Implementing single sign on on BO 3.0
Hi,
I have my BO 3.0 running on tomcat. Is there any document like [Implementing AD single signon|http://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/d01d4069-8143-2b10-649f-dfbce1803b93&overridelayout=true] this for tomcat installation.
If not please give me the steps to implement the same.
Thanks and Regards,
Subbu S
Here is [one way to set up SSO|https://www.sdn.sap.com/irj/boc/index?rid=/library/uuid/d0f6ac3c-b3ac-2b10-1b95-c9bd46194977&overridelayout=true]
Let me know if you were looking for another method...
Regards,
Tim
Similar Messages
-
Implementing Single Sign-On support for the Oracle E-Business suite
Implement Single Sign-On support for the Oracle E-Business suite
I want implement Single Sign-On support for the Oracle E-Business suite.
Operationg System : linux/Solaris
Oracle E-Business suite : 11.5.10
Oracle Application Server : 10gAS(latest availble)
Type of integration : SSO and OID with 11i
No third party SSO or LDAP
Qusetions
1.If my SSO Server is down can i login to applications(11i) using normal mode(default login http://servername.xxxx.com:8000/).
2. Is it possible to have appilications (11i) in Linux/Solaris and 10gAS in windows.
Please answer...
NOTE:
I am following Oracle METALINK Doc.Id 233436.1 and 261914.1.
Thank you.
MARKYou couldn't login into server But You can use the following login
http://servername.xxxx.com:8000/AppsLocalLogin.jsp
For this you need to enable the Appslocallogin Profile option -
" Path not found() "error when implementing single sign on
Hi,
We are implementing single sign on so that when users click on the "Reports Login" he is navigated to the obiee presentation services screen. For the reports login we have a .asp page which directs to the presentation services.
I have done the necessary changes in the instanceconfig and credentialstore xml files.
I have been receiving a strange error when I click on the reports login. I get the error
Path not found ()
Error Details
Error Codes: U9KP7Q94
I have checked the presentation server log file and I see the below error
Type: Error
Severity: 45
Time: Tue Mar 09 09:18:44 2010
File: project/websubsystems/ssportal.cpp Line: 1907
Properties: ThreadID-2672;HttpCommand-Dashboard;Proxy-;RemoteIP-127.0.0.1;User-;Impersonator-
Location:
saw.subsystem.portal
saw.httpserver.request
saw.rpc.server.responder
saw.rpc.server
saw.rpc.server.handleConnection
saw.rpc.server.dispatch
saw.threadPool
saw.threads
Path not found ()
Can anyone provide me an input how to resolve this issue?
This is bit urgent for me.
ThanksHi,
Please ensure that the navigational attribute is checked at the attribute level and also at the Infocube level and also check that correct mapping of this navigational attribute is done at the Multiprovider level.
Thanks,
Venkat -
Sourcing 7.0: Email Link in Mail templates when implementing Single Sign on
Hello,
We are implementing Sourcing 7.0 SP02 On premise.
We are in the processing of setting up the single sign on with Enterprise Portal.
In E-Sourcing 5.1 - when we implement single sign on with portal - the mail links in the mail templates have to be replaced with the portal URL and also - in order to redirect the user from portal login to the correct object in E-Sourcing (contract/MA/RFX) - we had implemented a custom portal solution (par file) to redirect the user.
So when the user clicks on the link in the mail - it will take the user to Enterprise portal login. Once the login is done - user will be redirected to the E-Sourcing object like RFX/MA which the token %DOCUMENT_URL% contains.
I wanted to check if there is any standard solution to this issue in Sourcing 7.0 on pHi Vikram, Thanks a lot for your reply. I got a release note 1485253 that explains that this is resolved. Please find the text below
2011/0000612672
In user emails, %DOCUMENT_URL% token is used to generate the document
specific URL. This URL takes the user directly to the document. However,
when Sourcing is integrated with SAP Portal, using only this token will not
take the user to the document. In order to fix this, ENCODE function has
been introduced. Wrapping this around the URL, the URL can be encoded and
used as a "forcedURL" in the portal link.
Would you be able to explain to me how this can be achieved through configuration? I tried now with a portal user of Sourcing and the link was still showing up as the old link. Is this forcedURL generated using a system property?
