OBIEE 11.1.1.6.2 BP1 SSO with AD not working on MAC OS 10.6.8

Hi Experts,
We have setup SSO in our production with OBIEE 11.1.1.6.2 BP1 version and Active directory. All seems to work fine on all browsers. But on MAC OS 10.6.8 when we use Safari 5.1.7 it doesn't work. But when we use the application on MAC OS version 10.7.5 and safari version 6.0.1 and it is working fine. Can anyone please let me know if you have come across the scenario and the solution for this. In windows it works perfectly fine on all browsers. Only this version of MAC and Safari is giving us the trouble.
Thanks in advance for any solution provided.
Regards,
Satyabrat

JavaScript and Cookies are enabled. my cookies list shows at least 3 associated with hulu. Funny thing is, if I grab the up/down control bar on right side of screen with my mouse, then hulu plays in a somewhat chopped frame by frame. As soon as I let go, the frame freezes yet audio portion continues.
I don't know what a munged Hulu cookie is, however.

Similar Messages

SSO with WIA not working yet...

Hi,
We are trying to deploy SSO in our PT 5.0.2 portal (running on Windows 2000), but have not been able to get it to work
successfully yet. Microsoft Active Directory 2000 is our user/group source.
The server architecture is as follows:
Server A = Serves as Admin Portal, Portal Server, and Image Server (resides in the DMZ)Server B = Serves as Automation Server (resides inside the firewall)Server C = Serves as Database Server (running SQL Server 2000; resides inside the firewall)Server D = Serves as the Application Server (portlets reside on this server; resides in the DMZ)
All servers reside in the SAME domain.
This is what we have done so far:
1. Installed prerequisite software (i.e. IIS 5.0 and .NET Framework 1.1.4322) on Server C. Successfully installed and
configured the Active Directory Authentication Web Service (i.e. PT Optional Enterprise Web Component) on Server C.
2. Imported the above Web component, ADAWS, into Server A, using the PT Migration Wizard. This automatically created a
"Remote Server" and 2 "Web Services" (namely Authentication Web Service and Profile Web Service) objects on Server A.
3. Created a "Authentication Source - Remote" on Server A. The value in the "Authentication Source Category: " field is
EXACTLY the same as the Active Directory Source Domain. Selected "Authentication and Synchronization" as the Synchronization
setting, and "Full Synchronization."
4. Created a Job and added the above Remote Auth Source as the operation. The JOb ran successfully and imported all users and
groups from Active Directory.
5. Users can successfully login to the portal using the above Remote Auth Source (User ID example: Domain\joe_user).
6. Enabled "Integrated Windows Authentication" ONLY on the "\portal\sso" folder in Internet Services Manager on Server A.
Ensured that the security is set to "Anonymous" on "\portal" and "\portal\bin" folders.
7. Enabled SSO in the Portal, by entering the SSO Secret key in the SSO tab in the PT Admin Applet on Server A.
8. Created a "Authentication Source - SSO" on Server A. Entered the same SSO Secret key entered above and successfully
validated it.
9. Configured SSO integration with Windows Integrated Authentication (WIA) by editing the PTconfig.xml file. The edits are as
follows:
<SSOVendor value="5"/><DefaultAuthSourcePrefix value=""/><CookieDomain value=".companyname.com" />
NOTE: I did not have to edit the "sso.xml" file since the Auth Source category is EXACTLY the same as the Active Directory
Source Domain.
10. Edited the "Authentication Source - Remote" that we created in step 3 above, and changed the setting to
"Synchronization." And then selected the "Authentication Source - SSO" (created in step 8 above) from the "Authentication
Partners: " drop down list.
11. Users can still successfully login to the portal using the Remote Authentication Source after the above change.
12. Server D hosts a remote portlet. It is an IFRAME portlet (written in ASP) that has "href" links to several apps that
reside on Server D. The security on the folder, that contains this portlet, in Internet Services Manager, is set to
"Integrated Windows Authentication." Created a "Remote Server" object for Server D on Server A. Then created a "Web Service -
Remote Portlet" object for the portlet. In the Web Service, I selected the Remote server that I created, and entered only the
remaining path to the portlet (i.e. Portlet URL setting), since PT provided the "http://serverD/" portion. Finally created a
"Portlet" object.
13. users login to the portal using their domain ID (i.e. Domain\joe_user). They are then able to add the portlet to their
page. But when they attempt to click on the links in the portlet they are challenged to enter their user name and password
again.
What step or setting are we missing here? Any help will be sincerely appreciated.
Best regards,Kiran

