Oracle SSP as a Partner Application

I've got few questions.
1- How do I get information regarding the configuration of Oracle Self Service Purchasing ( Release 11i) as a Partner Application?
2- I'm working on 3.0.8 release but I can't find the "Oracle 9iAS Single Sign-On Application's Developer Guide" paper related.
On-line I found the one for the Release 3.0.6 and 3.0.9!
3- Are there any warnings about the release allowed to that process configuration?
Thanks in advance

Having XE on a stick being absurd or not. is it
technically possible. Just to be able to do things
that you couldn't do before. Maybe it's a waste of
time. But doesn't alle learning look like a waste of
time in the first place :-) When you play around a
discover new things you may be able to help others
later on.Hi Nicolai!
If you take a look on my post I accent: that's my opinion.
I done (as a student) also sometimes things that others looked as absurd.
E.g. Oracle database for all comets in human history with orbital calculations, etc.
I'm thinking now more on "production level" - on "student level" everything is OK where you learning new things...
Cheers!

Similar Messages

Registering a Partner application with Oracle SSO 10gR2

Hi Everybody
I'd like to ask a question around registering a partner application with Oracle SSO.
I have entered my home_url, logout_url and cancel_url e.g. home_url is https://vevopuitest1.co.uk/vevo_test1 and so on for the other fields.
When I save the details some information is automatically created e.g. Site Id, Site Token etc.
The bit that I am particularly interested in are the fields Single Sign-On URL and Single Sign-Off URL.
For my purposes these fields are respectively: https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_login and https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_logout
My questions are:
1. Where do these values come from?
2. Can I view them anywhere, say, in Oracle Directory Manager or using ldif queries?
I would like to be able to verify these values.
Many Thanks
Andy

I'm afraid this won't answer your question completely, but AFAIK in principle it does not matter on which machine SSO is running, as long as it passes the user id and credentials properly through the HTTP Header. Even more: in practice it is very common to have SSO running on a different machine than where your app runs.
So what I would do is find out how to use ADF Faces with SSO. Perhaps someone else can provide pointers on that.
Jan Kettenis

Getting Logged on User'Information in an Oracle-Form SSO Partner Application

Hi.
I could run Flight-of Fancy Application and capture user's information by calling the
"Parse_cookie " Procedure.(use the Scenario 2 - Access the Portal and then the FOF App)
and defined an Oracle-Form application as Partner application like FOF.
I want to have Logged on user'Information in the "Oracle-Form" . But the Fucntion owa_cookie.get dosen't work correctly.please let me know what can I do ?
Thanks in advanced.

