Implementing single sign on on BO 3.0

Similar Messages

• Implementing Single Sign-On support for the Oracle E-Business suite

  Implement Single Sign-On support for the Oracle E-Business suite
  I want implement Single Sign-On support for the Oracle E-Business suite.
  Operationg System : linux/Solaris
  Oracle E-Business suite : 11.5.10
  Oracle Application Server : 10gAS(latest availble)
  Type of integration : SSO and OID with 11i
  No third party SSO or LDAP
  Qusetions
  1.If my SSO Server is down can i login to applications(11i) using normal mode(default login http://servername.xxxx.com:8000/).
  2. Is it possible to have appilications (11i) in Linux/Solaris and 10gAS in windows.
  Please answer...
  NOTE:
  I am following Oracle METALINK Doc.Id 233436.1 and 261914.1.
  Thank you.
  MARK

  You couldn't login into server But You can use the following login
  http://servername.xxxx.com:8000/AppsLocalLogin.jsp
  For this you need to enable the Appslocallogin Profile option

• " Path not found() "error when implementing single sign on

  Hi,
  We are implementing single sign on so that when users click on the "Reports Login" he is navigated to the obiee presentation services screen. For the reports login we have a .asp page which directs to the presentation services.
  I have done the necessary changes in the instanceconfig and credentialstore xml files.
  I have been receiving a strange error when I click on the reports login. I get the error
  Path not found ()
  Error Details
  Error Codes: U9KP7Q94
  I have checked the presentation server log file and I see the below error
  Type: Error
  Severity: 45
  Time: Tue Mar 09 09:18:44 2010
  File: project/websubsystems/ssportal.cpp Line: 1907
  Properties: ThreadID-2672;HttpCommand-Dashboard;Proxy-;RemoteIP-127.0.0.1;User-;Impersonator-
  Location:
       saw.subsystem.portal
       saw.httpserver.request
       saw.rpc.server.responder
       saw.rpc.server
       saw.rpc.server.handleConnection
       saw.rpc.server.dispatch
       saw.threadPool
       saw.threads
  Path not found ()
  Can anyone provide me an input how to resolve this issue?
  This is bit urgent for me.
  Thanks

  Hi,
  Please ensure that the navigational attribute is checked at the attribute level and also at the Infocube level and also check that correct mapping of this navigational attribute is done at the Multiprovider level.
  Thanks,
  Venkat

• Sourcing 7.0: Email Link in Mail templates when implementing Single Sign on

  Hello,
  We are implementing Sourcing 7.0 SP02 On premise.
  We are in the processing of setting up the single sign on with Enterprise Portal.
  In E-Sourcing 5.1 - when we implement single sign on with portal - the mail links in the mail templates have to be replaced with the portal URL and also - in order to redirect the user from portal login to the correct object in E-Sourcing (contract/MA/RFX) - we had implemented a custom portal solution (par file) to redirect the user.
  So when the user clicks on the link in the mail - it will take the user to Enterprise portal login. Once the login is done - user will be redirected to the E-Sourcing object like RFX/MA which the token %DOCUMENT_URL% contains.
  I wanted to check if there is any standard solution to this issue in Sourcing 7.0 on p

  Hi Vikram, Thanks a lot for your reply. I got a release note 1485253 that explains that this is resolved. Please find the text below
  2011/0000612672
  In user emails, %DOCUMENT_URL% token is used to generate the document
  specific URL. This URL takes the user directly to the document. However,
  when Sourcing is integrated with SAP Portal, using only this token will not
  take the user to the document. In order to fix this, ENCODE function has
  been introduced. Wrapping this around the URL, the URL can be encoded and
  used as a "forcedURL" in the portal link.
  Would you be able to explain to me how this can be achieved through configuration? I tried now with a portal user of Sourcing and the link was still showing up as the old link. Is this forcedURL generated using a system property?
  Regards,
  Srivatsan