Hi Rajendrakumar,
You probably haven't updated the ACL properly via STRUSTSS02.
The portal server digitally signs logon tickets as it issues them to the portal users. SAP Systems need to accept the tickets and verify the portal servers digital signature. The following information is important for the SAP System to be able to accept and verify logon tickets:
· The SAP System should only accept logon tickets issued from their designated portal server. Therefore, the identity of the portal server needs to be entered in the SAP Systems Single Sign-On (SSO) access control list (ACL).
· The SAP System needs to be able to verify the portal servers digital signature. The portal server has a self-signed certificate, therefore the SAP System needs access to the portal servers public-key information, which needs to be entered in the SAP Systems certificate list.
Check the following procedure
http://help.sap.com/saphelp_nw70/helpdata/en/78/f1a8490e7011d6999500508b6b8a93/frameset.htm
Regards,
Siddhesh

SSO with SSL not working

We've set up SSL to use with 10g AS Portal (9.0.4). Actually, all we want is to have the SSO sign in securely.
So if I go to https://www.myserver.com:4446/pls/portal I get a portal page. However when I try to login it reverts back to non-SSL. Also, if I go to https://www.myserver.com:4445/pls/orasso the SSO server comes up, but doesnt let me login (no entries in the Enabler Config table) Do I have to run ssodatax? And how can I tell portal to use the SSO through SSL once I fix that?
Im using Oracle 10g AS (9.0.4) on Red Hat 3.0
Thanks

Hi Tim,
Thank you for the update.
Is this the option you are specifying (i,e) located in Tomcat/conf/server.xml.
Define a SSL Coyote HTTP/1.1 Connector on port 8443
    <Connector port="8443"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" debug="0" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
So, should we add any parameter called headersize?
Please let us know the parameter that needs to be added.
Thanks..

SSO with BSP Not Working

Hi
I am running Nw2004s Portal with ECC5 as BackEnd.
I have Configured the ECC5 for SSO using RZ10 and strustsso2.
The Portal UserIDs are same as those in ECC5 .
The SSO is working fine with ESS in the Portal.
But when i run a BSP iView then it asks for UID,PWD in a PopUp.
I am accessing the Portal with FQDN and in the properties of the System
referred by BSP also maintained FQDN of the backend WebAS.
How to get rid of this Login PopUp for BSP ?
Any Help will be highly appreciated !
Regards,
Rajendra

Hi Rajendrakumar,
You probably haven't updated the ACL properly via STRUSTSS02.
The portal server digitally signs logon tickets as it issues them to the portal users. SAP Systems need to accept the tickets and verify the portal servers digital signature. The following information is important for the SAP System to be able to accept and verify logon tickets:
· The SAP System should only accept logon tickets issued from their designated portal server. Therefore, the identity of the portal server needs to be entered in the SAP Systems Single Sign-On (SSO) access control list (ACL).
· The SAP System needs to be able to verify the portal servers digital signature. The portal server has a self-signed certificate, therefore the SAP System needs access to the portal servers public-key information, which needs to be entered in the SAP Systems certificate list.
Check the following procedure
http://help.sap.com/saphelp_nw70/helpdata/en/78/f1a8490e7011d6999500508b6b8a93/frameset.htm
Regards,
Siddhesh

SSO to R3 not working after system copy

Hi Experts,
Recently our QA R3 client XXX was deleted and the whole system was rebuild using system copy of client ZZZ of R3 production. Now we had to reconfigure the SSO between portal and QA R3 with the new client.
But it is not working. It was found that the QA R3's own self signed certificate shows CN=ERP (same as R3 Prod) and not ERU as it should have been. We changed the CN value to ERP,in Visual Admin (Services ->key storage , Ticket ). Still the result is same.
How to re-generate the self signed certificate in R3 with CN=ERU ?
or a workaround for this problem.
Regards
Jimmy