Hi.
I could run Flight-of Fancy Application and capture user's information by calling the
"Parse_cookie " Procedure.(use the Scenario 2 - Access the Portal and then the FOF App)
and defined an Oracle-Form application as Partner application like FOF.
I want to have Logged on user'Information in the "Oracle-Form" . But the Fucntion owa_cookie.get dosen't work correctly.please let me know what can I do ?
Thanks in advanced. If you're writing your own partner application, then you are correct to get the user information from the output variables
from the parse_url_cookie procedure. You should then set the information you want to keep track of in the cookie, or combination
of cookie and persistent storage in the database. Take care of the security implications while doing this.
On subsequent calls to your application, the user info should be obtained from the cookie and the database, if you
are using a combination of the cookie and database storage to keep your info.
The owa_cookie.get routine is used to read the cookie, which is generated with owa_cookie.send.
These routines work fine, when invoked correctly.
If you are having trouble with them, you're probably not using the calls properly.
The following code provides an example of how to use the owa_cookie calls...
create or replace package testcookie
is
    procedure show (p_name IN VARCHAR2);
    procedure send
        p_name    IN VARCHAR2,
        p_value   IN VARCHAR2,
        p_path    IN VARCHAR2 default null,
        p_expires IN VARCHAR2 default null
end testcookie;
show error package testcookie
create or replace package body testcookie is
    procedure show (p_name IN VARCHAR2) is
        v_cookie owa_cookie.cookie;
    begin
        v_cookie := owa_cookie.get(upper(p_name));
        htp.htmlopen;
        htp.bodyopen;
        htp.print(v_cookie.vals(1));
        htp.bodyclose;
        htp.htmlclose;
    exception
        when others then
            htp.htmlopen;
            htp.bodyopen;
            htp.print('NO COOKIE FOUND.');
            htp.print(SQLERRM);
            htp.bodyclose;
            htp.htmlclose;
    end;
    procedure send
        p_name    IN VARCHAR2,
        p_value   IN VARCHAR2,
        p_path    IN VARCHAR2 default null,
        p_expires IN VARCHAR2 default null
    is
        v_cookie owa_cookie.cookie;
        l_agent varchar2(30);
        l_expires varchar2(30);
        l_path varchar2(100);
    begin
        if p_expires is null then
            l_expires := null;
        else
           l_expires := to_date(p_expires, 'MMDDYYYY');
        end if;
        if p_path = 'ALL' then
            l_path := '/';
        else
            l_path := null;
        end if;
        owa_util.mime_header('text/html', FALSE);
        l_agent := owa_util.get_owa_service_path;
        l_agent := substr(l_agent, 1, length(l_agent) - 1 ) ;
        owa_cookie.send(
            name    => upper(p_name),
            value   => p_value,
            expires => l_expires,
            path    => l_path
        owa_util.http_header_close;
        htp.htmlopen;
        htp.headopen;
        htp.headclose;
        htp.bodyopen;
        htp.print ('Cookie set.');
        htp.bodyclose;
        htp.htmlclose;
    end;
end testcookie;
show error package body testcookie;
grant execute on testcookie to public;If you load this into a schema which a DAD can access, then you can invoke the show and send procedures to view and
generate cookies.
To generate a cookie, issue the following from your browser ...
http://server.domain.com/pls/dad/schema.testcookies.send?p_name=test&p_value=hello
To view the cookie:
http://server.domain.com/pls/dad/schema.testcookies.show?p_name=test

ApEx 2.1.0.00.39 as Partner Application in Oracle AS Single Sign-On

Hi,
I've installed the last Application Express 2.1.0.00.39 (oracle-xe-10.2.0.1-1.0.i386.rpm and oracle-xe-univ-10.2.0.1-1.0.i386.rpm) but, when I try to "create an authentication scheme" for configure an ApEx application to use SSO under
Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Create Authentication Scheme
in the second step of the procedure I don't find the choice "Oracle Application Server Single Sign-On (Application Express engine as Partner App)".
I found only these:
- Show Built-In Login Page and Use Open Door Credentials
- Show Login Page and Use Application Express Account Credentials
- Show Login Page and Use Database Account Credentials
- Show Login Page and Use LDAP Directory Credentials
- No Authentication (using DAD)
even if under the help voice "V Information" the others two are describes:
Oracle Application Server Single Sign-On (Application Express engine as Partner App) delegates authentication to the Oracle Application Server Single Sign-On (SSO) Server. This Application Express site must have already been registered as a partner application with the SSO server. For more information, contact your administrator.
Oracle Application Server Single Sign-On (My application as Partner App) delegates authentication to the SSO server. In this case, you must register an application with SSO as a partner application. See the next page for more details.
Does Someone know how to resolve it?
Thanks
Emanuele

