OBIEE Integration with Oracle Access Manager (OAM)

Similar Messages

• WCI single sign on(SSO) configurations with Oracle Access Manager(OAM)

  I have to integrate the oracle access manager with the WCI(ALUI) for the SSO implementation.What are the configurations required to implement SSO with oracle access manager in WCI/ALUI

  Any answer to the last question on..?
  No, better explain my query with 2 scenarios:
  Scenario 1:
  Usual scenario authentication of a user to a web application without the single web functionality on the acces single manager:
  Login screen of the web application ====> Access to the web application home
  Scenario 2:
  Scenario authentication of a user to a single web application with web functionality on the acces single manager:
  Login screen oracle access manager ====> Display login web application ====> Access to the web application home
  My query is:
  You can configure the functionality of single sign on to access manager with a web application that does not have its login screen of the web application. For example:
  Login screen oracle access manager ====> Access to the web application home

• UCM Integration with Oracle Access Manager

  Hi,
  We have successfully integrated UCM with OAM for Single Sign On purpose. If we click the 'Login' link of UCM Home page, it will be redirected to OAM SSO page, asking for user credentials. The entered user credentials will get validated with OID.
  Also we have implemented LDAP configured with UCM.
  We are using search.wsdl througn webservice proxy (option in jdeveloper) for searching the documents in UCM. The problem arises when we add the UCM URL to OAM for SSO authenication, we are unable to do the search process through webservices.
  The below code is the code to set the authenication for search.wsdl.
  ( WEB PROXY URL : http://localhost/idc/idcplg -)
  SearchSoapClient searchItem     = null;
  IdcPropertyList extraProps      = null;
  String dDocType                 = null;
  AdvancedSearchResult        result;
  SearchResults[] src             = null;
  searchItem                      = new SearchSoapClient();
  searchItem.setUsername("sysadmin");
  searchItem.setPassword("idc");
  When i remove the UCM url from OAM (i.e) not enabling the SSO, the above code is working.
  I need to set the logged in USER value for this authenication. How to resolve this issue.
  Edited by: user1117227 on Apr 17, 2009 4:13 AM

  Hi,
  Could you please help me with the integration guide for UCM & OAM integration?
  Regards,
  Ashish

• Issues integrating WebCenter with Oracle Access Manager

  Hi All,
  I am trying to integrate WebCenter 10.1.3.2 with Oracle Access Manager (CoreId). Followed the steps described in the Chapter 11 of the OC4J Security Guide.
  I was able to successfully authenticate WebCenter using IWA with Access Manager.
  Then I proceeded with the below steps:
  - Implemented ADF Security in the application. Created application roles and login page and worked fine on my local machine.
  - Provide the auth-method of "COREIDSSO" in orion-application.xml
  - Renamed the app-jazn-data.xml to give the OID groups
  - Mapped the OID groups to application roles in orion-application.xml
  - Used the jazn migration tool to populate the system-jazn-data.xml
  When trying to access the application, it looks like the ADF Context identifies that this is an authenticated user.
  ADFContext.getCurrent().getSecurityContext().isAuthenticated() retruns true
  ADFContext.getCurrent().getSecurityContext().isAuthorizationEnabled() returns true
  I get the below error message on the server console:
  [CoreIDLoginModule::getUserSessionFromCookie]: This user session for F3iwZhUGgjej9RSrMLSo0wjH5Ec6c2oeC0OBRH12y7%2FvfPVncz6dYoBoFD6q8DWAlMtzah%2FYV4T1t7jztVFYbxwfOyu0VOMXMEIosRrFicfJwoPRrM8MOkFsziQxpUqo98XrC9iBRHffdWSItNHZRZK4ZoCJMi6HZZ6noOc4Z%2BGJDGj3kWndYHTWjiG0cJhkSbL95wMmrXCDElzZHjPMdkuNQUHW1TfAJvgSlDeX6hhhIThlc%2BGmxMP3MQ%2FZoxUysbKieIJgDXo1%2FEMmLmTVjA%3D%3D is not valid or user is not logged in.
  I also tried using the "Headervar" variable to display the obmygroups value, but it comes as blank.
  Any help would be appreciated.
  Thanks
  Aneesh

