OAM 11g Webgate 10g customized SSO logout page

Similar Messages

• Broken Image on SSo Logout Page

  Hi, I'd implemented SSO as Partner Application on an HTML DB application. Everything works great, except for the Status Image on the Logout Page, that is not been showned correctly.
  How can I fix this problem. Is this a setting on the SSO Server, or is it an HTML DB issue?
  Regards.

  Ah, ok. That will be a great solution in case I want to customize the images on that page.
  But I just want to use the standard solution with the standard icons. I'd looked at other Oracle applications and I believe that icon is called "osso_logout_success". Do I have to set sth. on the SSO Server in order to view it correctly?
  Regards

• [OAM] Want to use custom System Error page and OOTB logout page simultaneously

  Hi,
  I have developed a custom OAM System Error screen (Error.jsp). To do that, I took oamcustompages.war from the installation directory, create Error.jsp and deploy it on oam_server1 server. After that, I run the updateCustomPages(extension="jsp", context="/oamcustompages") on wlst. This works fine.
  But now, if I invoke xxxx/oam/server/logout I have the following:
  <html><head><title>302 Moved Temporarily</title></head>
  <body bgcolor="#FFFFFF">
  <p>This document you requested has moved temporarily.</p>
  <p>It's now at <a href="http://lablnx246:8888/URLWeb/oamcustompages/pages/Logout.jsp">http://lablnx246:8888/URLWeb/oamcustompages/pages/Logout.jsp</a>.</p>
  </body></html>
  So.. it appears that all pages ootb have been replaced by the custom war. Is there any way to only let Error.jsp active and other pages be called OOTB?
  Thanks!

  The updateCustomPages will change the default OOTB behaviour
  If you do not want this, you can leverage the Success URL/Failure URL configuration in the Authentication policy and point it to the custom error handler

• SharePoint 2010 with OAM 11g

  We are currently trying to integrate SharePoint 2010 server with OAM 11g with 10g webgate. In our environment SharePoint site is configured with Claims based authentication with LDAP provider for membership. We have performed all the configurations based on the Oracle documentation with validation mode as OAMHttp.
  We are seeing the following behavior after this integration.
  1)     The user requests access to an SharePoint Site
  2)     Webgate protecting the site intercepts the request, determines if the resource is protected, and challenges the user.
  3)     The user enters their OAM credentials; Webgate contacts the OAM Server, which verifies the credentials from user store and authenticates the user. Webgate generates the OAM native SSO cookie (ObSSOCookie), which enables single sign-on and sets the User ID (to username) header variable in the HTTP request and redirects the user to SharePoint site.
  Here, instead of taking user to the home page of the site, the SharePoint login page is displayed again.
  =================================================================================================
  Looking into the debug logs i found the following error.
  Date ProcessId ThreadID ManagesThreadId ClassName MethodName Message
  =================================================================================================
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.CustomMembershipProvider Initialize validationMode^OAMHttp
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator .ctor Method Entered
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator .ctor ValidationURL configured validationUrl^http://wtv-sea-spapp01.chemd.net:8086/ValidateCookie.html
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator .ctor validationHost^wtv-sea-spapp01.chemd.net
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator .ctor OAMAuthUserCookieName^OAMAuthCookie
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator .ctor Method Exited
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.CustomMembershipProvider Initialize Setting Validation Type OAMHttp
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.CustomMembershipProvider ValidateUser Entering ValidateUser : username^IDG2M
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator ValidateUser Method Entered
  Exception Caught InValidateUser
  The remote server returned an error: (403) Forbidden. at System.Net.HttpWebRequest.GetResponse()
  at Oracle.OAMHttpValidator.ValidateUser(Dictionary`2 creds)5/4/2012 4:16:19 AM 7648 3604 7 Oracle.OAMHttpValidator ValidateUser Exiting AuthStatus^AuthZFail
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.CustomMembershipProvider ValidateUser OAMauthStatus^AuthZFail
  5/4/2012 4:16:19 AM 7648 3604 7 Oracle.CustomMembershipProvider ValidateUser Method Exited returnCode^False
  If anyone have integrated OAM 11g with SharePoint 2010 earlier, appreciate your inputs in this regard.