Thanks for all your help Scott
I've added the -PORTAL_SSO- .....
After this I've had a new problem same to this: Re: SSO Authentication Not Working
"get the error below and it then directs me to http://hostx/htmldb/f? and the "p=" is missing"
But after a lot of tests I discovered where was the problem: "The apache configuration for the proxy!!"
This an extract from the installation doc :
SetEnv force-proxy-request-1.0 1
ProxyPass /htmldb http://127.0.0.1:8080/htmldb
ProxyPassReverse /htmldb http://127.0.0.1:8080/htmldb
ProxyPass /i http://127.0.0.1:8080/i
ProxyPassReverse /i http://127.0.0.1:8080/i
ProxyPass /sys http://127.0.0.1:8080/sys
ProxyPassReverse /sys http://127.0.0.1:8080/sys
where you replace 127.0.0.1 with the name OR ip address of your XE installation. 8080 is the default http port of your XE installation. "
Well, I used the IP ADDRESS and in the @regapp > listener_token the NAME!!! (HTML_DB:servername.domain:80)
I changed the IP ADDRESS with the NAME, restarted the httpd service and now all works fine.
Emanuele

Creating partner application in Oracle

$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path <oracle_home_path>
-config_sdk_papp TRUE -site_name SSO_APEX
-home_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-success_url http://hal-00-dbs-08.hal.net:7777/pls/apex/wwv_flow_custom_auth_sso.pro
cess_success
-logout_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-u cn=orcladmin
-papp_schema <apex schema>
-cancel_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-papp_schema <apex schema> what goes here?

Please tell us your first name and update your forum profile with it to assist us. Thanks.
Where did you get that script and what are you trying to do, exactly (generally, I got that your aim is "creating partner application in Oracle").
Scott

Creating partner application in Oracle Portal

$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path <oracle_home_path>
-config_sdk_papp TRUE -site_name SSO_APEX
-home_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-success_url http://hal-00-dbs-08.hal.net:7777/pls/apex/wwv_flow_custom_auth_sso.pro
cess_success
-logout_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-u cn=orcladmin
-papp_schema <apex schema>
-cancel_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-papp_schema <apex schema> what goes here?

Please tell us your first name and update your forum profile with it to assist us. Thanks.
Where did you get that script and what are you trying to do, exactly (generally, I got that your aim is "creating partner application in Oracle").
Scott

SSO to partner application running under IIS

Hi,
We have a complete set-up for 9iAS Release2 where some applications are running. In parallell we have an application running under IIS, and would now like to enable the IIS application as a partner application to 9iAS letting the 9iAS SSO server handle the authentication.
In the documentation of Oracle Proxy Plug-in I read that this proxy plug-in can be used to proxy requests from IIS to Oracle http server (OHS) and also in this way enable SSO.
My question is if this can be done only for applications running under 9iAS but having IIS as web server, or if it is also possible like in our case to enable SSO via the proxy plug-in to applications runnind under IIS?
If this is not supported is the only available solution to use the SSO SDK in my IIS application?
Thanks and regards,
Rikard

Here's a DIY answer.
See Metalink Note 269820.1 which shows you how to use Perl to overwrite the host name in the HTTP header and remove the port number.