Regards,
Srivatsan -
Implementing single sign on across multiple web apps
Hi
I was wondering if somebody could help me. I need to implement single sign on
for multiple web apps deployed in separate WARs in a single EAR file. I need
to authenticate against an LDAP server and ensure that the user only has to sign
on once per user session even if the user navigates between web apps. The weblogic
docs only seem to go so far, i.e. "Single sign on works if each web app uses the
same cookie" etc. So I see that, apart from buying WebLogic Enterprise Security
there are only two ways of doing this:
1. Implement single sign on.
2. Create my own security realm with my own authenticator implementations.
So my questions are:
1. We don't want to effect the normal weblogic user/passwords used to access the
WLS console but need to have single sign on. Should we implement single sign on
(option 1,above) or create our own realm?
2. Can somebody point me to somewhere on the web/in the the WLS documentation
that shows me how to implement single sign on using session cookies?
TIA
Mik"Mik Quinlan" <[email protected]> wrote in message
news:[email protected]..
>
Hi
I was wondering if somebody could help me. I need to implement singlesign on
for multiple web apps deployed in separate WARs in a single EAR file. Ineed
to authenticate against an LDAP server and ensure that the user only hasto sign
on once per user session even if the user navigates between web apps. Theweblogic
docs only seem to go so far, i.e. "Single sign on works if each web appuses the
same cookie" etc. So I see that, apart from buying WebLogic EnterpriseSecurity
there are only two ways of doing this:
1. Implement single sign on.
2. Create my own security realm with my own authenticator implementations.
So my questions are:
1. We don't want to effect the normal weblogic user/passwords used toaccess the
WLS console but need to have single sign on. Should we implement singlesign on
(option 1,above) or create our own realm?
2. Can somebody point me to somewhere on the web/in the the WLSdocumentation
that shows me how to implement single sign on using session cookies?
http://e-docs.bea.com/wls/docs81/security/thin_client.html#1039551
That also has a pointer to:
For more information, see session-descriptor in Assembling and Configuring
Web Applications. -
Hi
What is the best way of implementing a single sign on in a clustered web based client server solution.
Thanks,
AAI am looking for a seamless login to applications using windows credentials. So ESSO which is like a password vault is not a desired solution. ESSO saves the user id/ password to applications and retrieves them whenever the application needs login. The login information saved by ESSO Logon Manager is protected by windows login credentials.
I have tried to implement Windows Native Authentication as described in http://www.oracle.com/technology/obe/obe_as_10g/im/wna/wna.htm
It apparently requires the policy.properties to be modified to set MediumSecurity_AuthPlugin = oracle.security.sso.server.auth.SSOKerbeAuth. But the current applications require that it be set to 'SSOOblixAuth', i.e
MediumSecurity_AuthPlugin = SSOOblixAuth. Changing it to SSOKerbeAuth will break the applications on the server. Is there a work around? -
Implementing Single Sign-On in J2SE Application
I am developing a application which is going to do some Single Sign-On authentication.
For those who do not know what Single Sign-On is: For user who have multiple usernames and password for different web site, Single Sign-On offers them a way to authenticate to these different site without the need to remember all those passwords. It takes over the authentication process, and authenticates to these web sites for the user. The usernames and passwords are stored in a database.
I am going to develop such a program in Java. This program is going to fetch the web site which contains the login form. Find out what to send to the web server. Send the username and password stored for that web site and in return if authentication goes through the web site will send the web page to the Java program which when receive it will open it in a web browser.
Does anyone have any idea how I can implement this Single Sign-On feature? I know there exist several applications for windows which offers such Single Sign-On and which works with Internet Explorer. So somehow I should be able to make such a feature for a Java application.Thanks for the reply
Should I read the following from the document you sent in Section 4.5? I just wanna confirm..
4.5 Configuring Custom SSO Environments
For information about configuring Oracle Business Intelligence to participate in custom SSO environments (for example, setting up SSO using Active Directory or SiteMinder), see articles 1287479.1 and 1274953.1 on My Oracle Support at:
https://support.oracle.com -
OID integration with Kronos for implementing Single Sign On
We are looking at integrating our existing Kronos system on single sign on.
OID is our LDAP for integrating all the systems on SSO.
