Oracle -- SSO (single signon)

I am planning to use Oracle's SSO to setup multiple apps that pass login info from one app to the other when building an ERP with OrderEntry, AP, GL, Warehousing, Food Production Scheduling, etc.
Can I post my 5MB app and pay you to
show me how to add another app OR do you
have any sample apps or URLs you can post
so I can learn ?

Hi,
you could read the Oracle Application Server documentation and get this for free. Oracle SSO is configured on the OracleAs and doesn't need anything special on the application. You just implement J2EE container managed security using basic authentication.
Documentation is at: otn.oracle.com
Frank

Similar Messages

  • Siebel Single SignOn

    Hi,
    I would like to know what options are available for providing Single Signon for Siebel? I know that Siebel can be intagrated with OAM for SSO. Can Siebel be integrated with Oracle Application Server Single Signon? If so what version and any links to information would be very helpful.
    Thanks

    Hi Marcus,
    You can use IISProxy in order to obtain Sigle Sign-on between Your Windows Network and the portal.
    http://help.sap.com/saphelp_nw04/helpdata/en/07/914e4f02a69f448aeee7263b2a9dc6/content.htm
    If you want more information about how to configure it, send me a email to [email protected]
    Regards.

  • Registering a Partner application with Oracle SSO 10gR2

    Hi Everybody
    I'd like to ask a question around registering a partner application with Oracle SSO.
    I have entered my home_url, logout_url and cancel_url e.g. home_url is https://vevopuitest1.co.uk/vevo_test1 and so on for the other fields.
    When I save the details some information is automatically created e.g. Site Id, Site Token etc.
    The bit that I am particularly interested in are the fields Single Sign-On URL and Single Sign-Off URL.
    For my purposes these fields are respectively: https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_login and https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_logout
    My questions are:
    1. Where do these values come from?
    2. Can I view them anywhere, say, in Oracle Directory Manager or using ldif queries?
    I would like to be able to verify these values.
    Many Thanks
    Andy

    I'm afraid this won't answer your question completely, but AFAIK in principle it does not matter on which machine SSO is running, as long as it passes the user id and credentials properly through the HTTP Header. Even more: in practice it is very common to have SSO running on a different machine than where your app runs.
    So what I would do is find out how to use ADF Faces with SSO. Perhaps someone else can provide pointers on that.
    Jan Kettenis

  • Getting error like "Error in portal_sso_redirect: missing application registration information" while trying to run application using Oracle SSO

    Hi All,
    I am trying to implement SSO authentication for my APEX application. I have registered the application as a SSO partner application.
    I have set the authentication scheme to Oracle Application server Single Sign On.
    When i run the application i am getting the below error.
    Error in portal_sso_redirect: missing application registration information: p_partner_app_name:g_listener_token:HTML_DB:ofss220104.in.oracle.com:5050Please register this application as described in the installation guide.
    Please help me to resolve this.
    Thanks and Regards,
    Suhas

    Suhas,
    After you registered your application as a SSO partner application did you use the information from Oracle SSO (home URL, success URL, Logout URL, app_name etc) and loaded it into the APEX_SSO schema using the regapp.sql script from the ssosdk?
    Step 4 of http://www.oracle.com/technetwork/testcontent/sso-partner-app-100552.html#INSTALL
    Ricker

  • Testing Single Signon partner apps on local dev server

    We're just starting to look at hooking our new webapp into the Single Signon Server. What I don't see, at the moment, is a good way of continuing to test a SSO application on local machines so that it can be accessed through SSO when deployed to the server.
    The application will have to pick up some user information from the signon to decide which data is accessible. Is there some kind of dummy SSO connection, or should I write one? How have people coped?

    Oops! Sorry for multi-posting. Our firewall denied that the posting had happened and I tried again!
    Somebody please delete embarassing duplicates.

  • Oracle SSO error while trying to access a report

    Hi All,
    I am using Oracle 11g reports and forms.My adf application(using JDeveloper 11.1.1.4) will use oracle reports through url.
    From adf application we form a url for the reports like https://<server>:<port>/reports/rwservlet?server=devstage11g&destype=cache&desformat=pdf&report=spore001…
    we send the userid parameter as a hidden parameter in the request as we do not want the userid information to be visible in the URL. It works fine in one environment. But in another environment when we hit the url it always give a page with a single line saying  "Oracle SSO". When we hit the same url with userid parameter appended to it directly, it works fine.
    Checked the configuration difference, but not able to find any difference in the configuration. Please help me to find why it always gives "Oracle SSO" error.
    Thanks,
    Priya.

