Logout URL for 9iAS SSO Partner App

Similar Messages

• How to set up ApEx as a SSO partner app?

  I seem to be stuck in something of an endless loop here.
  I'm trying to set up the authentication for an ApEx app to use my Oracle AS SSO. When I start the wizard to create a new authentication scheme I choose "Based on a pre-configured scheme from the gallery". That shows me five choices (open door, ApEx credentials, database credentials, LDAP, and "no authentication"). When I click on the "Information" link at the bottom it displays some text for two more choices which aren't listed above: "Oracle Application Server Single Sign-On (Application Express engine as Partner App)" and "Oracle Application Server Single Sign-On (My application as Partner App)". Those descriptions also say that those choices aren't displayed because "This Application Express site must have already been registered as a partner application with the SSO server."
  OK -- no big deal. I'll just register the ApEx site as a partner app. I found this link explaining how to do that: http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html
  Now, reading that page, I get to this step in the process: "Using the Application Express Application Builder, use the create authentication scheme wizard to create an authentication scheme based on the pre-configured
  scheme Oracle Application Server Single Sign-On (Oracle HTML DB Engine as Partner App)."
  And back to the top of my loop. The wizard in Apex tells me that I can't see the SSO choice when I'm creating my app's authentication because it's not registered as a partner application, and the instructions which tell me how to register ApEx as a partner application tell me to pick the SSO choice in the ApEx wizard.
  Has anyone managed to break out of this Groundhog Day documentation loop?

  Well,
  There are 5 choices to choose from on the page. In the description of the choices at the bottom of the page there are 7, and the two additional choices talk about having to first have registered the site with SSO. So...I'm interpreting that as meaning that other 2 possible choices would be displayed if the site is registered with SSO. That, plus the fact that the page which describes how to add the site to SSO seems to think that the SSO choices are displayed in the wizard.
  So, no, there's no "exact launguage" that says what the reason is for the choices not being displayed. Can you point me to some exact language that tells me how to get those choices displayed?

• Site2pstoretoken associated URL for Oracle SSO

  Hi,
  My login app works fine except for I need to determine the destination before the app does a submit to /sso/auth. My understanding is that the site2pstoretoken does this. The problem is that it looks like it is stored somewhere in a database or encrypted. Any ideas on how I could fine the destination URL or decrypt it.

  Hi,
  I would be interested in hearing how you resolved this and what was the outcome? Thanks.

• Toolbar Button to Open Custom URL for a Business Partner

  Hi All,
  for a CRM 5.2 implementation, I'm trying to open a URL in a new explorer window when on hte BP Account Overview ( Corporate Account ).
  I've created and added the Button, I've created an event, but when I launch the code behind the event to open a new explorer window, this does not work.
  I've tried several alternatives already ( see below ), but can't seem to find a working one.
  Can someone please helpme out ?
  Component BP_HEAD, view BPHEADOverview.
  CALL METHOD navigation->GOTO_PAGE
    EXPORTING
      URL     = 'http://www.sap.com'
     SESSION =
  or
  call method cl_gui_frontend_services=>execute
    exporting
      application = 'iexplore.exe'
    parameter   = 'http://www.sap.com'
    exceptions
      others = 1.
  or
    CALL FUNCTION 'CALL_BROWSER'
      EXPORTING
        URL                          = w_url
      WINDOW_NAME                  = ' '
        NEW_WINDOW                   = 'X'
      BROWSER_TYPE                 =
      CONTEXTSTRING                =
     EXCEPTIONS
       FRONTEND_NOT_SUPPORTED       = 1
       FRONTEND_ERROR               = 2
       PROG_NOT_FOUND               = 3
       NO_BATCH                     = 4
       UNSPECIFIED_ERROR            = 5
       OTHERS                       = 6.
    IF SY-SUBRC <> 0.
  MESSAGE ID SY-MSGID TYPE SY-MSGTY NUMBER SY-MSGNO
          WITH SY-MSGV1 SY-MSGV2 SY-MSGV3 SY-MSGV4.
    ENDIF.
  Thanks

