login attempt is successful, method
* getRemoteUser() of
* the HTTP request will retrieve exactly this name.
if (sharedState.get(AbstractLoginModule.NAME) == null) {
sharedState.put(AbstractLoginModule.NAME, userName);
nameSet = true;
successful = true;
return true;
* Commit the login. This is the second part of the authentication
* process.
* If a user name has been stored by the login() method,
* the user name is added to the subject as a new principal.
public boolean commit() throws LoginException {
if (successful) {
/* The principals that are added to the subject should
* implement java.security.Principal.You can use the class
* com.sap.engine.lib.security.Principal for this purpose.
Principal principal = new Principal(userName);
subject.getPrincipals().add(principal);
/* If the login is successful, then the principal corresponding
* to the <userName> (the same user name that has been added
* to the subject) must be added in the shared state too.
* This principal is considered to be the main principal
* representing the user.
* For example, this principal will be retrieved from method
* getUserPrincipal() of the HTTP request.
if (nameSet) {
sharedState.put(AbstractLoginModule.PRINCIPAL, principal);
} else {
userName = null;
return true;
* Abort the authentication process.
public boolean abort() throws LoginException {
if (successful) {
userName = null;
successful = false;
return true;
* Log out the user. Also removes the principals and
* destroys or removes the credentials that were associated
* with the user during the commit phase.
public boolean logout() throws LoginException {
// Remove principals and credentials from subject
if (successful) {
subject.getPrincipals(Principal.class).clear();
successful = false;
return true;
private String getRequestValue(String parameterName)
throws LoginException {
HttpGetterCallback httpGetterCallback = new HttpGetterCallback();
httpGetterCallback.setType(HttpCallback.REQUEST_PARAMETER);
httpGetterCallback.setName(parameterName);
String value = null;
try {
callbackHandler.handle(new Callback[] { httpGetterCallback });
String[] arrayRequestparam = (String[]) httpGetterCallback.getValue();
value = arrayRequestparam[0];
} catch (UnsupportedCallbackException e) {
return null;
} catch (IOException e) {
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
return value;
Regards
Ramanender SinghRamanender,
JAAS modules usually requires a restart whenever you need to change them. So be very careful with what you expect once you re-deploy your code.
Once the library is loaded it will never reload itself until you perform a restart of the VM.
Connect to the debug port may help, but basic debugging will not take you too far either.
I would recommend you to use the log tracing facility on your code. Just enter the following class attribute:
import com.sap.tc.logging.Location;
private static final Location trace = Location.getLocation(<your_classname_here>.class);
trace.warningT("Some Warning Text Here..." + variable here);
trace.debugT("Some Warning Text Here..." + variable here);
You may need to go NWA and set the Location Severity Level to Debug according to your needs.
Leave the trace code on your module for IT personnel to debug it if necessary. Don't forget to have the severity level of your code properly set.
Meaning: You don't want to have every trace message your module sills out with warningT() or infoT().
There is a excellent blog here on how this works
Then you will be able to inspect some variable contents while the callbackhandler is being executed.
Pay special attention with the timing - variables have a lifetime when dealing with login modules.
Use the entering(<method_name>) and exiting(<method_name> just ot make sure where in the code the variable should be populated and when.
BR,
Ivan -
Custom Login Module for Tomcat to procted apps using Oracle Access Manager
Hi all,
I have the following scenario.
A web application deployed in Tomcat to be protected using OAM. One solution is to use Access Gate though we have other alternative as Proxy infront of Tomcat with a webgate. Now I am implementing the Access Gate solution.
So, when the user clicks the tomcat application, then the prompt (BASIC) appears for login details. custom login module should kick in and take those login details and authenticate against OAM using Access SDK API.
I have created access gate profile and installed Access SDK. Ran the ConfigureAccessGateTool as well.
I did some research googling for login module. I came to know that we need to write a custom realm for it. So, this realm implementation involves specifying role-name etc., in web.xml where the role-name would have been defined in tomcat-users.xml.
This means that the user trying to authenticate against OAM has to have some roles defined in Tomcat to login. I didnot understand the flow end to end as how this will work.
Please let me know if anybody has done this of customization.
Thanks,
Mahendra.Hi Ambarish,
Initially I thought of implementing the way you suggested in Option 2.