    Hi ;
    pelase check below which could be similar error like yours
    Troubleshooting of Runtime Errors of Customer Intelligence Reports [ID 284829.1]
    Regard
    Helios

  • Oracle SSO Failure - Unable to process request

    Dear gurus,
    i got problem when accessed ADF application which has registered with SSO, it says that
    "Oracle SSO Failure - Unable to process request
    Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured.
    Please notify your administrator."
    My environment is OAS Cluster front ended by LBR. so everytime i deploy the ADF application then i access it with LBR hostname which is http://oassvr.pelni.co.id, the host of each node it self are oassvr1 for node 1 and oassvr2 for node 2. the hostname that i added on partner applications was LBR hostname (oassvr.pelni.co.id:7777).
    i had done ssoreg OAS 1013 with SSO succeed then i tried to run/access ADF application with url http://oassvr.pelni.co.id:7777/HRd/faces/DepartmentLOV.jspx then i got above error. Please help! these are the error log from http log midtier :
    [Fri Aug 20 10:27:34 2010] [warn] [client 10.1.0.249] [ecid: 1282271254:10.1.0.41:172050:0:3058,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 10:29:08 2010] [warn] [client 10.1.0.249] [ecid: 1282271348:10.1.0.41:282956:0:6409,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 10:38:31 2010] [warn] [client 10.1.0.249] [ecid: 1282271911:10.1.0.41:233572:0:5430,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 11:30:50 2010] [warn] [client 10.1.0.249] [ecid: 1282275050:10.1.0.41:196882:0:3734,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 11:41:17 2010] [warn] [client 10.1.0.249] [ecid: 1282275677:10.1.0.41:286722:0:2897,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 15:43:09 2010] [warn] [client 10.1.0.249] [ecid: 1282290189:10.1.0.41:213462:0:10939,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 17:12:58 2010] [warn] [client 10.1.0.249] [ecid: 1282295578:10.1.0.41:151672:0:5100,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    [Fri Aug 20 17:33:40 2010] [warn] [client 10.1.0.249] [ecid: 1282296820:10.1.0.41:294968:0:9510,0] \n[OSSO] W05: Requested URL is not specified in terms of fully-qualified host name or invalid SSO partner configuration. Host from request oassvr.pelni.co.id:7777, registered host oassvr1:7777.\n
    Regards,
    Andes

    anyone has similar problem ?
    Please help.
    Thanks,
    Andes

  • Oracle SSO Warning Helper!!!

    When I tried to configure and deploy the JAZN demo callerInfo of Oracle9iAS R2. I was able to get the SSO login page, but after I type my user info, i.e., "ray/welcome", I got the following message
    "Oracle SSO Warning - Unable to process request
    Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured.
    Please notify your administrator."
    The domain controller of the Windows NetWork is still under NT4, to use the SSO, is it required the domain controller to run Win2k? How can I work around the fully-qualified host name problem?
    Thanks a lot.

    Please us ethe below workaround
    For Providergroup, webproviders:
    To create providers etc., you have to give privileges to users in the following XML file:
    <OH>/j2ee/OC4J_Portal/applications/portalTools/providerBuilder/WEB-INF/deployment_providerui/provideruiacls.xml
    To give privilege do the following:
    <providerui xmlns="http://www.oracle.com/portal/providerui/1.0">
    <objectType name="ALL_OBJECTS">
    <object name="ANY_PROVIDER" owner="providerui">
    <user name="orcladmin" privilege="500"/>
    <user name="portal" privilege="500"/>
    <user name="any_provider_manage_user" privilege="500"/>
    <user name="any_provider_edit_user" privilege="400"/>
    <user name="any_provider_execute_user" privilege="300"/>
    <user name="any_provider_create_user" privilege="100"/>
    </object>
    <object name="ANY_PORTLET" owner="providerui">
    <user name="orcladmin" privilege="500"/>
    <user name="portal" privilege="500"/>
    <user name="any_portlet_manage_user" privilege="500"/>
    <user name="any_portlet_edit_user" privilege="400"/>
    <user name="any_portlet_execute_user" privilege="300"/>
    </object>
    </objectType>

  • How to merge two Oracle SSO IDs?

