Looking for recommendations for SSO using Identity Management Suite

Similar Messages

• Using Identity Management for Securing Web Services

  My goal is to associate my services with an Oracle Internet Directory. I made some attempts to set up SAML authentication for the web services, but it didn't have the right outcome.
  (My identity management server and OID is up and running and I have successfully made authentication modules for other web applications)
  Here is what I did:
  1. I wrote a simple java file, used jdeveloper tools to create and deploy it as a web service to OC4J. I associated an identity management server with this service through OC4J web tools as security provider.
  2. I made a data control for the web service and put it in an ADF application . (client)
  3. I deployed the client project(2) to OC4J.
  I could use the web service through the page.
  Then
  I secured the webservice to expect SAML for authentication.
  Surprisingly, the client could still communicate with the webservice, Why? Shouldn't it have rejected the request because of the problem in SAML token? (The proxy and the data control were not secured, and didn't provide any SAML tokens)
  4.
  I added login page to my client project (through ADF security wizard). It used idenity management for authentication successfully. login process completes and web service data control is displayed.
  5. I want the authentication information to be propagated through the page so that the web service receives the data and uses Identity Management.
  I know I should add <property name="oracle.security.wss.propagate.identity" value ="true"/>
  to one of the configuration files, but don't know where exactly.
  Best Regards,
  Farbod

  It doesnt matter whether the service is invoked as part of your larger process or not, if it is performing any business critical operation then it should be secured.
  The idea of SOA / designing services is to have the services available so that it can be orchestrated as part of any other business process.
  Today you may have secured your parent services and tomorrow you could come up with a new service which may use one of the existing lower level services.
  If all the services are in one Application server you can make the configuration/development environment lot easier by securing them using the Gateway.
  Typical probelm with any gateway architecture is that the service is available without any security enforcement when accessed directly.
  You can enforce rules at your network layer to allow access to the App server only from Gateway.
  When you have the liberty to use OWSM or any other WS-Security products, i would stay away from any extensions. Two things to consider
  The next BPEL developer in your project may not be aware of Security extensions
  Centralizing Security enforcement will make your development and security operations as loosely coupled and addresses scalability.
  Thanks
  Ram

• Looking for a remote desktop management system

  Hello,
  I am looking for a remote desktop management system which should be very user-friendly. We would prefer a open-source software for that for further customization. I have found Paragent software which seems to be looking good so far, any suggestions regarding this would be appreciated.
  Thanks in advance.
  bmora96

  How is this related to Java?
  Edited by: wpafbuser1 on Feb 22, 2008 9:22 AM

• Looking for a good download manager !

  Im looking for a good download manager which completely integrates into browsers like safari,firefox and opera specialy be able to catch rapidshare files when you try to download as premium user, preferably free
  i really miss IDM in windows and thats why sometimes i need to switch to vista to start my downloads.
  thanks for any advice or help

  Look for them at VersionTracker or MacUpdate.

• Error while installing OFM 11g - Oracle Identity management suite 11g

  Hi,
  I am getting following error while installing Oracle Identity management suite 11g (Oracle Internet Directory & Oracle Virtual Directory) on Red Hat Linux 5.0.
  "Error in invoking target 'client_sharedlib' of makefile '/apps/idm/Oracle/OracleHome/Oracle_Home/rdbms/lib/ins_rdbms.mk"
  the same error is repeating for others also i.e. 'all', 'install" etc.
  Can you advice me how to overcome this?
  Regards
  Chinta

  Hi Chinta,
  Pl. check for all gcc and glibc OS packages compatibility with your your OS. This will solve your problem.
  Also check that you are not installing a 32 bit IM software on a 64 bit machine or viceversa.
  regards,
  Sailesh

• Error while installing Oracle identity Management Suite 11.1.1.2.0.

  Hi,
  I am installing Oracle Identity Federation in that i am getting following issue while configuring the tools in Oracle Identity Management Suite 11.1.1.2.0.
  "Error Starting Managed Server wls_oif1.
  Cause:
  An internal error has occured : Managed Server didn't start in RUNNING mode"
  Can anyone please help me to solve this issue.
  -Sri

  Hi,
  The pre-req is that it should be minimum 2GB RAM.
  Also please try starting the server manually and stop the server and then Retry in the install wizard.
  Thanks,
  Mahendra.

