Partner application access to portal login info
How can an SSO partner application (Java) tell whether or not a user has logged in to Portal?
I need to log activity in a public application servlet, so I'd like to log the user as PUBLIC if not logged in or as their actual userid.
I don't seem to have access to this info until the user has visited a secure part of the app.
Any pointers would be appreciated.
Thanks
Rob
DIY answer ...
The cludge I used to get round this was ...
Make a PL/SQL item which displays a Login or Logout link as appropriate, based on the current userid from portal.wwctx_api.get_user.
The login link goes to a secure portal page called FORCE_LOGIN, passing a URL parameter called nextPageURL which contains the URL of the next page to show after the login is complete. You can use portal.wwpro_api_parameters.get_value( '_pageid', 'a'); to help build the current page URL if you want to retun to the current page.
The FOIRCE_LOGIN page contains a PL/SQL item which builds an IFRAME whos src is a URL to my app servlet ForceLoginServlet, passing on the nextPageURL parameter. Use portal.wwpro_api_parameters.get_value( 'nextPageURL', 'a'); to help with that.
The ForceLoginServlet is a secure servlet (set up in web.xml) so that forces a silent authentication to my app. All the servlet does is display HTML to redirect back to the URL in nextPageURL.
Horrible! But it does the job.
Anyone who know a better way of doing this, please tell me.
Rob
Similar Messages
-
How to access a Portal User Info from a J2EE application?
Hi,
I have deployed a j2ee application in portal and its running fine.
from that application i need to assign some roles to some users.i have the user id.
so my doubt is can i access the portal user info from this j2ee application?i have some servlets in the j2ee application....can i get the portal user info from this servlet?
plz help me
regards,
VisweswarHi,
Please check out this to get the portal user information from Java -
WdClientUser class/Interface to aciehve this.
Please check out these links on the same -
WDClientUser.getClientUser IUser
help needed
Regards
Lekha -
How to access Sap portal login user in ejb web service
Hi,
I wnt to access SAP Portal login user in my ejb application which resides on the same server.
I am using following code
try {
IUser user =null; IWDClientUser wdUser = WDClientUser.getCurrentUser();
user = wdUser.getSAPUser();
} catch (WDUMException e) {
// TODO Auto-generated catch block
e.printStackTrace();
Some additional jar files are required for this?
The same code works fine with webDynpro but not with ejb.
Thanks in advance
Best regards,
NileshThanks for reply.
I have already added com.sap.security.api in my EJB module project classpath. How to add the same in EJB application Project (application-j2ee-engine.xml)?
Best regards,
Nilesh -
Can Partner Application Access to Login Page's Information ?
Hi.
I wanna write a Partner Application to Access User's Information(UserName, subscriberName or Company Name)
This information represented by user In login Page.
I am not specialist in Oracle Sigle Sign-On ,for this reason Please Let me have a Sample .
Thanks.Please see the Single Sign-On Application Developer's Guide. If you write a partner application, this information that you mentioned is passed to you in your success URL.
-
Can portlets access external app login info?
I need to write a portlet that uses the login information entered by users for external applications. The portlet will access the external application, but needs the login parameters that the user has supplied. Is this possible? If so, can anyone point me in the right direction to begin?
Thanks--Corey,
Two approaches:
1) You can get the user's login name from the wwctx_api package, as described in the Portal Development Kit (PDK)). You will not be able to retrieve the user's password from the API, for obvious security reasons. The PDK has other useful APIs for both PL/SQL and Java - check it out.
2) You can set up your external application as a partner application to the Login Server. Please see the Oracle Single Sign-On Application Developer's Guide for more information.
Regards,
Jerry -
Choosing between external and partner application and problem with login
We have an application on Oracle App Server 10.1.3.3 and we have an OID server.
I had taken this for granted that I should define the application as 'Partner Application' and not external application for single sign on.
Now that we need the 'PASSWORD' retrieved by application, we are considering defining it as an external application.
There are at least two problems I have encountered defining the application as external:
1. 'pageConfig:serverDate' is among the login form's inputs in the login page, but I can't set it in orasso 'Edit External Applications' page
2. After login using SSO as external application and when I click on the application's new link, the login page is shown with the username and password field filled, but I have to click on login button anyway (no automatic and invisible login).
I will be very grateful if someone gives a general view on the differences between external and partner, whether in this case external has to be used or partner and finally give some comment on my specific problem with login button and manual login.
