OAM Websphere 6.1 integration

Similar Messages

• Only one UPN suffix works with OAM plugin for RSA-integrated Authentication

  Only one UPN suffix works with OAM plugin for RSA-integrated Authentication while others give "CredentialsRejected" error
  =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-
  Has anyone seen this before and might know the answer? Any suggestions? Thanks!
  I have setup an OAM authentication scheme that uses a custom plugin to use RSA ACE server - all pretty much exactly as it is outlined in the chapter called "Integrating the RSA SecurID Authentication Plug-in" in Oracle Access Manager Integration Guide. Here's the problem:
  Everything works fine when I use a particular UPN suffix to login to the RSA Securid Login form that is presented, eg. [email protected], but if I create another user that uses a different UPN suffix as defined in Active Directory, (eg. [email protected]), the credentials are rejected. This happens before the secuirid.pl script even gets a chance to run. After hitting "POST" the user is present with the same login screen he was just at, as expected during an authentication failure.
  More info:
  - I have performed successful anonymous ldap queries for both users in Active Directory using LDP. Both users exist in the same domain and in the same OU. If I change the UPN (in AD and the RSA database) to something different from the "good" one, on either user, it fails. If I change the UPN to the "good one" on either user (in AD and the RSA database) it works.
  - if I test users with either the "good" or the "bad" UPN via the RSA agent tester that sits on the OAM box, both of them show as authenticating successfully. However, it doesn't work for the "bad" UPN when I try to access via a web browser on a remote client (but does work with the "Good" UPN)
  - I am not using SSL in any of this yet, it's all http://
  - yes, I already got rid of the "-w" parameter in the first line of the perl script, as per the "login can fail if the Login Attribute Contains an "@" Character in Integration Guide Troubleshooting section
  - here's an example of the settings in rsa securid authentication scheme:
  action:/OracleAccessManager/securid-cgi/securid.pl
  form:/OracleAccessManager/securid-forms-adforest/securid-std-login.html
  creds:login password domain newpin newpin2
  passthrough:yes
  authn_securid fullformdir="C:\apache\Apache2\htdocs/OracleAccessManager/securid-forms-adforest/",machine="MyComputer.mydomain.com:80"
  credential_mapping obMappingBase="%domain%",obMappingFilter="(&(objectclass=user)(userPrincipalName=%login%))"
  Environment:
  OAM 7.0.4.3
  RSA Ace Server 5.2
  Windows 2003 domain with multiple UPNs defined in Active Direcory Domains and Trusts
  Error as seen in the oblog.log for the webgate on the server that holds the RSA login pages and perl script:
  Message^A plugin for the authentication scheme SecurID Authentication has denied authentication for credentials ([email protected]
  password=(omitted) domain=dc=ourdomain,dc=com newpin= newpin2= Resource=/OracleAccessManager/securid-cgi/securid.pl RequesterIP=10.250.1.2 Operation=POST).
  ReqReq^POST /OracleAccessManager/securid-cgi/securid.pl HTTP/1.1 ReqProto^HTTP/1.1 ReqHost^www.MyComputer.mydomain.com. ReqStatLine^
  ReqStatus^200 ReqRawUri^/OracleAccessManager/securid-cgi/securid.pl ReqUri^/OracleAccessManager/securid-cgi/securid.pl
  ReqFilename^C:/apache/Apache2/htdocs/OracleAccessManager/securid-cgi/securid.pl ReqPath^ ReqArgs^
  2009/07/13@15:19:49.665000 45688 46472 AUTHENTICATION ERROR 0x00001515
  \Oblix\coreid\palantir\webgate\src\authentication_event_handler.cpp:1361 "Authentication failed" HTTPStatus^401
  authenticationSchemeName^SecurID Authentication AuthenticationStatus^majorCode = 11[CredentialsRejected], minorCode = 47[AuthnPluginDenied],
  StatusMsg = , GSN = 0, needInfo = NONE Creds^[email protected] password=(omitted) domain=dc=ourdomain,dc=com newpin= newpin2=
  Resource=/OracleAccessManager/securid-cgi/securid.pl RequesterIP=10.250.1.2 Operation=POST
  Only error seen in log produced by the RSA agent that sits on the Access server:
  [20804] 12:27:08.915 File:ACNETSUB.C Line:326 # CheckServerAddress: server 0 detected from address 10.250.88.100
  [20804] 12:27:08.915 File:udpmsg.c Line:968 # Entering decrypts_ok_legacy()
  [20804] 12:27:08.915 File:udpmsg.c Line:999 # decrypts_ok_legacy: decrypt() wpcode1 failed; wpcode0 next ***********
  [20804] 12:27:08.915 File:udpmsg.c Line:1089 # Leaving decrypts_ok_legacy(), result=1
  [20804] 12:27:08.915 File:ACEXPORT.C Line:820 # Entering AceGetUserData()
  [20804] 12:27:08.915 File:ACEXPORT.C Line:833 # Leaving AceGetUserData() return: ACE_SUCCESS
  [20804] 12:27:08.915 File:ACEXPORT.C Line:579 # Entering AceGetAuthenticationStatus()
  [20804] 12:27:08.915 File:ACEXPORT.C Line:592 # Leaving AceGetAuthenticationStatus() return: ACE_SUCCESS