  Hi,
  First of all I would advice you to post this question in the new CRM 2007 forum.
  We have created our own button that calls an URL in a separate window. Here is some coding from the method CALLBACK~GET_BUTTONS which may inspirere you:
  CONCATENATE 'javascript:window.open'
                lv_http
                '","Print","resizable=yes,height=850,width=700,dependent=yes,status=1");'
           INTO lv_java.
    ls_button-type     = cl_thtmlb_util=>gc_icon_print.
    ls_button-tooltip  = cl_wd_utilities=>get_otr_text_by_alias( 'CRM_UIU_BT_SALES_QUOT/SALESQUOT_PRINT' ).
    ls_button-on_client_click = lv_java.
    ls_button-page_id  = me->component_id.
    ls_button-enabled  = abap_true.
    APPEND ls_button TO rt_buttons.
    CLEAR ls_button.
    ls_button-text     = cl_wd_utilities=>get_otr_text_by_alias( 'CRM_UIU_BT_SALES_QUOT/SORDER_CREATEFOLLOW-UP' )."#EC NOTEXT
    ls_button-tooltip  = cl_wd_utilities=>get_otr_text_by_alias( 'CRM_UIU_BT_SALES_QUOT/SORDER_CREATEFOLLOW-UP' )."#EC NOTEXT
    ls_button-on_click = 'FOLLOWUP'.                          "#EC NOTEXT
    ls_button-page_id  = me->component_id.
    ls_button-enabled  = lv_persistent.
    APPEND ls_button TO rt_buttons.
    CLEAR ls_button.
  /Anders

• Java SSO Partner application

  Hello,
  I configured and deployed a Java Partner Application as specified in the demo (ssosdk902.zip). I created an OC4J container and deployed all beans and jsp pages. When I try to access papp.jsp page, it presents me with sso login page but when i try to access other jsp pages under the same container like (index.jsp), it does not ask present with a sso login page. I want to protect all JSP pages under that container. Should I change home url for the SSO Partner application?
  Any help is appreciated.
  Thanks.

  creating a partner application does not automatically secure the entire directory/application. it just sets a cookie for the Login Server and the Partner Application, indicating this user is authenticated.
  if you want to secure the entire directory, you need to:
  1. lock the directory down with MOD_OSSO in partnership with the Login Server
  2. put the session checking code from papp.jsp into every page you want to secure, ensuring you have a valid and current user
  3. create an application-specific security layer for the rest of your application that defers to the Oracle Security for user authentication.
  what i'm currently doing is number 3. i have my ssoHome, that ensures i have a valid Login Server user. then i create an application session around the SSO user and use that to secure the rest of my site. if that session info ever times out, i delegate back to my ssoHome to see if they're still valid according to Oracle, and if they're not, they get sent back to the Login Server.
  this model works very well for me, and is easy to manage.
  hope that helps,
  .rich

• SSO Authentication Audit Information for Partner Apps ?

  Hi,
  Is it possible to get Audit Information to show when a users has been authenticated by SSO for a Partner Application ?
  If I look at orasso.wwsso_audit_log_view I can see when a user has been authenticated and a row for Portal and each Partner App that gets authenticated. The question is can you tell which row relates to which Partner App or is there another table with this information ?
  i.e I have two Partner Apps, a user logs onto Portal and only visits pages for one of them, When I log I see 2 rows, I need to know which Partner App they vistied (A or B).
  Thanks
  Simon.

  Well in that case i guess am in luck because i am working with oracle. The thing however is that I don't know where to fetch the information about the installation and all that in order to proceed ahead.
  Besides it seems, the easier it was to make the application and deploy it on the apex, the harder it is to integrate it with the SSO.
  Also i don't understand when you say "public apex.oracle.com", I always thought it was meant only for oracle employees as in it's not accessible through the internet.
  You won't (unless you work for Oracle) be able to do
  that on the public apex.oracle.com site as far as I'm
  aware.

• Apex as Partner App using OID SSO

  Hi
  I have setup Apex as a partner App in OAS.
  Registered the partner application.
  Created a simple app that uses the builtin Apex auth as partner app using sso.
  I get the OAS login appearing as expected for authentication however apon entering credentials successfully
  The success url takes me to server:7777/sso/auth and displays page can not be found
  My OAS Partner App success url registered is server:7778/dad/apex/wwv_flow_custom_auth_sso.process_success
  app schema registered details
  My lsnr token is HTML_DB:server:7778
  other details cut and copied from OAS registration page.
  lsnr login url is the oas sso login url is this correct?
  Appears to work apart from the success url finding its way back to my app.
  TIA
  Richard.

