OAM Authorization POST parameters

Dear all,
I have a question about the authorization rules in OAM, my requirement is that I want on successful authorization to send a POST parameter to a protected application this parameter will include some piece of data of the logged in user (for example his social security number) and I want to make sure that no authenticated user can send the social security number of another user, so I want this parameter to be sent by OAM to ensure that it will sent the number of the logged in user.
In authorization rules (on success action) I can sent an HTTP Header or set a cookie with the number of the logged in user but I couldn't find a way to send a POST parameter.
I thought of another solution to send the parameter through a normal HTML form and make an authorization rule to check in the POST parameter (say: ssn) in the HTTP request is equal to the SSN of the logged in user but I couldn't figure how to receive parameters in the authorization rule.
I don't know it writing custom authorization plugin can be a solution or there is another solution???
Thanks in advance

Hi,
As far as I know, OAM does send params to the end user application in 2 ways. 1. Header Var 2. Cookies.
Passing params through Headervar are safer than cookies as cookies can be tampered in the interim.
However, I think Custom Authz plugin or using Reverse Proxy Server might do this job for you. You might need to explore more on that.
For the alternative solution that you are talking about as passing SSN no. from HTML form, its vulnerable and it can easily be tampered with.
-Mahendra.

Similar Messages

  • Encoding problem in call-back to hook URL (post parameters)

    Hello all,
    I'm encountering a character encoding problem while retrieving the content of the shopping basket from one of our provider.
    After the POST request is made by the provider to our system using the hook url, when debbuging I can see that some special characters are represented with the sign '#' (after the call the ITS_IMPORT_CONTEXT).
    In our case using the parameter http_content_charset with various values, including UTF-8, did not change the result.
    Inspecting the HTTP traffic has highlighted the following: the encoding received from the provider is related to UTF-8, but while we are expecting the hexadecimal values, we are receiving the "Unicode code points", which are not recognized by our SAP system. For more details look at the UTF-8 encoding table found here and compare the values under column "Unicode code point" with the one under column "UTF-8 (hex.)".
    As an example, for the character 'é', we are receiving the value "%E9" (the code point) instead of receiving the the hexa value : "%C3%A9".
    Do you have any idee if this can be corrected on our side or if the provider must addapt the way it's sending the POST parameters?
    Many thanks in advance for you help.
    Best regards,
    Jerome.

    Hi Jason,
    Indeed I had contacted the provider and informed them about the encoding problem and the fact that passing the parameter http_content_charset had no effect on the sent back encoding.
    They have taken into account my request and have changed the encoding used during the request to the HOOK_URL.
    Thanks to all of your for your help.
    Regards,
    Jerome.

  • Absolute navigation using post parameters

    Hi All
    I am navigating from WD4A iview to WD4J iview through absolute navigation and passing some parameters.
    I am expecting that these parameters size might be large. Is there is any restriction on the size of the parameters that i can pass in these method.Can i use postparameters to  overcome this restriction on size. If i use postparameters is there any restrictions on that.
    Can someone please post some helpful info or code examples to work with post parameters (Retrieving the parameters in the receiving application). Is other any other work around apart from these options.
    Thanks,
    Karthik.

    Hi,
    Check the following Threads related with retrieval of Post parameters in WD:
    How to send data from Web dynpro App to JSP or vice versa
    Re: jsp and web dynpro
    Siddharth

  • AIR auto update error, and question about POST parameters

    Hello,
    I'm getting a Download Failed error in the AIR autoupdating process;
    There was an error downloading the update. Error# 16822
    I recall this working once, the very first time that I tried it.
    My app.xml file contains this line:
        <version>12</version>
    and my update.xml file contains:
    <update xmlns="http://ns.adobe.com/air/framework/update/description/1.0">
      <version>12</version>
      <url>http:/players.biemedia.com/ooyala/Composer/Composer.air</url>
      <description>12 - Bug fixes and prepopulating defaults for player creation screen</description>
    </update>
    Pasting the URL into a browser works.
    However, this stuffresides on cloudfront.  in the past i have noticed that if something tries to send post parameters along with the request, cloudfront will deny the request.  Is it possible that the AIR app is sending POST parameters when hitting the download URL, and could this behavior be new in the last 6 months or so?
    Any other ideas?
    Thanks,
    Gerry