    As many have noticed, I have 2 SSO ids: 'Hans Forbrich' that I have had for many years; and Hans Forbrich (alt ID) that was created by the OU group for SSO access to OU sites.
    I'm wondering how to merge these two IDs while retaining the Oracle University Single Sign On capability.

    Have you tried to sign in to OU with the other ID? I
    would think that you would be able to since OU uses
    SSO as well (it may not have in the past).Oh yes. Does not work.
    >
    It may be just a matter of having some OU folks add
    your other account to the database.Not quite that simple. They have a few extra settings, and permissions, tied to the user id. And effective and expiry dates. And ...

  • Single Signon using Trusted Authentication - version 3.0

    There was good documentation on this in version 2 but looks like 3.0 it was just copied and not much added.
    I am using the ISAPI redirector and have figured out the single signon but it logs in to the little window that use to contain the login when no sso is enabled.
    So, what piece am I missing?  Do I need a newer ISAPI redirctor?

    "madhav" <[email protected]> wrote in message
    news:3fa67a2c$[email protected]..
    >
    We are trying to enable single sign-on through perimeter authentication.We are
    trying to
    accomplish the same using DefaultAuthenticator andDefaultIdentityAsserter. We
    have the
    following questions
    1. Weblogic documentation says that the following authentication types aresupported
    username/password, certificate and perimeter. Where do I set the perimeterauthentication
    >
    type Ex: In web.xml, I can specify basic, Form or Client-Cert as the authmethod.
    How do I
    specify that the authentication method is perimeter based.
    You use client-cert. This causes the servlet container to look for identity
    assertion tokens
    in request headers and cookies. There is a CR to separate this from the
    authentication
    method.
    2. How do I create a token for the DefaultIdentityAssertor.
    Upon investigation in the AssertIdentity method of theDefaultIdentityAssertor,
    the code
    snippet from DefaultIdentityAssserterProvideImpl.java is the following
    You define your token format and implementation and then write a
    corresponding
    identity asserter. It handles the tokens, not the default identity asserter.
    >
    Is there a mechanism to generate the token for the AuthenticatedUser tokentype.We
    are
    trying to pass the token as a part of the HTTPHeader using the
    URLConnection.setRequestProperty("AuthenticatedUser",tokenString"). Wetried two
    >
    The authenticated user token type really should have been internal and not
    exposed as
    a token type. Don't use it - define your own token type.
    See the dev2dev security provider samples for an example of how to do this.

  • Tutorial to Develope a Single-signon System using LDAP

    Folks,
    Hello. I have just started to develop a Single-signon security system using LDAP for FSCM and HRMS for my client.
    The only tutorial I get is Chapter 6, 7, and 8 in the document http://download.oracle.com/docs/cd/E05317_01/psft/acrobat/pt849sec-b0307.pdf. It seems it's regarding Oracle Database. But I am using MS SQL Server.
    Can any folks provide a case study or an example or some tutorial regarding developing a Single-signon security system using LDAP for FSCM and HRMS ?

    Connect an Ethernet cable from the Ethernet port in the hotel room to the WAN "O" port on the AirPort Extreme wireless router. An AirPort Express router will work as well for this. So will a Time Capsule.
    http://www.apple.com/wifi/
    Configure the AirPort Exteme to "create a wireless network".
    Configure the AirPort Extreme to operate as a router providing DHCP and NAT service, which is the default configuration of the AirPort Extreme.
    Connect your computer to the wireless network that the AirPort Extreme is producing
    Open your Internet browser. You are on the Internet. If the hotel's log in page appears, enter your credentials and agree to terms, etc.
    Connect any other wireless devices that you have to the same wireless network that the AirPort Extreme is providing
    The hotel network will charge you for one connection.
    This works in just about any hotel where I have ever stayed, but I cannot guarantee that it will work for you.

  • Oracle SSO Warning when creating a Web Provider

    Hi,
    I am getting the following error message when I try to create a new Web Provider in portal:
    Oracle SSO Warning - Unable to process request
    Either the requested URL was not specified in terms of a fully-qualified host name or OHS single sign-on is incorrectly configured. Please notify your administrator.
    I can only see this message in a Mozilla web browser, IE hangs. I have updated the provideruiacls.xml file to include an entry for my portal user with privilege="500".
    Can anyone help?
    Thanks in advance.