  We recently integrated Webcenter Application (with ADF Authentication and Authorization) with OAM. May be the following will be of some help to you.
  We did the following steps documented in Chapter 11 Oracle Access Manager in Oracle J2EE security guide.
  OAM
  1. Created ALL specified policies , authentication schemes, protection specified in OAM section of the document.
  OC4J
  1. Ran all configuration listed for the OC4J section.
  Webcenter
  1. Developed the Webcenter Application
  2. Enabled ADF Security (Authentication & Authorization)
  3. Deployed the application. While deploying chose File based provider.
  4. After the deployment, changed orion-application.xml to have COREIDSSO as documented in Oracle documentation
  system-jazn-data.xml
  1. Added login module details as specified in the document. (Changed only the application name. Rest all was same as we used names as specified in the earlier steps of the document)
  OID Migration
  Reference document: "Configuring a WebCenter Application to Use Oracle Access Manager" in Webcenter Framework Developer guide.
  1. Located app-jazn-data.xml in the deployed application
  2. Removed "realm-name" and "type" subelements of "grantee" tags. Removed any realm details in user name.
  3. changed references to "class oracle.security.jazn.spi.xml.XMLRealmRole" to "oracle.security.jazn.realm.CoreIDPrincipal"
  4. ran the JAZN migration tool with "all" options. Migration from app-jazn-data.xml to OID.
  OAM
  Created policies for protecting our application.
  Test the application.
  Debugging.
  1. Enable oracle.adf.share.security , oracle.j2ee.security & oracle.j2ee.security.oc4j loggers to debug if the application is not working the way you expect to work.
  2. Set log level in Enterprise manager.
  3. All logging information are written in log.xml in $ORACLE_HOME/j2ee/OC4J_Webcenter/log/OC4J_WebCenter_default_group_1/oc4j
  Thanks

• Integrating Oracle EBS R12 with Oracle Access Manager 11g

  Hi Everyone ,
  Oracle Access Manager version 11.1.1.5
  Oracle Identity Management 11.1.1.6.0
  Oracle Access Manager WebGate 11.1.1.5
  Oracle E-Business Suite AccessGate patch p12796012
  Apps Version : 12.1.1
  DB Version 11.2.0.3
  PLatform : OEL 5.8
  We are trying to Integrating Oracle E-Business Suite Release 12 with Oracle Access Manager 11g using Oracle E-Business Suite AccessGate.We followed metalink id's
  1309013.1 and 1543803.1 and some other documents.We have performed every step as documented , and everything seems to work fine untill user tries to log out from Oracle Applications i.e User
  is able to login to Oracle Applications through access gate and everything is working fine. But as user click logout button an error messsage is diplayed like "*500*
  *Internal Server Error Servlet error: An exception occured* " (The url at the time of this message is http://hostname:port/OA_HTML/AppsLogout ).
  Apps Tier (oacore) Application log:-
  +13/05/15 19:04:20.229 html: Servlet error+
  java.lang.NoSuchMethodError: oracle.apps.fnd.sso.SSOManager.getAuthAgentLogoutUrl(Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;
  at oracle.apps.fnd.sso.AppsLogoutRedirect.doGet(AppsLogoutRedirect.java:193)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)+
  at oracle.apps.jtf.base.session.ReleaseResFilter.doFilter(ReleaseResFilter.java:26)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)+
  at oracle.apps.fnd.security.AppsServletFilter.doFilter(AppsServletFilter.java:318)
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:621)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)+
  +at com.evermind[Oracle Containers for J2EE 10g (10.1.3.4.0) ].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)+
  Apps Tier Apache Error log :-
  +[Wed May 15 18:50:52 2013] [error] [client 192.168.0.2] [ecid: 1368624052:192.168.0.61:10798:0:44,0] File does not exist: /u01/eBiZR12/apps/apps_st/comn/java/classes//+
  WE have set all required profile in Oracle Application as directed in documents , and users are able to login just fine , but they are not able to logout.
  IS there something that we are missing , any help is highly appreciated.
  Regards
  Edited by: TheKop88 on May 16, 2013 11:39 AM