    Just Got The Solution for Error 16811 &  16816
    Note Following things to avoide update error
    No 1.>
    You xml schema for update descriptor.xml in  server should look similar to this
    <?xml version="1.0" encoding="utf-8"?>
    <update xmlns="http://ns.adobe.com/air/framework/update/description/2.5">
      <versionNumber>2.0</versionNumber>
      <url>http://localhost/SerialHunter/SerialHunter.air</url>
      <description><![CDATA[
    SerialHunter Version 2.0 by Rajendra Khope
    This new version includes:
        * AutoUpdate
        * Enhaced UI functions
        * Ability to add providers       
      ]]></description>
    </update>
    Note xmlns="http://ns.adobe.com/air/framework/update/description/2.5"
    and versionNumber instead of version
    Also make similar changes in appxml version field (in Burrito its by default versionNumber )
    No 2>
    if u are using code to display veesion number make sure it should look like:
    var appXML:XML = NativeApplication.nativeApplication.applicationDescriptor;
    var ns:Namespace = appXML.namespace();
    pnlMain.title=appXML.ns::name+" v "+appXML.ns::versionNumber
    Thats it...!
    Rajendra Khope
    bkrajendra at gmail dot com

  • Order for resources in OAM authorization policy

    Hi All
    Does the order for the resources in OAM authorization policy matters or can I put the resources in any order ?
    Thanks

    OAM performs resource Authentication and Authorization based on the URLs. It doesn't matter on what order you try to put them.
    ~Yagnesh

  • Read of HTTP Request POST parameters failed:Read timed out

    Hi !
    Any one seen this exception . any ideas of the cause?
    java.lang.RuntimeException: Read of HTTP Request POST parameters failed: Read timed out
    at org.apache.catalina.connector.HttpRequestBase.parseParameters(HttpRequestBase.j ava:665)
    at org.apache.catalina.connector.HttpRequestBase.getParameterValues(HttpRequestBase.java :737)
    at org.apache.catalina.connector.RequestFacade.getParameterValues(RequestFacade.java:170 )
    Thanks,

    Assuming there is nothing wrong with
    org.apache.catalina.connector.HttpRequestBase.parseParameters
    I can only think of 2 things:
    1. The timeout is set for an extremely short time in the Apache settings (server.xml&#51032;)
    2. The client application is sending the POST verry slow or incorrect. For example the
    client says that the POST is 500 long than sends 200 and leaves the connection open.
    You can try and post the following:
    request.txt:
    POST /somePath/somefile.js HTTP/1.1
    Host: localhost:44
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.5) Gecko/20041217
    Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Keep-Alive: 300
    Connection: keep-alive
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 45
    depreciatedButWontPostWithoutAName=some+valueThe client sending the request:
    import java.io.*;
    import java.net.*;
    import java.io.DataOutputStream;
    import java.applet.Applet;
    public class appTest extends Applet implements Runnable {
         public static final int HTTP_PORT = 80;
         public static final String hostName = "localhost";
         public void run() {
              try{
                   InetAddress addr = InetAddress.getByName(hostName);
                   Socket s = new Socket(addr,HTTP_PORT);
                   BufferedWriter wr = new BufferedWriter(new OutputStreamWriter(s.getOutputStream(), "UTF8"));
                   s.setSoTimeout(2000);
                   File fileToSend = new File("request.txt");
                   FileInputStream fleHTML = new FileInputStream(fileToSend);
                   StringBuffer sbHTMFile = new StringBuffer();
                   int b = fleHTML.read();
                   while(b!=-1){
                        sbHTMFile.append((char) b);
                        b = fleHTML.read();
                   wr.write(sbHTMFile.toString());
                   wr.flush();
                   BufferedReader rd = new BufferedReader(new InputStreamReader(s.getInputStream()));
                   String line;
                   while ((line = rd.readLine()) != null) {
                        System.out.println(line);
                   wr.close();
                   rd.close();
                   } catch (Exception e) {
                        e.printStackTrace();
         public void init(){
              new Thread(this).start();
         public appTest(){
              new Thread(this).start();
         // main program
         public static void main(String argv[]) throws Exception {
              new appTest();
    }In appTest.java change HTTP_PORT to the port you need and hostName to the
    hostname you need.
    In request.txt change the /somePath/somefile.js to the location you desire.
    And change Host: localhost:44 to the hostname and post you desire.