  What are the logs you see at the ACE server end? You can try passing an additional parameter debug="true" to the authn_securid plug-in - it should generate some more logs at the access server - I think in apps\common\bin.
  Also does "ReqHost^www.MyComputer.mydomain.com" look right in the logs?
  -Vinod

• IBM websphere 6.1 integration with OAM

  Hi,
  1) Is the "interceptorClassName" Clases Name important? can i name it as other thing rather than what is stated in the documentation?
  example:
  According to the WAS integtraion guide the Interceptor classname is as: com.oblix.tai.was5.WebGate2TrustAssociationInterceptor
  Can i change it to com.oblix.tai.was5.WebGateTrustAssociationInterceptor
  2) Is there anywhere to verify that TAI is loaded properly and how do i test it?
  ================================================================================
  Interceptor classname is under WAS, Secure administration -> applications, and infrastructure -> Trust association -> Interceptors
  Thanks and Regards,
  Grey

  Thanks! i got the figure out. but i encouter something else while integrating with WAS
  im trying to integrate OAM with WAS without reverse proxy and i followed the documentation religiously. in the documentation
  Defining an Oracle Access Manager Policy Domain for WebSphere without Reverse Proxy_
  Without reverse proxy, disabling SSO in WAS is required. I will need to protect the WebSphere Administrative Console SSL URL. Otherwise, I will not be able to access the console after disabling SSO in WAS. I have create the policy domain as the documentation.
  ■ Resource Type: http
  ■ Host Identifier: xxx
  ■ URL Prefix: _/ibm/console; and /admin_
  ■ Description: Used by NetPointWASRegistry TAI component.
  Authorization Rules: Click the Authorization Rules tab, click Add, and then create and save an authorization rule to allow access to WebSphere Administrative
  Console resources. For example:
  a. Click General, then enter and save:
  * Name: Allow Administrator.
  * Description: Allow access to WebSphere Administrative Console resources.
  * Enabled: Yes
  * Allow takes Precedence: Yes
  Without Reverse Proxy: Click Actions, then enter and save the following WebSphere Administrative Console SSL URL for Authentication Success. For example:
  Redirect to: https://hostname:port/ibm/console *<- i found out that once I had this implemented. I will be going in an authentication cycle (keep getting authenticated and redirected back to the same page) because it is part of the resources I had it declare previously to be protected.*
  Is there a work around or is it due to documentation error?

• OIM-OAM 11g BP 02 integration not working as expected

  Hi Experts,
  We have OIM 11g and OAM 11g both upgraded to BP02 installed on separate hosts. We are using OID 11g as the directory servers and OVD 11g fronting OID for integration. We followed the steps mentioned in Oracle Document Oracle® Fusion Middleware Integration Guide for Oracle Access Manager 11g Release 1 (11.1.1)Part Number E15740-04 for integration purpose.
  After performing all the integration tasks mentioned in the document, while testing the ingtegration, the expected results are not been serverd.
  If I access OIM admin console URL, am getting default OIM admin console URl instead of OAM SSO login page for authencation. and also I am unable to login using either xelsysadm\oimadmin\oamadmin but I can login using weblogic, so this is referin to the default embeded LDAP of weblogic for credential validation.
  OIM and OAM are deployed on separate hosts, please find the deployment details below.
  1. JDK: 1.6.0_29
  2. WLS : 10.3.5
  3. LDAP: Oracle Internet Directory: 11.1.1.5.0
  Oracle Virtual Directory: 11.1.1.2.0
  4. Webserver: Oracle HTTP Server fronting the OIM
  The Integration videa on Support.oracle assumes that all components OIM\OAM/OID/OHS being on the same host.
  I have my OIM and OAM both patched to the latest BP which is BP 02. There is a support article which specifically talks about few settings ton be made for BP 02.
  the article ID is 1447494.1.
  Even after doing all these, the integration is not working.
  As per the support article, I need to use preferred host name for agent fronting OIM as IAMSuiteAgent and if I do that, the proxying of OIM server with the webserver host will not work at all and ends with 404 not found error when I access using http://OHShost:OHSport/oim.
  but if i use the name of agent i.e webserver name in the preferred host field, the redirection would happen and i get OAM SSO login page for authentication, however with the credential validation at this page, the OIM login page (http://OIMhost:OIMport/oim) is provided prompting for login again.
  also if i access OIM login page http://OIMhost:OIMport/oim directly, the OAM SSO page is not coming for authentication.
  I am awaiting your advice\suggestions or workarounds if any one has come across this kind of issue, which i am sure is an obvious case.
  Thanks,
  Nagendra