  Hi there ,
  Thanks for reply ,
  We had already gone through that document earlier. We noticed that when Apllication Profile "*Apllications SSO Type* " is set to SSWA then OA_HTML/AppsLogout is
  working fine , but when we set "*Applications SSO Type*" to SSWA w/SSO then OA_HTML/AppsLogout is not working(not redirecting) .Error thrown on web browser is "+500 Internal Server Error Servlet error: An exception occurred. The current application deployment descriptors do not allow for including it in this response+" . we believe that we might have missed some Profile settings that is causing this error.
  Regards
  Edited by: TheKop88 on May 16, 2013 12:03 PM
  Edited by: TheKop88 on May 16, 2013 12:07 PM

• Extending Domain with Oracle Access Manager 10g

  Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management
  11g Release 1 (11.1.1)
  Part Number E12035-05
  http://download.oracle.com/docs/cd/E14571_01/core.1111/e12035/toc.htm
  Chapter 10 - Extending the Domain with Oracle Access Manager 10g
  - Section 10.4.3 Installing WebGate on OAMADMINHOST, WEBHOST1, and WEBHOST2
  Question:
  How many webgate instances should be created?
  1) Is there only on instance and the three installation share the same ID?
  2) Is there two instances? one for the web cluster, the other for the OAM Admin Console server?
  3) Is there three separate webgates and instances?
  Thanks

  It should be this way:
  Ebiz:
  1. Integrate OAM with OASSO
  2. Register OASSO and OID with Ebiz11.5.10.2
  3. Protect the resource in OAM
  4. Verify if authentication is successful for this resource.
  Obiee:
  1. Integrate OBIEE with OAM
  2. Verify if authentication is successful for this resource.
  IWA:
  1. Install IIS webser and webgate
  2. Create authentication scheme which protects / of IIS web server.
  Create a Form Authentication Scheme(this scheme should protect OBIEE and EBiz resource) which will have challenge redirect to IIS web server where IWA is configured and / is protected.
  Login Flow:
  1. User tries to access ebiz or obiee resource.
  2. Form Authentication Scheme will challenge redirect to IIS web server where IWA is configured.
  3. As IWA is configured. User will be automatically get ObSSOCookie.
  4. User gets redirected back to the requested resource.
  There is a My oracle support doc which talks in details about this setup.