HI Jayendra
Recreate the saplogonticketkeypair following the procedure outlined here
http://help.sap.com/saphelp_nw70/helpdata/en/75/c80b424c6cc717e10000000a155106/content.htm
Then you can export the SAPLogonticketkeypair-cert (public key certificate) of the Java AS and import it into the target ABAP system
Important: the following two steps must be done in the ABAP client that will receive the logon tickets i.e the ABAP client that the component/application on the Java AS is configured to connect to e.g the client specified in the portal iview properties or the client specified in a Web Dynpro JCo Destination
(1) Import the public-key certificate of the Java AS into the ABAP systems certificate list using transaction STRUSTSSO2
(2) Add the certificate to access control list
When adding the certificate to the ACL the SID should be set to the SID of the ticket issuing Java AS and the client should be set to the client that the Java AS is writing to the logon tickets i.e the value of login.ticket_client in the Java AS
Remember, in an Add-In installation, where the system IDs are the same, you must change the default client for the J2EE Engine (000) to a client that does not exist on the SAP Web AS ABAP system e.g change login.ticket_client to 999
See: http://help.sap.com/saphelp_nw70/helpdata/en/cb/ac3d41a5a9ef23e10000000a155106/content.htm
The reason for this change is that the system ID and client combination must be unique when tickets are to be accepted by an SAP Web AS ABAP system
By the way it is better to start a new thread with your question rather than bumping a thread that was already set to 'answered'

SSO Partner Application not working

Hi,
I have OBIEE running on a different box. I need to enable SSO for OBIEE. I deployed the analytics.war file in the home oc4j container of Oracle Portal and manually registered it as a Partner Application, made following changes in mod_osso.conf inside ORACLE_PORTAL_HOME/Apache/Apache/conf and restarted the apache server. But when I access the application it does shows me the SSO login page but after entering the credentials it throws internal server error. I checked the log files but don't see any errors in there so wondering what could be wrong.
Here is what I have added in the mod_osso.conf
<Location /analytics>
Header unset Pragma
OssoSendCacheHeaders off
AuthType Basic
require valid-user
</Location>Any help is appreciated.
Thanks

please check your $ORACLE_HOME/sso/log/ssoreg.err and $ORACLE_HOME/sso/log/ssoreg.log and see if you have errors in your sso-registration.
thanks!
AMN

Partner App OAS SSO integration does not work

Hi All,
I try to make OAS SSO work. I have app I built in HTML DB, I try to make it work as Partner Application for OAS SSO. I've done all requierments to install SSO SDK and try to make it work - it was fruitless.
Then I try to make Test App work (\ssosdk307_032101\demo\plsql\) - it was fruitless also.
I received the same error messages in Apache error_logs:
[Thu Nov 4 12:06:54 2004] [error] [client 192.168.83.43] [ecid: 1099562814:192.168.83.197:9461:0:1,0] mod_plsql: /test2/test_setup HTTP-503 ORA-6550 Call to WPG_SESSION API Failed.
[Thu Nov 4 12:06:54 2004] [error] [client 192.168.83.43] [ecid: 1099562814:192.168.83.197:9461:0:1,0] mod_plsql: ORA-06550: line 4, column 2:
PLS-00201: identifier 'FLOWS_010500.WPG_SESSION' must be declared
ORA-06550: line 4, column 2:
PL/SQL: Statement ignored
ORA-06550: line 5, column 16:
PLS-00201: identifier 'WPG_SESSION_PRIVATE.CREATE_SESSION' must be declared
ORA-06550: line 5, column 2:
PL/SQL: Statement ignored
ORA-06550: line 6, column 15:
PLS-00201: identifier 'WPG_SESSION_PRIVATE.GET_LW_USER' must be declared
ORA-06550: line 6, column 2:
PL/SQL: Statement ignored
ORA-06550: line 7, column 2:
PLS-00201: identifier 'FLOWS_010500.WPG_SESSION' must be declared
ORA-06550: line 7, column 2:
PL/SQL: Statement ignored
Could someone point me what to do in order to make it work? I guess I miss some step but I don't know what one I've missed :(((
Thanks,
Sergiy