  Hi,
  Any help in this regard please/
  Thanks
  Nagendra

• Configuration of oim 10g and oam 10g.. and integrating oam10g with oid

  Hi..
  i am trying to configure OAM10g and OIM10g and integrate OAM10g with OID..
  please send me the documents if any had...
  Thanks & Regards,
  avinash

  For integrating OIM 10g with OAM 10g, refer doc below:
  http://docs.oracle.com/cd/E14899_01/doc.9102/e14761/oamsso.htm#sthref78
  For OAM and OID integration refer:
  http://docs.oracle.com/cd/E15217_01/index.htm
  regards,
  GP

• OAM-OIM 11g r2 integration is failing

  Hi,
  Following is my configuration,
  1. I have OIM 11g r2 and OAM 11gr2 installed on different weblogic domains.
  2. OIM synchronized with OUD LDAP
  3. I followed the steps described in http://docs.oracle.com/cd/E27559_01/integration.1112/e27123/oim.htm
  4. After the integration, I'm not able to login to the Oracle Access Manager console. Though my authentication is successful, I'm getting authorization error.
  As per the doc, oamadmin user (member of oamadministrator group) should be able to login to the console. On weblogic console -> security realms screen, I can see oudauthenticator (authenticates against OUD LDAP) created by the idmconfig tool (tool used for the integration). On the same screen, if I open oamadmin user profile, I don't see any group membershiip information for this user. I also created Administrator group in my LDAP and assigned oamadmin as a member, but in vain. My guess is, since oam server is not recognizing user's role, it's giving an authorization error.
  The documentation mainly talks about using OID as LDAP between OIM and OAM, though it claims other LDAPs are also supported. If anyone has successfully integrated, what do you see in oamadmin user profile, especially in the group membership attribute. Any other ideas/workarounds are greatly appreciated.
  Thanks, Nishanth

  I successfully did this into my VMWare and oamadmin user has there:
  [oracle@thiagoleoncioVM ~]$ ldapsearch -D cn=orcladmin -w **** -b "dc=leoncio,dc=thiago" -L -s sub -v orclmtuid=*oaamadmin* memberOf
  filter pattern: orclmtuid=*oaamadmin*
  returning: memberOf
  filter is: (orclmtuid=*oaamadmin*)
  dn: cn=oaamadmin,cn=Users,dc=leoncio,dc=thiago
  memberof: cn=oaamcsrgroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaamcsrmanagergroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaamenvadmingroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaaminvestigationmanagergroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaaminvestigatorgroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaamruleadministratorgroup,cn=groups,dc=leoncio,dc=thiago
  memberof: cn=oaamsoapservicesgroup,cn=groups,dc=leoncio,dc=thiago
  1 matches
  I hope this information helps you with your issue then you should be able to see what is missing there,
  Thiago Leoncio.

• OAM 11.1.6 integration with Ebusiness 12.1.3 throws error on login

  I have integrated the OAM 11.1.6 SSO with E-business 12.1.3 instance.If I login to E-business it will redirect to the the error "There was an error processing your request. The Login/Portal Server Installation may be incomplete. Please contact your System Administrator".
  Please note i'm seeing the error in access log -
  oracle.apps.fnd.ext.sso.FndSsoException: FND-9930
  at oracle.apps.fnd.ext.sso.FndSsoLogin.doPost(Unknown Source)
  at oracle.apps.fnd.ext.sso.FndSsoLogin.doGet(Unknown Source)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  I tried the metalink note "Applications Login Using OAM Fails with 'The Login/Portal Server Installation may be incomplete' Caused by 'java.sql.SQLException: ORA-01465: invalid hex number' [ID 1538812.1]" in my case value is already 'False'.
  Please suggest me,if you any once faced the similar issue

  Investigations often get quite complex and specific to your environment, so an SR with Oracle Support is probably the best way to go.
  My initial thought would be to re-review "Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11gR2 (11.1.2) using Oracle E-Business Suite AccessGate" (Doc ID 1484024.1) and confirm that all the right hostname/ports have been used in the right places, as it is easy to mix up what is required at the different stages
  Next would suggest to test your OAM setup using the Oracle Access Manager tester tool
  Review "Oracle Fusion Middleware Administrator's Guide for Oracle Access Manager with Oracle Security Token Service 11g Release 1 (11.1.1)" (http://docs.oracle.com/cd/E21764_01/doc.1111/e15478/tester.htm#CACBEJDC) details of installing and using this tool
  a. Test the protected resource URL
  /ebsauth_[instance]/
  where [instance] is the name of your Oracle E-Business Suite instance/
  Enter Username and Password and select both the "Authenticate" and "Authorize" buttons
  b. Save the status messages to a file and upload this (Disk icon at the bottom of the screen)
  c. Also use the "save configuration" button (at the top of the screen) and upload the resulting configuration XML file (Remove the password from this file before uploading)
  If the above does not work, then the issue is not eBiz specific so need to review the OAM/Webgate setup for sure
  Hope that sets you on the right path
  regards
  Mike