  • NestedRuntimeException: can not parse POST parameters of request

              Hi,
              I am using WL 4.5 service pack 11. The following error occurs when a second JSP page is forwarded to from the first page (ie 5.5):
              --------------- nested within: ------------------
              weblogic.utils.NestedRuntimeException: cannot parse POST parameters of request /
              Optimum/transarranger/step2_via.jsp
              - with nested exception:
              [java.net.SocketException: Connection reset by peer]
              at java.lang.Throwable.<init>(Compiled Code)
              at java.lang.Exception.<init>(Compiled Code)
              at java.lang.RuntimeException.<init>(RuntimeException.java:50)
              at weblogic.utils.NestedRuntimeException.<init>(NestedRuntimeException.j
              ava:23)
              at weblogic.servlet.internal.ServletRequestImpl.mergePostParams(Compiled
              Code)
              at
              at
              at jsp_servlet._Optimum._transarranger._step2_95_via._jspService(Compile
              d Code)
              at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
              at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Compiled Code
              at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled C
              ode)
              at weblogic.servlet.JSPServlet.service(JSPServlet.java:132)
              at javax.servlet.http.HttpServlet.service(Compiled Code)
              at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Compiled Code
              at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled C
              ode)
              at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled C
              ode)
              at weblogic.socket.MuxableSocketHTTP.invokeServlet(Compiled Code)
              at weblogic.socket.MuxableSocketHTTP.execute(Compiled Code)
              at weblogic.t3.srvr.ExecuteThread.run(Compiled Code)
              Does any one know how to fix this problem?
              Thanks!
              Chengwei
              

              Hi
              We are using Weblogic 5.1 service pack 10. We are seeing the same error sometimes.
              Any reason/solution to this?
              thanks
              Sri
              "Chengwei" <[email protected]> wrote:
              >
              >Hi,
              >
              >I am using WL 4.5 service pack 11. The following error occurs when a
              >second JSP page is forwarded to from the first page (ie 5.5):
              >
              >--------------- nested within: ------------------
              >weblogic.utils.NestedRuntimeException: cannot parse POST parameters of
              >request /
              >Optimum/transarranger/step2_via.jsp
              > - with nested exception:
              >[java.net.SocketException: Connection reset by peer]
              > at java.lang.Throwable.<init>(Compiled Code)
              > at java.lang.Exception.<init>(Compiled Code)
              > at java.lang.RuntimeException.<init>(RuntimeException.java:50)
              > at weblogic.utils.NestedRuntimeException.<init>(NestedRuntimeException.j
              >ava:23)
              > at weblogic.servlet.internal.ServletRequestImpl.mergePostParams(Compiled
              > Code)
              > at
              > at
              > at jsp_servlet._Optimum._transarranger._step2_95_via._jspService(Compile
              >d Code)
              > at weblogic.servlet.jsp.JspBase.service(JspBase.java:27)
              > at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Compiled
              >Code
              >)
              > at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled
              >C
              >ode)
              > at weblogic.servlet.JSPServlet.service(JSPServlet.java:132)
              > at javax.servlet.http.HttpServlet.service(Compiled Code)
              > at weblogic.servlet.internal.ServletStubImpl.invokeServlet(Compiled
              >Code
              >)
              > at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled
              >C
              >ode)
              > at weblogic.servlet.internal.ServletContextImpl.invokeServlet(Compiled
              >C
              >ode)
              > at weblogic.socket.MuxableSocketHTTP.invokeServlet(Compiled Code)
              > at weblogic.socket.MuxableSocketHTTP.execute(Compiled Code)
              > at weblogic.t3.srvr.ExecuteThread.run(Compiled Code)
              >
              >Does any one know how to fix this problem?
              >
              >Thanks!
              >Chengwei
              