Scott,
Thanks for your reply. I double check instruction and re-done all steps. I try to start demo application (I didn't even go further tneh step 4 in Install.txt!)
from ...\ssosdk307_032101\demo\plsql\Readme.txt 5. To verify the web server setup, go to the following URL to see the test page:
http://<hostname>:<port>/pls/<dad_name>/<schema_name>.test_setup
, but I receive the same error messages in IE and in Apache error_logs.
I see at this point one weak area - this is DAD. As I understand I need to create dad in dads.conf, am I right?
Maybe I didn't created it right?
Could you post some working dad for SingleSignOn?
Thanks,
Sergiy

SSO logon tickets not working in two different OS

HI All,
We have sucessfully implemented SSO logon tickets concept to access a j2ee application through portal on windows OS.
We could able to do the samething on two j2ee instances installed on two different machines on same domain. I mean, deploying our application in one j2ee instance and accessing the application thru portal of another j2ee instance thru SSO logon ticket by adding some configuration steps in Visual administrator given in help.sap.com. This also we did in same OS windows.
But now the problem is, when we try to implement the above scenario in two different OS, say application is deployed on HPUX machine, and accessing that application through Portal from Solaris machine, SSO logontickets is failing. Means we couldnt able to access the application. Both the OS are in same domain only.
What extra configuration steps need to be done in VA, to get work with two different OS?
Please share ur ideas.
Regards,
Satish.

Hi..
I guess probabaly the internet explorer doesnot accept the sso ticket.
What you can probably check is that the compatability of explorer for the solaris and HP UX os with Windows OS.
Also,please check whether the SSO ticket is getting populated and What error are you getting exactly when the SSO fails and that will give some idea to proceed further
<u>deploying our application in one j2ee instance and accessing the application thru portal of another j2ee instance[/u
What the above mean...how are you deploying ?? what tool ?? which J2EE instance out of the two ??
Thanks
Gopal

SSO To ITS not working

Hi Experts,
Here is the issue:
I have 2 Internal Portals SP and EP.
1.If I open SP Portal from Internet Explorer, SSO Tickets are getting generated and I am able to Login using SSO to SP - ITS machines.
2.If I open EP Portal from Internet Explorer and In the same Browser If I open SP Portal,now I am unable to Login using SSO to SP - ITS Machines.It is showing logon screen.
The Issue might be SSO Tickets generated by EP Portal do not subsequently allow SSO to SP ITS Machines.
Could you please let me know where exactly goes wrong,and where should I make changes to rectify this issue.
Any help would be highly appreciated.Thankx in advance.
Regards,
Karthick

Hi Karthick,
This blog might be interesting for troubleshooting.
/people/dennis.kleymeonov/blog/2005/09/15/connecting-sap-systems-to-enterprise-portal-with-sso
You might also get more information with the hints given in SAP note 495911.
Thanks and regards,
Dieter