• Error during execution of SSO with Oracle Access Manager 11gR2

  Hello friends,
  I have a problem with SSO using Oracle Access Manager 11g R2, then describes the steps taken in this test:
  1. Is accessed by the OAM protected application through IE browser, Chrome and Firefox for testing purposes.
  2. The OAM protected application, here is redirected to the OAM page to enter the credentials for the application.
  3. Shows the application, and again reorders authentication credentials.
  Here the details of the cookie:
  a. cookie1: ADMINCONSOLESESSION
  b. cokkie2: OAMAuthnCookie_webgate11g.domain.com: 7777
  We also found an error when starting the node oam_server in WebLogic Server 11g (10.3.6)
  Log:
  [2012-11-29T18:16:02.411-05:00] [oam_server1] [ERROR] [JPS-03156] [oracle.jps.authorization.framework] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JhEStpUFW7WFLzRL8A1GhylJ000002,0] [APP: oam_server#11.1.2.0.0] The exception has been thrown by ARME. The authorization result is set to deny.[[
  com.bea.security.providers.authorization.asi.InvocationException: ArmeRUNTIME Exception: null
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:396)
       at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
       at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
       at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
       at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
       at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
       at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
       at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
       at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
       at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
       at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
       at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
       at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
       at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
       at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
       at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
       at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
       at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
       at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
       at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
       at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
       at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
       at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  Caused by: com.wles.InternalException: ArmeRUNTIME Exception: null
       at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
       at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
       at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
       at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
       at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
       ... 52 more
  causal exception is:
  com.wles.InternalException: ArmeRUNTIME Exception: null
       at com.wles.arme.Credentials_ca.exceptionTransport(Credentials_ca.java:606)
       at com.wles.arme.Credentials_ca._accessAllowed(Credentials_ca.java:343)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:400)
       at com.wles.arme.CredentialsImpl._accessAllowed(CredentialsImpl.java:422)
       at com.wles.arme.CachingCredentialsImpl._accessAllowed(CachingCredentialsImpl.java:225)
       at com.wles.arme.CredentialsImpl.accessAllowed(CredentialsImpl.java:452)
       at com.wles.arme.CachingCredentialsImpl.accessAllowed(CachingCredentialsImpl.java:68)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.ARMEisAccessAllowed(AuthorizationProviderImpl.java:977)
       at com.bea.security.providers.authorization.asi.AuthorizationProviderImpl.isAccessAllowed(AuthorizationProviderImpl.java:347)
       at com.bea.security.ssal.micro.MicroAuthorizationManagerWrapper.isAccessAllowed(MicroAuthorizationManagerWrapper.java:73)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed_internal(AuthorizationServiceImpl.java:914)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:745)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:668)
       at com.bea.security.impl.AuthorizationServiceImpl.isAccessAllowed(AuthorizationServiceImpl.java:622)
       at com.bea.security.AuthorizationService.isAccessAllowed(AuthorizationService.java:365)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.wait4OESRuntimeDBPolicyRefreshCompletion(OESRuntimeProxy.java:263)
       at oracle.security.am.common.policy.runtime.provider.oes.proxy.OESRuntimeProxy.init(OESRuntimeProxy.java:193)
       at oracle.security.am.common.policy.runtime.provider.oes.OESPolicyRuntimeProvider.init(OESPolicyRuntimeProvider.java:167)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getNewInstance(PolicyRuntimeFactory.java:162)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.init(PolicyRuntimeFactory.java:93)
       at oracle.security.am.common.policy.runtime.PolicyRuntimeFactory.getPolicyRuntime(PolicyRuntimeFactory.java:84)
       at oracle.security.am.common.policy.util.PolicyComponentLifecycle.initialize(PolicyComponentLifecycle.java:100)
       at oracle.security.am.lifecycle.ApplicationLifecycle.initComponentBootstrap(ApplicationLifecycle.java:156)
       at oracle.security.am.lifecycle.ApplicationLifecycle.contextInitialized(ApplicationLifecycle.java:86)
       at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
       at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1868)
       at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3154)
       at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1518)
       at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:484)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
       at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
       at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
       at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
       at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:671)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
       at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:212)
       at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:59)
       at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicDeployment.java:184)
       at weblogic.deploy.internal.targetserver.BasicDeployment.activateFromServerLifecycle(BasicDeployment.java:361)
       at weblogic.management.deploy.internal.DeploymentAdapter$1.doActivate(DeploymentAdapter.java:51)
       at weblogic.management.deploy.internal.DeploymentAdapter.activate(DeploymentAdapter.java:200)
       at weblogic.management.deploy.internal.AppTransition$2.transitionApp(AppTransition.java:30)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:261)
       at weblogic.management.deploy.internal.ConfiguredDeployments.transitionApps(ConfiguredDeployments.java:220)
       at weblogic.management.deploy.internal.ConfiguredDeployments.activate(ConfiguredDeployments.java:169)
       at weblogic.management.deploy.internal.ConfiguredDeployments.deploy(ConfiguredDeployments.java:123)
       at weblogic.management.deploy.internal.DeploymentServerService.resume(DeploymentServerService.java:180)
       at weblogic.management.deploy.internal.DeploymentServerService.start(DeploymentServerService.java:96)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
  We appreciate your support in solving the case. Thanks...
  JLK
  Edited by: JLK on Nov 30, 2012 9:43 AM

  Hi Viju,
  Did you executed the python script to register OPSS. If not then you will get the mentioned error:
  I have mentioned couple of workarounds. Can you try those and let me know the results. Take the backup of your entire environment before you follow the steps:::
  1. For the ARME issue patch can be applied for 11.1.2
  OAM Bundle Patch Release History (Doc ID 736372.1)
  Yes. This is a benign message. ( the ARME issue)
  OAM 11R2 After Upgrade The Managed Server Start With Error ArmeRUNTIME Exception: Null (Doc ID 1509559.1)
  The other issue is under investgation and is benign.
  <oracle.adfinternal.view.faces.renderkit.rich.RegionRenderer> WARNING when accessing oamconsole (Doc ID 1511967.1)
  The final message is spoken to here:
  WLS 10.3.3: "Auto-Ref-By: WebApp" deployed as shared library is affecting other web applications. (Doc ID 1210393.1)
  Action Plan:
  =========
  1. For the ARME issue patch can be applied for 11.1.2
  OAM Bundle Patch Release History (Doc ID 736372.1)
  Hope this helps.