  Each license is platform specific, you can't backwards apply or forwards apply licenses from one version of SharePoint to another.
  If you do have MSDN access, you'll have access to all current versions of SharePoint, across the current and retired server products.
  Steven Andrews
  SharePoint Business Analyst: LiveNation Entertainment
  Blog: baron72.wordpress.com
  Twitter: Follow @backpackerd00d
  My Wiki Articles:
  CodePlex Corner Series
  Please remember to mark your question as "answered" if this solves (or helps) your problem.

• Did any body try to change 10g SSO  login page to custom login page?

  Hi..
  Did any body try to change Oracle 10g SSO login page with custom login Page as we used to do in 902 and 1022 versions by changing wwsso_ls_configuration_info_t table entries?
  It seems that there is now other file policy.properties that has entry for login page.
  Is there any documentation provided by Oracle on this?
  I checked metalink and SSO admin guide?
  Any clue or glue....??
  Thanks
  Sarvesh

  Try 1 & 2 if does not work please file a daycare for further assistance.
  1.   In "Day CQ Login Selector Authentication Handler" for path info add an empty row then verify.
  2.   Delete the existing entry for "Day CQ Login Selector Authentication Handler" , Configure your custom at repository level & verify

• OAM SSO login page language

  Hi,
  I have an application that is authenticated using the SSO component of OAM 11.1.1.3. The application uses mod_osso for authentication and redirection to the SSO login page.
  My application is available in multiple languages, the end user selects the required language using a drop-down list on the landing page. However, when he/she is redirected to the SSO login page, it is always in english. From what i can see, the SSO page uses the browser settings to determine which language to display. Is there something i can do on the application side to force the SSO page to use the same language that the user selected from my application.
  I have read the "Internationalization and Multibyte Data Support for OAM 10g WebGates" chapter of the Identity Management documentation, it lists the available languages, but doesnt specify any way of over-riding the browser settings.
  Thanks a lot,
  Edited by: noshea on Apr 27, 2011 2:09 PM

  Joe wrote:
  Hello,
  I have configured OAM with OID as the datastore. I have a password policy in OID such that if the user enters a wrong password more than 3 times then > the account is locked for a specific interval.
  OAM has its own password management feature, it is not smart enough to understand that the policy is in OID. You can write custom plugins to help solve that problem or you can use OAM's LPM. http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12489/whatsnew.htm#CHDCFDEH

• Unprotect OIM 9.1 page in OAM 11g?

  I have configured 10g webgate with OAM 11g and everything seems to work great. I have a requirement to unprotect /xlWebApp/forgetPassword.do to allow password reset without challenge. I get the below error in OIM when trying to access the page. Looks like the Public Resource Policy in OAM is working, but OIM denies Anonymous User login. Can anyone help me understand how to let OIM passthrough Anonymous user for a unprotected page?
  ERROR [ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)' XELLERATE.WEBAPP - Class/Method: tcLogonAction/loginUser encounter some problems: javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User Anonymous javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User Anonymous denied
  Thor.API.Exceptions.tcAPIException: javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: java.lang.SecurityException: [Security:090304]Authentication Failed: User Anonymous javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User Anonymous denied
  at Thor.API.tcUtilityFactory.<init>(Unknown Source)
  at com.thortech.xl.webclient.actions.tcLogonAction.loginUser(Unknown Source)
  Thanks,
  Sunil.

  I see that oim expects user "Anonymous" when a resource is marked public. I tried creating the "Anonymous" user and upon hitting /xlWebApp/forgetPassword.do, oim now takes me to the home page for anonymous user, instead of forgetPassword.do page.. Has anyone done this kind of integration in OIM. Please let me know, if i'm missing something here.
  Thanks.

