OSB 11G - Routing with policy and forwarding authentication headers

Similar Messages

• Oracle Forms 11g SSO with OID and IAM

  What versions of OID and Access Manager are required to get an Oracle Forms and Reports 11.1.1.2 application
  on Weblogic 10.3.2 configured for Oracle SSO using OID authentication?
  We want the OID to store and authenticate Users for username and password logins to the database, then
  ultimately by user Certificate authentication in OID. I have OID 11.1.1.2 installed and SSO enabled for Forms
  in Enterprise Manager.
  Is Access Manager required for Forms SSO with OID authentication to work or just to allow user interaction
  for registration and Password reset?
  Things mention OAM 10.4.3 and others talk about IAM 11g for Forms 11.1.1.2 SSO to work with OID.
  We did this back in Oracle Forms and OID 10g with JSP and LDAP to setup users but I understand 11g is
  different and IAM can help or is required for this type of SSO to work.
  Any help?
  Edited by: Kirch on Apr 30, 2013 7:39 AM

  Hi,
  According to Oracle's certification matrix found at http://www.oracle.com/technetwork/middleware/downloads/fmw-11gr1certmatrix.xls, Oracle Forms 11.1.1.2 is not supported to use any Oracle Access Manager (OAM) version. OAM is a component of IAM. It is only supported with Oracle SSO 10.1.4.x. The best solution would be to upgrade the Forms and Reports environment to either 11gR2 (11.1.2.1) or to the latest 11gR1 patchset 11.1.1.7. Both versions are compatible with OAM 11.1.1.7.0 and OID 11.1.1.7.0 where only Forms 11gR2 (11.1.2.1) is compatible with OAM 11.1.2.0 and OID 11.1.1.7.0. That would be the best solution as we have ran into configuration problems in the past with using Oracle SSO 10.1.4.x.
  Since OID 11.1.1.2.0 is already installed, you should be able to patch it up to 11.1.1.7.0.
  For user authentication in OID, it is required to have OAM or Oracle SSO as both products use WebGate or mod_osso agents for authentication and authorization. For purposes of allowing end users to register accounts and password reset, you will either need to also install another IAM component called Oracle Identity Manager (OIM) or create a customized SSO login page that can be coded to perform these actions. I believe there are some examples available on the Internet.
  Thanks,
  Scott
  http://pitss.com/us

• OSB 11g - Issue with namespace prefix

  Hi,
  I have a requirement that , whenever I call my target system through business service, always the prefix for a namespace should be 's'.
  I added namespace as -
  s : http://www.starstandards.org/STAR
  When I create request message before calling the Business service, the prefix is -
  star:http://www.starstandards.org/STAR
  In OSB 11g, can we control prefix for a namespace?
  Thanks in Advance

  Disable "Use Chunked Streaming Mode" property in business service configuration and test again. By default, this setting remains enabled.
  Regards,
  Anuj

• Routing with Maps and Contacts

  Before 1.1.3 update, I was able to select an address from a contact and use it as source or destination. After installing the 1.1.3 update, nothing gets selected from the contacts while routing with maps.

  Yep...its a glitch of some sort. Go into your contacts and edit the address. Then, select the country from the scroll menu. That should fix it up. Major pain though to do that with every contact for which you have an address.

• Set up new router with DSL and vonage

  I have a dsl modem and also vonage. How do I set up a wireless router with the other two devices? Do I plug the router into the vonage, which is then going to the dsl modem? 

  Mac Migration and Time Machine DO NOT WORK with Cloud program activations due to hidden files
  Sign out of your account... Uninstall... run the Cleaner...
  -Restart your computer... Sign in to your account... Reinstall
  -using the cleaner after uninstalling and before reinstalling is needed
  -http://helpx.adobe.com/creative-cloud/help/install-apps.html (and uninstall)
  -http://helpx.adobe.com/creative-suite/kb/cs5-cleaner-tool-installation-problems.html

