HTMLDB as Partner Application to TWO OID instances - Authentication Schemes

For reasons I won't go into here, we have TWO Oracle OID/SSO instances running - independently.
I am interested in having HTMLDB / APEX applications capable of authenticate against either one. (one at a time, but on the same engine installation)
We have done the PARTNER APPLICATION registration which works well against one of the OID instances. Records have been entered into the WWSEC_ENABLER_CONFIG_INFO$ table and everything works as expected.
What option do I have to register the HTMLDB engine with a SECOND OID/SSO as a partner application and then allow the developers the ability to choose which authentication scheme applies?
What I have observed is that the package given (custom_auth_sso) has built in
g_partner_app_name varchar2(2000) := 'HTML_DB';
Is it possible to duplicate that type of functionality, or is there something deeper ingrained into the engine that I do not understand?
Regards,
Tim

Scott,
I am working under a model similar to your case number two.
Application 1 uses OID A
Application 2 uses OID B
I am going under the assumption that if there were two records in the config_info$ table, that I would need some type of ability to inform the WWV_FLOW_CUSTOM_AUTH_SSO package to switch between them.
I guess what I am missing is the mechanics. I am trying to avoid having to re-write the WWV_FLOW_CUSTOM_AUTH_SSO package by hand. Besides the package body being compiled, I do not know how that authentication scheme is called by HTMLDB/APEX. I have been using the Oracle Application Server Single Sign-On (HTML DB Engine as Partner App) scheme. This leaves most of the Authentication scheme pretty blank with the exception of the Session Not Valid URL ( populated with PORTAL_SSO-) and the logout URL. Magically it works though.
If I had TWO schemes registered in the config_info$, how would I indicate which scheme to use?
Do I have the capability of working with what has already been provided, or am I destined to writing a custom scheme because of the decision which needs to be made?
Many thanks
--Tim

Similar Messages

Second htmldb as partner application in sso

Hello ,
I have 2 databases (say A and B) running each their own htmldb instance.
I have 1 sso server where already 1 htmldb partner application is defined of DB A.
Now i want to define the second instance of the htmldb on DB B also as partner application on my sso server.
In the installation guide, i read the following for value of app_name when running regapp.sql
'You must use HTML_DB as the app_name', but i already have one defined of DB A. Can I use another name or should i use the same name ? Or is it impossible to define 2 htmldb partner applications on 1 SSO.
Grtz,
Chris.

When defining my app_name with the regapp.sql, i have used
HTML_DB_TEST:servername:443 as listener_token.
As i already have a HTML_DB:servername:443.
I also used HTML_DB_TEST in the definition of the partner application.
Now I'm getting : Expecting p_company or wwv_flow_company cookie to contain security group id of application owner. when trying to run my application.
Could this be related, and if so, how can i define a second htmldb application as a partner application in sso ?
Chris.

HTMLDB -SSO- Partner application

Hi,
I have installed a database 10g/HTMLDB 1.5 and iAS 10g on two different boxes.
Refered & successfully completed the steps from
http://www.oracle.com/technology/products/database/htmldb/howtos/sso_partner_app.html
to Configure an HTML DB Application as a Partner Application in Oracle AS Single Sign-On
(TWICE From the Scratch)
But, Getting error like
"Error Error in portal_sso_redirect: missing application registration information:
p_partner_app_name:g_listener_token:HTML_DB:indl097ba.idc.oracle.com:7777
Please register this application as described in the installation guide."
Please let me know what would be wrong in doing this.
Feel free to ask for any further specific details or parameter values.
As its @ customer's site, need to know the resolution very urgently.
Thanks in advance.
Regards,
Nagadeep.