BO SSO (SNC) is not working in InfoView

Hi Gurus,
We are facing a very strange scenario in our Production environment.
The BO SSO (SNC) is working fine in Dev and QA. The problem is in Production (clustered environment).
The details are following:
The SIA is running in 3 different servers (for load balance): Server1 (our CORE server), Server2, and Server3
CMS is running only in Server1, it has been stopped in Server2 and Server3.
Also we have 4 WebI Processing Servers in each server (4 x 3 = 12). Like below:
Server1.WebI Processing Server
Server1.WebI Processing Server1
Server2.WebI Processing Server
Server2.WebI Processing Server1
Server3.WebI Processing Server
Server3.WebI Processing Server1
The TOMCAT is running in a separate server (Server4). It is pointing to Server1 since CMS is in Server1.
SNC configuration steps are following:
1. Generated BO certificate (BO.crt) in all three BO servers. Ie., BO.crt is available in all 3 servers.
2. Imported the BO certificate in SAP. Then generated SAP certificate (SAP.crt).
3. Imported the SAP certificate in all 3 BO servers.
4. Provided SSO credential for domain user in all 3 servers. [Domain user is same in all 3 servers]
5. In CMC  SAP filled the Entitlement system, SNC, Options.
6. Imported the SAP users.
7. Aliased the WindowsAD users to SAP Roles.
Scenario 1:
1. Logged in to Designer via SAP Authentication with user id USER1. Created a new test universe (Universe1) with option u2018Use single sign-on...u2019
Universe is working fine. Exported it to repository.
2. Logged into InfoView via WindowsAD with user id USER1.
Created a test report (Report1) from the SSO universe. Report is working fine.
Saved the report into the public folder.
3. Logged into InfoView via WindowsAD with user id USER2.
Refreshed the saved report. But itu2019s throwing the error message u201CUnable to connect to SAP BW server Incomplete logon datau201D
Created a new report from the SSO universe, but same above error message.
Scenario 2:
1. Logged in to Designer via SAP Authentication with user id USER2. Created a new test universe (Universe2) with option u2018Use single sign-on...u2019
Universe is working fine. Exported to repository.
2. Logged into InfoView via WindowsAD with user id USER2.
Created a test report (Report2) from the SSO universe. Report is working fine.
Saved the report in the public folder.
3. Logged into InfoView via WindowsAD with user id USER1.
Refreshed the saved report. But it is throwing error message u201CUnable to logon to BW logon data imcompleteu201D
Created a new report from the SSO Universe, but same above error message.
Note:
- I donu2019t have Xcelsius in my machine. BOE and Integration kit both are in same version (XI 3.1 sp3).
- We used IP address as Application server in CMC SAP and Universe Connection Parameter.
Sofa log detail is following:
Wed Jun 08 01:51:31.414 ThreadID<7180> SAPMODULE : Calling m_pRfcWrapper->RfcOpenEx() ...
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : RfcOpenEx(...) returned 0
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Unable to connect to SAP BW server connection closed without message (CM_NO_DATA_RECEIVED)Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Call to m_pRfcWrapper->RfcOpenEx() took 0.047 seconds
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Unable to authenticate using SNC because the URI does not meet the minimum connection requirements.
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Warning: SNC was enable and failed. The authentication process is falling back to secondary Credentials...
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Determining if we can connect using SSO. Calling CanAuthenticate...
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Authentication model for SAP connectivity is SSO
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : Serialized session exists, try deserializing it.
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : The SAP SSO authentication process will fail because the SAP secondary credential are not properly updated and the password is blank.
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : SAPSSOAuthenticationService::~SAPSSOAuthenticationService
Wed Jun 08 01:51:31.461 ThreadID<7180> SAPMODULE : SAPSNCAuthenticationService::~SAPSNCAuthenticationService
Why it is behaving like that?
Thanks for your help.
regards,
Kiruba v.r.

Hi,
Server side trust configuration is well documented as part of the installation guide for the SAP Integration Kit.
Server side trust does NOT require a SNC user on the entitlement system page.
Ingo

SSO for Java not working

Hi,
We have configured the Secure login Server and enabled the SPNEGO. We are getting the certificates and able to fully get the features of X.509 and Kerberos functionallity in ABAP.
However in the case of JAVA stack it is not taking the windows authentication and logging in instead prompting to enter the user name and password.
Any help on this is appreciated.
Regards
Mukunthan