• Cisco aironet 1040: create wireless with wpa2 and mac authentication

  Hi,
  I created a wireless network setting "Open Authentication" and setting a wpa2 key: everything works.
  I would also add the filter mac address and then next to Open Authentication I selected "with mac authentication" but I can not connect. The list of mac is specified in the "Advanced Security".
  Can anyone help me? thanks
  Hi,
  I created a wireless network setting "Open Authentication" and setting a wpa2 key: everything works.
  I would also add the filter mac address and then next to Open Authentication I selected "with mac authentication" but I can not connect. The list of mac is specified in the "Advanced Security".
  Can anyone help me? thanks

  ap#show configuration
  Using 2085 out of 32768 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname ap
  logging rate-limit console 9
  aaa new-model
  aaa group server radius rad_eap
  aaa group server radius rad_mac
  aaa group server radius rad_acct
  aaa group server radius rad_admin
  aaa group server tacacs+ tac_admin
  aaa group server radius rad_pmip
  aaa group server radius dummy
  aaa authentication login default local
  aaa authentication login eap_methods group rad_eap
  aaa authentication login mac_methods local
  aaa authorization exec default local
  aaa accounting network acct_methods start-stop group rad_acct
  aaa session-id common
  dot11 syslog
  dot11 ssid Svez
     authentication open mac-address mac_methods
     authentication key-management wpa version 2
  username 00907a0f2a55 password 7 1249554E425C0D542C79257D66
  username 00907a0f2a55 autocommand exit
  username administrator privilege 15 password 7 033449040A0620425A0D15564F42
  username 0025d3db778b password 7 055B565D74481D0D1B52404A09
  username 0025d3db778b autocommand exit
  bridge irb
  interface Dot11Radio0
  no ip address
  no ip route-cache
  encryption mode ciphers tkip
  ssid Svez
  antenna gain 0
  station-role root
  world-mode legacy
  bridge-group 1
  bridge-group 1 subscriber-loop-control
  bridge-group 1 block-unknown-source
  no bridge-group 1 source-learning
  no bridge-group 1 unicast-flooding
  bridge-group 1 spanning-disabled
  interface GigabitEthernet0
  no ip address
  no ip route-cache
  duplex auto
  speed auto
  no keepalive
  bridge-group 1
  no bridge-group 1 source-learning
  bridge-group 1 spanning-disabled
  interface BVI1
  ip address dhcp client-id GigabitEthernet0
  no ip route-cache
  ip http server
  ip http authentication aaa
  no ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  ip radius source-interface BVI1
  radius-server attribute 32 include-in-access-req format %h
  radius-server vsa send accounting
  bridge 1 route ip
  line con 0
  line vty 0 4
  end
  ap#

• WLC Flexconnect with AAA and MAC authentication

  hi,
  i am having cisco WLC with 7.4.121 version and i am having remote side access points to be connected to this controller and remote access point will have different vlan on the remote side itself.
  my question is i am having  Radius authentication for the clients who are all connecting from all the access points and MAC filtering also.
  My radius server is placed in the HQ where we have WLC. which method of flexconnect switchign will give be both AAA and MAc filter options to be working.
  one more question,
  is it possible to make each AP seperate MAC filters On the WLC.
  thanks
  cyril

  If you are planning on doing machine authentication i.e authentication of machine with username password by the AAA server at then this is possible using flexconnect local switching enabled provided you have your AAA server accessible via the local VLAN at the remote site.
  In case you are planning on doing mac-filtering using WLC and username/password authentication using AAA server then this cannot be achieved when you enable Flexconnect local switching as you do not get an option to configure the mac-filtering on Flex-connect groups.Hence you would need to use central authentication.
  Actually the best option for you is that you either deploy a local site AAA server and do both the authentications via your radius server or use Central authentication with Flexconnect APs incase this is not feasible.
  Hope this clears you doubts!!!
  Note: Please do not forget to rate and accept as solution incase the post is valid.

• Dynamic Routing with VPN and multiple Peers

  I have several sites that connect to my primary host site (ASA5525-X) via LAN to LAN tunnels and currently all internal host routing is static. I need to implement a backup host site (ASA5520) for the remote sites to connect to. I know that I can add additional peers on each remote site for the host sites. However, I need to be able to do dynamic routing, so that if does not matter which site they are connected to the internal networks will learn where to route the traffic. I am running OSPF on my internal networks at both Primary and Backup host sites and they have an internal connection between the two sites.
  Is there a way to accomplish this on the ASAs?
  Thanks,
  Doug

  To make perhaps my question a little more clear, this is an example of how I would the result to look like
  http://www.latitudes.co.uk/dept_search_pages/search_provence.php
  where the labels with the checkboxes are retrieved from the 'category' table and when one or more boxes are ticked, the corresponding values are used to make the selection in the WHERE statement in the MySQL query.
  Hope someone can help me out.
  Erik

• Routing with rip and igrp

  Hi all if I have 4 routers all on 172.16.1.0, 172.16.2.0, 172.16.3.0, 172.16.4.0, If I use rip on each one, will it advertise 172.16.0.0 as its classful, and would this cause probs with routing ?