Thank youJust some information :
- The problem with LOGIN page exists. I don't have that problem with for example GMAIL when defined as external application, but with my applications in Oracle Application Server.
- There is also another thing I don't understand. The link to external application is something like:
javascript:open_jwindow('../ealogin?ID=76D4766','76');
and couldn't be executed outside pls/orasso
in other words we can't give that to our users, can we? They should login to orassso and see that?
We don't want to involve them in Identity Management...
Any help is appreciated....
Regards -
ADF Application and Oracle Portal Login Page
We have developed ADF application and deployed it in Oracle AS 10.1.2 along with the custom JAAS module, which is working fine with the application custom login page. As a next page, I want to use Oracle Portal login page for the authentication and authorization.
How can I accomplished it? Any idea?
Thanks,
APShay,
1. I created blank ADF project
2. I copied myreport.jsp file (this one was generated by Oracle Report Builder) under ..ViewController/public_html directory
3. Created directory 'lib' under ViewController/public_html/WEB-INF/lib
4. Copied reports_tld.jar file under the directory created in 3.
5. Created simple jspx page with the af:link (btw af:goLink does not exists in JDev 12c), set 'destination' to myreport.jsp
After the steps above I could not even compile the application, many problems too many to list here, Basically JDev is trying to build the project with .jsp file generated in Report Builder and is unable to.
So to be sure we are on the same page: I am trying to embed JSP report files generated by Report Builder into ADF project, then create EAR file and deploy on standalone WLS. Finally execute JSP web only report. -
Creating partner application in Oracle Portal
$ORACLE_HOME/sso/bin/ssoreg.sh
-oracle_home_path <oracle_home_path>
-config_sdk_papp TRUE -site_name SSO_APEX
-home_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-success_url http://hal-00-dbs-08.hal.net:7777/pls/apex/wwv_flow_custom_auth_sso.pro
cess_success
-logout_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-u cn=orcladmin
-papp_schema <apex schema>
-cancel_url http://hal-00-dbs-08.hal.net:7777/pls/apex
-papp_schema <apex schema> what goes here?Please tell us your first name and update your forum profile with it to assist us. Thanks.
Where did you get that script and what are you trying to do, exactly (generally, I got that your aim is "creating partner application in Oracle").
Scott -
J2EE application access from Portal - P4ObjectBroker
hey all,
I want to access access a J2EE application (Web Service) from a Portal Component. The documentation at http://help.sap.com/saphelp_nw04/helpdata/en/c0/a584409db95537e10000000a1550b0/content.htm shows an example.
They import the package <b>com.sap.engine.services.rmi_p4.P4ObjectBroker</b>. I cannot find the package on my system, i.e. my local portal installation.
Does anybody know what kind of package is required, or where I can find this package...
many thanks in advance
cheers SaschaHey Sascha,
the P4ObjectBroker is part of the implementation of the P4 Provider Service on the J2EE Engine. It is part of the com.sap.engine.services.rmi_p4 package.
If you can't find it I recommend you to search it using ClassLocator, it is a plugin that indexes all your packages and locates the propar class for you.
You can download it at this link: http://sourceforge.net/projects/classlocator
Read the instructions of how to use it with the NWDS, it is really simple. If you need more help do tell me.
Regards,
Roy -
Not able to access the portal login page and idenetity console page
Hi all.
I installed PS 6.1 on a new Solaris 8 Box. DNS is not configured for this box.
I use netscape browser on the solaris boz to test my installation - everything is fine
issue:
When i tried to access the amconsole or amserver/UI/Login application, it bombs with the following exception.
but i can see the default webserver page (or any static html for that matter).
any clue?
10/28/2003 03:22:22:776 PM EET: Thread[Thread-195,5,main]
ERROR: Exception occured
java.lang.Exception: Service URL not found:session
at com.iplanet.services.naming.WebtopNaming.getServiceURL(WebtopNaming.java:180)
at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:686)
at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:668)
at com.iplanet.dpro.session.Session.getSession(Session.java:540)
at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:73)
at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:280)
at com.sun.identity.authentication.service.AuthUtils.getOrigLoginURL(AuthUtils.java:1546)
at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:253)
at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:783)
at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:434)
at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:312)
at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:282)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:919)
at com.iplanet.server.http.servlet.WebApplication.service(WebApplication.java:1061)
at com.iplanet.server.http.servlet.NSServletRunner.ServiceWebApp(NSServletRunner.java:981)I am facing the same problem. I am using Custom Authentication module. When I access the login page for this custom authentication module I got this error. I have DNS entry and added the IP Adress in the host file too. Anyone tell us, what could be the problem?