  Hello all,
  I'm having somewhat of a similar issue, but I think our setup might be making it a bit more complex.
  First question, simple one:
  1.
  In my authentication method in my apex app, when I set my logout URL to http://{myhost}:{myport}/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=http://www.google.com
  It doesn't automatically redirect. I have to press the Return button on the OAS Single Sign-Off page to redirect to www.google.com
  Is the redirect not automatic? Is there a way to make it automatic?
  2.
  We have the issue where you login via SSO into an APEX application (APEX as a partner app). But the logout url does not truly log the user out. It redirects to our public page as we expect it to, but when they press the login button, it just goes straight back in (as if they were never logged out).
  Now I know this has to do with the cookie, but here's the tricky part.
  Our OAS server (that has Portal) is on a separate box. We've upgraded all our database servers, and they all have now a different domain than the OAS server. So now, OAS is in company1.com domain and our APEX apps are on company2.net domains.
  Our DBA had setup us his own flavor of SSO logout (public synonym for all apex workspaces to use). He has an actually database procedure that used the owa_cookie package to look for the cookie and invalidate it on logout. With the new domains, his logic no longer works, because I believe the cookie is still in company1.com domain and the logout proceduce is running from the company2.net domain and cannot find the cookie (since it's not in it's domain).
  After all that, I am thinking that since we can successfully login to SSO in company2.net domain via the OAS server, then we should also be able to logout of SSO successfully via the OAS server as well. Am I on the right track here? Is it possible with multiple domains?
  Thanks,
  Chris
  Edited by: CDub on Oct 19, 2009 1:55 PM

• Partner App OAS SSO integration does not work

  Hi All,
  I try to make OAS SSO work. I have app I built in HTML DB, I try to make it work as Partner Application for OAS SSO. I've done all requierments to install SSO SDK and try to make it work - it was fruitless.
  Then I try to make Test App work (\ssosdk307_032101\demo\plsql\) - it was fruitless also.
  I received the same error messages in Apache error_logs:
  [Thu Nov  4 12:06:54 2004] [error] [client 192.168.83.43] [ecid: 1099562814:192.168.83.197:9461:0:1,0] mod_plsql: /test2/test_setup HTTP-503 ORA-6550 Call to WPG_SESSION API Failed.
  [Thu Nov  4 12:06:54 2004] [error] [client 192.168.83.43] [ecid: 1099562814:192.168.83.197:9461:0:1,0] mod_plsql: ORA-06550: line 4, column 2:
  PLS-00201: identifier 'FLOWS_010500.WPG_SESSION' must be declared
  ORA-06550: line 4, column 2:
  PL/SQL: Statement ignored
  ORA-06550: line 5, column 16:
  PLS-00201: identifier 'WPG_SESSION_PRIVATE.CREATE_SESSION' must be declared
  ORA-06550: line 5, column 2:
  PL/SQL: Statement ignored
  ORA-06550: line 6, column 15:
  PLS-00201: identifier 'WPG_SESSION_PRIVATE.GET_LW_USER' must be declared
  ORA-06550: line 6, column 2:
  PL/SQL: Statement ignored
  ORA-06550: line 7, column 2:
  PLS-00201: identifier 'FLOWS_010500.WPG_SESSION' must be declared
  ORA-06550: line 7, column 2:
  PL/SQL: Statement ignored
  Could someone point me what to do in order to make it work? I guess I miss some step but I don't know what one I've missed :(((
  Thanks,
  Sergiy

  Scott,
  Thanks for your reply. I double check instruction and re-done all steps. I try to start demo application (I didn't even go further tneh step 4 in Install.txt!)
  from ...\ssosdk307_032101\demo\plsql\Readme.txt 5. To verify the web server setup, go to the following URL to see the test page:
  http://<hostname>:<port>/pls/<dad_name>/<schema_name>.test_setup
  , but I receive the same error messages in IE and in Apache error_logs.
  I see at this point one weak area - this is DAD. As I understand I need to create dad in dads.conf, am I right?
  Maybe I didn't created it right?
  Could you post some working dad for SingleSignOn?
  Thanks,
  Sergiy