  By default, RIP and EIGRP will Auto-summarize to classful boundaries. And without further configuration, or a sample physical drawing, could cause problems as each of these networks falls into 172.16.0.0 255.255.0.0 Class-B summary.

• SMTP with STARTTLS and/or Authentication

  Hello,
  I'm having trouble with an smtp sender.
  I tried both setting authentication and/or starttls, but:
  - authentication seem not to be issued if normal smtp is selected, even though I see the call on my Authenticator: the smtp server complains about no authentication.
  - starttls seem not to be issued, as the SSL packages complains about a non ssl stream:
  DEBUG: getProvider() returning javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Sun Microsystems, Inc]
  DEBUG SMTP: useEhlo true, useAuth true
  getPasswordAuthentication: ******** / ********
  DEBUG SMTP: useEhlo true, useAuth true
  DEBUG SMTP: trying to connect to host "sendm.pec.sonicle.com", port 25, isSSL false
  DEBUG SMTP: exception reading response: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
  Her isSSL is false, because I want to use starttls instead of smtps, and the ssl stack complains...as if starttls was not issued.
  Session debugging never show commands about starttls nor authentication.
  As you can see from the code below, I need a separate Session with its own properties, because I may have more than one relay class running in the same VM, working with different smtp servers and different options.
  Notice also that I run a Transport manually, call connect with no arguments, as they will all be found in properties and from the Authenticator.
  The class is to be setup its public properties just after instantiation, then call initialize() to setup its session instance.
  Then you can call its createMessage(InputStream data) to create a msg from, e.g., an eml file.
  Or you can create the MimeMessage yourself, but beware to use the same session as the Relay on creation.
  Finally run sendMessage(MimeMessage msg) to send it.
  Where is my error?
  Here is my code:
  import java.io.InputStream;
  import java.util.*;
  import javax.mail.*;
  import javax.mail.internet.*;
  * @author gbulfon
  public class Relay extends Authenticator {
  public String sender;
  public String host;
  public int port=25;
  public String protocol="smtp";
  public boolean ssl=false;
  public String username;
  public String password;
  Properties props;
  Session session;
  public void initialize() {
  System.out.println("relay "+host+" uses "+protocol);
  props=(Properties)System.getProperties().clone();
  props.setProperty("mail."+protocol+".host", host);
  props.setProperty("mail."+protocol+".port", ""+port);
  if (ssl && protocol.equals("smtp")) {
  props.put("mail.smtp.starttls.enable","true");
  props.put("mail.smtp.socketFactory.port", port);
  props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
  props.put("mail.smtp.socketFactory.fallback", "false");
  if (username!=null) {
  System.out.println("relay "+host+" is authenticated as "+username);
  props.setProperty("mail."+protocol+".auth", "true");
  session=javax.mail.Session.getInstance(props,this);
  session.setDebug(true);
  public Session getSession() {
  return session;
  @Override
  protected PasswordAuthentication getPasswordAuthentication() {
  System.out.println("getPasswordAuthentication: "+username+" / "+password);
  return new PasswordAuthentication(username,password);
  public void sendMessage(MimeMessage msg) throws MessagingException {
  Transport transport=session.getTransport(protocol);
  transport.connect();
  transport.sendMessage(msg, msg.getAllRecipients());
  transport.close();
  public MimeMessage createMessage(InputStream data) throws AddressException, MessagingException {
  MimeMessage msg=new MimeMessage(session, data);
  return msg;
  }

  Thanx so much! And sorry for the CODE.......
  Anyway I just discovered minutes ago that taking out three lines was going great:
  if (ssl && protocol.equals("smtp")) {
              props.put("mail.smtp.starttls.enable","true");
              //props.put("mail.smtp.socketFactory.port", port);
              //props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
              //props.put("mail.smtp.socketFactory.fallback", "false");
  }just commented out those 3 lines, now it works ;)))

• Configure a Cisco router with Username and Password.

  Hello Guys,
  Am quite new in cisco and i need to configure an 891 cisco router,can someone please show me step by step configuration commands for configuring Username and Secret Password.I would like the router to ask for "Username"and " Password" anytime i want to login the router through telnet.I also want to know if i have to erase the default configurations on the router first, before i start the configuration,and how it should be done in other not to loose the router whiles working on it.Thanks for your usual quick responds.
  Regards,
  Eben.