• Looking for a good Password Manager App for the iPhone

  I'm looking for a good and reliable Password Manager App for the iPhone with sync capabilities on macs. I've read several reviews on several different apps on iTunes, and either they don't work properly, or they're a rip off, or they just don't sync or all of the above. Any recommendations?
  Thanks in advance.

  I've been very happy with 1Password, though I haven't used the iPhone component (not having an iPhone).
  Disclaimer: any product suggestion and link given is strictly for reference and represents my opinion only. No warranties express or implied. I get no personal benefit from the sale of any product I may recommend in any of my posts in the Discussions. Your mileage may vary. Void where prohibited. You must be this tall to ride. Objects in mirror may be closer than they appear. Preservatives added to improve freshness. No animals were harmed in the making of this post.

• Error when starting UI for first time (Identity Management 7.1)

  Hello. I've installed Identity Management 7.1 on top of a fresh Netweaver 7.0 (patch 17)
  Now,I want the UI up and going. I've used the SAP-NW_IdM_IC_Install_IdMUI_7-1.pdf document as reference for setup. I can't find anything missing but still i get an errormessage when trying the http://                  (Welcome)
  ! Java.lang.NullPointerException
  Tjenesten er nede                   (Service is Down)
  Kan ikke hente MSKEY for sperret bruker (Cannot get MSKEY for locked user)
  What's wrong?
  Appreciate some help
  Regards Günther Schnell

  I too encountered this error.  After taking a look at the default trace file I observed the following error:
  Error#1#/System/Database/sql/jdbc/direct#Java#com.sap.sql_0003##SQL error occurred on connection CLKLABVM3
  IDM:mxmc_db:dbo: code=207, state="S0001", message="Invalid column name 'recoverpwdfailtask'."; SQL statement is "select is_id,resultsize, workflowrepository,enablepwdprovisioning,PwdUseDictionary,ChkPwdHistory,wfWelcomeFieldHeader,wFwelcomeFieldFooter, recoverpwdtask, recoverpwdfailtask,authqminvalues,authqalternateattr,authqalternateboth,authqalgorithm,authqpar1,authqpar2,authqpar3,authqgetpwdmethod,authqaddpwdtoume, maxloginattempts,authqStep1,authqStep2,authqStep3,authqStep4 from mxi_idstores where is_id=?".
  In order to resolve this, I had to apply the latest update (ICDESIGNTIME01_0-10007480) for the IDM design time.  The update will add the missing column tot he table structure. 
  As per the instructions, ensure that you make a backup of your database before applying the patch.

• Looking for a Calendar w/ Management Tool

  Hi, I am looking for a calendar creator that comes with some sort of Management Tool so that once I have adapted the code to fit a site, my clients can easily add events without messing with the code. Does anyone know of one or use one that they like?

  You don't have order iPhoto books, prints, etc. from the US if you're in the UK or Ireland. Those are printed in-country; you can see pricing here. So there may be VAT, but there won't be any import/release fees.
  But as has been pointed out already, iPhoto is a Mac-only application. So unless you have access to a Mac you can use, you'll have to look for an equivalent application/service for Windows.

• Foreach Loop Container with a Data Flow Task looking for file from Connection Manager

  So I have a Data Flow Task within a Foreach Loop Container. The Foreach Loop Container has a Variable Mapping of User:FileName to pass to the Data Flow Task.
  The Data Flow Task has a Flat File Source since we're looking to process .csv Files. And the Flat File Source has a Flat File Connection Manager where I specified the File name when I created it. I thought you needed to do this even though it won't really
  use it since it should be getting its File name from the Foreach Loop Container. But when attempting to execute, it is blowing up because it seems to be looking for my test file name that I indicated in the Flat File Connection Manager rather than the file
  it should be trying to process in User:FileName from the Foreach Loop Container.
  What am I doing wrong here??? I thought you needed to indicate a File name within the Flat File Connection Manager even though it really won't be using it.
  Thanks for your review...I hope I've been clear...and am hopeful for a reply.
  PSULionRP

  The Flat File Connection manager's Connection String needs to be set to reference the variable used in the ForEach Loop:
  Arthur My Blog

• How to get the user created when I prepare for the BD Identity Manager

  Hi I have a query, I need to get a backup database Identity Manager 9.1, I have a problem I do not remember user created to perform the backup, how can you know that I created when I made the installation of Identity Manager, or how can I find