  • Obtaining custom HTTP GET / POST parameters of variable length in Application Process

    Hi, I'm trying to connect a javascript UI control within my page to an APEX Application Process.
    The control calls the application process via AJAX and appends a variable number of GET / POST parameters to its URL.
    What is the best way to obtain these parameters from within the PLSQL procedure of the process? Or is there a better way to connect my javascript AJAX control to the Database behind my APEX app?
    Thanks,
    Steffi

    Steffi,
    I'm using APEX 4.1 and I've not used Treegrid before. It does look pretty interesting.
    Firstly, I'm not sure if you are aware but GET requests aren't as secure as POST requests. GET simply appends a key/value pair to the server as part of the url which can be easily sniffed. POST request on the other hand sends the data as key/value pairs to the server in the header which makes it harder to intercept.  This is why APEX outputs forms with POST methods.
    Secondly, back to your original question.I'm not sure this is possible with an Application Process. In the passed I've used POST methods to pass values to my Application Process. I have some code using native jQuery if you would like to see how its done. Alternatively, if you convert your application process to a standard pl/sql procedure (i.e SQL Workshop>Object Browser>Procedures) you can call this procedure and pass in values as you would with any PHP page.
    Simple example (untested)
    CREATE OR REPLACE PROCEDURE  "foo" ( my_name varchar(20)  
         , count NUMBER)
    IS  
         p_name varchar(20) := my_name;
         p_count NUMBER     := count;
    BEGIN
    --Do what you want
    --output something
       htp.p(p_count || '.: '|| p_name);
    END;
    The url on the page (or ajax call) would be something like "/pls/apex/{MY SCHEMA}.foo?my_name=Alistair&count=1"
    Of course for text you will need to escape single colons and special characters etc.
    I would really like to help you further so if you could create a working demo using a free workspace on http://www.apex.oracle.com and provide me with demo username/password. I can try and have a better look for you.
    In all honesty, I'm sure you would be looking to create this as a plugin so that you can easily reuse it in various parts of your application and can easily update it or maintain it. I can help you with that as well if you want.
    Alistair
    P.S You might want to update your profile on this forum to provide your name so people dont just see "31742965-2d09-4f42-849f-e39eb2cfbc9e" your profile name

  • Cannot parse POST parameters of request: in weblogic 9.2

    Hi,
    Our application is deployed in weblogic server 9.2. From last week i am getting the below exception.
    ####<Jul 9, 2010 10:25:39 AM MEST> <Error> <HTTP> <aberdeen> <IAEABEP1> <[ACTIVE] ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1278663939056> <BEA-101019> <[weblogic.servlet.internal.WebAppServletContext@e9a555 - appName: 'coreedcs', name: '/edcsapp', context-path: '/edcsapp'] Servlet failed with IOException
    weblogic.utils.NestedRuntimeException: Cannot parse POST parameters of request: '/edcsapp/CheckInProcess.do'
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.mergePostParams(ServletRequestImpl.java:1823)
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.parseQueryParams(ServletRequestImpl.java:1710)
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.getQueryParams(ServletRequestImpl.java:1663)
    at weblogic.servlet.internal.ServletRequestImpl.getParameter(ServletRequestImpl.java:756)
    at com.eurostar.app.edcs.web.processor.EDCSCustomRequestProcessor.processPreprocess(EDCSCustomRequestProcessor.java:104)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:184)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
    java.net.ProtocolException: EOF after reading only: '2760' of: '3801' promised bytes, out of which at least: '2760' were already buffered
    at weblogic.servlet.internal.PostInputStream.complain(PostInputStream.java:93)
    at weblogic.servlet.internal.PostInputStream.read(PostInputStream.java:179)
    at weblogic.servlet.internal.ServletInputStreamImpl.read(ServletInputStreamImpl.java:211)
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.mergePostParams(ServletRequestImpl.java:1798)
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.parseQueryParams(ServletRequestImpl.java:1710)
    at weblogic.servlet.internal.ServletRequestImpl$RequestParameters.getQueryParams(ServletRequestImpl.java:1663)
    at weblogic.servlet.internal.ServletRequestImpl.getParameter(ServletRequestImpl.java:756)
    at com.eurostar.app.edcs.web.processor.EDCSCustomRequestProcessor.processPreprocess(EDCSCustomRequestProcessor.java:104)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:184)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3241)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2010)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1916)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
    From the error detail we can see the exception is logged while processing the request 'CheckInProcess.do'.
    and the exception is thrown at the below line of code.
    String functionId = request.getParameter("REQ_FUNCTIONID");
    So, What does this mean please ?. How can i resolve this error?