HOW TO SET UP PARTNER APPLICATION TO USE SSO OUTSIDE OF PORTAL

If anyone knows how Portal switches context to run as the db user mapped to the lightweight schema and how it knows the db schema password please let me know.
Should you have any queries please do not hesitate to contact me on 07775 896738.
From document Oracle Portal Security Overview on PortalStudio.oracle.com:
In Single Sign On mode (EnableSSO=Yes in the DAD), mod_plsql determines the name of the light-weight user and mapped database schema by calling
WPG_SESSION_PRIVATE.GET_LW_USER and WPG_SESSION_PRIVATE.GET_DB_USER respectively.
** These calls are done using the Portal Schema (PORTAL30) and Portal schema password **
mod_plsql then executes the procedure in the requested URL by using the N-Tier Authentication feature to connect to the database as the user returned from
WPG_SESSION_PRIVATE.GET_DB_USER. ..... Note that N-Tier Authentication requires all schemas to be used for Portal user mappings to be granted 'connect
through' privleges to the Portal schema (PORTAL30).
The WWCTX packages are also used.
So this is how it works with standard Portal
- the document states that the WPG_SESSION_PRIVATE package is only accessible to the Portal schema
- but I checked and it is also available to PORTAL30_SSO
SQL> desc WPG_SESSION_PRIVATE
PROCEDURE CREATE_SESSION
Argument Name Type In/Out Default?
P_COOKIE_NAME VARCHAR2 IN
FUNCTION GET_DB_USER RETURNS VARCHAR2
FUNCTION GET_LW_USER RETURNS VARCHAR2
PROCEDURE GET_SESSION_INFO
Argument Name Type In/Out Default?
NUM_PARAMS NUMBER OUT
PARAM_NAMES TABLE OF VARCHAR2(32000) OUT
PARAM_VALUES TABLE OF VARCHAR2(32000) OUT
PROCEDURE RESET_SESSION
Argument Name Type In/Out Default?
P_COOKIE_NAME VARCHAR2 IN
In my case only the Login Server (PORTAL30_SSO) is going to be used/installed
- the SAMPLE_SSO_PAPP application will only work if the DAD used to access is it set to use Basic authentication, i.e. the actual integration with the Login Server
is done in the sample application code calls, stored in the database
- when a DAD has enableSSO=yes it automatically accesses Portal (PORTAL30) packages to implement N-Tier authentication
I'm currently testing:
1. Configuring the SAMPLE_SSO_PAPP sample as documented with a DAD with Basic authentication
2. Amending the ssoapp procedure to set context to another (db) user on successful authentication:
wwctx_api.set_context (
p_user_name => 'SCOTT',
p_password => 'TIGER' );
3. If this works then set_context with get_lw_user instead
I have now amended the ssoapp procedure as follows to print out
1. The userid entered when the login box is presented
2. The Database user which the Portal Lightweight user is mapped to
3. The Lightweight user Portal has used for authentication
Amendments to papp.pkb:
(ssoapp procedure, declare db_user_info and lw_user_info as VARCHAR2 in declare section)
htp.p('Congratulations! It is working!<br>');
db_user_info := wwctx_api.get_db_user;
lw_user_info := wwctx_api.get_user;
htp.p('User Information:' || l_user_info || '<br>');
htp.p('DB User Information:' || db_user_info || '<br>');
htp.p('LW User Information:' || lw_user_info || '<br>');
The following shows the interesting results from my testing:
- if the user owning the sample_sso_papp package is PORTAL30_SSO then the call to wwctx_api.get_db_user succeeds
- if the user owning the sample_sso_papp package is a non-portal schema e.g. SSOAPP below the call to wwctx_api.get_db_user generates a User Defined exception
Steps to test:
Created new schema SSOAPP on the database
- edited it in Portal and checked the use this schema for Portal users checkbox
- created new Lightweight user SSO_LW in Portal, mapped it to SSOAPP schema
- created new Lightweight user SSO_SCOTT in Portal, mapped to SCOTT schema
- loadjava -user ssoapp/ssoapp@portal30 SSOHash.class
- sqlplus portal30/portal30@portal30
@provsyns ssoapp
- sqlplus ssoapp/ssoapp@portal30
@loadsdk.sql
@loadpapp.sql
Created DAD with basic authentication SAMPLE_SSO_PAPP
- username: ssoapp
- default home page: sample_sso_papp.ssoapp
Registered the Sample SSO Partner Application with the Login Server and ran regapp.sql
Commented out the calls to get_db_user in papp.pkb to avoid exception
- called http://<server>/pls/sample_sso_papp
- logged on as SSO_LW/sso_lw
- got output:
Congratulations! It is working!
User Information: SSO_LW
LW User Information: PUBLIC
So the Portal lightweight user is not returned as SSO_LW
if anyone knows why the Lightweight User in my test is returned as PUBLIC not SSO_LW
Best Regards
MIchael

http://support.mozilla.com/en-US/kb/Changing+the+e-mail+program+used+by+Firefox

SSO for partner applications

Hi All,
I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
Thanks,
Swaroop

See Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
See the following for information about what to specify on each page.
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341