• Help with WebSphere Businessobjects sso integration package

  Hi All,
  We are using the SSO package from businessobjects and it works great.. However, we've noticed that in the inbox view, the "Sent Date" does not server our needs, we would like to show Instance Creation Date instead so that if we ever need to send copies of ran instances to a user's inbox, it will not show all of them having the sent date...  we've noticed in CMS, when you go look at the history of a report, the report time shows "Report Name and Date Time"..  wondering if we can get the Inbox view to show this info instead of the date sent ?
  Kevin

  Hello Kevin,
  We spoke on the phone yesterday - I'm inferring this issue is also relevant to the BusinessObjects Enterprise WebSphere Portal Integration Kit (PIK).
  If you confirm, I can transfer this thread to the correct forum for PIK questions.
  Sincerely,
  Ted Ueda

• OAM and WebSphere Portal 6.1 Integration

  I'm trying to integrate OAM 10g3 with WebSphere Portal 6.1 through the connector.
  I have successfully integrated the Application Server with TAI and is working fine.
  I am now trying to configure Portal but am getting an error when attempting to run the ConfigEngine.bat script file to update some properties.
  When I try to change the Portal Administrator, I keep "BUILD FAILED ... <dn of user> does not exist.
  The portal trace logs show:
  [1/5/11 14:34:47:898 EST] 0000009a exception E com.ibm.ws.wim.management.commands.SearchCommandProvider searchUsers(AbstractAdminCommand cmd) WAS_USER_REGISTRY_NOT_SUPPORTED
  com.ibm.websphere.wim.exception.WIMApplicationException: CWWIM5505E To manage users and groups, either federated repositories must be the current realm definition or the current realm definition configuration must match the federated repositories configuration. If you use Lightweight Directory Access Protocol (LDAP), configure both the federated repositories and standalone LDAP registry configurations to use the same LDAP server.
       at com.ibm.ws.wim.management.commands.SearchCommandProvider.searchUsers(SearchCommandProvider.java:80)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.lang.reflect.Method.invoke(Method.java:618)
       at com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider.executeReal(SimpleCommandProvider.java:147)
       at com.ibm.websphere.management.cmdframework.provider.SimpleCommandProvider.execute(SimpleCommandProvider.java:133)
       at com.ibm.websphere.management.cmdframework.provider.SimpleAdminCommand.execute(SimpleAdminCommand.java:57)
       at com.ibm.ws.management.cmdframework.impl.RemoteCommandMgrImpl.execute(RemoteCommandMgrImpl.java:121)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.lang.reflect.Method.invoke(Method.java:618)
       at sun.reflect.misc.Trampoline.invoke(MethodUtil.java:68)
       at sun.reflect.GeneratedMethodAccessor43.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.lang.reflect.Method.invoke(Method.java:618)
       at sun.reflect.misc.MethodUtil.invoke(MethodUtil.java:271)
       at javax.management.modelmbean.RequiredModelMBean.invokeMethod(RequiredModelMBean.java:1092)
       at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:973)
       at com.sun.jmx.mbeanserver.DynamicMetaDataImpl.invoke(DynamicMetaDataImpl.java:231)
       at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:238)
       at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:833)
       at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:802)
       at com.ibm.ws.management.AdminServiceImpl$1.run(AdminServiceImpl.java:1139)
       at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
       at com.ibm.ws.management.AdminServiceImpl.invoke(AdminServiceImpl.java:1032)
       at com.ibm.ws.management.connector.AdminServiceDelegator.invoke(AdminServiceDelegator.java:139)
       at sun.reflect.GeneratedMethodAccessor49.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
       at java.lang.reflect.Method.invoke(Method.java:618)
       at com.ibm.ws.management.connector.soap.SOAPConnector.invoke(SOAPConnector.java:361)
       at com.ibm.ws.management.connector.soap.SOAPConnector.service(SOAPConnector.java:215)
       at com.ibm.ws.management.connector.soap.SOAPConnection.handleRequest(SOAPConnection.java:64)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:742)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:528)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1497)
  Anyone have any ideas?
  Thanks in advance.
  Raj

  Looks like the user registry setting/configuration is not correct. The Websphere provides 2 integration point to external apps - the TAI and the User Registry. While it looks that the TAI (Trust Association) configuration is okay, the user registry config is not correct. Please check and let us know what is given there in the user registry.
  Hope this helps. Let us know.

• OAM 11g is supporting direct integration with E Business ??

  Hi All,
  Is OAM 11g supporting Direct integration with E Business suite instead of going through the OSSO ??
  Please give me some pointers how to do the OAM 11g and E Business suite integration.
  Thanks & Regards,
  Vaasu.