Hi Scott,
I am doing it from scratch now.
Details are like this:
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>path
PATH=D:\oracle\product\10.1.0\Db_1\BIN;D:\OraHomeOWB\bin;D:\OraHomeOWB\jre\1.4.2
\bin\client;D:\OraHomeOWB\jre\1.4.2\bin;D:\oracle\product\10.1.0\Htmldb\bin;D:\o
racle\product\10.1.0\Htmldb\jre\1.1.8\bin;D:\oracle\product\10.1.0\Htmldb\jre\1.
4.2\bin\client;D:\oracle\product\10.1.0\Htmldb\jre\1.4.2\bin;D:\oracle\product\1
0.1.0\Db_1\bin;D:\oracle\product\10.1.0\Db_1\jre\1.4.2\bin\client;D:\oracle\prod
uct\10.1.0\Db_1\jre\1.4.2\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;
C:\Program Files\Symantec\pcAnywhere\
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>loadjava -user FLOWS_01
0500/welcome1@orcl SSOHash.class
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>
@ the Database Schema:
SQL*Plus: Release 10.1.0.2.0 - Production on Wed May 18 20:49:33 2005
Copyright (c) 1982, 2004, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.1.0.2.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> conn flows_010500/welcome1
Connected.
SQL> @C:\SSO_SDK\ssosdk307_032101\packages\loadsdk.sql
Package created.
No errors.
Package body created.
No errors.
Type created.
Table created.
Sequence created.
Sequence created.
Table created.
No errors.
Procedure created.
No errors.
Package created.
No errors.
Package body created.
No errors.
Package created.
No errors.
Package created.
No errors.
Package body created.
No errors.
Package body created.
No errors.
Package created.
No errors.
Package body created.
No errors.
SQL>
Now, at the iAS10g registering HTMLDB application as a partner application.
Let me know whether I have to create any DAD to specify in HOME URL?
Regards,
Nagadeep.

SSO for partner applications

Hi All,
I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
Thanks,
Swaroop

See Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
See the following for information about what to specify on each page.
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341

Error on registering Flights of Fancy application(Partner Application, JPDK) provide

Hi
When i try to add a provider for Flights of Fancy application i am getting this error
An error occurred when attempting to call the providers register function. (WWC-43134)
The following error occurred during the call to Web provider: Unable to initialize new provider instance: oracle.portal.provider.v1.ProviderException: Portlet PartnerFlightPortlet: Required Renderer not set. (WWC-43147)
i am able to access the URL (http://myhost/servlet/flightsprov) without any problem and is displaying the following information
Congratulations! You have successfully reached your Provider's Test Page.
Checking for components:
Oracle XML parser: detected
Oracle JSP: detected
Recognizing initArgs: Usual initArgs are provider_root and sessiontimeout.
dbhost: myhost
partnerAppCookieDomain: mydomain.com.qa
dbsid: mysid
onCancelUrl: http://myhost
partnerAppCookieDesc: SSO application cookie
partnerAppCookieScope: /
dbSchema: mypartner
requestedUrl: http://myhost/servlet/flights
provider_root: D:\port\partner
dbport: 1521
dbPassword: mypartner1
partnerAppCookieName: SSO_PAPP_SERVLET_ID
sessiontimeout: 1800000
listenerToken: myhost:80
ANd i make sure several times that i am using the same URL for Portal registration page.
In the jserv.log file i am getting the following information
[08/04/2001 13:08:24:642 GMT+03:00] flightsprov/javax.servlet.ServletException: Unable to initialize new provider instance: oracle.portal.provider.v1.ProviderException: Portlet PartnerFlightPortlet: Required Renderer not set.
at oracle.portal.provider.v1.http.HttpProvider.getProvider(HttpProvider.java:339)
at oracle.portal.provider.v1.http.HttpProvider.service(HttpProvider.java:246)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:588)
at org.apache.jserv.JServConnection.processRequest(JServConnection.java, Compiled Code)
at org.apache.jserv.JServConnection.run(JServConnection.java, Compiled Code)
at java.lang.Thread.run(Thread.java:479)
Can anybody help me in solving this problem
thanks in advance
Abdulla
null

You're not missing anything - it sounds like it's working perfectly.
If a provider is affiliated with a partner application, the provider is automatically authenticated when you authenticate to the portal - because it is also a partner application. You only need to authenticate yourself once.
Now, when you go to the partner application, the application session cookie that was created by the provider is passed to the partner application & so you are not challenged.
Now, if you close your browser and access the partner application first, the login server will challenge you. When you subsequently go to the portal, you will not be challenged - the portal contacts the login server behind the scenes, determines you have already authenticated yourself and proceeds as if you had logged in.
When you visit the partner provider portlet, it will detect the cookie created by the partner application and use that to tie into the same session.
This is the whole point of single sign on.