It would be of great help if anyone has done this kinda of integration before and can provide me some leads for this project.
Thank you,
SangitaMy understanding is that this web application will be deployed on some application server and you need to implement the SSO using OpenSSO for it. For this purpose, you will need to have folliwng modules:
- Idenitity Provider (IdP) that will provide SSO service to your application.
- Service Provider (SP) module that will interact with IdP and your application.
OpenSSO can be used to define both IdP and SP. While configuring IdP is easy but the SP part is a bit complicated as you will have to also use the Policy Agent to protect your application and interface with the SP part of OpenSSO. Once you configure the IdP and SP, you will need to configure the Policy Agent specific for the application server on which your application is deployed. For WebLogic, here is the link:
http://docs.sun.com/app/docs/doc/820-4580/6ng1lok82?a=view
There may be other easier solutions (in terms of architecture) which I'm not aware of. And maybe this is why I was destined to follow up on one of the issues at http://forums.sun.com/thread.jspa?threadID=5436607
Cheers -
Navigation problem in implementing Single Sign On
Hi,
I am a newbie to JSF.
One of the projects that i am currently involved in, has a requirement of single sign on (SSO) , where in the user will log into their windows workstation and they will open my Web Application deployed in JBoss AS. Now my web application should get only the username/userid of the logged-in user from ActiveDirectoryServer and authenticate them against Database(Only the users with userids stored in the database should have the access to application) entries.
If the user id is not in database, user should be taken to login page asking for the username and password. For this purpose, we are using JCIFS and have the necessary logic written in one class.
I need some help in how to invoke the method in this class as there wont be any action/event fired initially and how to provide the navigation to pages(login page/home page) depending on the user status.
Development environment::
Richfaces,SEAM,JPA,JBOSS AS
Thanks in advance,
SureshHi,
" SSO logon not possible; browser logon ticket cannot be accepted "
I believe your SSO is not configured properly,
First test the connection between ECC and EP
1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
make sure that you get a tick mark. againt all in particular for " connection test for connectors"
2. If your test conenciton is not working probably SSO is not confgiured properly.
3. try importing portal certificate to ECC and vice versa
4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
regards,
prakash -
How to implement single sign-on using java?
I need your help regarding the following task, please go through it and tell me if you have a solution to it.
DSOWeb is a portal which has links to all the reports generated from Microstrategy8.0.1 (MSTR) [it is another tool which generates the BI Reports] and my requirement is like when a report link in DSOWeb is clicked it goes to MSTR and shows a report of MSTR but the user is unaware of all this that the system is entering into some other portal and giving that report to him.
1. User logs into DSOWeb (Implemented using Struts framework) - He is automatically logged into MSTR (Java Spring Architecture) as well.
How to get the session Id of MSTR from DSOWeb and maintain that session within the DSOWeb???
2.User clicks on a report link - He either uses the session created above or a new session is created for him, if the old one no longer exists.
3.When User clicks Logout in DSOWeb the system should also internally invalidate the MSTR Session and logout from MSTR .
Note : Here DSOWeb and MSTR applications are running in different Servers.Hello Meghal,
It is possible to implement social login via Facebook for SAP Enterprise Portal 7.3 by simply using the SAP Cloud Identity offering.
More details about SAP Cloud Identity you will be able to find here:
SAP Cloud Identity Solution Brief: Simplify and Secure Cloud Access to Critical Business Data
SAP Cloud Identity features - latest release: http://scn.sap.com/community/security/blog/2014/12/18/new-capabilities-with-the-latest-release-of-the-sap-cloud-identity
Please, find also the documentation about social login implementation:
Enable or Disable Social Sign-On for an Application
Best regards,
Donka Dimitrova -
How to implement Single-Sign-On?
Hello,
Whenever a user is opening the portal main page he needs to authenticate with UserName and Password in order to login. I would like to prevent this, meaning, if the user authenticated once, he will not have to do it again, say tomorrow (Like "Remember Me" Option). How do I do that?Roy,
this can be realized by setting up an additional MS IIS webserver running SAP's free IISProxy in front of the portal server. IIS can be set up to speak so-called "windows integrated authentication" (also known as NTLM resp. Kerberos) and to forward the user ID to EP. Detailed information on this can be found in SAP's NetWeaver security guide available at http://service.sap.com/securityguide.