• Implementing single sign on across multiple web apps

  Hi
  I was wondering if somebody could help me. I need to implement single sign on
  for multiple web apps deployed in separate WARs in a single EAR file. I need
  to authenticate against an LDAP server and ensure that the user only has to sign
  on once per user session even if the user navigates between web apps. The weblogic
  docs only seem to go so far, i.e. "Single sign on works if each web app uses the
  same cookie" etc. So I see that, apart from buying WebLogic Enterprise Security
  there are only two ways of doing this:
  1. Implement single sign on.
  2. Create my own security realm with my own authenticator implementations.
  So my questions are:
  1. We don't want to effect the normal weblogic user/passwords used to access the
  WLS console but need to have single sign on. Should we implement single sign on
  (option 1,above) or create our own realm?
  2. Can somebody point me to somewhere on the web/in the the WLS documentation
  that shows me how to implement single sign on using session cookies?
  TIA
  Mik

  "Mik Quinlan" <[email protected]> wrote in message
  news:[email protected]..
  >
  Hi
  I was wondering if somebody could help me. I need to implement singlesign on
  for multiple web apps deployed in separate WARs in a single EAR file. Ineed
  to authenticate against an LDAP server and ensure that the user only hasto sign
  on once per user session even if the user navigates between web apps. Theweblogic
  docs only seem to go so far, i.e. "Single sign on works if each web appuses the
  same cookie" etc. So I see that, apart from buying WebLogic EnterpriseSecurity
  there are only two ways of doing this:
  1. Implement single sign on.
  2. Create my own security realm with my own authenticator implementations.
  So my questions are:
  1. We don't want to effect the normal weblogic user/passwords used toaccess the
  WLS console but need to have single sign on. Should we implement singlesign on
  (option 1,above) or create our own realm?
  2. Can somebody point me to somewhere on the web/in the the WLSdocumentation
  that shows me how to implement single sign on using session cookies?
  http://e-docs.bea.com/wls/docs81/security/thin_client.html#1039551
  That also has a pointer to:
  For more information, see session-descriptor in Assembling and Configuring
  Web Applications.

• Implement Single Sign-On

  Hi
  What is the best way of implementing a single sign on in a clustered web based client server solution.
  Thanks,
  AA

  I am looking for a seamless login to applications using windows credentials. So ESSO which is like a password vault is not a desired solution. ESSO saves the user id/ password to applications and retrieves them whenever the application needs login. The login information saved by ESSO Logon Manager is protected by windows login credentials.
  I have tried to implement Windows Native Authentication as described in http://www.oracle.com/technology/obe/obe_as_10g/im/wna/wna.htm
  It apparently requires the policy.properties to be modified to set MediumSecurity_AuthPlugin = oracle.security.sso.server.auth.SSOKerbeAuth. But the current applications require that it be set to 'SSOOblixAuth', i.e
  MediumSecurity_AuthPlugin = SSOOblixAuth. Changing it to SSOKerbeAuth will break the applications on the server. Is there a work around?

• Implementing Single Sign-On in J2SE Application

  I am developing a application which is going to do some Single Sign-On authentication.
  For those who do not know what Single Sign-On is: For user who have multiple usernames and password for different web site, Single Sign-On offers them a way to authenticate to these different site without the need to remember all those passwords. It takes over the authentication process, and authenticates to these web sites for the user. The usernames and passwords are stored in a database.
  I am going to develop such a program in Java. This program is going to fetch the web site which contains the login form. Find out what to send to the web server. Send the username and password stored for that web site and in return if authentication goes through the web site will send the web page to the Java program which when receive it will open it in a web browser.
  Does anyone have any idea how I can implement this Single Sign-On feature? I know there exist several applications for windows which offers such Single Sign-On and which works with Internet Explorer. So somehow I should be able to make such a feature for a Java application.