-
Error in ESS/MSS application accessing in Portal : URGENT
Hi Experts ,
I am getting the following error , when logged in to the portal using one user and click on the Leave request in ESS/MSS.
Can any body let me know how to resolve this error.
com.sap.xss.config.FPMConfigurationException: Read of object with ID portal_content/com.sap.pct/srvconfig/com.sap.pct.erp.srvconfig.ess.employee_self_service/com.sap.pct.erp.srvconfig.lea/com.sap.pct.erp.srvconfig.fpmapplications/com.sap.pct.erp.srvconfig.LeaveRequest failed.
at com.sap.xss.config.pcd.PcdObjectBroker.retrieveObjectInternal(PcdObjectBroker.java:92)
at com.sap.xss.config.pcd.PcdObjectBroker.retrieveObject(PcdObjectBroker.java:47)
at com.sap.xss.config.domain.PersistentObjectManager.retrieveObjectInternal(PersistentObjectManager.java:106)
at com.sap.xss.config.domain.PersistentObjectManager.retrieveObject(PersistentObjectManager.java:80)
at com.sap.xss.config.FPMRepository.retrieveObjectInternal(FPMRepository.java:83)
at com.sap.xss.config.FPMRepository.retrieveObject(FPMRepository.java:66)
at com.sap.pcuigp.xssutils.ccpcd.FcXssPcd.initializeConfiguration(FcXssPcd.java:816)
at com.sap.pcuigp.xssutils.ccpcd.FcXssPcd.loadConfiguration(FcXssPcd.java:250)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcd.loadConfiguration(InternalFcXssPcd.java:178)
at com.sap.pcuigp.xssutils.ccpcd.FcXssPcdInterface.loadConfiguration(FcXssPcdInterface.java:138)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcdInterface.loadConfiguration(InternalFcXssPcdInterface.java:148)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalFcXssPcdInterface$External.loadConfiguration(InternalFcXssPcdInterface.java:240)
at com.sap.pcuigp.xssutils.ccpcd.CcXssPcd.loadConfiguration(CcXssPcd.java:282)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcd.loadConfiguration(InternalCcXssPcd.java:184)
at com.sap.pcuigp.xssutils.ccpcd.CcXssPcdInterface.loadConfiguration(CcXssPcdInterface.java:115)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcdInterface.loadConfiguration(InternalCcXssPcdInterface.java:124)
at com.sap.pcuigp.xssutils.ccpcd.wdp.InternalCcXssPcdInterface$External.loadConfiguration(InternalCcXssPcdInterface.java:184)
at com.sap.pcuigp.xssutils.ccxss.CcXss.loadConfiguration(CcXss.java:205)
at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXss.loadConfiguration(InternalCcXss.java:153)
at com.sap.pcuigp.xssutils.ccxss.CcXssInterface.loadConfiguration(CcXssInterface.java:112)
at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXssInterface.loadConfiguration(InternalCcXssInterface.java:124)
at com.sap.pcuigp.xssutils.ccxss.wdp.InternalCcXssInterface$External.loadConfiguration(InternalCcXssInterface.java:184)
at com.sap.pcuigp.xssfpm.wd.FPMComponent.wdDoInit(FPMComponent.java:172)
at com.sap.pcuigp.xssfpm.wd.wdp.InternalFPMComponent.wdDoInit(InternalFPMComponent.java:110)
at com.sap.tc.webdynpro.progmodel.generation.DelegatingComponent.doInit(DelegatingComponent.java:108)
at com.sap.tc.webdynpro.progmodel.controller.Controller.initController(Controller.java:215)
at com.sap.tc.webdynpro.progmodel.controller.Controller.init(Controller.java:200)
at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.init(ClientComponent.java:430)
at com.sap.tc.webdynpro.clientserver.cal.ClientApplication.init(ClientApplication.java:362)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.initApplication(ApplicationSession.java:748)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:283)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingPortal(ClientSession.java:733)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:668)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
at com.sap.tc.webdynpro.clientserver.session.core.ApplicationHandle.doProcessing(ApplicationHandle.java:73)
at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.sendDataAndProcessActionInternal(AbstractApplicationProxy.java:860)
at com.sap.tc.webdynpro.portal.pb.impl.AbstractApplicationProxy.create(AbstractApplicationProxy.java:220)
at com.sap.portal.pb.PageBuilder.updateApplications(PageBuilder.java:1246)
at com.sap.portal.pb.PageBuilder.createPage(PageBuilder.java:354)
at com.sap.portal.pb.PageBuilder.init(PageBuilder.java:547)
at com.sap.portal.pb.PageBuilder.wdDoRefresh(PageBuilder.java:591)
at com.sap.portal.pb.PageBuilder$1.doPhase(PageBuilder.java:822)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processPhaseListener(WindowPhaseModel.java:755)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doPortalDispatch(WindowPhaseModel.java:717)