But there will be various redirections when we use option 2 as the login page should redirect it to a page where OAM authentication and authorization stuff has to be handled. And accordingly we have to redirect it to specific pages upon successful atn and atz. Hence, I was opted using Custom Login Module.
However, I have been trying Option 2 now. In web.xml, I have specified a login page with FORM scheme. The login redirects it to another page say OAM_Authentication_Handler.jsp. Here we code which serves atn and atz. Upon doing this, I have observed that the protected resource in OAM is not getting evaluated using the method
String ms_protocol = "http";
String ms_method = "GET";
String ms_resource = "http://localhost:8080/FormLogin/private.jsp";
ObResourceRequest rrq = new ObResourceRequest(ms_protocol, ms_resource, ms_method);
The method rrq.isProtected() is returning false which implies it to unprotected. I have tested using Access Tester for the resource and it results in expected behaviour.
Is there any limitation here by using this approach?
Any ideas?
Thanks,
Mahendra. -
URGENT help required : Custom Authentication Plugin for validation of users
Hi Experts.
I'm a newbie and am stuck in middle of nowhere.
I have been asked to develop a custom authentication plug-in which would validate a user using the attributes such as a userid and a shared-userid.
shared-userid is just a custom id that would be generated on the basis of some logic.
Currently I'm using OAM 10.1.4.3.0 on WINDOWS server and as everybody, I'm also not able to find any sample files or sample folder structure.
As per one of the other threads https://forums.oracle.com/forums/thread.jspa?messageID=3838474, sample code and sample folders are removed from this particular version and were present in some previous version.
So, can anyone please help me out with the following:
1. How can I proceed to accomplish this task, i.e. to check whether a user-id and a shared-userid both are validated and a user is granted access.
2. Are all of these files required to create a custom authentication plug-in or can we proceed only with the ".c" file (i.e. make file, authn.c, and a dll file made using the make file and .c file)
3. Can anybody provide me with a sample file or a sample code written in "C" wherein the plug-in connects to the LDAP and searches for a particular dn for comparison or something. Also a sample make file for windows to convert the .c file to .dll.
PLEASEEEE help me ASAP.
Regards
Edited by: 805912 on Nov 15, 2011 7:18 PMHi,
Regarding question 2, you also need the header file is supplied in the Access Server installation directory, under ...access\oblix\sdk\authn_api and is called authn_api.h. you need this to build the dll which must then be placed in the Access Server's ...\access\oblix\lib directory.
Regarding question 3, if you install an earlier version of the Access Server, ie 10.1.4.2 or less, then you will get a \access\oblix\sdk\authentication\samples\authn_api directory that contains a basic sample authentication plugin. However, there is still documented in the 10.1.4.3 Developer Guide another sample plugin, simplapi.c, in the 10.1.4.3 Developer Guide with instructions on how to use it. It does work, but unfortunately requires a couple of edits to get it working after copy&pasting it (no code changes, just fairly obvious case changes eg changing ObanPlugin* to ObAnPlugin*). I used the following commands to get it to compile into a .so file on unix:
g++44 -c -fPIC -Wno-deprecated -m32 simpleapi.c
g++44 -shared -nostdlib -lc -m32 simpleapi.o -o simpleapi.so
but I really would not know if or how these translate into a Windows environment.
Regards,
Colin
Edited by: ColinPurdon on Nov 15, 2011 2:50 PM -
How to create the INBOUND Function Module for INBOUND IDOCs
Hi Friends,
Can any Suggest me How to proceed to Create an INBOUND Function Module for Processing the INBOUND IDOCS
which are recieved from XI Server ?
I am working in SAP-ISU
Here i will recieve the INBOUND IDOCs for the Meter Reading Orders.
We have a Standard INBOUND FUNCTION MODULE
IDOC_INPUT_ISU_MR_UPLOAD
which Uploads the Meter Reading Results.
I copied the Same function Module into ZIDOC_INPUT_
and working on it.
Can any one suggest me, whether i am going in correct way or not.
In IDOC_INPUT_ISU_MR_UPLOAD Inbound fun module,
BAPI_MTRREADDOC_UPLOAD is used to Update or Insert the Meter Reading Results,
My requirment is to Insert and Update the Meter Reading Orders which are Inbounded from XI.