This has also been a topic of interest various times here at SDN, a search on IISproxy in the forums will give you some helpful results.
Regards,
Dominik
...and
if(helpful) {
points++; -
How to implement a single sign on feature using java.
Hi,
I have a question like , How to implement **single sign on** feature in java without using any third party framework or tool like LDAP or any other which is available in the market.
Actually the situation is i have all security information into the table and those information is used for single sign on . If a user logged in from a jsp loging page all the security role should be assigned to that particular user.
We can do this using LDAP but i am not supposed to use the LDAP or any third party tool . I have to write a java class for that .
please suggest me the method , how to implement this in a web application.
Edited by: Rakesh_Singh on Mar 19, 2008 11:55 AMyou could setup a token that specifies a user is authenticated. other applications that u want SSO can check for existance of this token
if it is HTTP - you can save the token as a cookie and downstream apps look for this token
yr code needs to validate that the token/cookie was indeed a valid one and not subject to man-in-the middle attack. -
Active Directory, single sign-on and SRM Users
We are in the process of installing SRM 7.0. using the Classic Scenario. I am seeking clarification around the creation of users in that system given the following:
- My Basis colleagues are in the process of implementing single sign-on using Active Directory for our SAP Portal, SAP Business Warehouse and SRM systems.
- Single sign-on will not at this point be used for our SAP ECC 6.0 system
My questions are:
1. If active directory is being used do we need to create actual users within the SRM system?
2. If actual users in the SRM system are not required, does this have any impact on the creation of the Organizational structure in SRM from the SAP ECC HR hierarchy?
Many ThanksHi Claire,
The Single Sign On work only if user exist on every systemes.
For example :
If you connect trough portal to access ECC and SRM, your user id must exist in ECC and SRM.
For Active Directory you can synchronize your user table to AD by using LDAP option.
The best way is to configure a CUA for ECC and SRM, use the UME of Portal on ECC and synchronize the CUA to Active Directory.
Finally use the SSO certificate between Portal ECC and SRM.
Regards,
Gilles SEBBAG
Sap Technical Consultant. -
Single sign on and microsoft active directory
Hi,
I have EBS 12.1.3 on linux. I know that I can implement single sign on to login to EBS. Now the question is: can I integrate this single sign on with my existing Microsoft Active Directory? Can you send me some links or documentation?Self-reply:
http://blogs.oracle.com/stevenChan/2006/05/indepth_using_thirdparty_ident.html
Thanks -
Single Sign-On and Context Propogation
I would like to implement single sign-on to my Web Container and have
the LoginContext propogated to the EJB Container.
Can anyone point me to resources / documentation on this topic?
thanks,
tom~How did you solve this ? Can you point to me the right resource ?
Thanx
[email protected] (Thomas Hunt) wrote:
I would like to implement single sign-on to my Web Container and have
the LoginContext propogated to the EJB Container.
Can anyone point me to resources / documentation on this topic?
thanks,
tom~
Maybe you are looking for
-
Using my US Lumia 920 in Korea
Hello, I'm currently stationed overseas in South Korea and I brought my Lumia 920 with from the USA. Before I left, I called AT&T and requested my unlock code so I could utilize the phone overseas without having to buy another one. After unlocking it
-
B2B capability of SAP PI 7.1
Need clarification on the B2B capability of SAP PI 7.1. I have the following scenario: SAP ERP <-> SAP PI 7.1 <-> (xml) <-> B2B Trading partners I have three questions on the above scenario: 1. SAP PI will have to send standard XML message to B2B tra
-
What's the dynamic range of PCI-6289?
Dear Sir: Could you tell me the dynamic range of PCI-6289? Is there any difference using PCI-4472 or PCI-6289 when measuring vibration signal? Thank you! Regards,
-
Import of .raw files in Aperture 3.2
Hi, I recently bought a used Lumix DMC-FZ18 that support raw-format. I did some test photos today but have trouble imoprting them. When inserting the memorycard in my iMac with OS 10.7.2 all seems ok. I reply to the "import questions" and when import
-
Way to set default alarm setting?
Is there a way to set a default/preference for the alarm warnings, as in entourage? I currently have to set each event with an alarm if I want one. thanks in advance