Hi,
Following is the log trace. I am using AS JAVA 7.4. From security trouble shooting wizard, i pulled the trace.
Trace as follows
Can't map exception.
[EXCEPTION]
com.sap.engine.services.security.exceptions.BaseLoginException: Cannot authenticate the user.
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:131)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.services.security.login.FastLoginContext.login(FastLoginContext.java:280)
at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.logon(SAPJ2EEAuthenticator.java:876)
at com.sapportals.portal.prt.service.authenticationservice.AuthenticationService.login(AuthenticationService.java:453)
at com.sapportals.portal.prt.service.hook.SecurityHookService.doNodeHook(SecurityHookService.java:151)
at com.sapportals.portal.prt.connection.PortalHook.doNodeHook(PortalHook.java:383)
at com.sap.portal.prt.pom.factory.ComponentNodeFactory.newInstance(ComponentNodeFactory.java:136)
at com.sap.portal.prt.pom.factory.ComponentNodeFactory.newInstance(ComponentNodeFactory.java:49)
at com.sap.portal.prt.pom.PortalNode.createComponentNode(PortalNode.java:270)
at com.sap.portal.prt.core.PortalRequestManager.runRequestCycle(PortalRequestManager.java:445)
at com.sapportals.portal.prt.connection.ServletConnection.handleRequest(ServletConnection.java:202)
at com.sap.portal.prt.dispatcher.DispatcherServlet.service(DispatcherServlet.java:132)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:202)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:103)
at com.sap.portal.prt.dispatcher.CustomHeaderFilter.doFilter(CustomHeaderFilter.java:58)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:334)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:490)
at com.sap.portal.navigation.Gateway.service(Gateway.java:161)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:202)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:103)
at com.sap.portal.http.EnrichNavRequestFilter.doFilter(EnrichNavRequestFilter.java:49)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at com.sap.portal.prt.dispatcher.CustomHeaderFilter.doFilter(CustomHeaderFilter.java:58)
at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:79)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:432)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:210)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:441)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:430)
at com.sap.engine.services.servlets_jsp.filters.DSRWebContainerFilter.process(DSRWebContainerFilter.java:38)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ServletSelector.process(ServletSelector.java:81)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.servlets_jsp.filters.ApplicationSelector.process(ApplicationSelector.java:278)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.WebContainerInvoker.process(WebContainerInvoker.java:81)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.ResponseLogWriter.process(ResponseLogWriter.java:60)
at com.sap.engine.services.httpserver.chain.HostFilter.process(HostFilter.java:9)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DefineHostFilter.process(DefineHostFilter.java:27)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MonitoringFilter.process(MonitoringFilter.java:29)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.SessionSizeFilter.process(SessionSizeFilter.java:26)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.MemoryStatisticFilter.process(MemoryStatisticFilter.java:57)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.filters.DSRHttpFilter.process(DSRHttpFilter.java:43)
at com.sap.engine.services.httpserver.chain.ServerFilter.process(ServerFilter.java:12)
at com.sap.engine.services.httpserver.chain.AbstractChain.process(AbstractChain.java:78)
at com.sap.engine.services.httpserver.server.Processor.chainedRequest(Processor.java:475)
at com.sap.engine.services.httpserver.server.Processor$FCAProcessorThread.process(Processor.java:269)
at com.sap.engine.services.httpserver.server.rcm.RequestProcessorThread.run(RequestProcessorThread.java:56)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:122)
at com.sap.engine.core.thread.execution.Executable.run(Executable.java:101)
at com.sap.engine.core.thread.execution.CentralExecutor$SingleThread.run(CentralExecutor.java:328)
Caused by: javax.security.auth.login.LoginException: Trigger SPNEGO authentication.
at com.sap.security.core.server.jaas.SPNegoLoginModule.initialStateException(SPNegoLoginModule.java:366)
at com.sap.security.core.server.jaas.SPNegoLoginModule.login(SPNegoLoginModule.java:173)
at com.sap.engine.services.security.login.LoginModuleLoggingWrapperImpl.login(LoginModuleLoggingWrapperImpl.java:254)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:66)
... 64 more
Regrds
Mukunthan

OBIEE 11.1.1.6.2 BP1 not formatting properly to PDF

We have upgraded to OBIEE 11.1.1.6.2 BP1. With Version 10 I was able to format reports that, when printed to PDF, maintained the report format such as repeating the column headings, font style and size, number of rows per page and column width. With this new version the only thing I can control appears to be the column width. No other format styles are recognized. I've tried custom CSS Style settings as well setting everything individually but to no avail. Any thoughts?

user7691935 wrote:
We have upgraded to OBIEE 11.1.1.6.2 BP1. With Version 10 I was able to format reports that, when printed to PDF, maintained the report format such as repeating the column headings, font style and size, number of rows per page and column width. With this new version the only thing I can control appears to be the column width. No other format styles are recognized. I've tried custom CSS Style settings as well setting everything individually but to no avail. Any thoughts?Hi,
Refer to the following article on MOS: This is a known issue, and oracle has registered a bug # 14521552
OBIEE 11g: Exporting an Analysis to PDF Corrupts the Column Headers with HTML Markups [ID 1491351.1]
Thanks,
A. Y

SSO with EP 6.0 and R/3 as backened not working

Hi ,
I am implementing ESS in EP 6.0 and r/3 4.7c as backend. SSO is working with UIPWD. but when I try with LogonTickets it does not work.
I tried with ordinary SAP transaction SSO with logon tickets works. But through ITS if I call a ESS transaction service It asks me for login user and password.
What are the setting to be done in ITS for SSO towork. I have set the parameter
msapcomusesso2cookie = 1 in the global.svrc file.
I do not know what is wrong. Please help.
Regards,
Ramesh