    I wonder if a certain user is sending mal-formed requests? Does the access log indicate that these requests may be originating from the same IP or set of IPs and not from others?
    There probably is some additional debug you can enable to get some additional detail in the logs, but it may be verbose. Given that this is a POST it may be difficult to see without some invasive steps. I recommend opening a support case to get the troubleshooting steps.

  • How to know the Post parameters of a form?

    Hello
    I am developing an application where, I have to login to web site, etc. I am newbie in this kind of development. I can access the web page, retreive the page. So, GET part is working fine. I have problem with Post. I am using JDK 1.6 with apache's HttpClient 3.1 for communicating through the web site. After setting parameters in NameValuePair[], when i run execuseMethod(postMethod), it throws the following exception :
    i]Exception in thread "AWT-EventQueue-0" java.lang.IllegalArgumentException: host parameter is null
    I think, I may be going wrong in providing proper headers, parameters, etc. Can anyone help me know:
    1. How can I know what parameters, I need to pass in the POST method. Along with form attributes, their may be any hidden values to be passed. How can I find out that.
    2. Their is a submit button, how do i deal with that - tell the post method to click it ?
    3. Same with headers. Which attributes needs to be set of headers and what values?
    I saw some files on net, where prg'er are adding few other parameters that are hidden - but not all hidden parameters!
    Any help is appreciative. Please it would be nice if you can help me out. I am new in this type of development. I have spend 2 days looking out for this problem, but couldn't find any help yet. Please any help at the earliest is benificial.
    Thanks
    Terry

    Ok. To check the host before executing the post methd, I gave :
            HttpConnectionManager connectMgr = client.getHttpConnectionManager();  // ************
            HostConfiguration hc = client.getHostConfiguration();                                 // *************
            if (connectMgr.getConnection(hc).isOpen() == true)                                  // EXCEPTION - hc contents r null
                System.out.println("Connection is OPEN");
            else {
                System.out.println("Connection is ******************* NOT OPEN *************** ");
            method.setRequestBody(data);
            int statusCode = 0;
            try {
                statusCode = client.executeMethod(hc, method);
                System.out.println("Register Send: " + method.getStatusLine().toString());
            }catch (HttpException e) {
                method.releaseConnection();
                System.out.println("HTTP EXception : " + e.getMessage());
            }catch (IOException ie) {
                method.releaseConnection();
                System.out.println("Error Exe Method - Post. Status Code = " + statusCode);
                ie.printStackTrace();
            }HttpConnectionManager has hostname, portNo, httpconnectin isopen -> false
    HostConfiguration has host, port, localAddress all null
    Due to the null value the exception is thrown. What do I do now? Infact, in my GEt also, I tried the same thing, their also host is null of HostConfiguration, but it works well, as it doesn't have to send anything.I have no clue to move ahead.Also, what must be the content length?
    Thanks

  • ABAP WebDynpro: Call a URL with POST-parameters?