  Thanks for the reply
  Should I read the following from the document you sent in Section 4.5? I just wanna confirm..
  4.5 Configuring Custom SSO Environments
  For information about configuring Oracle Business Intelligence to participate in custom SSO environments (for example, setting up SSO using Active Directory or SiteMinder), see articles 1287479.1 and 1274953.1 on My Oracle Support at:
  https://support.oracle.com

• OID integration with Kronos for implementing Single Sign On

  We are looking at integrating our existing Kronos system on single sign on.
  OID is our LDAP for integrating all the systems on SSO.
  It would be of great help if anyone has done this kinda of integration before and can provide me some leads for this project.
  Thank you,
  Sangita

  My understanding is that this web application will be deployed on some application server and you need to implement the SSO using OpenSSO for it. For this purpose, you will need to have folliwng modules:
  - Idenitity Provider (IdP) that will provide SSO service to your application.
  - Service Provider (SP) module that will interact with IdP and your application.
  OpenSSO can be used to define both IdP and SP. While configuring IdP is easy but the SP part is a bit complicated as you will have to also use the Policy Agent to protect your application and interface with the SP part of OpenSSO. Once you configure the IdP and SP, you will need to configure the Policy Agent specific for the application server on which your application is deployed. For WebLogic, here is the link:
  http://docs.sun.com/app/docs/doc/820-4580/6ng1lok82?a=view
  There may be other easier solutions (in terms of architecture) which I'm not aware of. And maybe this is why I was destined to follow up on one of the issues at http://forums.sun.com/thread.jspa?threadID=5436607
  Cheers

• Navigation problem in implementing Single Sign On

  Hi,
  I am a newbie to JSF.
  One of the projects that i am currently involved in, has a requirement of single sign on (SSO) , where in the user will log into their windows workstation and they will open my Web Application deployed in JBoss AS. Now my web application should get only the username/userid of the logged-in user from ActiveDirectoryServer and authenticate them against Database(Only the users with userids stored in the database should have the access to application) entries.
  If the user id is not in database, user should be taken to login page asking for the username and password. For this purpose, we are using JCIFS and have the necessary logic written in one class.
  I need some help in how to invoke the method in this class as there wont be any action/event fired initially and how to provide the navigation to pages(login page/home page) depending on the user status.
  Development environment::
  Richfaces,SEAM,JPA,JBOSS AS
  Thanks in advance,
  Suresh

  Hi,
  " SSO logon not possible; browser logon ticket cannot be accepted "
  I believe your SSO is not configured properly,
  First test the connection between ECC and EP
  1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
  make sure that  you get a tick mark. againt all in particular for  " connection test for connectors"
  2. If your test conenciton is not working probably  SSO is not confgiured properly.
  3. try importing portal certificate to ECC and vice versa
  4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
  regards,
  prakash

• How to implement single sign-on using java?

  I need your help regarding the following task, please go through it and tell me if you have a solution to it.
  DSOWeb is a portal which has links to all the reports generated from Microstrategy8.0.1 (MSTR) [it is another tool which generates the BI Reports] and my requirement is like when a report link in DSOWeb is clicked it goes to MSTR and shows a report of MSTR but the user is unaware of all this that the system is entering into some other portal and giving that report to him.
  1. User logs into DSOWeb (Implemented using Struts framework) - He is automatically logged into MSTR (Java Spring Architecture) as well.
  How to get the session Id of MSTR from DSOWeb and maintain that session within the DSOWeb???
  2.User clicks on a report link - He either uses the session created above or a new session is created for him, if the old one no longer exists.
  3.When User clicks Logout in DSOWeb the system should also internally invalidate the MSTR Session and logout from MSTR .
  Note : Here DSOWeb and MSTR applications are running in different Servers.

  Hello Meghal,
  It is possible to implement social login via Facebook for SAP Enterprise Portal 7.3 by simply using the SAP Cloud Identity offering.
  More details about SAP Cloud Identity you will be able to find here:
  SAP Cloud Identity Solution Brief:  Simplify and Secure Cloud Access to Critical Business Data
  SAP Cloud Identity features - latest release: http://scn.sap.com/community/security/blog/2014/12/18/new-capabilities-with-the-latest-release-of-the-sap-cloud-identity
  Please, find also the documentation about social login implementation:
  Enable or Disable Social Sign-On for an Application
  Best regards,
  Donka Dimitrova

• How to implement Single-Sign-On?