Hi,
I am using a standalone ITS for a R/3 4.7 system.
How should I maintain a FQDN for ITS?
You are right,
now it is not of the format hostname.domain.com:port format. It is of the format hostname:port.
But where should I change this format. The host name of the system where the ITS is setup is <hostname> only.
can you please tell me as to where should I maintain the FQDN as the specific format you suggested.
Regards,
Ramesh

Filter did not work at OBIEE Version 11.1.1.7.0

String repSQL = report.generateReportSQL(reportRef, rp, m_sessionID);
The “Filterexpression” is working well for the OBIEE Version 11.1.1.6.0 but it is not working for OBIEE Version 11.1.1.7.0.
(i.e) While i try to run “Filterexpression” in for OBIEE Version 11.1.1.7.0. , i get the following errors
AxisFault faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server faultSubcode:
faultString: Assertion failure: pMatchFilterFromPropBag != 0 at line 3051 of roject/webreport/globalfilterutils.cpp faultActor: faultNode: faultDetail:
{com.siebel.analytics.web/soap/error/v1}Error: <sawsoape:Code>ACIOA5LN</sawsoape:Code>
<sawsoape:Message>Assertion failure: pMatchFilterFromPropBag != 0 at line 3051 of project/webreport/globalfilterutils.cpp</sawsoape:Message>
<sawsoape:File>globalfilterutils.cpp</sawsoape:File>
<sawsoape:Line>3051</sawsoape:Line>
Assertion failure: pMatchFilterFromPropBag != 0 at line 3051 of project/webreport/globalfilterutils.cpp
ead.run(SimpleThreadPool.java:557)

Go to Control Panel > Add or Remove Programs (Win XP) or Programs and Features (later)
Remove all of these items in the following order:
iTunes
Apple Software Update
Apple Mobile Device Support (if this won't uninstall move on to the next item)
Bonjour
Apple Application Support
Reboot, download iTunes, then reinstall, either using an account with administrative rights, or right-clicking the downloaded installer and selecting Run as Administrator.
The uninstall and reinstall process will preserve your iTunes library and settings, but ideally you would back up the library and your other important personal documents and data on a regular basis. See this user tip for a suggested technique.
Please note:
Some users may need to follow all the steps in whichever of the following support documents applies to their system. These include some additional manual file and folder deletions not mentioned above.
HT1925: Removing and Reinstalling iTunes for Windows XP
HT1923: Removing and reinstalling iTunes for Windows Vista, Windows 7, or Windows 8
tt2

OBIEE 11g and SSO with Browser Cookie

In OBIEE 10g we were able to configure the Presentation Server to accept a browser cookie. The cookie value would be passed to the BI Server as the :USER variable. A BI Server Repository Initialization Block would execute a SQL SELECT statement which would return the PeopleSoft username based on the cookie value.
We added the following to the 10g instanceconfig.xml:
<CredentialStore>
<CredentialStorage type="file" path="D:\oracle\OBIEE_UD\Data\web\config\credentialstore.xml" passphrase="another_secret" />
</CredentialStore>
<Auth>
<SSO enabled="true">
<ParamList>
<Param name="IMPERSONATE" source="cookie" nameInSource="PS_TOKEN"/>
</ParamList>
</SSO>
</Auth>
The Initialization Block SQL is:
SELECT mGetTokenUserid(':USER') FROM DUAL
mGetTokenUserid is a PL/SQL function which invokes a PeopleSoft web service. The web service simply returns the username for a valid PS_TOKEN cookie.
The Initialization Block works fine in OBIEE 11g.
Unfortunately the instanceconfig.xml settings from 10g do not work in 11g. There is also nothing in the OBIEE 11g documentation which discusses how to tell the system to use a specific cookie value for authentication.
Any guidance as to where in the Fusion Middleware or WebLogic security documentation we might find details on how to get the system to pass the PS_TOKEN cookie to the BI Server in 11g?
Thanks,
Mark Johnson
State of Minnesota

Not a full answer but....
, WebLogic can accept third party tokens as defined here:
http://download.oracle.com/docs/cd/E14571_01/web.1111/e13718/ia.htm#DEVSP258

OBIEE 11.1.1.6.2 BP1 SSO with AD not working on MAC OS 10.6.8

Similar Messages

Maybe you are looking for