• No effect for registration the Partner Application SSO for OAS 10.1.2.0.2

  Dear OAS experts, could you please help me with the problem, it worried me for weeks:
  I have 2 OAS 10.1.2.0.2 on a different physical servers -
  1) type Identity Management, host - OIDserver.mysite.ru, ORACLE_HOME = /d01/oracle/prd/imapp,
  2) type J2EE and Web Cache, host - PerlApp.mysite.ru, ORACLE_HOME = /d01/oracle/prd/app_server_101202
  they both are in the farm INFRA.mysite.RU, Repository Type - Database
  There is a Perl application on a 2-nd server, it should be working thru SSO thru any free port (https). I defined 4445 for it. It's supposed that reference https://PerlApp.mysite.ru:4445 will be redirected to SSO. (On a 4445 for ssl it is faking certificate Oracle for testing purposes, but it doesnt bother me cause I need just to check if it redirects to SSO server, and next step I make certificate real).
  What I did: I registered partner app on 1 server as per doc:
  $ORACLE_HOME/sso/bin/ssoreg.sh -oracle_home_path /d01/oracle/prd/imapp -site_name PerlApp.mysite.ru:4445 -config_mod_osso TRUE -mod_osso_url https://PerlApp.mysite.ru:4445 -remote_midtier -config_file /d01/oracle/prd/imapp/Apache/Apache/conf/osso/osso4445.conf
  Then I transfer appeared file osso4445.conf from 1 to 2 server thru FTP in /d01/oracle/prd/app_server_101202/Apache/Apache/conf/osso/
  I changed /d01/oracle/prd/app_server_101202/Apache/Apache/conf/mod_osso.conf on 2 server a bit, so that it referenced new config file osso4445.conf
  It looks like:
  LoadModule osso_module libexec/mod_osso.so
  <IfModule mod_osso.c>
  OssoIpCheck off
  OssoIdleTimeout off
  OssoConfigFile /d01/oracle/prd/app_server_101202/Apache/Apache/conf/osso/osso4445.conf
  # Insert Protected Resources: (see Notes below for how to protect resources)
  # Notes
  # 1. Here's what you need to add to protect a resource,
  # e.g. <ApacheServerRoot>/htdocs/private:
  # <Location /private>
  # require valid-user
  # AuthType Basic
  # </Location>
  </IfModule>
  At the end I restarted HTTP-server thru OEM console and checked:
  when I go to https://PerlApp.mysite.ru:4445 there is no any SSO redirect, it is just a certified page for App Server. What have I done wriong?

  Oracle AS 10.1.2 doesn't support J2EE 1.4 in general. You might be lucky with your tests on the other 10.1.2.x versions. For J2EE 1.4 applications you should consider AS 10.1.3.x.
  --olaf                                                                                                                                                                                                                                                                                                                                                                                           

• APEX as Partner APP in SSO - Post Authentication Process

  I am trying to get APEX to work as Partner APP with SSO. It's almost working but a vitol piece doesn't cooperate.
  In my old authentication scheme (built-apex) I have a Post-Authentication Process (see below) that needs to set my page 0 items. When I put this into my new authentication scheme for SSO and try to log-in, I get a blank screen.
  If i take it out, my screen displays fine, but my page 0 items are not set with the correct values. What am I missing?
  DECLARE CURSOR get_user_defaults IS
  select B.fk_school, B.year, B.pk_id,
  nvl(A.user_type,'N') user_type
  from "#OWNER#".sis_user_roles B, "#OWNER#".sis_user A
  where A.user_name = :APP_USER and
  B.fk_sis_user = A.pk_id
  order by decode(B.default_role,'Y',1,2);
  BEGIN
  FOR user_defaults_loop in get_user_defaults LOOP
  :P0_LOGIN_SCHOOL := user_defaults_loop.fk_school;
  :P0_LOGIN_SCHOOL_YEAR := user_defaults_loop.year;
  :P0_LOGIN_ROLE := user_defaults_loop.pk_id;
  :P0_USER_TYPE := user_defaults_loop.user_type;
  EXIT;
  END LOOP;
  END;

  not sure what the problem is. Are you sure that :app_user is set already?
  However it looks as if you get an error (might result in blank screen) during your process.
  btw: the pL/sqkl block could be rewritten into a single sql select without any loop.
  BEGIN
    SELECT fk_school, year, pk_id, user_type
    INTO  :P0_LOGIN_SCHOOL, :P0_LOGIN_SCHOOL_YEAR, :P0_LOGIN_ROLE, :P0_USER_TYPE
    FROM ( 
      select B.fk_school, B.year, B.pk_id,
      nvl(A.user_type,'N') user_type, rownum rn
      from "#OWNER#".sis_user_roles B
          , "#OWNER#".sis_user A
      where A.user_name = :APP_USER
      and B.fk_sis_user = A.pk_id
      order by decode(B.default_role,'Y',1,2)
    where rn <= 1
  exception
    when no_data_found then
       raise_application_error(-20001,'User "'|| :APP_USER ||'" not found!');
  END;

• Is it possible to have custom PL/SQL signoff/logout pages per partner app?

  Hello -
  We are currently using one OID server as our SSO midtier for an Oracle portal and Oracle EnterpriseOne applications. Following document (342942.1) we have successfully been able to create a customized sign-off/logoff page. However this page defined is the same for all partner application. We would like the ability to send the users to one page if they logoff from the portal, and to another page if they logoff EnterpriseOne. Is there a way to determine which partner app is calling for a logoff, and we could populate the p_done_url variable from there?
  Thank you.