  Duplicate thread (please post only once).
  Integrating E-Business suite with OAM 11g
  Re: Integrating E-Business suite with OAM 11g

• WebSphere config file

  Hello everybody,
  I have to write an installation documentation for LiveCycle ES with WebSphere and I want to refer to the automated WebSphere config script integrated in ES Configuration Manager. I need this script/configuration script which will be executed from the Configuration Manager for my documentation.
  Any idea where to find this script/configuration steps in the ES source files!?
  Regards,
  Andreas

  Hi Marwa,
  Thanks for your reply.
  I know that there are the configurations steps for WebSphere in the documentation the user has to do manually.
  I'm searching for the automated configuration script that will be executed by LiveCycle Configuration Manager when I select the action "Configure Application Server". This script must be somewhere in the ALC installation files.
  Regards,
  Andreas

• J2ee agent 2.2 configuration problem with Websphere Portal 5.1

  Hi,
  I am trying to configure j2ee agent 2.2 with Websphere Portal server.
  I have followed the document "Sun Java SystemAccess Manager
  PolicyAgent 2.2 Guide for IBM WebSphere Portal Server 5.1.0.2"
  Please see the thread "Problem with Sun's SSO system and Websphere Portal Server integration" for environment related information.
  Also the security on app server has been enabled and is talking to LDAP.
  My aim here is to enable application server (portal server) to autheticate requests.
  I am getting following error when I log into the portal application.
  07/03/2007 06:32:16:062 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  AmFilter: now processing: SSO Task Handler
  07/03/2007 06:32:16:062 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  SSOTaskHandler: SSO Validation failed for null
  07/03/2007 06:32:16:062 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  URLFailoverHelper: Checking if https://apollo.maxnewyorklife.com:443/amserver/UI/Login is available
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  WARNING: URLFailoverHelper: the url https://apollo.maxnewyorklife.com:443/amserver/UI/Login is not available
  javax.net.ssl.SSLHandshakeException: unknown certificate
       at com.ibm.jsse.bs.a(Unknown Source)
       at com.ibm.jsse.bs.startHandshake(Unknown Source)
       at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
       at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
       at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect(Unknown Source)
       at com.sun.identity.agents.common.URLFailoverHelper.isAvailable(URLFailoverHelper.java:190)
       at com.sun.identity.agents.common.URLFailoverHelper.getAvailableURL(URLFailoverHelper.java:129)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getLoginURL(AmFilterRequestContext.java:757)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:285)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:258)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:363)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:345)
       at com.sun.identity.agents.filter.SSOTaskHandler.doSSOLogin(SSOTaskHandler.java:210)
       at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:98)
       at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:189)
       at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
       at com.sun.identity.agents.websphere.AmIdentityAsserterBase.processRequest(AmIdentityAsserterBase.java:195)
       at com.sun.identity.agents.websphere.AmTrustAssociationInterceptor.negotiateValidateandEstablishTrust(AmTrustAssociationInterceptor.java:91)
       at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
       at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:191)
       at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:928)
       at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:531)
       at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:262)
       at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:132)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:506)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:208)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:134)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:321)
       at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
       at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:246)
       at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
       at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:936)
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  URLFailoverHelper: disconnected the connection for availability check
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  ERROR: URLFailoverHelper: No URL is available at this time
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  ERROR: AmFilter: Error while delegating to inbound handler: SSO Task Handler, access will be denied
  [AgentException Stack]
  com.sun.identity.agents.arch.AgentException: No URL is available at this time
       at com.sun.identity.agents.common.URLFailoverHelper.getAvailableURL(URLFailoverHelper.java:133)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getLoginURL(AmFilterRequestContext.java:757)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:285)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:258)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:363)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:345)
       at com.sun.identity.agents.filter.SSOTaskHandler.doSSOLogin(SSOTaskHandler.java:210)
       at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:98)
       at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:189)
       at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
       at com.sun.identity.agents.websphere.AmIdentityAsserterBase.processRequest(AmIdentityAsserterBase.java:195)
       at com.sun.identity.agents.websphere.AmTrustAssociationInterceptor.negotiateValidateandEstablishTrust(AmTrustAssociationInterceptor.java:91)
       at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
       at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:191)
       at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:928)
       at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:531)
       at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:262)
       at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:132)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:506)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:208)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:134)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:321)
       at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
       at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:246)
       at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
       at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:936)
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  AmFilter: result =>
  FilterResult:
       Status      : FORBIDDEN
       RedirectURL     : null
       RequestHelper:
            null
       Data:
            null
  07/03/2007 06:32:16:078 PM IST: Thread[Servlet.Engine.Transports : 1,5,main]
  AmIdentityAsserter: result => TAIResult: status: 403, principal: null, subject: null
  From whatever analysis I have done so far, I believe this issue is related to the personal certificate for sun one webserver (on which access manager & LDAP are installed) not registered with the application server (portal server).
  I am not sure about the way I go by solving the issue.
  Please can anybody help me out.
  Thanks,
  Yaseer
  Message was edited by:
  yazee
  Message was edited by:
  yazee