Java SSO Partner application

Hello,
I configured and deployed a Java Partner Application as specified in the demo (ssosdk902.zip). I created an OC4J container and deployed all beans and jsp pages. When I try to access papp.jsp page, it presents me with sso login page but when i try to access other jsp pages under the same container like (index.jsp), it does not ask present with a sso login page. I want to protect all JSP pages under that container. Should I change home url for the SSO Partner application?
Any help is appreciated.
Thanks.

creating a partner application does not automatically secure the entire directory/application. it just sets a cookie for the Login Server and the Partner Application, indicating this user is authenticated.
if you want to secure the entire directory, you need to:
1. lock the directory down with MOD_OSSO in partnership with the Login Server
2. put the session checking code from papp.jsp into every page you want to secure, ensuring you have a valid and current user
3. create an application-specific security layer for the rest of your application that defers to the Oracle Security for user authentication.
what i'm currently doing is number 3. i have my ssoHome, that ensures i have a valid Login Server user. then i create an application session around the SSO user and use that to secure the rest of my site. if that session info ever times out, i delegate back to my ssoHome to see if they're still valid according to Oracle, and if they're not, they get sent back to the Login Server.
this model works very well for me, and is easy to manage.
hope that helps,
.rich

OID SSO Logout issue from the partner application

As per the below link I am trying the logout functionality from the partner application,
http://download.oracle.com/docs/cd/B14099_19/idmanage.1012/b14078/tpsso.htm#i1011555
The article talks about a logout url pattern, I am trying to execute the below from the partner application.
https://single_sign-on_host:single_sign-on_ssl_port/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=done_url
The issue I got is OID server is not redirecting to the p_done_url, it just stays in the same OID logout page, Do I have to create any configuration entry to get the redirection working?
Thanks

Hi All,
Providing more information,
What I get is the OID logout screen with two return buttons on top and bottom of the page.
If I found is when I click any of those it goes to the p_done_url but What I want is
instead of stopping in the OID logout page, auto redirection to the p_done_url,
Can this be done.
Thanks

OID Realm Setup for Partner Application in another application server

This message was also posted under the Identity Management thread.
We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
Thanks,
Leif

Hi Amit,
I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
Mahendra.

b OID Realm setup for partner application server /b

We currently have 10.1.2 SSO running and configured to accept a partner application from another app server (10.1.3). A sample application attempts to authenticate a user and then use JAZN to confirm whether the user is in the correct OID group. The user can authenticate successfully, which shows up in the SSO audit table, but the group check fails. I believe this is due to the realm not being visible to the other app server? How do I go about setting up the app server or application on the 10.1.3 platform to be able to check the 10.1.2 SSO server for the right OID group when the user authenticates? I have tried to set up the file-based permissions through the EM console, but seems to be only valid for the local setup. My thought was that the system-jazn-data.xml file would need to identify and point to the SSO server? When I troubleshoot that file, I see the correct realm entry and also the correct JAZN group and the OID GUID for the group. Any suggestions?
Thanks,
Leif

Hi Amit,
I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
Mahendra.

Two Essbase instances vs two applications

Hi,I am trying to determine which would be better from a performance perspective:I have to create two applications in Essbase and I have one windows 2000 server. Is it better:a. to run two instances of Essbase on the same windows 2000 server with one application running on each instance orb. to run 1 instance of Essbase on the windows server and run both applications in that instanceThanks

It depends on the version of Essbase you are using. If you are on 6.2 or above, you can change the default listening port for the Essbase agent and application server processes, which allows you to have multiple instances on the same box.An easier way to run multiple servers on one box might be to use technology like VM Ware or Microsoft Virtual PC - they allow you to create a virtual machine which can have its own Essbase install, with your production Essbase environment running on the "base" OS.RegardsJade-------------------------------------Jade ColeSenior Business Intelligence ConsultantClarity [email protected]

OID connection error for partner application

Hello All
I have registered a partner application which run from Oracle application server OC4J and when i login via URL, I get following error below, any suggestions?. All parameters are correctly specified.
AJPRequestHandler-ApplicationServerThread-458 Communication Exception received. Cleaning up the stale
connection
oracle.ldap.util.CommunicationErrorException: Unable to establish connection to directory. Please verify the input parameters: host, port,
dn &' password connection closed
at oracle.ldap.util.Subscriber.getUser_NICKNAME(Subscriber.java:1214)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:913)
at oracle.ldap.util.Subscriber.getUser(Subscriber.java:860)
at oracle.security.sso.server.ldap.OIDUserRepository.getUserProperties(OIDUserRepository.java:495)
at oracle.security.sso.server.auth.SSOServerAuth.authenticate(SSOServerAuth.java:485)
at oracle.security.sso.server.ui.SSOLoginServlet.processSSOPartnerRequest(SSOLoginServlet.java:1058)
at oracle.security.sso.server.ui.SSOLoginServlet.doPost(SSOLoginServlet.java:350)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:835)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:341)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:816)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:231)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:136)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:192)
at java.lang.Thread.run(Thread.java:534)
Thanks
Amit

Hi Amit,
I am also facing the same issue. Could you please share the work around you around to get rid of this issue?
Mahendra.