Can I Use the Same BAPI
BAPI_MTRREADDOC_UPLOAD
to Update the below fields,
EABL-SERNR
EABL-ZWNUMMER
EABLG-ABLESGR
EABL-V_ZWSTAND
EABL-N_ZWSTAND
EABL-ABLHINW
EABL-ZSKIPC
EABL-ADAT
EABL-ATIMTATS
EABL-ADATTATS
EABL-ATIM
EABL-ZMESSAGE
EABL-ABLESER(Meter reader number)
Kindly Suggest me,
Thanks in Advance,
GaneshHello Ganesh
I think you are going completely astray with you z-function module for IDoc processing.
If you look at TABLES parameter METERREADINGRESULTS (type BAPIEABLU ) of BAPI_MTRREADDOC_UPLOAD you will find many of the requested fields already:
EABL-SERNR => BAPIEABLU-SERIALNO
EABL-ZWNUMMER =>REGISTER
EABLG-ABLESGR
EABL-V_ZWSTAND
EABL-N_ZWSTAND
EABL-ABLHINW
EABL-ZSKIPC
EABL-ADAT
EABL-ATIMTATS => ACTUALMRTIME
EABL-ADATTATS => ACTUALMRDATE
EABL-ATIM
EABL-ZMESSAGE
EABL-ABLESER(Meter reader number)
Field EABL-ZMESSAGE appears to be custom field (at least I cannot find it on ECC 6.0). If this field was added using include CI_EABL then you probably can get these values into the BAPI using the EXTENSIONIN parameter.
Check routine CHECK_UPLOADRECORDS in the BAPI which allows two extension structures:
- BAPI_TE_EABL
- BAPI_TE_EOSB
Not surprisingly BAPI_TE_EABL contains the include CI_EABL.
Regards
Uwe -
How can I use custom WLST commands for Oracle SOA Suite in Weblogic
Hi There,
I'm trying to view and search the weblogic log files using WLST on a Solaris/Unix system.
I have come across this "custom WLST commands for Oracle SOA Suite" and thought of using the custom logging commands to get my task done.
However, my WLST shell is not recognizing the commands and giving me the NameError!
wls:/devDomain1/domainRuntime> listLogs()
Traceback (innermost last):
File "<console>", line 1, in ?
NameError: listLogs
I tried the commands listLogs, displayLogs, getLogLevel & setLogLevel but in vain!
I have followed the instructions as per the oracle recommendation of using Custom WLST commands (http://docs.oracle.com/cd/E29597_01/core.1111/e10105/getstart.htm#ASADM10692) as below
- Launched the WLST shell from Oracle Home.
cd ORACLE_HOME/common/bin
./wlst.sh
- Tried to run the listLogs command from domainRuntime()
I would like to know if I need to import any additional libraries to run the custom WLST commands for Oracle SOA Suite in my WLST shell?
I have only weblogic 10.3.1 server installed on my Solaris 10 machine on which I have deployed the OSB application software.
There is no SOA Suite installed.
Or is there any other way I can browse the Server Log file and get the list of log messages? Basically I would like to use this feature in my script to customize it according to my requirement of listing specific error logs which I can work it out if I know how to make these commands work.
Please advise if this is possible and how?
Cheers.