  Hello,
  Whenever a user is opening the portal main page he needs to authenticate with UserName and Password in order to login. I would like to prevent this, meaning, if the user authenticated once, he will not have to do it again, say tomorrow (Like "Remember Me" Option). How do I do that?

  Roy,
  this can be realized by setting up an additional MS IIS webserver running SAP's free IISProxy in front of the portal server. IIS can be set up to speak so-called "windows integrated authentication" (also known as NTLM resp. Kerberos) and to forward the user ID to EP. Detailed information on this can be found in SAP's NetWeaver security guide available at http://service.sap.com/securityguide.
  This has also been a topic of interest various times here at SDN, a search on IISproxy in the forums will give you some helpful results.
  Regards,
  Dominik
  ...and
  if(helpful) {
    points++;

• How to implement a single sign on  feature using java.

  Hi,
  I have a question like , How to implement **single sign on** feature in java without using any third party framework or tool like LDAP or any other which is available in the market.
  Actually the situation is i have all security information into the table and those information is used for single sign on . If a user logged in from a jsp loging page all the security role should be assigned to that particular user.
  We can do this using LDAP but i am not supposed to use the LDAP or any third party tool . I have to write a java class for that .
  please suggest me the method , how to implement this in a web application.
  Edited by: Rakesh_Singh on Mar 19, 2008 11:55 AM

  you could setup a token that specifies a user is authenticated. other applications that u want SSO can check for existance of this token
  if it is HTTP - you can save the token as a cookie and downstream apps look for this token
  yr code needs to validate that the token/cookie was indeed a valid one and not subject to man-in-the middle attack.

• Active Directory, single sign-on and  SRM Users

  We are in the process of installing SRM 7.0. using the Classic Scenario. I am seeking clarification around the creation of users in that system given the following:
  - My Basis colleagues are in the process of implementing single sign-on using Active Directory for our SAP Portal, SAP Business Warehouse and SRM systems.
  - Single sign-on will not  at this point be used for our SAP ECC 6.0 system
  My questions are:
  1. If active directory is being used do we need to create actual users within the SRM system?
  2. If actual users in the SRM system are not required, does this have any impact on the creation of the Organizational structure in SRM from the SAP ECC HR hierarchy?
  Many Thanks

  Hi Claire,
  The Single Sign On work only if user exist on every systemes.
  For example :
  If you connect trough portal to access ECC and SRM, your user id must exist in ECC and SRM.
  For Active Directory you can synchronize your user table to AD by using LDAP option.
  The best way is to configure a CUA for ECC and SRM, use the UME of Portal on ECC and synchronize the CUA to Active Directory.
  Finally use the SSO certificate between Portal ECC and SRM.
  Regards,
  Gilles SEBBAG
  Sap Technical Consultant.

• Single sign on and microsoft active directory

  Hi,
  I have EBS 12.1.3 on linux. I know that I can implement single sign on to login to EBS. Now the question is: can I integrate this single sign on with my existing Microsoft Active Directory? Can you send me some links or documentation?

  Self-reply:
  http://blogs.oracle.com/stevenChan/2006/05/indepth_using_thirdparty_ident.html
  Thanks

• Single Sign-On and Context Propogation

  I would like to implement single sign-on to my Web Container and have
  the LoginContext propogated to the EJB Container.
  Can anyone point me to resources / documentation on this topic?
  thanks,
  tom~

  How did you solve this ? Can you point to me the right resource ?
  Thanx
  [email protected] (Thomas Hunt) wrote:
  I would like to implement single sign-on to my Web Container and have
  the LoginContext propogated to the EJB Container.
  Can anyone point me to resources / documentation on this topic?
  thanks,
  tom~