ERROR : SSO Partner application could not be registered successfully

Hi,
when i run txkrun.pl to register sso my regisitration fails
perl txkrun.pl -script=SetSSOReg
You are registering ORACLE HOME, Instance with SSO and OID Servers.
Enter the host name where Oracle iAS Infrastructure database is installed ? hschbscgn20104.hclt.corp.hcl.in
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter SSL LDAP Port on Oracle Internet Directory server ? 636
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
Enter the instance password that you would like to register this application instance with ?
Enter Oracle E-Business apps database user password ?
*** Log File = /data/vis/inst/apps/VIS_hschbscgn20118/logs/appl/rgf/TXK/txkSetSSOReg_Fri_Nov_19_10_05_55_2010.xml
Beginning input parameter validation for Oracle Home Instance registration.
*** ALERT: This Oracle Home Instance is already registered. Oracle Home Instance Registration will be skipped.
Input parameter validation for Oracle Home Instance registration completed.
Beginning input parameter validation for SSO registration.
Input parameter validation for SSO registration completed.
Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.
BEGIN SSO REGISTRATION:
Beginning to register partner application.
*** ERROR : SSO Partner application could not be registered successfully.
End of /data/vis/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered
Below is my Log file:
BEGIN SSO REGISTRATION:</message>
</record>
<record>
<date>2010-11-18T23:31:11</date>
<millis>1290103271727</millis>
<sequence>79</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.TXKSTDIO</class>
<method>info</method>
<thread>10</thread>
<message>Beginning to register partner application.</message>
</record>
<record>
<date>2010-11-18T23:31:11</date>
<millis>1290103271728</millis>
<sequence>80</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>updating ias.properties file by retrieving data from DB</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272017</millis>
<sequence>81</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>Retrieved Preferences: {IASname=VIS.hclt.corp.hcl.in, InfrastructureDBCommonName=ORAAS.HCLT.CORP.HCL.IN, InfrastructureUse=true, OIDhost=hschbscgn20104.hclt.corp.hcl.in, SSLOnly=false, OIDsslport=636, IASpassword=05a78096c85355eed5aa08f04546377eb5e16520f2237467b7, OIDport=389}</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272018</millis>
<sequence>82</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>ias.properties is latest. No need to update.</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272019</millis>
<sequence>83</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Processing APPS_FRAMEWORK_AGENT: https://hschbscgn20118.hclt.corp.hcl.in:443</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272019</millis>
<sequence>84</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>removePortsFromAgent</method>
<thread>10</thread>
<message>Agent:https://hschbscgn20118.hclt.corp.hcl.in:443
After removing default ports Agent:https://hschbscgn20118.hclt.corp.hcl.in</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272053</millis>
<sequence>85</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.DBUtil</class>
<method>getAgentConfFileId</method>
<thread>10</thread>
<message>Executing: SELECT PREFERENCE_NAME FROM FND_USER_PREFERENCES WHERE PREFERENCE_NAME LIKE 'TXK_SSO_FILE_ID_%' AND PREFERENCE_VALUE = 'https://hschbscgn20118.hclt.corp.hcl.in' AND MODULE_NAME = 'LDAP_SYNCH' AND USER_NAME = '#INTERNAL' </message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272054</millis>
<sequence>86</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.DBUtil</class>
<method>getAgentConfFileId</method>
<thread>10</thread>
<message>file id NOT found</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272055</millis>
<sequence>87</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>updateReqArgs</method>
<thread>10</thread>
<message>Updated Required Arguments Map: -site_name=https://hschbscgn20118.hclt.corp.hcl.in -appspass=******* -config_mod_osso=true -logout_url=https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO -home_url=https://hschbscgn20118.hclt.corp.hcl.in -config_file=/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf -update_mode=CREATE -success_url=https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success -cancel_url=https://hschbscgn20118.hclt.corp.hcl.in </message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272056</millis>