• Why the sign-off page Not Displayed when I do SSO Logout ?

  Hi All,
  I am using Oracle SSO 10.1.4.1 and OID 10.1.4.1 and registering our ADF application to participate in the SSO.
  When I call SSO Logout from the web application with this URL :
  http://myserver:port/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=http://myserver:port/portal/page/portal/myPORTAL
  It just do the Logout "Silently" and then redirect to http://myserver:port/portal/page/portal/myPORTAL.
  Doesn't it should firstly display a page that shows the list of all application that will be logged-Off ?
  Why that sign-off page does not get displayed ?
  Thank you for your help,
  xtanto

  Looking at the product version you mentioned, I assume you are referring to Oracle Access Manager. When you configure a Logout URL, it will just end the session by killing ObSSOCookie and take you to the Logout URL as specified by the Administrator. OOTB, it wont be able to display the list of the applications you will be logged off from. This needs custom development to achieve what you are expecting. First you need to find out what all applications the user is logged in or to what all applications the ObSSOCookie session is passed and then display them on the Logout URL.

• OAM 11g: Error while importing Custom Authentication Plug-in.

  We are trying to create a sample custom authentication plugin in OAM 11g as per the 11.1.1.5.0 doc.
  But while trying to import the plugin via oamconsole (system configuration->Plugins->Import Plugin) we receive an error "Invalid XML Structure".
  Do we have to embed the XSD (XML Schema Definition) as well ?
  -------------------------SamplePlugin.java-------------------------------------
  import oracle.security.am.plugin.ExecutionStatus;
  import oracle.security.am.plugin.MonitoringData;
  import oracle.security.am.plugin.PluginConfig;
  import oracle.security.am.plugin.authn.AuthenticationContext;
  import oracle.security.am.plugin.authn.AuthenticationException;
  import oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn;
  import java.util.Map;
  import java.util.logging.Level;
  class SamplePlugin extends AbstractAuthenticationPlugIn {
       private static final String CLASS_NAME = "FirstTestClass";
       public ExecutionStatus initialize (PluginConfig config){
            super.initialize(config);
            if(LOGGER.isLoggable(Level.FINE)){
                 LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering initialize");
            return ExecutionStatus.SUCCESS;
       @Override
       public String getDescription() {
            // TODO Auto-generated method stub
            return null;
       @Override
       public Map<String, MonitoringData> getMonitoringData() {
            // TODO Auto-generated method stub
            return null;
       @Override
       public String getPluginName() {
            // TODO Auto-generated method stub
            return null;
       @Override
       public int getRevision() {
            // TODO Auto-generated method stub
            return 0;
       @Override
       public ExecutionStatus process(AuthenticationContext arg0)
                 throws AuthenticationException {
            if(LOGGER.isLoggable(Level.FINE)){
                 LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering process");
            return ExecutionStatus.SUCCESS;
       @Override
       public void setMonitoringStatus(boolean arg0) {
            // TODO Auto-generated method stub
       @Override
       public boolean getMonitoringStatus() {
            // TODO Auto-generated method stub
            return false;
  -------------------------SamplePlugin.java-------------------------------------
  ------------------------SamplePlugin.xml--------------------------------
  <?xml version="1.0" encoding="UTF-8" ?>
  <Plugin name="SamplePlugin" type="Authentication">
  <author>Self</author>
  <email>[email protected]</email>
  <creationDate>09:41:22, 2012-02-05</creationDate>
  <version>1</version>
  <description>SamplePlugin</description>
  <interface>oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn</interface>
  <implementation>SamplePlugin</implementation>
  </Plugin>
  ------------------------SamplePlugin.xml--------------------------------
  ------------------------MANIFEST.MF--------------------------------
  Manifest-Version: 1.0
  Ant-Version: Apache Ant 1.8.2
  Bundle-Version: 1.0.0.qualifier
  Bundle-Name: SamplePlugin
  Bundle-Activator: SamplePlugin
  Bundle-ManifestVersion: 2
  Created-By: 1.6.0_24-b07 (Sun Microsystems Inc.)
  Import-Package: org.osgi.framework;version="1.3.0",oracle.security.am.
  plugin,oracle.security.am.plugin.authn,oracle.security.am.plugin.api,
  oracle.security.am.common.utilities.principal,oracle.security.idm,jav
  ax.naming,javax.sql,java.management,javax.security.auth
  Bundle-SymbolicName: SamplePlugin
  Bundle-RequiredExecutionEnvironment: JavaSE-1.6
  ------------------------MANIFEST.MF--------------------------------
  Contents of SamplePlugin.jar
  1. SamplePlugin.xml
  2. SamplePlugin.class
  3. META-INF/
  MANIFEST.MF