    Hi all,
    I want to call a URL from an ABAP WD method with additional data. I know that this is simply possible via the Window Manager, passing a URL. Adding additional parameters inside the URL is of course also possible using "&" and "?" separators.
    Is it somehow possible to call such a URL out of WebDynpro with additional POST data (e.g. an XML datastream)?
    Best regards.
    Alexander

    Hi Alex.,
    As u said that u know how to call URL and pass parameters using window manager., and i am not sure about XML data stream.!!
    I can advise u to post ur thread here: [Web Dynpro ABAP Forum|Web Dynpro ABAP;
    U will get some useful inputs..
    Thanks & Regards
    Kiran

  • Authorization Object parameters error

    In my program, I used Authorization object M_MATE_VKO
    My program checked using
    VKORG , ACTVT = "03" , VTWEG = '*'
    My User had been assigned with M1 - M7 (M1 to M7) for VTWEG.
    User not authorized, SU53 shows it required "*" for VTWEG
    Now, I modified the checks to
    VKORG , ACTVT = "03" , VTWEG = " "
    VTWEG is now a BLANK.
    User still not authorized, SU53 shows it required "-" for VTWEG (hyphen is this case)
    What should I do to allow "No checks" on VTWEG?
    Should I just used only VKORG and ACTVT with the objects which state 3 parameters?
    How do I code in order to allow User with the appropriate authorization to pass thru?
    Thanks
    bye

    Hi,
    If you don't want to check a value against VTWEG either take it out of the statement or use VTWEG = DUMMY.
    Regards,
    Nick

  • OAM - Authorization based on the authentication method

    We are using OAM 10g for a customer to protect a large number of web application. In order to access those applications a user can chose from several authentication methods (e.g. client certificate, SecureId and mobile TAN). All applications use the same cookie domain and OAM provides SSO to the user. The customer now wants to define access rules for each of the applications based on the chosen authentication method.
    In other words, he wants to have the flexibility to define rules such as the following:
    Application A: Only accessible with client certificates
    Application B: Only accessible with mobile TAN
    Application D: Only accessible with SecureId or mobile TAN
    Application E: Accessible with any authentication method
    In order to implement this with OAM we would have assign each authentication method a different authentication level and define authorization rules that depend on those authentication levels (maybe using a custom authorization plug-in). According to the OAM documentation it doesn't seem possible to reference the authentication level in a authorization rule.
    Does anyone know a way to implement these requirements.
    Any help is appreciated.
    Best regards,
    Donat

    This is how I think we can do this.
    Write Authentication plug-in which adds which authentication scheme was used to login to the application in one of the multivalued attribute in OID. Write Authorization plug-in also which checks this value and makes authentication decision.
    One more approach is, Create as many attributes in OID as number of authentication schemes you have. Each of them is a flag representing whether user is logged in with the authentication scheme or not. When user authenticates using an authentication scheme, turn on that flag. Also flush access server user profiles cache. In the authorization rule, use this flag to make authorization decisions. Using this approach, you do not have to write authorization plugin but this may not be scalable approach as you might have to create a new attribute in OID when new authentication scheme is added.
    You can also keep this information somewhere in database or flat file and use that information in authentication and authorization plugin.
    I hope one of this solutions will help you.
    Thanks
    Kiran Thakkar

  • Hiding POSTed parameters in v2

    Hi:
    I have a portal which contains tabbed pages. My problem is that within those tabbed pages I have jsp portlets which contain forms. When I submit the form, the data gets posted correctly, but when I change to another tabbed page, all the form variables are submitted in the URL to the new page. How do I prevent POSTed form variables from being added to the URL??
    Regards
    Gareth Cantrell