  Hello Eben,
  Peter has suggested to use SSH because of the fact that telnet data is sent in clear text, so someone with the right tools could easily find your password and your device could/would be compromised. It is security best practice. SSH is encrypted.
  Technically speaking you do not need to change the hostname / domain name. But majority of Cisco documentation follow this method.
  In case you are interested on how to do this without change... see below.
  Router(config)#
  Router(config)#crypto key generate rsa modulus 1024
  % Please define a hostname other than Router.
  Router(config)#crypto key generate rsa modulus 1024 label CISCO
  The name for the keys will be: CISCO
  % The key modulus size is 1024 bits
  % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
  Router(config)#
  *Jul 11 13:27:51.431: %SSH-5-ENABLED: SSH 1.99 has been enabled
  Router(config)#
  The normal cases just as shown in Cisco documentation, the parser (without a label on the crypto key) would force us to change the hostname, create a domain name. I think the domain name is there to put a label on the keys.
  Router(config)#crypto key generate rsa general-keys modulus 1024
  % Please define a hostname other than Router.
  Router(config)#crypto key generate rsa
  % Please define a hostname other than Router.
  Router(config)#hos
  Router(config)#hostname ISR
  lexnetISR(config)#crypto key generate rsa general-keys modulus 1024
  % Please define a domain-name first.
  ISR(config)#ip domain name net.com
  ISR(config)#exit
  ISR(config)#crypto key generate rsa general-keys modulus 1024
  The name for the keys will be: ISR.net.com
  % The key modulus size is 1024 bits
  % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

• Need Fastest Built in router with wireless and no problems

  I have tried the WRT110 and 160 it seems the 310 or even the 350 are slow to my previous Wired lan. Problem is I am transferring files using the Wired portion of the WRT series and no using the Wireless. So in theory it should be quite fast but they are like 35+ % slower than my 8 port DSL router of 8 yr old. Any advise?

  Try disabling the firewall & antivirus on the wired computer ... See if the file transfer works or not ...

• OBIEE 11g SSO using OAM and AD (authentication provider)

  Hi
  I am authenticating my OBIEE users thru Microsoft Active Directory and it works fine.
  I would like to set up sso, so as to achieve seamless navigation from my Peoplesoft system to OBIEE.
  If anyone has done this before, then could you point me to some reference material. I am not able to find any online.
  Thanks
  Madhu

  I believe you can integrate peoplesoft in the same way we have done it for EBS
  follow below link. it will help you.
  https://kr.forums.oracle.com/forums/thread.jspa?threadID=645740
  Thanks
  Jay.

• Replace old router with WRT110 and now I can not see shared printer on network

  Replaced a BEFW11S4 with a WRT110. Now I can not see a shared printer on the network any more. I have not changed anything on the computer that has the printer shared. I can see the internet on all the computers, but not the shared printer. can you help?

  First which you need to check, is your printer is working Offline on your computer. In this case you need to Re-map your Printer on your Computers back again. First check if you have any Firewall or Antivurs Installed on your computer try to disable it and check if you are able to print from your computer. If not then try to Remap the printer on your computer.
  Go to Network connections window and if you are able to see your computer name on which the printer is installed, then right click on the Printer and click on "Connect" or "MAP" once done you will be able to print from your computer. 
  Note down the IP address of the Computer on which you have Installed the Printer. (Click on Start - Run - CMD and click Ok, now in the command prompt type "ipconfig" and note down the Ip address, Then go to your other computer and Click on Start - Run - CMD and click Ok and now in the Command prompt type "ping (IP address of your main computer) and hit enter and check if you are getting any replies. If yes, then again click on "Start - Run - type ( \\ip address of your main computer) and click Ok, and now you will be able to see your printer name then right click on it and click on "Connect" or Map, once done, now check if you are able to print from your computer. 

• Mail shows all header with reply and forward

  When i reply or forward a mail, the complete mail header is shown. How can i turn this of because i don't see the complete mail header when
  the mail is shown.

  Hi Patrick.  It looks like this question has been asked before and there is a simple solution (changing the preferences in the "Viewing" tab of mail). Check out this related discussion:
  https://discussions.apple.com/thread/3476487
  Hope that helps.
  Ivan