  I build the Plugin.jar file similarly as above(followed the same steps)..
  But when i log into OAM and trying to import the plugin (System Configuration->Plugins- Import Plugin) the browser goes to hung state and i see below error in logs (domain log and in diag log)
  I see the jar file created in this location (\Middleware\user_projects\domains\IAMdomain\oam\plugins)
  Please let me know if you have any idea..Thanks!
  ####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adf.controller.internal.metadata.MetadataService> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-00000000000003fe> <1330549803273> <BEA-000000> <ADFc: /WEB-INF/adfc-config.xml: >
  ####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adf.controller.internal.metadata.MetadataService> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-00000000000003fe> <1330549803274> <ADFC-52024> <ADFc: Duplicate managed bean definition for 'accessCheck' detected.>
  ####<Feb 29, 2012 1:10:03 PM PST> <Warning> <oracle.adfinternal.view.faces.renderkit.rich.RegionRenderer> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000402> <1330549803479> <ADF_FACES-60099> <The region component with id: pt1:_lar has detected a page fragment with multiple root components. Fragments with more than one root component may not display correctly in a region and may have a negative impact on performance. It is recommended that you restructure the page fragment to have a single root component.>
  ####<Feb 29, 2012 1:10:33 PM PST> <Error> <javax.enterprise.resource.webcontainer.jsf.application> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833253> <BEA-000000> <java.lang.NullPointerException
  javax.faces.el.EvaluationException: java.lang.NullPointerException
       at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:51)
       at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
       at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190
  ####<Feb 29, 2012 1:10:33 PM PST> <Warning> <oracle.adfinternal.view.faces.lifecycle.LifecycleImpl> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833316> <BEA-000000> <ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase INVOKE_APPLICATION 5
  javax.faces.FacesException: #{FileProcessor.doUpload}: java.lang.NullPointerException
       at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118)
       at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
       at oracle.adf.view.rich.component.rich.RichPopup$BroadcastContextCallback.invokeContextCallback(RichPopup.java:666)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.invokeOnComponent(UIXComponentBa
  >
  ####<Feb 29, 2012 1:10:33 PM PST> <Error> <oracle.oam.admin.console.policy> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-0000000000000593> <1330549833361> <OAM-400016> <Failed to authenticate the user
  javax.servlet.ServletException: java.lang.NullPointerException
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277)
  ####<Feb 29, 2012 1:10:34 PM PST> <Warning> <oracle.adf.view.rich.component.fragment.UIXRegion> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-000000000000059a> <1330549834008> <ADF_FACES-00009> <Error processing viewId: /plugin-taskflow/authplugins URI: /oracle/security/am/taskflows/authplugin.jsff actual-URI: /oracle/security/am/taskflows/authplugin.jsff.
  javax.el.ELException: java.lang.NullPointerException
       at javax.el.BeanELResolver.getValue(BeanELResolver.java:266)
       at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:173)
       at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer$PanelCollectionHelper._encodeAll(PanelCollectionRenderer.java:728)
       at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer$PanelCollectionHelper.access$500(PanelCollectionRenderer.java:537)
       at oracle.adfinternal.view.faces.renderkit.rich.PanelCollectionRenderer.encodeAll(PanelCollectionRenderer.java:402)
       at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1396)
       at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:335)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:767)
       at javax.faces.component.UIComponent.encodeAll(UIComponent.java:937)
  ####<Feb 29, 2012 1:10:34 PM PST> <Warning> <oracle.adfinternal.view.faces.lifecycle.LifecycleImpl> <spsolutions> <AdminServer> <[ACTIVE] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <weblogic> <> <d6305b57ff260991:700b4664:135ca3d69dc:-8000-000000000000059a> <1330549834020> <BEA-000000> <ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
  javax.faces.FacesException: javax.el.ELException: java.lang.NullPointerException
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:804)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:294)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:214)