SatishI have tried on my OSB installation (no SOA Suite here), the command listLogs() works (I was in online mode, after a connect), and the classpath is:
CLASSPATH=/opt/oracle/fmw11_1_1_5/patch_wls1035/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/opt/oracle/fw11_1_1_5/patch_ocp360/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/usr/lib/jvm/java-1.6.0-sun-1.6.0.33.x6_64/lib/tools.jar:/opt/oracle/fmw11_1_1_5/wlserver_10.3/server/lib/weblogic_sp.jar:/opt/oracle/fmw11_1_1_5/wlserver_10./server/lib/weblogic.jar:/opt/oracle/fmw11_1_1_5/modules/features/weblogic.server.modules_10.3.5.0.jar:/opt/oracle/fmw111_1_5/wlserver_10.3/server/lib/webservices.jar:/opt/oracle/fmw11_1_1_5/modules/org.apache.ant_1.7.1/lib/ant-all.jar:/optoracle/fmw11_1_1_5/modules/net.sf.antcontrib_1.1.0.0_1-0b2/lib/ant-contrib.jar::/opt/oracle/fmw11_1_1_5/oracle_common/moules/oracle.jrf_11.1.1/jrf-wlstman.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/lib/adfscripting.jar:/opt/oracl/fmw11_1_1_5/oracle_common/common/wlst/lib/adf-share-mbeans-wlst.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/lb/mdswlst.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/auditwlst.jar:/opt/oracle/fmw11_1_1_5/oracle_cmmon/common/wlst/resources/igfwlsthelp.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/jps-wlst.jar:/optoracle/fmw11_1_1_5/oracle_common/common/wlst/resources/jrf-wlst.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/reources/oamap_help.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/oamAuthnProvider.jar:/opt/oracle/fmw111_1_5/oracle_common/common/wlst/resources/ossoiap_help.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/osoiap.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/ovdwlsthelp.jar:/opt/oracle/fmw11_1_1_5/oracle_comon/common/wlst/resources/sslconfigwlst.jar:/opt/oracle/fmw11_1_1_5/oracle_common/common/wlst/resources/wsm-wlst.jar:/optoracle/fmw11_1_1_5/utils/config/10.3/config-launch.jar::/opt/oracle/fmw11_1_1_5/wlserver_10.3/common/derby/lib/derbynet.ar:/opt/oracle/fmw11_1_1_5/wlserver_10.3/common/derby/lib/derbyclient.jar:/opt/oracle/fmw11_1_1_5/wlserver_10.3/common/drby/lib/derbytools.jar::
The wlst.sh I have used is /opt/oracle/fmw11_1_1_5/osb/common/bin/wlst.sh
I hope this can help -
Creating a custom java module for excel to xml conversion.
Hi Gurus,
I am creating a custom java module in sap nwds 7.3 for Excel to XML Conversion. But I am getting following error
Classpath dependency validator message.
Classpath entry will not be exported or published. Runtime ClassNotFoundExceptions may result.
I imported the Jars from a different PI system and i am using NWDS in local PC with creating a separate folder with all JARs and also imported them using build path option.
This issue is occuring for all the jars imported.
I am using following code.
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Map;
import com.sap.aii.mapping.api.StreamTransformation;
import com.sap.aii.mapping.api.AbstractTrace;
import java.util.HashMap;
import jxl.Cell;
import jxl.Workbook;
public class JavaMappingExcelToXML implements StreamTransformation{
private Map map = null;
private AbstractTrace trace = null;
public void setParameter(Map arg0) {
map = arg0; // Store reference to the mapping parameters
if (map == null) {
this.map = new HashMap();
public static void main(String args[]) { //FOR EXTERNAL STANDALONE TESTING
try {
FileInputStream fin = new FileInputStream ("c:/ashu.xls"); //INPUT FILE (PAYLOAD)
FileOutputStream fout = new FileOutputStream ("C:/Users/ashutosh.a.upadhyay/My Documents/ashuXML2.xml"); //OUTPUT FILE (PAYLOAD)
JavaMappingXLStoXML mapping = new JavaMappingXLStoXML ();
mapping.execute(fin, fout);
catch (Exception e1) {
e1.printStackTrace();
public void execute(InputStream inputstream, OutputStream outputstream) {
String msgType = "Message Type name will come here";
String nameSpace = "Namespace Name will come here";
String xmldata = "";
try {
Workbook wb = Workbook.getWorkbook(inputstream);
xmldata ="<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"+ "<ns0:"+msgType+" "+"xmlns:ns0=\""+nameSpace+"\n">";
Cell[] cells ;
Cell[] cellNames ;
cellNames = wb.getSheet(0).getRow(0);
for(int j=1;j<wb.getSheet(0).getRows();j++){
xmldata = xmldata+"\n<Record>\n";
cells = wb.getSheet(0).getRow(j);
for(int i=0;i<wb.getSheet(0).getColumns();i++){
xmldata = xmldata+"\t<"+cellNames[i].getContents()+">"+cells[i].getContents()+"</"+cellNames[i].getContents()+">\n";
xmldata = xmldata+"</Record>";
xmldata = xmldata+"\n</ns0:"+msgType+">";
System.out.print(xmldata);
xmldata.getBytes();
wb.close();
byte by[] = xmldata.getBytes();
outputstream.write(by);
inputstream.close();
outputstream.close();
System.out.println("\n"+"File processed");
catch (Exception e) {
e.printStackTrace();
Request you to guide how to resolve this issue.