SSO userid for a partner application

Hi,
We have one application deployed on WebLogic Application Server this is registred as Partner application over SSO server.
On application side we have installed Oracle HTTP Server as webserver and configured mod_osso.
Now when user attempt to access any secured page SSO askes for the authentication. And on successful login user landed back to application page configured while creating Partner application.
After login we need userid of user who logged in on sso server. I have tried following and getting null.
Remote User: <%=request.getRemoteUser() %>,
     Proxy-Remote-User: <%=request.getHeader("Proxy-Remote-User") %>
     Osso-User-Dn: <%=request.getHeader("Osso-User-Dn") %>
     Osso-User-Guid: <%=request.getHeader("Osso-User-Guid") %>
     Osso-Subscriber: <%=request.getHeader("Osso-Subscriber") %>
     Osso-Subscriber-Dn: <%=request.getHeader("Osso-Subscriber-Dn") %>
     Osso-Subscriber-Guid: <%=request.getHeader("Osso-Subscriber-Guid") %>
     Accept-Language: <%=request.getHeader("Accept-Language") %>
output:
Remote User: null,
Proxy-Remote-User: null
Osso-User-Dn: null
Osso-User-Guid: null
Osso-Subscriber: null
Osso-Subscriber-Dn: null
Osso-Subscriber-Guid: null
Accept-Language: en-us,en;q=0.5
Is any one there knows, what exactly i should do?
Thanks & Regards,
Kevin Chheda

So the user has successfully authenticated and can access protected areas of the application?
Have you tried using Http headers to see values/attribute names?
Can you try this:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<body>
<%@ page import = "java.util.*" %>
<h1>Headers received:</h1>
Remote user header is: <% out.println(request.getRemoteUser()); %>
<p>
<table>
<%
Enumeration headerNames = request.getHeaderNames();
while(headerNames.hasMoreElements()) {
String headerName = (String)headerNames.nextElement();
out.println("<tr><td>" + headerName);
out.println(" <td>" + request.getHeader(headerName));
%>
</table>
</body></html>

Partner application single sign-on and Oc4j

hello,
I'm trying to test portal's partner application single sign-on, following the examples inside the "Oracle9 iAS Single Sign-On Application Developers Guide":
With Tomcat as jsp engine everything works fine, but with Oc4j when I try to enter the protected jsp page i have this exception:
oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved
     at SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java:153)
     at SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java:57)
     at /protetta.jsp._jspService(/protetta.jsp.java:37) (JSP page line 4)
Any suggestion?
Thanks in advance.

I get the same problem with my partner application. It runs fine on JServer but I get the following problem on oc4j:
oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved
at oracle.br.aerochain.sso.SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java, Compiled Code)
at oracle.br.aerochain.sso.SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java, Compiled Code)
at /jsp/papp.jsp._jspService(/jsp/papp.jsp.java, Compiled Code)
at com.orionserver[Oracle9iAS (9.0.2.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpApplication.serviceJSP(HttpApplication.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.JSPServlet.service(JSPServlet.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java, Compiled Code)     at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java, Compiled Code)
Did anyone get a solution for this?
TIA

Partner application logoff not working

We have a partner application registered with sso with custom login screen. The login works fine. We use the following code to logoff the partner application in logoff.jsp
response.setHeader("Osso-Return-Url", "http://my.oracle.com" );
response.sendError(470, "Oracle SSO");
session.invalidate();
but the logoff is not working properly. It is not invalidating the session and the logout http request is not going from the application server to the sso server.
Are there any additional configurations for SSO logoff.Any help is appreciated.
Thanks

Hi
The WF should also trigger if i add the Partner function in UI.If i change any Attribute the WF triggers but i dont want to change the attribute when i add the partner function.
If i have only one event for WF that is Partner Change the WF will not trigger it for the 1st time when i save the UI. But next i come to the same saved doc and add a partner function then the Wf triggers.
So this means that Partner change is active.
the issue here is i need to trigger the WF on , the 1st time i save the UI, for which i wil be using Attribute Change and next time when i come back to saved doc the and add only the partner function and no changes are made to attributes the WF should again trigger.
Thanks
Tarmeem

Partner application and web clipping.