  Hi,
  You can do this trick:
  1) Go to "Deployment Manager" in the Web Console, and open the EXPORT applet
  2) Export the User Defined Fields from the USR form. You don't need any dependence for this.
  3) Open the generated XML with a text editor.
  3) Search for the <SDK_SCHEMA> tag
  This tag contains the OIM schema name, wich shoud be your OIM database user.
  Hope it helps,

• Look for: components used for Service Brokerage (CSB) for mobile networks

  I am looking for developers/company offering components used for Central Service Brokerage (CSB) for mobile networks. It aims to store consumer profiles and directs service requests (shopping, travel & meeting services, hospitality and insurance) from mobile consumers to connected retailers and appointed service providers.
  I would be higly interested in almost ready to use components/architecture which can be used in new service/start-up situation.

  Hey Anthony,
  Yes, a lot to read, thanks for reading though!
  For the External Web Services, since I have it set to fe-pool.domain.local right now, I figure this is as simple as flipping it to fe-pool.domain.com within Topology Builder | Enterprise Edition Front End Pools | Edit properties | Web services?
  After which, I assume I will need to create a new host A record for fe-pool.domain.com, pointing to the Pub IP 1.2.3.4 I have set up to forward directly onto my FE Server of 18.20? I am a bit of confused as to how this external web service is contacted,
  does the mobile app use lyncdiscover.domain.com to find this information? In other words, does the lyncdiscover allow the mobile app to get inside the topology, the topology reports to the mobile app that "Hey, fe-pool.domain.com is going to be your External
  web service as defined in the topology" ? If its just that easy this should be a quick change.
  As for your next question, on the F5 level I'm pretty certain it is just set to take any packets coming in from pub IP 1.2.3.4 : 80 or 8080, or 443, or 4443, to allow it to go to that FE server IP on any of those ports. I don't believe it is actually taking
  a 443 packet, and converting it into a 4443 destination. Also note, I am forcing lyncdiscover to use port 80, instead of 443 because I am unable to get a new pub cert with the lyncdiscover SAN.
  As for the domain user, it is simply just my single user and I am flipping the SIP domain in the control panel within the user properties. domain.com and domain.local are both configured SIP domains in my topology, however i have domain.com as the default.

• Looking for examples using BigDecimal

  Two newbies to Java are looking for examples of code that use the BigDecimal features for rounding and truncating large numbers to more user-friendly values.
  We are doing some hefty math calculations on values defined as doubles and want to round and truncate to within 1/100th for display purposes.
  We've tried some stuff on our own, but it is not cooperating. Any help would be greatly appreciated!

  Here is a good article of how to use BigDecimal
  http://www.javaworld.com/javaworld/jw-06-2001/jw-0601-cents.html
  Hope this helps

• Looking for information using labview and measuing Hydrogen\Oxygen duing Electrolysis tia sal2

  Greetings All
  I'm looking for any information on how to setup labview 7.1 to measure Hydrogen/Oxygen during electrolysis.  Can someone send us information on what equipment we would need.
  PS we don't have deep pockets we currently have labview 7.1 and we are testing with a usb 6008 currently.
  Thanks

  Hi sal2-
  In order to measure concentrations of these elements during processing you will first need to select an appropriate transducer.  Perhaps another user with more experience in electrolysis processing can suggest the external hardware.
  Once your transducer is properly configured you will just need to read the signals into your USB-6008 as voltage signals and scale them in software.  A great example of this is found in the NI Example Finder for LabVIEW (Help>>Find Examples) by browsing to Hardware Input and Output>>DAQmx>>Analog Measurements>>Voltage>>Cont Acq & Graph Voltage-IntClk.
  Thanks-
  Tom W
  National Instruments

• Looking for Mac software that manages text messages on Nokia 6300

  iSync only manages contacts and calendar. How do I send and receive text messages on my Mac? I would greatly appreciate it if anyone in the forum can give a hint. I have been using Nokia PC Suite in VMWare Fusion and it was very slow and annoying. Thanks in advance.

  1) it can't read text messages from my Nokia phone;
  If you look at the compatibility list you'll see that its because your phone does not provide a public way to read SMS over Bluetooth. So, nothing that can be done about that.
  2) I am still trying to find out how I can send a message to many recipients at the same time.
  Just enter more than one number into the TO field of a message. You can also send to Address Book groups.