• Detailed steps  to make SSO using OAM 11g

  Can anyone provide me detailed steps to configure SSO using OAM 11g.
  thanks

  Hi,
  Install webgates in OHS
  First you deploy the web application in web/application server
  1. Create user Identity Store
  2. Create authentication scheme.....and use identity store create above
  3. Create Authentication module
  3. Create Application Domain
  4. In application Domain Create Create Authentication and authorization policies
  5. Add the resource which you want to protect in Authentication & Authorization Policies
  6. Testing
  Regards
  Kumar
  Edited by: Kumar.kummathi on Sep 17, 2012 11:55 AM

• Unable to authenticate users using Custom plugins in OAM 11g

  We are working on a requirement in which we have to write a custom authentication plugin in OAM 11g.
  we were able to import and activate the plugin
  we created a new authentication module with steps in the following order
  1)UserIdentificationPlugin
  2)UserAuthenticationPlugin
  3)Our custom plugin to create custom responses(We just created the class with mandatory methods and process method returning success)
  but finally when we try to authenticate,authentication fails resulting in OAM-2 error.We had entered valid credentials
  Can somebody please help me on resolving this issue.
  The plugin code,manifest file and Metadata XML is shared below.
  Plugin Code
  public class NewPlugin extends AbstractAuthenticationPlugIn {
  private static final String CLASS_NAME = "FirstTestClass";
  public ExecutionStatus initialize (PluginConfig config){
  super.initialize(config);
  if(LOGGER.isLoggable(Level.FINE)){
  LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering initialize");
  return ExecutionStatus.SUCCESS;
  @Override
  public String getDescription() {
  // TODO Auto-generated method stub
  return null;
  @Override
  public Map<String, MonitoringData> getMonitoringData() {
  // TODO Auto-generated method stub
  return null;
  @Override
  public String getPluginName() {
  // TODO Auto-generated method stub
  return null;
  @Override
  public int getRevision() {
  // TODO Auto-generated method stub
  return 0;
  @Override
  public ExecutionStatus process(AuthenticationContext context)
  throws AuthenticationException {
  if(LOGGER.isLoggable(Level.FINE)){
  LOGGER.logp(Level.FINE,CLASS_NAME,"initialize","Entering process");
  return ExecutionStatus.SUCCESS;
  @Override
  public void setMonitoringStatus(boolean arg0) {
  // TODO Auto-generated method stub
  @Override
  public boolean getMonitoringStatus() {
  // TODO Auto-generated method stub
  return false;
  MANIFEST.MF
  Manifest-Version: 1.0
  Bundle-ManifestVersion: 2
  Bundle-Name: NewPlugin Plug-in
  Bundle-SymbolicName: NewPlugin
  Bundle-Version: 1.0.0
  ImportPackage:org.osgi.framework;version="1.3.0",oracle.security.am.plugin,oracle.security.am.plugin.authn,oracle.security.am.plugin.api,oracle.security.am.common.utilities.principal,oracle.security.idm,javax.naming,javax.sql,javax.security.auth
  Bundle-RequiredExecutionEnvironment: JavaSE-1.6
  METADATA XML
  <?xml version="1.0" encoding="UTF-8" ?>
  <Plugin name="NewPlugin" type="Authentication">
  <author>me</author>
  <email>[email protected]</email>
  <creationDate>11:40:20,2012-13-02</creationDate>
  <version>1</version>
  <description>Custom User Authentication Plugin</description>
  <interface>oracle.security.am.plugin.authn.AbstractAuthenticationPlugIn</interface>
  <implementation>newplugin.NewPlugin</implementation>
  <configuration>
  <AttributeValuePair>
  <Attribute type="String" length="20">DataSource</Attribute>
  <mandatory>true</mandatory>
  <instanceOverride>false</instanceOverride>
  <globalUIOverride>true</globalUIOverride>
  <value>jdbc/CISCO</value>
  </AttributeValuePair>
  </configuration>
  </Plugin>