  Ankush,
  I am getting error as follows in the webserver error log:-
  Error receiving request from 172.23.213.75 (SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT: SSL peer had some unspecified issue with the certificate it received)
  Although I can get into am console but with https://apollo.maxnewyorklife.com/amconsole
  Tried the same thing, but couldnt resolve it. I will give it another go.
  Generally I am getting same error again and again.
  In my amWebsphere log file of j2ee agent (under root\am_wps_agent\agent_001\logs\debug) error I get.....
  07/15/2007 04:19:11:656 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  AmFilter: now processing: SSO Task Handler
  07/15/2007 04:19:11:766 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  SSOTokenValidator.validate(): Exception caught
  com.iplanet.sso.SSOException: Invalid sessionid formatjava.lang.IllegalArgumentException: Invalid server id in session id com.iplanet.services.naming.ServerEntryNotFoundException: Naming Service is not available.
       at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:205)
       at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:325)
       at com.sun.identity.agents.common.SSOTokenValidator.validateInternal(SSOTokenValidator.java:252)
       at com.sun.identity.agents.common.SSOTokenValidator.validate(SSOTokenValidator.java:157)
       at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:88)
       at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:189)
       at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
       at com.sun.identity.agents.websphere.AmIdentityAsserterBase.processRequest(AmIdentityAsserterBase.java:195)
       at com.sun.identity.agents.websphere.AmTrustAssociationInterceptor.negotiateValidateandEstablishTrust(AmTrustAssociationInterceptor.java:91)
       at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
       at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:191)
       at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:928)
       at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:531)
       at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:262)
       at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:132)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:506)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:208)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:134)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:321)
       at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
       at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:246)
       at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
       at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:936)
  07/15/2007 04:19:11:766 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  SSOTaskHandler: SSO Validation failed for AQIC5wM2LY4SfcwoaNKFd01DvjYeNPbR3wXaa9sMVjcKtwo=@AAJTSQACMDE=#
  07/15/2007 04:19:11:766 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  URLFailoverHelper: Checking if https://apollo.maxnewyorklife.com:443/amserver/UI/Login is available
  07/15/2007 04:19:11:797 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  WARNING: URLFailoverHelper: the url https://apollo.maxnewyorklife.com:443/amserver/UI/Login is not available
  javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.g: No trusted certificate found
       at com.ibm.jsse2.bw.a(Unknown Source)
       at com.ibm.jsse2.bx.a(Unknown Source)
       at com.ibm.jsse2.bx.a(Unknown Source)
       at com.ibm.jsse2.v.a(Unknown Source)
       at com.ibm.jsse2.v.a(Unknown Source)
       at com.ibm.jsse2.u.a(Unknown Source)
       at com.ibm.jsse2.bx.a(Unknown Source)
       at com.ibm.jsse2.bx.l(Unknown Source)
       at com.ibm.jsse2.bx.startHandshake(Unknown Source)
       at com.ibm.net.ssl.www.protocol.https.b.o(Unknown Source)
       at com.ibm.net.ssl.www.protocol.https.q.connect(Unknown Source)
       at com.ibm.net.ssl.internal.www.protocol.https.HttpsURLConnection.connect(Unknown Source)
       at com.sun.identity.agents.common.URLFailoverHelper.isAvailable(URLFailoverHelper.java:190)
       at com.sun.identity.agents.common.URLFailoverHelper.getAvailableURL(URLFailoverHelper.java:129)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getLoginURL(AmFilterRequestContext.java:757)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:285)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:258)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:363)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:345)
       at com.sun.identity.agents.filter.SSOTaskHandler.doSSOLogin(SSOTaskHandler.java:210)
       at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:98)
       at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:189)
       at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
       at com.sun.identity.agents.websphere.AmIdentityAsserterBase.processRequest(AmIdentityAsserterBase.java:195)
       at com.sun.identity.agents.websphere.AmTrustAssociationInterceptor.negotiateValidateandEstablishTrust(AmTrustAssociationInterceptor.java:91)
       at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
       at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:191)
       at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:928)
       at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:531)
       at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:262)
       at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:132)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:506)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:208)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:134)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:321)
       at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
       at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:246)
       at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
       at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:936)
  Caused by: com.ibm.jsse2.util.g: No trusted certificate found
       at com.ibm.jsse2.util.f.b(Unknown Source)
       at com.ibm.jsse2.util.f.b(Unknown Source)
       at com.ibm.jsse2.util.d.a(Unknown Source)
       at com.ibm.jsse2.bn.checkServerTrusted(Unknown Source)
       at com.ibm.jsse2.z.checkServerTrusted(Unknown Source)
       ... 39 more
  07/15/2007 04:19:11:797 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  URLFailoverHelper: disconnected the connection for availability check
  07/15/2007 04:19:11:797 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  ERROR: URLFailoverHelper: No URL is available at this time
  07/15/2007 04:19:11:797 PM IST: Thread[Servlet.Engine.Transports : 0,5,main]
  ERROR: AmFilter: Error while delegating to inbound handler: SSO Task Handler, access will be denied
  [AgentException Stack]
  com.sun.identity.agents.arch.AgentException: No URL is available at this time
       at com.sun.identity.agents.common.URLFailoverHelper.getAvailableURL(URLFailoverHelper.java:133)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getLoginURL(AmFilterRequestContext.java:757)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:285)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectURL(AmFilterRequestContext.java:258)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:363)
       at com.sun.identity.agents.filter.AmFilterRequestContext.getAuthRedirectResult(AmFilterRequestContext.java:345)
       at com.sun.identity.agents.filter.SSOTaskHandler.doSSOLogin(SSOTaskHandler.java:210)
       at com.sun.identity.agents.filter.SSOTaskHandler.process(SSOTaskHandler.java:98)
       at com.sun.identity.agents.filter.AmFilter.processTaskHandlers(AmFilter.java:189)
       at com.sun.identity.agents.filter.AmFilter.isAccessAllowed(AmFilter.java:152)
       at com.sun.identity.agents.websphere.AmIdentityAsserterBase.processRequest(AmIdentityAsserterBase.java:195)
       at com.sun.identity.agents.websphere.AmTrustAssociationInterceptor.negotiateValidateandEstablishTrust(AmTrustAssociationInterceptor.java:91)
       at com.ibm.ws.security.web.TAIWrapper.negotiateAndValidateEstablishedTrust(TAIWrapper.java:101)
       at com.ibm.ws.security.web.WebAuthenticator.handleTrustAssociation(WebAuthenticator.java:191)
       at com.ibm.ws.security.web.WebAuthenticator.authenticate(WebAuthenticator.java:928)
       at com.ibm.ws.security.web.WebCollaborator.authorize(WebCollaborator.java:531)
       at com.ibm.ws.security.web.EJSWebCollaborator.preInvoke(EJSWebCollaborator.java:262)
       at com.ibm.ws.webcontainer.webapp.WebAppSecurityCollaborator.preInvoke(WebAppSecurityCollaborator.java:132)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java:506)
       at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java:208)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java:134)
       at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java:321)
       at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java:71)
       at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java:246)
       at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java:334)
       at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java:56)
       at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
       at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
       at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:936)
  Thanks,
  Yaseer