Hi All,
I am trying to add an external application (say my.yahoo.com) to a webclipping and its throwing the below error in the application log.
WC-517 : SSL handshake failed with the url ...
I have checked the file ca-bundle.crt and the certificates are in place. Does anybody know how to go about debugging this problem as I am quite new to portals and at my wits end to solve it.
Also I would be greatful if anybody can suggest me the steps on adding an Apex application configured as partner application with SSO authentication to a web clipping.There seems to be little or no-documentation at all in this regard(as far as my search goes).
Thanks in advance
-Venkat

I finally got it working by VERY CAREFULLY reading the instructions in the install.txt document in the SSO SDK package. You have to set up the partner application with a new schema in the login server database, and run the regapp.sql script AFTER editing it to insert data from the Login Server Partner Application admin screen. After you register the partner app in Portal, it gives you some info (site token, listener token, encryption key, etc). You have to MANUALLY copy these and paste them into the regapp.sql script, then run the script in the partner app schema. Make sure you don't confuse capital I with numeral 1 (like I did, since Oracle so nicely uses a non-serif font where you can not tell the difference).
Also make sure you copy the exact values for these parameters into your code when you use the SSOEnabler class. The listener token was very confusing since different documents appear to disagree on whether it should include the partner app name or not. It does require the partner app name:
app-name:hostname:port
hostname and port are for the web server that is handling http requests for the login server (usually your main portal web server).
John H.

Partner application configuration is missing error on SSO login page

We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Following a link to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly, of course!) then the APEX application is shown. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on Metalink or anywhere else on the Internet. Any ideas? I'm concerned that we have a misconfiguration somewhere that is causing this error and will affect any other partner application we setup in the future.
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup on both infra and mid tiers.

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

Partner Application in SSO logout does'nt synchronize

Hi All,
I've setup two separate application on different workspace and different server as partner Application. I've follow the instruction from http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html
. And everything working fine, but the "logout" seen doesn't work correctly.
Example: I'm login to Application "A" from single sign on homepage, after enter username and password, it direct me to Application "A". After that, i've click on Application "B" which also located on single sign on homepage and direct me to application "B" (that's correct). When I clicked on the "logout" link in Application "A" it work fine, but the other Application (B) doesn't log me out. I can do the normal work on Application "B" even the Application "A" already logout.

Hi Scott,
Thank you for your reply. I've read the two link above and I don't figure out how to resolve my problem yet. From the link: Logout URL for 9iAS SSO Partner App
you said:
Steve - Here's a logout URL that unsets the app's session cookie first, then goes to Single Sign-off, then back to a public page in the app:
https://host:port/pls/DAD/wwv_flow_custom_auth_std.logout_then_go_to_url?p_args=&APP_ID.:https://login.yourlogin.com/pls/orasso/orasso.wwsso_app_admin.ls_logout?p_done_url=https://host:port/pls/DAD/f?p=&APP_ID.:PUBLIC_PAGECan set the authentication schema logout URL of application "A" something like: unsets app's session cookies first, then goes to Single Sing-off, then goes to Application "B" sign-off, and then back to a public page in the app. That way will be logout the Application "A", logout the Single Sign-On, and logout the Application "B" when i click on the "logout" link from Application "A". Am I correct?
The other question is how can i get the SSO cookie. I've used the owa_cookie.get('cookie_name') function, but it doesn't work for SSO.
Thanks,
Kevin

Oracle SSP as a Partner Application

Similar Messages

Maybe you are looking for