  Your search results show that the user "collini" was not found (nentries=0). This could be caused by a number of reasons.
  1) The user doesn't exist under "ou=people,dc=our,dc=domain"
  2) The user doesn't contain the posixAccount objectclass
  3) The user account that performed the search doesn't have access rights to read/search that user account
  What user account was used to BIND on the connection that the search was done on?
  Try performing the same exact search with an account you know can retrieve the entry. For example:
  ldapsearch -D "cn=Directory Manager" -w - -b ou=people,dc=our,dc=domain -s one "(&(objectClass=posixAccount)(uid=collini))"
  If the entry doesn't return as a result of the search then either #1 or #2 above is the problem. If the entry does return then #3 is your problem.

• Custom Logout Page based on PL/SQL

  Hi
  I need to write a custom logout page using PL/SQL Procedure.I have created a procedure as :
  create or replace PROCEDURE my_logout
  p_done_url in varchar2 default null,
  p_paname in wwsec_api.array default wwsec_api.empty,
  p_palogout in wwsec_api.array default wwsec_api.empty
  is
  begin
  end;
  I granted execute permission on this procedure to public.
  I made the changes in WWSSO_LS_CONFIGURATION_INFO$ table and set login_url as 'UNUSED UNUSED http://host:port/pls/orasso/orasso.my_logout'
  But on logout I keep getting the 404 'not found' error.
  Please let me know if my declaration of the procedure is correct?
  Thanks,
  Shipra

  Pls take a look at Chapter 8-'Customizing the Single Sign-On Interface' of 'Oracle9iAS Single Sign-On Administrator's Guide Release 2 (9.0.2)' for installing customized logout page.
  Hope it helps!!!
  PS:
  The LOGIN_URL column contains three values separated by a space. The first value specifies the URL for the Login page, the second the URL for the Change Password page, and the third the value for the Single Sign-Off page.
  By default, the LOGIN_URL column contains the values UNUSED UNUSED UNUSED, which specify that the Login, Change Password, and Single Sign-Off pages use the standard Single Sign-On pages.
  ...]

• Custom Token authentication using OAM 11g

  Hi All,
  I have the following requirement: Authenticate a resource based on custom token if it is null or not. There is no need to map the token with an user record.
  Environment is all 11g.
  What is the best way to implement it? Is it possible to do it with just OAM 11g alone? Or does it require Oracle STS too? Please provide your inputs.
  Thanks,
  Mahendra.
  Edited by: 903004 on Jan 8, 2012 9:08 PM

  Can someone provide inputs on this? Please treat this as urgent.