    Please us ethe below workaround
    For Providergroup, webproviders:
    To create providers etc., you have to give privileges to users in the following XML file:
    <OH>/j2ee/OC4J_Portal/applications/portalTools/providerBuilder/WEB-INF/deployment_providerui/provideruiacls.xml
    To give privilege do the following:
    <providerui xmlns="http://www.oracle.com/portal/providerui/1.0">
    <objectType name="ALL_OBJECTS">
    <object name="ANY_PROVIDER" owner="providerui">
    <user name="orcladmin" privilege="500"/>
    <user name="portal" privilege="500"/>
    <user name="any_provider_manage_user" privilege="500"/>
    <user name="any_provider_edit_user" privilege="400"/>
    <user name="any_provider_execute_user" privilege="300"/>
    <user name="any_provider_create_user" privilege="100"/>
    </object>
    <object name="ANY_PORTLET" owner="providerui">
    <user name="orcladmin" privilege="500"/>
    <user name="portal" privilege="500"/>
    <user name="any_portlet_manage_user" privilege="500"/>
    <user name="any_portlet_edit_user" privilege="400"/>
    <user name="any_portlet_execute_user" privilege="300"/>
    </object>
    </objectType>

  • Oracle SSO 10g with Oracle WebCenter portal 11g (11.1.1.8)

    My client is having an existing Single Sign On solution  (SSO 10g) and now we are implementing webcenter portal 11g (11.1.1.8).
    The client is going for OID 11g for the new implementation and wants old SSO to be used for single sign on.
    Here's the stack:
    1. Oracle SSO 10g - existing one and client is not interested in upgrading to OIM/OAM 11g.
    2. Oracle OID 11g - new install and client is ready for migration.
    3. Oracle WebCenter 11g - the custom portal whose build is in progress.
    We want to bring the new portal implemention under the SSO umbrella for authentication and authorization.
    The questions are:
    1. Is this discouraged by Oracle? I mean, if you are using 11g for WCP and 11g for OID why not migrate to OIM/OAM 11g ?
    2. Can I configure my new portal for this old SSO? if yes, is there any documentation for it? Are there any limitations/demerits in this approach?
    3. Is there any other bettter way out there which I am not aware of?
    Thanks in advance
    Regards

    Can some one help me on this. Zero responses after a week is

  • Oracle BIEE Single Sign-On

    Can single sign-on be use for Oracle BIEE and another portal application? What is needed to configure the two application? Does Oracle BIEE 10.1.3.2 come with OAS?

    SSO integration is covered in the OBIEE deployment guide. It currently supports two kings of SSO environments:
    1. Oracle SSO (OSSO)
    2. Anything else
    The second option must be able to call the remote user interface but I have not implemented this so can not comment further.
    OSSO refers to use of Oracle Infrastructure with OID and the implementation is quite simple but only follow the chapter on integrating to OSSO and not Oracle Application Server. This is some this else entirely.

  • Forms and single signon

    Hi,
    I have two questions regarding forms9i and single signon:
    1. How do you identifiy which user is logged on from within forms?
    2. How do you get around menu security which is implemented using user roles if all users share a single schema?
    Thanks for your input.
    Regards
    Sajit Kalidas

    Check Get_Application_Property, using this procedure you can get the SSO username. Also depending on this user you then can enable your session roles.
    Cheers, Stefan

Maybe you are looking for

  • Can someone provide direction on sharing an Apple ID for Itunes, but creating a separate Apple ID for Icloud?

    Can someone provide direction on sharing an Apple ID for Itunes, but creating a separate Apple ID for Icloud?

  • How to delete tracks from iOS device?

    Hello! Could somebody help me with a problem? How can I delete tracks, stored in my device memory (im usuing iPhone 4) when itunes match mode turned on? "Swipe to delete" on tracks/artist doesn't work. So the swipe works only when itunes match mode i

  • Posting Vendor Invoice

    Hi. This might be a silly question but i needs to understand. Why shouldn't I use F-02(Document Type SA) to post a vendor invoice ? I am still going to use the same posting keys , GL DR(40) & Vendor Credit(31) . Still my entries are correct and hitti

  • Remaining TextEdit in a tabstrip : known bug ?

    Hi, I use the cl_gui_textedit in a custom control (cl_gui_custom_container) in a subscreen, in the last tab of a tabstrip. (ok, still following ?). Everything is OK, but when I leave the screen and come back on the first tab, the text editor overlaps

  • ITunes import hangs

    I recently purchased a MacBook Pro and I've slowly been importing my CD collection. Most CDs have imported with no issue... except for 3 out of about 200 (so far at least). These albums hang during import... always on the last track... and always wit