Thanks in advanceHi Gurus,
I am creating a custom java module in sap nwds 7.3 for Excel to XML Conversion. But I am getting following error
Classpath dependency validator message.
Classpath entry will not be exported or published. Runtime ClassNotFoundExceptions may result.
I imported the Jars from a different PI system and i am using NWDS in local PC with creating a separate folder with all JARs and also imported them using build path option.
This issue is occuring for all the jars imported.
I am using following code.
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Map;
import com.sap.aii.mapping.api.StreamTransformation;
import com.sap.aii.mapping.api.AbstractTrace;
import java.util.HashMap;
import jxl.Cell;
import jxl.Workbook;
public class JavaMappingExcelToXML implements StreamTransformation{
private Map map = null;
private AbstractTrace trace = null;
public void setParameter(Map arg0) {
map = arg0; // Store reference to the mapping parameters
if (map == null) {
this.map = new HashMap();
public static void main(String args[]) { //FOR EXTERNAL STANDALONE TESTING
try {
FileInputStream fin = new FileInputStream ("c:/ashu.xls"); //INPUT FILE (PAYLOAD)
FileOutputStream fout = new FileOutputStream ("C:/Users/ashutosh.a.upadhyay/My Documents/ashuXML2.xml"); //OUTPUT FILE (PAYLOAD)
JavaMappingXLStoXML mapping = new JavaMappingXLStoXML ();
mapping.execute(fin, fout);
catch (Exception e1) {
e1.printStackTrace();
public void execute(InputStream inputstream, OutputStream outputstream) {
String msgType = "Message Type name will come here";
String nameSpace = "Namespace Name will come here";
String xmldata = "";
try {
Workbook wb = Workbook.getWorkbook(inputstream);
xmldata ="<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"+ "<ns0:"+msgType+" "+"xmlns:ns0=\""+nameSpace+"\n">";
Cell[] cells ;
Cell[] cellNames ;
cellNames = wb.getSheet(0).getRow(0);
for(int j=1;j<wb.getSheet(0).getRows();j++){
xmldata = xmldata+"\n<Record>\n";
cells = wb.getSheet(0).getRow(j);
for(int i=0;i<wb.getSheet(0).getColumns();i++){
xmldata = xmldata+"\t<"+cellNames[i].getContents()+">"+cells[i].getContents()+"</"+cellNames[i].getContents()+">\n";
xmldata = xmldata+"</Record>";
xmldata = xmldata+"\n</ns0:"+msgType+">";
System.out.print(xmldata);
xmldata.getBytes();
wb.close();
byte by[] = xmldata.getBytes();
outputstream.write(by);
inputstream.close();
outputstream.close();
System.out.println("\n"+"File processed");
catch (Exception e) {
e.printStackTrace();
Request you to guide how to resolve this issue.
Thanks in advance
Maybe you are looking for
-
The operation can't be completed because you don't have permission to access some of the items. ive moved these files from my sd card to the trash, when i take out the sd card the trash empties but then fills up when i put it back in, it wont empty.
-
Help me please (THE operation could not be completed )
hi. i tried to watch a live channel by safari. if i use normal pc i can see it but when i use mac book pro i can't.i am a new user of mac book so not enough idea. i installed flip 4 mac as-well to convert the window media file for mac. but still its
-
How to import a video from a DVD
I'm trying to edit a video that was created and put on a DVD. The video plays but I can't seem to import the video into iMovie for editing. What do I do to get this video into iMovie?
-
Does anyone know of a video filter that would work similar to a Low Pass filter in audio? I inherited some DV-25 footage that has a properly lit person along side some terribly flaring windows. It occurred to me that since DV cameras shoot super-whit
-
Hi everybody, When PO (Purchase Order) amendment is done, e.g. deli. date change, price change, incoterm change, item deletion etc., So can you Please tell me that these changes get store where exactly? Or how to see these changes So that we can use