• Custom sign in page OBIEE 11g

  Hello all,
  I have almost did it :D
  I followed the instructions of rittman mead --> http://www.rittmanmead.com/2010/12/oracle-bi-ee-11g-styles-skins-custom-xml-messages/
  But the last step is missing :/
  I have a folder with sk_pageaccuei, s_pageaccueil and WEB_INF which is cold analyticsRes.
  It is located here : /opt/oracle/obiee/middleware/instances/instance1/bifoundation/OracleBIPresentationServicesComponent/coreapplication_obips1/
  I have changed the logo and i'm able to see it by enter the url.
  The problem is, when I add these following lines in my instanceconfig, the presentation server does not restart !
  <URL>
  <CustomerResourcePhysicalPath>
  /opt/oracle/obiee/middleware/instances/instance1/bifoundation/OracleBIPresentationServicesComponent/coreapplication_obips1/analyticsRes
  </CustomerResourcePhysicalPath>
  <CustomerResourceVirtualPath>/analyticsRes</CustomerResourceVirtualPath>
  </URL>
  <UI>
  <DefaultStyle>pageaideaccueil</DefaultStyle>
  <DefaultSkin>pageaideaccueil</DefaultSkin>
  </UI>
  Could you tell me where i'm doing a mystake ?
  My OBIEE is sets up on a Linux platform...
  Thanks a lot,
  Antoine

  I seem to have found conflicting information on the resource virtual path. In one instance docs say the default is '/Res' but other docs say the default is '/analyticsRes'. My guess is if this is reserved internally to default to '/analyticsRes' and then fall back to '/Res' then attempting to overwrite the default with instanceconfig using a reserved word would throw an error.
  1) Did you try the instanceconfig without the virtual path to /analyticsRes?
  2) Does the saw.log indicate why the restart failed?

• OAM 11g "Failure URL" in Authoriztion policy not working?

  Hi,
  Per the subject, I am running OAM server 11g (11.1.1.3), with an OAM 10g Apache webgate.
  In the OAM Authorization policy (protected), I have specified a full URL for the "Failure URL", to get the browser to redirect when an authorization failure occurs.
  However, when I test with a user that does not have access (user authenticates ok, but doesn't have right to access the protected resource), instead of the browser being redirected, I am getting an "Oracle Access Manager Operations Error" page.
  I've been trying to figure this out, and have found several threads about this, e.g.:
  OAM 11g authz redirect URL not working?
  But, as I said, I am using OAM 11g server, and there is no "Inconclusive URL" in the policy settings (I guess there was in 10g, but not in 11g).
  I have trace logging enabled on the OAM server, and I can clearly see that the request is getting "results DENY", but there's no indication in the logs that OAM server is aware of any failure redirection URL.
  I've also got a header trace, and I can see that the browser is simply being re-directed to the "/oberr.cgi...." URL, so it' not going "somewhere else".
  So, does anyone know why the "Failure URL" is not working in OAM 11g in Authorization policies?
  Thanks,
  Jim
  P.S. The URL that it's suppose to be re-directing the browser to is in the Public resources under Authorization, and as I said, I don't see the browser even attempting to go to the failure URL, either via header traces or the OAM server logs.
  Edited by: jimcpl on Nov 5, 2011 8:53 PM

  Hi,
  Per the subject, I am running OAM server 11g (11.1.1.3), with an OAM 10g Apache webgate.
  In the OAM Authorization policy (protected), I have specified a full URL for the "Failure URL", to get the browser to redirect when an authorization failure occurs.
  However, when I test with a user that does not have access (user authenticates ok, but doesn't have right to access the protected resource), instead of the browser being redirected, I am getting an "Oracle Access Manager Operations Error" page.
  I've been trying to figure this out, and have found several threads about this, e.g.:
  OAM 11g authz redirect URL not working?
  But, as I said, I am using OAM 11g server, and there is no "Inconclusive URL" in the policy settings (I guess there was in 10g, but not in 11g).
  I have trace logging enabled on the OAM server, and I can clearly see that the request is getting "results DENY", but there's no indication in the logs that OAM server is aware of any failure redirection URL.
  I've also got a header trace, and I can see that the browser is simply being re-directed to the "/oberr.cgi...." URL, so it' not going "somewhere else".
  So, does anyone know why the "Failure URL" is not working in OAM 11g in Authorization policies?
  Thanks,
  Jim
  P.S. The URL that it's suppose to be re-directing the browser to is in the Public resources under Authorization, and as I said, I don't see the browser even attempting to go to the failure URL, either via header traces or the OAM server logs.
  Edited by: jimcpl on Nov 5, 2011 8:53 PM