• Problem in installing CCB on AIX .

  Hello ,
  I am trying to install CCB2.2.0 on AIX5.3. Following are the details:
  AIX - ($ oslevel -s)--> 5300-07-01-0748
  Websphere - 6.1 (Integrated Solutions Console, 6.1.0.0, Build Number: b0620.14 , Build Date: 5/16/06)
  CCB - 2.2.0
  Perl - 5.8.8
  C3P0 - 0.9.1.2
  Hibernate - 3.2.5
  Cobol-Micro focus 5.0
  After installing the Framework..we are getting the error. We are yet to install teh CCB.
  Following is the error
  $ cd /opt/spl/CCB1DEMO/bin
  $ splenviron.sh -e CCB1DEMO
  Sorry unable to load libcobjvm_ibm_150
  If libcobjvm_ibm_150 is on shared library PATH, then ensure
  'libjava' and 'java' are found on the PATH/Shared Library PATH.
  Version ................ (SPLVERSION) : V2.2.0
  Database Type ............... (SPLDB) : oracle
  ORACLE_SID ............. (ORACLE_SID) : CCB1DEMO
  NLS_LANG ................. (NLS_LANG) : AMERICAN_AMERICA.UTF8
  Environment Name ....... (SPLENVIRON) : CCB1DEMO
  Environment Code Directory (SPLEBASE) : /opt/spl/CCB1DEMO
  App Output Dir - Logs ... (SPLOUTPUT) : /opt/spl/sploutput/CCB1DEMO
  Build Directory .......... (SPLBUILD) : /opt/spl/CCB1DEMO/cobol/build
  Runtime Directory .......... (SPLRUN) : /opt/spl/CCB1DEMO/runtime
  Also please find the .profile file:
  # WebSphere Variables
  WAS_HOME=/opt/WebSphere6/AppServer; export WAS_HOME
  # Java Viariables
  JAVA_HOME=$WAS_HOME/java/jre; export JAVA_HOME
  # Oracle Variables
  ORACLE_HOME=/oracle/product/11.0.1; export ORACLE_HOME
  # RMB Variables
  C3P0_JAR_DIR=/opt/c3p0-0.9.1.2/lib; export C3P0_JAR_DIR
  COBDIR=/opt/SPLcobAS50; export COBDIR
  HIBERNATE_JAR_DIR=/opt/hibernate-3.2.5; export HIBERNATE_JAR_DIR
  # Basic Variables
  PATH=/usr/bin:/etc:/usr/sbin:/usr/ucb:$HOME/bin:/usr/bin/X11:/sbin:.
  PATH=$ORACLE_HOME/bin:$COBDIR/bin:$COBDIR/lib:$PATH
  PATH=$PATH:$WAS_HOME/java/jre/bin:$WAS_HOME/java/bin
  PATH=$PATH:/opt/freeware/bin
  PATH=$PATH:$WAS_HOME/bin
  export PATH
  LIBPATH=$COBDIR/bin:$COBDIR/lib:$JAVA_HOME/bin:$LIBPATH
  LIBPATH=$ORACLE_HOME/bin:$ORACLE_HOME/lib:$JAVA_HOME/bin:$LIBPATH
  export LIBPATH
  # PERL Variables
  PATH=/opt/ActivePerl-5.8/bin:/opt/ActivePerl-5.8/lib:$PATH
  PERLLIB=/opt/ActivePerl-5.8/lib
  PERL5LIB=/opt/ActivePerl-5.8/lib
  export PERL5LIB PERLLIB
  # VI Settings
  EXINIT="set ai tabstop=4 shiftwidth=4"
  export EXINIT
  # Shell Settings
  # Use VI editor commands for shell
  VISUAL=vi;export VISUAL
  # Don't overwrite files when redirecting output
  set +o noclobber
  # No timeout at the secondary shell prompt
  TMOUT=0; export TMOUT
  # Unique history for everyone
  HISTFILE=$HOME/.sh_history$$
  # Cissys Variables - for local scripts and programs
  PATH=/home/cissys/bin:$PATH
  # Announce if there is mail
  if [ -s "$MAIL" ] # This is at Shell startup. In normal
  then echo "$MAILMSG" # operation, the Shell checks
  fi # periodically.
  Thanks and Regards
  Amit