<sequence>88</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Commmand is : sh /data/vis/apps/tech_st/10.1.3/sso/bin/ssoreg.sh -site_name https://hschbscgn20118.hclt.corp.hcl.in -config_mod_osso true -logout_url https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO -home_url https://hschbscgn20118.hclt.corp.hcl.in -config_file /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf -update_mode CREATE -success_url https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success -cancel_url https://hschbscgn20118.hclt.corp.hcl.in</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274625</millis>
<sequence>89</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Return Code is : 1</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274625</millis>
<sequence>90</sequence>
<logger>txkSetSSOReg</logger>
<level>SEVERE</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>CLASSPATH=/data/vis/apps/tech_st/10.1.3/jdbc/lib/ojdbc14.jar:/data/vis/apps/tech_st/10.1.3/jlib/repository.jar:/data/vis/apps/tech_st/10.1.3/sso/lib/ossoca.jar:/data/vis/apps/tech_st/10.1.3/sso/lib/ossoreg.jar:/data/vis/apps/tech_st/10.1.3/lib/xmlparserv2.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/classes12.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/nls_charset12.jar:/data/vis/apps/tech_st/10.1.3/jlib/jndi.jar:/data/vis/apps/tech_st/10.1.3/jlib/ojmisc.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/jazn.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/jaas.jar:/data/vis/apps/tech_st/10.1.3/jdk/lib/rt.jar:/data/vis/apps/tech_st/10.1.3/jdk/lib/i18n.jar:/data/vis/apps/apps_st/comn/java/classes/oracle/apps/fnd/jar/fndoid.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/ojdbc14.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/orai18n.jar:/data/vis/apps/tech_st/10.1.3/jlib/repository.jar:/data/vis/apps/tech_st/10.1.3/jlib/infratool.jar:/data/vis/apps/apps_st/comn/java/classes:/data/vis/apps/tech_st/10.1.3/sysman/webapps/emd/WEB-INF/lib/emd.jar:/data/vis/apps/tech_st/10.1.3/dcm/lib/dcm.jar:/data/vis/apps/tech_st/10.1.3/sysman/j2ee/lib/portalSMI.jar:/data/vis/apps/tech_st/10.1.3/jlib/emConfigInstall.jar:/data/vis/apps/tech_st/10.1.3/lib/dms.jar:/data/vis/apps/tech_st/10.1.3/opmn/lib/ons.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/oc4j.jar
Parameters passed to SSO registration tool :
param0:-oracle_home_path param1:/data/vis/apps/tech_st/10.1.3 param2:-site_name param3:https://hschbscgn20118.hclt.corp.hcl.in param4:-config_mod_osso param5:true param6:-logout_url param7:https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO param8:-home_url param9:https://hschbscgn20118.hclt.corp.hcl.in param10:-config_file param11:/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf param12:-update_mode param13:CREATE param14:-success_url param15:https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success param16:-cancel_url param17:https://hschbscgn20118.hclt.corp.hcl.in
-DinstallType=
-DORACLE_CONFIG_HOME=/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3
-DoldOracleHome=
-DoldOHSUser=root
Check /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/sso/log/ssoreg.log for details of this registration
SSO registration tool failed. Please check the log file /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/sso/log/ssoreg.log, correct the problem and re-run the tool.
.end std out.
.end err out.
</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274626</millis>
<sequence>91</sequence>
<logger>txkSetSSOReg</logger>
<level>SEVERE</level>
<class>oracle.apps.fnd.txk.ias.TXKSTDIO</class>
<method>exception</method>
<thread>10</thread>
<message>oracle.apps.fnd.txk.ias.SsoOidException: SSO Partner application could not be registered successfully.
at oracle.apps.fnd.txk.ias.sso.Instance.ssoReg(Instance.java:470)
at oracle.apps.fnd.txk.ias.sso.Instance.registerPartnerApp(Instance.java:690)
at oracle.apps.fnd.txk.ias.Instance.main(Instance.java:88)
</message>
</record>
</log>
can anyone tell me what is the problem