• Siebel Integration with SUN Access Manager

  Hi Guys,
  We are trying to integrate siebel with Sun access Manager.
  I have gone thro the sun site but unable to find any documentation and policy agent to download.
  Please guide me where can i find documenttaion and policy agent software download.
  Thanks
  Regards,
  Mohit

  There is no agent to integrate with Siebel directly. However it should be possible by using Sun web server or IIS agent. Here is an old document that may still apply.
  http://docs.sun.com/source/816-6901-10/Chapter.html#wp19548
  There was more detailed integration document on Siebel web site. But it has been removed after Oracle acquisition (http://www.siebel.com/partners/portal/docs/integrationbriefs/siebel77_sjsam_tib.pdf)
  thanks,
  shivaram

• Integrated windows authentication with Oracle access manager 10g

  Hi SSo guys,
  Our project requirement is as follows:
  We have two applications Ebiz 11.5.10.2 and OBIEE10g and we are supposed to integrate IWA for both the applications
  so as per the below note OAM integration with IWA only works for the applications using IIS.
  So can we protect both the applications in OAM 10g and point those applications to two html pages say http://IIS hostname/ebiz and http://IIS hostname/OBIEE and protect those two resorces in OAM suing IIS webserver?
  As per the note :
  Doc ID 1072204.1 specify
  Excerpt from this doc:
  #-begin-
  OAM accomplishes IWA by using an OAM Webgate on the IIS Web Server that uses a hidden feature of external authentication to get the REMOTE_USER header variable value and map it to a DN for the ObSSOCookie generation and authorization. Behind the scenes, the IIS WebGate utilizes the UseIISBuiltinAuthentication parameter, by default, this value is false. IWA can only be achieved when this attribute is set to true on an IIS WebGate. This is not a valid parameter for any other OAM WebGate.
  #-end-

  It should be this way:
  Ebiz:
  1. Integrate OAM with OASSO
  2. Register OASSO and OID with Ebiz11.5.10.2
  3. Protect the resource in OAM
  4. Verify if authentication is successful for this resource.
  Obiee:
  1. Integrate OBIEE with OAM
  2. Verify if authentication is successful for this resource.
  IWA:
  1. Install IIS webser and webgate
  2. Create authentication scheme which protects / of IIS web server.
  Create a Form Authentication Scheme(this scheme should protect OBIEE and EBiz resource) which will have challenge redirect to IIS web server where IWA is configured and / is protected.
  Login Flow:
  1. User tries to access ebiz or obiee resource.
  2. Form Authentication Scheme will challenge redirect to IIS web server where IWA is configured.
  3. As IWA is configured. User will be automatically get ObSSOCookie.
  4. User gets redirected back to the requested resource.
  There is a My oracle support doc which talks in details about this setup.

• Hyperion integration with Tivoli Access Manager

  Hello All:
  Does Hyperion supports using pre-authenticated users from IBM Tivoli Access Manager. Please can you point me to any documentation explaining the integration procedure.
  TIA.

  Suggest you read sections 2,3,4 of the below document:
  http://download.oracle.com/docs/cd/E10530_01/doc/epm.931/hyp_security_guide.pdf
  It doesn't come out and say that this type of agent is supported -- you can potentially log a case with Oracle and they may be able to answer you however as it's not documented I would suggest it's not supported.
  If you decided to go forward with this then you need to find someone else who is using it successfully and ask them how it is working out.
  Presuming they didn't change too much from 9.3.1 to 11.1 (9.5) then you will find many many issues with SSO working.
  IT saving a user a login box or two and making the application non-usable just isn't a good direction to go.
  John

• How to integrate Oracle identity Federation with Oracle Access Manager

  Hi Experts
  I need to integrate OIF(11.1.1.6.0) with OAM(11.1.2). My use case is as follows:
  Things done:
  1) OAM is integrated with an OID (OID1) and OIF is integrated with another OID (OID2)
  2) Able to authenticate the users of OID1 via OAM for my ADF applications.
  Things to be done:
  1) Need to forward the details of unauthenticated user from OAM to my OIF for authentication (i.e., OAM cannot authenticate OID2 users, in such case the details have to be forwarded)
  Looked into so many posts but not done with the integration. Can anyone help me please.. Stuck with this for the last 3 days
  Thanks
  Gopi