    I'm using 9iAS 9.0.2
    I used an example from PDK January
    here is the JSP (bank.jsp):
    <%@page import="java.util.*, oracle.portal.provider.v2.*" %>
    <%@page import="oracle.portal.provider.v2.http.HttpCommonConstants" %>
    <%@page import="oracle.portal.provider.v2.render.PortletRendererUtil" %>
    <%@page import="oracle.portal.provider.v2.render.PortletRenderRequest" %>
    <%@page import="oracle.portal.provider.v2.render.http.HttpPortletRendererUtil" %>
    <%
    String paramAmount = "Amount";
    String paramAction = "Action";
    PortletRenderRequest portletRequest =
    (PortletRenderRequest) request.getAttribute(HttpCommonConstants.PORTLET_RENDER_REQUEST);
    %>
    <b>This portlet shows how to use the passUrlParams flag and
    unqualified, transient parameters to perform a portlet action.</b>
    // The account transfer is performed by submitting the following form
    <form method="POST" action="<%= HttpPortletRendererUtil.htmlFormActionLink(
    request,PortletRendererUtil.PAGE_LINK) %>">
    <%= HttpPortletRendererUtil.htmlFormHiddenFields(request,PortletRendererUtil.PAGE_LINK) %>
    <table>
    <tr>
    <td>
    <b>Amount $</b>
    </td>
    <td>
    <input type="text" size="20" name="<%= paramAmount %>" value="">
    </td>
    </tr>
    </table>
    <br>
    <INPUT TYPE=submit name="<%= paramAction %>" Value="Transfer">
    </form>
    // Parse the inputs to see if a transfer should be performed
    <%
    if (portletRequest.getParameter(paramAction) != null)
    String submittedAmount = portletRequest.getParameter(paramAmount);
    if (submittedAmount == null || submittedAmount.trim().length() == 0)
    %>
    <b>Please specify an amount!</b>
    <%
    else
    try
    double amount = Double.valueOf(submittedAmount).doubleValue();
    if (amount != 0)
    %>
    <b>Successfully transferred $<%=submittedAmount%>.</b>
    <%
    catch (NumberFormatException e)
    %>
    <b>Invalid amount.</b>
    <%
    %>
    here is my provider.xml:
    <?xml version="1.0" encoding="ISO-8859-2" standalone="yes"?>
    <?providerDefinition version="3.1"?>
    <provider class="oracle.portal.provider.v2.DefaultProviderDefinition">
    <passAllUrlParams>true</passAllUrlParams>
    <portlet class="oracle.portal.provider.v2.DefaultPortletDefinition">
    <id>1</id>
    <name>Parampass</name>
    <title>Parampass</title>
    <shortTitle>Parampass</shortTitle>
    <description>Parampass portlet.</description>
    <timeout>240</timeout>
    <timeoutMessage>Parampass portlet timed out.</timeoutMessage>
    <showLink>false</showLink>
    <showEdit>false</showEdit>
    <showEditToPublic>false</showEditToPublic>
    <showEditDefault>false</showEditDefault>
    <showPreview>true</showPreview>
    <showDetails>false</showDetails>
    <hasHelp>false</hasHelp>
    <hasAbout>false</hasAbout>
    <acceptContentType>text/html</acceptContentType>
    <defaultLocale>hu.HU</defaultLocale>
    <renderer class="oracle.portal.provider.v2.render.RenderManager">
    <autoRedirect>true</autoRedirect>
    <contentType>text/html</contentType>
    <showPage>parampass.jsp</showPage>
    <pageParameterName>parampass_next_page</pageParameterName>
    </renderer>
    </portlet>
    <portlet class="oracle.portal.provider.v2.DefaultPortletDefinition">
    <id>2</id>
    <name>Paramrecv</name>
    <title>Paramrecv</title>
    <shortTitle>Paramrecv</shortTitle>
    <description>Paramrecv portlet.</description>
    <timeout>240</timeout>
    <timeoutMessage>Paramrecv portlet timed out.</timeoutMessage>
    <showLink>false</showLink>
    <showEdit>false</showEdit>
    <showEditToPublic>false</showEditToPublic>
    <showEditDefault>false</showEditDefault>
    <showPreview>true</showPreview>
    <showDetails>false</showDetails>
    <hasHelp>false</hasHelp>
    <hasAbout>false</hasAbout>
    <acceptContentType>text/html</acceptContentType>
    <defaultLocale>hu.HU</defaultLocale>
    <renderer class="oracle.portal.provider.v2.render.RenderManager">
    <autoRedirect>true</autoRedirect>
    <contentType>text/html</contentType>
    <showPage>paramrecv.jsp</showPage>
    <pageParameterName>paramrecv_next_page</pageParameterName>
    </renderer>
    </portlet>
    <portlet class="oracle.portal.provider.v2.DefaultPortletDefinition">
    <id>3</id>
    <name>Bank</name>
    <title>Bank</title>
    <shortTitle>Bank</shortTitle>
    <description>Bank portlet.</description>
    <timeout>240</timeout>
    <timeoutMessage>Bank portlet timed out.</timeoutMessage>
    <showLink>false</showLink>
    <showEdit>false</showEdit>
    <showEditToPublic>false</showEditToPublic>
    <showEditDefault>false</showEditDefault>
    <showPreview>true</showPreview>
    <showDetails>false</showDetails>
    <hasHelp>false</hasHelp>
    <hasAbout>false</hasAbout>
    <acceptContentType>text/html</acceptContentType>
    <defaultLocale>hu.HU</defaultLocale>
    <renderer class="oracle.portal.provider.v2.render.RenderManager">
    <autoRedirect>true</autoRedirect>
    <contentType>text/html</contentType>
    <showPage>bank.jsp</showPage>
    <pageParameterName>bank_next_page</pageParameterName>
    </renderer>
    </portlet>
    </provider>
    When I press the submit button, the transient parameters are passed, but when I refresh the page the transient parameters are also passed.
    When I make two TAB pages in the portal, and navigate between them, the behavior is the same.
    Here is my URL after opening the tab page in a new navigator window:
    http://portal2.eurotrend.hu:7777/portal/page?_pageid=73,31262,73_35033&_dad=portal&_schema=PORTAL&Amount=50&Action=Transfer
    You can see the transient parameters in the URL!
    I click the tab after submit.
    This happens in IE 5.5 and IE 6.0
    Thanks in advance!