Hi
Please refer doc and do the following steps.
1. Take a copy of the $IAS_ORACLE_HOME/Apache/Apache/bin/iasobf file
2. Change the ORACLE_HOME=to the correct IAS_ORACLE_HOME
3. Re-run the SSO registration by following the three step process
Regards,
Krishna

Choosing between external and partner application and problem with login

We have an application on Oracle App Server 10.1.3.3 and we have an OID server.
I had taken this for granted that I should define the application as 'Partner Application' and not external application for single sign on.
Now that we need the 'PASSWORD' retrieved by application, we are considering defining it as an external application.
There are at least two problems I have encountered defining the application as external:
1. 'pageConfig:serverDate' is among the login form's inputs in the login page, but I can't set it in orasso 'Edit External Applications' page
2. After login using SSO as external application and when I click on the application's new link, the login page is shown with the username and password field filled, but I have to click on login button anyway (no automatic and invisible login).
I will be very grateful if someone gives a general view on the differences between external and partner, whether in this case external has to be used or partner and finally give some comment on my specific problem with login button and manual login.
Thank you

Just some information :
- The problem with LOGIN page exists. I don't have that problem with for example GMAIL when defined as external application, but with my applications in Oracle Application Server.
- There is also another thing I don't understand. The link to external application is something like:
javascript:open_jwindow('../ealogin?ID=76D4766','76');
and couldn't be executed outside pls/orasso
in other words we can't give that to our users, can we? They should login to orassso and see that?
We don't want to involve them in Identity Management...
Any help is appreciated....
Regards

ApEx 2.1.0.00.39 as Partner Application in Oracle AS Single Sign-On

Hi,
I've installed the last Application Express 2.1.0.00.39 (oracle-xe-10.2.0.1-1.0.i386.rpm and oracle-xe-univ-10.2.0.1-1.0.i386.rpm) but, when I try to "create an authentication scheme" for configure an ApEx application to use SSO under
Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Create Authentication Scheme
in the second step of the procedure I don't find the choice "Oracle Application Server Single Sign-On (Application Express engine as Partner App)".
I found only these:
- Show Built-In Login Page and Use Open Door Credentials
- Show Login Page and Use Application Express Account Credentials
- Show Login Page and Use Database Account Credentials
- Show Login Page and Use LDAP Directory Credentials
- No Authentication (using DAD)
even if under the help voice "V Information" the others two are describes:
Oracle Application Server Single Sign-On (Application Express engine as Partner App) delegates authentication to the Oracle Application Server Single Sign-On (SSO) Server. This Application Express site must have already been registered as a partner application with the SSO server. For more information, contact your administrator.
Oracle Application Server Single Sign-On (My application as Partner App) delegates authentication to the SSO server. In this case, you must register an application with SSO as a partner application. See the next page for more details.
Does Someone know how to resolve it?
Thanks
Emanuele

Thanks for all your help Scott
I've added the -PORTAL_SSO- .....
After this I've had a new problem same to this: Re: SSO Authentication Not Working
"get the error below and it then directs me to http://hostx/htmldb/f? and the "p=" is missing"
But after a lot of tests I discovered where was the problem: "The apache configuration for the proxy!!"
This an extract from the installation doc :
SetEnv force-proxy-request-1.0 1
ProxyPass /htmldb http://127.0.0.1:8080/htmldb
ProxyPassReverse /htmldb http://127.0.0.1:8080/htmldb
ProxyPass /i http://127.0.0.1:8080/i
ProxyPassReverse /i http://127.0.0.1:8080/i
ProxyPass /sys http://127.0.0.1:8080/sys
ProxyPassReverse /sys http://127.0.0.1:8080/sys
where you replace 127.0.0.1 with the name OR ip address of your XE installation. 8080 is the default http port of your XE installation. "
Well, I used the IP ADDRESS and in the @regapp > listener_token the NAME!!! (HTML_DB:servername.domain:80)
I changed the IP ADDRESS with the NAME, restarted the httpd service and now all works fine.
Emanuele

Using SSO for 2 partner application that different domainname

Dear expert,
I have to implement the Oracle SSO with 2 existing Web Application that separate domainname (eg. domainA.com and domainB.com). I have read from OTN the SSO using HTTP Cookie for partner applications but the standard cookie can not be accessed from different domainname.
Please, Who can help me on this case?
Thanks in advance,
Kotaro

Reading and googling through much unclear RMAN content I came to the conclusion that it simply is not possible to use RMAN to copy SCHEMA_A from INSTANCE_A in MACHINE_A into INSTANCE_B without blowing away SCHEMA_B in INSTANCE_B on MACHINE_B.
So, I need to use RMAN to set up INSTANCE_A_COPY on MACHINE_B. Then I can have both INSTANCE_B and INSTANCE_A_COPY on MACHINE_B. If MACHINE_A should fail then I can switch over to MACHINE_A_COPY and run both instances, no problem.
Question: I would like to save time and disk space by not copying a 1TB reference tablespace/schema into INSTANCE_A_COPY. When I run INSTANCE_A_COPY it will need to join to the read-only reference tablespace/schema in INSTANCE_B. What will be the performance of a “distributed join” on tables across two instances in the same machine?

HTMLDB as Partner Application to TWO OID instances - Authentication Schemes

Similar Messages

Maybe you are looking for