  There is another post on
  Installation of CC&B 2.3
  with the same issue on version 2.3
  You may want to follow it there.

• Problem with Collaboration and Portal accessed via multiple URLs

  Here is the scenario. We have the portal installed that can be accessed from an external domain: portal.company.com. We recently upgraded to WCI 10gR3 and in the process we added an internal server that uses an OAM webgate which handles Integrated Windows Authentication. The URL for out internal access is portal.company.int. The problem comes when we try to access collaboration folders. From our internal URL when we click on a folder in Collab Documents the loading... text come sup and that's it. No other activity in the browser or in PTSpy. If we use the external URL there is no issue.
  Anyone have any ideas on how we can get around this or what the cause could be?

  try to play with the collaboration server url (for the Collaboration Remote Server )
  http://yourserver.com:11930/collab/
  Enter the external url here, or better the name of the machine, something like
  http://<machinename><yourdomain>:11930/collab/
  See if works.
  Hope that helps!
  Val

• JMS Connection Factory jms/QueueConnectionFactory could not be found

  Hi,
  Previously, i tried to extend weblogic domain "oim_domain" that only configured for OIM, and integrate the OIM with OAM 11g.
  The integration was failed, because all users cannot login to OAM login page (using Active Directory authentication), so i rolled back all configuration by copying MW_HOME i've backed-up before extend the weblogic domain.
  When i start the OIM after rolled back, i've found an error message as follow :
  <May 16, 2013 11:38:15 AM WIT> <Error> <oracle.iam.platform.async> <IAM-0050009> <Async Service initialization failed because JMS Connection Factory jms/Queu
  eConnectionFactory could not be found. Please check that a JMS Connection Factory with JNDI Name jms/QueueConnectionFactory is present in the Application Ser
  ver.>
  <May 16, 2013 11:38:15 AM WIT> <Error> <oracle.iam.platform.async> <IAM-0050010> <Error Trace Follows
  javax.naming.NamingException: String index out of range: -1
  at weblogic.jndi.Environment.getContext(Environment.java:308)
  at weblogic.jndi.Environment.getContext(Environment.java:285)
  at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:117)
  at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
  and this error message :
  <May 16, 2013 11:38:15 AM WIT> <Warning> <oracle.iam.platform.utils> <IAM-0070016> <An error occurred while initializing service : oracle.iam.platform.async.
  AsyncService>
  <May 16, 2013 11:38:15 AM WIT> <Warning> <oracle.iam.platform.utils> <IAM-0070016> <An error occurred while initializing service : {0}
  javax.naming.NamingException: String index out of range: -1
  at weblogic.jndi.Environment.getContext(Environment.java:308)
  at weblogic.jndi.Environment.getContext(Environment.java:285)
  at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:117)
  at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
  at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
  Please help.
  Best Regards,
  Heri

  I have the same error!!! Do you manage to solve it?