  Why not just wait for the request to complete in your PL/SQL?
  function FND_CONCURRENT.WAIT_FOR_REQUEST
  (request_id IN number default NULL,
  interval IN number default 60,
  max_wait IN number default 0,
  phase OUT varchar2,
  status OUT varchar2,
  dev_phase OUT varchar2,
  dev_status OUT varchar2,
  message OUT varchar2) return boolean;
  Trust iguru here.. the users will not notice.

• Different partner apps share sso schema?

  Sorry if this is a stupid question.
  Part of the setup and configuration of a partner application is the creation of a database schema, one in which we install the sso pl/sql packages, etc...
  I have several partner applications. Does each partner application need to have it's own unique sso schema? Or can all my partner applications share the same sso schema?
  Any recommendations?
  Thanks!
  Phillip

  To me it clearly looks like Resource forest scenario. The only difference is, you are Migrating the Mailbox into Own Forest, rather creating a New Mailbox for User in Partner AD.
  http://www.msexchange.org/articles-tutorials/exchange-server-2007/planning-architecture/deploying-exchange-resource-forest-part2.html
  http://social.technet.microsoft.com/Forums/exchange/en-US/3f020f35-df27-4a16-b3a9-9b0db7d95b61/exchange-2010-resource-forest-how-do-you-assign-permissions-to-share-linked-mailboxes
  About Single Sign On
  ADFS 2.0 should accomplish it.
  Cheers,
  Gulab Prasad
  Technology Consultant
  Blog:
  http://www.exchangeranger.com    Twitter:
    LinkedIn:
     Check out CodeTwo’s tools for Exchange admins
  Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

• What is the URL for the keynote help link in the keynote app

  what is the URL for the keynote help link in the keynote app on the ipad. I have a firewall in place to keep student from accessesing unwanted/restricted information, where can I find the url/ip address to unblock this site. Thanks

  Hi Ravi,
  As such there is no path for directly opening Visual Composer from the Netweaver system (I suppose this is what you mean by the acronym nws). Visual Composer can only be opened by the URL as given by Rahul:
  http://<hostname>:<port>/VC
  Bye
  Ankur

• URL scheme for an Windows viewer app?

  Hello everybody,
  Before sending this pos, I found a thread about URL schemes for Android and Windows apps.
  Can I set a URL scheme for an Android viewer app?
  Unfortunately, there was at that time (August) no plans from Adobe about adding this features.
  Is there any change about that ? Could it be a gift for Christmas?
  Merry Christmas, & happy new year!

  So this is doable assuming you have access to the native Android code in the app you are linking from. You can use the package name for your DPS Android application to launch it. You won't be able to use deep linking or anything like that, but you will be able to launch to the Library.
  See the following github project as a reference for a Cordova / Phonegap plugin that does this for you (if you are not using Cordova / Phonegap, then I linked to the source as well). The Cordova Launcher plugin will let you determine if the device is able to launch an app via package. You can then decide whether you want to launch the app w/ the package or you want to push the user to the app store to download the application. Both of these options can be handled w/ the Launcher plugin.
  If you want to push the user to the app store then use something like : market://details?id=[package name]
  Cordova Launcher Plugin : nchutchind/App-Launcher-Cordova-Plugin · GitHub
  Android Source Code (Reference if not using Cordova / Phonegap)  App-Launcher-Cordova-Plugin/Launcher.java at master · nchutchind/App-Launcher-Cordova-Plugin · GitHub:

• How can we get a url for a "Meet Now" conference call from within the Windows Store App?

  Hi,
  Is it possible to get the url for the current meeting / new "Meet Now" call from within the Windows Store app?
  You have the option of inviting your current Lync contacts, but I don't see a way of giving a URL to clients that would launch Lync on their device, or take them to the web app.
  I can see how to get the link using the Outlook plugin, for pre-scheduled meetings. Is this link always the same and the one that should be used for an impromptu "Meet Now" meeting? It would still be good to know how to get this URL from within
  the store app so I can tell clients where to get it.
  Some people may be on Windows RT devices and not have access to the plugin in Outlook, and want to start a meeting at short notice and then invite others via email or pasting a link to them elsewhere.
  Any help appreciated.
  If I have answered your question, please mark it as the correct answer. If I have provided helpful information, please mark it as so.

  Hi,
  Agree with Holger, I check on my Lync Windows Store app and can't find the meeting URL as well.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support