  Hi,
  Yes Depot Repair is a module, and you can enable this module if already not enabled using the License Manager. Oracle Depot Module carries the short name CSD.
  In additin to the above, also refer the implementation guide:
  http://docs.oracle.com/cd/B34956_01/current/acrobat/120csdig.pdf
  In order to license a product in Oracle using License Manager, please see following:
  http://myappsdba.com/how-to-license-a-new-product-in-oracle-applications/
  http://www.appsdba.info/docs/oracle_apps/R12/License_Manager.pdf
  Also see:
  How To Use OAM To License JA (Asia/Pacific Localizations), JE (European Localizations), JG (Regional Localizations) and JL (Latin-American Localizations) in Oracle Applications ? (Doc ID 351900.1)
  Thanks &
  Best Regards,

• Java class integration with Oracle Identity Manager 9.1.0.2

  Hello Friends,
  I have a java class that is responsible for sending notifications, my question is how do the relationship of this class with the Oracle Identity Manager 9.1.0.2 so you can take the class and notify users when an application is approved or rejected.
  Any recommendation for this process.
  Thanks for the support
  Edited by: JLK on Jun 12, 2012 5:20 PM

  Hi
  Java class integration with OIM happen through concept of adapters. You can go through OIM documentation of how to create adapters.
  In your case you should create a process task adapetrs adn attach it on the Approved response code in your approval process.
  Desingn Console --> Process management --> Process definition --> <Apprlication Process Ex: AD User>.
  Alternatively you can also send notification using OIM OOTB email templates.
  Regards
  user12841694

• Regarding OBIEE Integration With Oracle EBS

  Hi All,
  I have installed BIAPPS (7.9.6.1) (components installed are 2 11g DBs (one is OLTP and other is OLAP) on RHEL 4, Oracle Application Server 10g, Informatica Power Center , DAC and OBIEE). After that i need to integrate the OBIEE with Oracle EBS. I have installed 11.5.10.2. I upgraded the database to 10g R2 and applied patch ATG 6 (Pre reqs of Integration).
  Steps Which i have done for integration:-
  I installed Financial module in Biapps. Made changes to that pre built rpd ie:OracleBIAnalyticsApps.rpd using Administrations tool. I have created datasource for EBS and given in connection pool. Similarly in dataware house connection pool also. When i test from Administration tool means Init Block > EBS Security context > Edit datasource. When i click on test the datasource i am getting error NQ_SESSION.ICX_SESSION_COOKIE* has no value definition.*
  I copied that rpd linux box where my OBIEE server resides and changed the rpd name in NQSConfig.INI. I added the oracle_home and tnsadmin etc in user.sh file. I added the dsn names which i created the same in windows in odbc.ini file. But NQServer.log says
  *[nQSError: 43059] Init block 'LAST_SYND_DS_YTD_QTD': Dynamic refresh of repository scope variables has failed.*
  *[nQSError: 17001] Oracle Error code: 12154, message: ORA-12154: TNS:could not resolve the connect identifier specified*
  at OCI call OCIServerAttach.
  *[nQSError: 17014] Could not connect to Oracle database.*
  Please let me know any solution for this.
  Thanks,
  Manikandan

  hi Manikandan,
  Please check the tns entries for the connection pool that u assigned for LAST_SYND_DS_YTD_QTD
  thanks,
  saichand

• HP PPM - Oracle Access Manager (OAM) Integration

  Dear all,
  We are planning to integrate HP PPM with OAM for user authentication.
  Please let us know the possibility of having this integration to be performed.
  Thanks & Regards,
  Chandru

  We are also facing the same issue. Have you resolved that issue?
  Any help would be appreciated.
  Thanking You
  Kiran Thakkar

• Is it possible to ingrate microsoft live@edu with oracle Access manager

  can we implement SSO with Microsoft live@edu using OAM ?
  if yes ,is there any documentation available ?

  This forum is for Oracle Authentication Services for Operating Systems, in other words OID/LDAP authentication for UNIX/Linux systems.
  You are more likely to get an answer in the [Identity Management Forum|https://forums.oracle.com/forums/forum.jspa?forumID=47] .