  • How to open PDF file generated by some ashx handler using POST parameters in Internet Explorer for W

    I need to print content of pdf file by JavaScript.
    To do this used HTML like this:
    <OBJECT id = "Pdf" data = 'http://someurl.com/getpdf.ashx' name="Pdf2" WIDTH="300" HEIGHT="300"></OBJECT>
    <a onclick="document.Pdf.PrintWithDialog() ;">Print file</a>
    But to get pdf file I must POST few parameters to handler http://someurl.com/getpdf.ashx. How I can do it?

    Hi Hi Sven,
    Could you please tell me the type of report you were trying execute? Is it ERP or BW? And ALV or non-ALV?
    We are supporting PDF report output type only for BW reports and for ERP non-AVL reports. For other types PDF format is not supported.
    If you configure PDF for other report types then you will get report output in PDF file in SharePoint server, but you will face above error message while opening the file.
    Regards,
    Binson

Maybe you are looking for

  • How can I Remove Firefox Hello in a high-security environment?

    Hi, After a recent Firefox update in a test environment for a high-security environment (I'm not at liberty to disclose the nature of this environment, sorry. Let's just say we have to disable Firefox from contacting Mozilla's servers and further dis

  • MobileMe gallery link

    What is the best replacement for MobileMe gallery with Aperture?( if there is such a thing?)

  • User Management in JSP

    hi all, i want to make a user managment for already built web Site, i want to make a isolate type of User management system so i can easily embed it in different web site. can any one suggest me any good tutorial , article or any sample code? thx

  • Burning my System Discs

    I am off to Afghanistan and thought it would be a good idea to b/u my system discs which came with my unibody Mac. I want to carry the origiansl with me and have the b/us in outgoing luggage. OK, first disc was single-sded and burnt OK. Second one is

  • Product distribution file could not be verified. it may be damaged or was not signed.??

    whenever i try downloading anything on the appstore that's what it says.. i don't know what to do...  i'm no expert on computer and i can only understand basic instructions. english is not my first language.. can anyone please help me?? all the other