at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:136)
at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:313)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:684)
at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:250)
at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doPost(DispatcherServlet.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:387)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:365)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:944)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:266)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:100)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:170)
Caused by: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): portal_content/com.sap.pct/srvconfig/com.sap.pct.erp.srvconfig.ess.employee_self_service/com.sap.pct.erp.srvconfig.lea/com.sap.pct.erp.srvconfig.fpmapplications/com.sap.pct.erp.srvconfig.LeaveRequest)
at com.sapportals.portal.pcd.gl.PcdFilterContext.filterLookup(PcdFilterContext.java:422)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1248)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.basicContextLookup(PcdProxyContext.java:1254)
at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookupLink(PcdProxyContext.java:1353)
at com.sapportals.portal.pcd.gl.PcdProxyContext.proxyLookup(PcdProxyContext.java:1300)
at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1067)
at com.sapportals.portal.pcd.gl.PcdGlContext.lookup(PcdGlContext.java:68)
at com.sapportals.portal.pcd.gl.PcdProxyContext.lookup(PcdProxyContext.java:1060)
at com.sap.xss.config.pcd.PcdObjectBroker.getPcdContext(PcdObjectBroker.java:305)
at com.sap.xss.config.pcd.PcdObjectBroker.retrieveObjectInternal(PcdObjectBroker.java:53)
... 69 moreHi ,
Check the below thread and try options wihtin that.
all the best as the below thread is not resolved.
Manager Self Service Content are not showing up
Koti Reddy -
Oracle10g Developer Suite - Application Development - SQL Plus Login Info
I have installed Oracle10g Developer Suite and when I am trying to login into the sql*plus environment the username scott with the passcode tiger is not working. I have Oracle9i Enterprise Edition Release 9.2.0.1.0 as the database.
Can anyone help me in setting up the username and password to login into Sql*plus Release 10.1.0.4.2It sounds like you may be new to Oracle and its products. I would recommend doing some reading.
Oracle 9.2 Net Services Admin Guide
http://download-west.oracle.com/docs/cd/B10501_01/network.920/a96580/toc.htm
Oracle Developer Suite Installation Guide
http://download-west.oracle.com/docs/cd/B25016_06/doc/dl/core/B16012_03/toc.htm
You create the "login" information when you install the database. If you are not the person who performed the installation, you will need to contact them or install it again. Also, be aware that the SCOTT schema is disabled by default in newer database versions for security reasons.
The tnsnames.ora and sqlnet.ora files can be found in the ORACLE_HOME\network\admin directory. This is the same for all Oracle products that use Sql-Net for database connections. You can also use the TNS_ADMIN environment variable to point to a pre-existing tnsnames.ora file (see previously mentioned documents).
The tnsnames.ora entry will be unique to your database and its listener however here is an example:
ORCL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = someServer.com)(PORT = 1521))
(CONNECT_DATA =
(SERVICE_NAME = orcl)
) -
Access to Guest Folder requires login when accessed from Portal/SSO
We have wired XML-P to use OID and then registered it as a Partner Application in our Portal/SSO server (which also uses the same OID instance). All works well except now when we try to access the Guest folder from within Portal the SSO login screen pops-up. We have created a very simple HTML/URL portlet that points to the Guest folder and the idea is for users to have Public/anonymous access to this folder. Any ideas?
Hi,
You can try to enable "Turn on password protected sharing" in Network Sharing Center. After that, only people with a user name and password on the computer will be able to log into shared network folders.
Another workaround method you can try:
Open Run, type rundll32.exe keymgr.dll, KRShowKeyMgr, then Press
Enter.
In the prompt dialog, choose and delete the user account used to network sharing.
Roger Lu
TechNet Community Support -
Registering a partner application with SSO SDK
Good day
Since 2 days, I am struggling for the issue of registering a Servlet application as a partner
application using the SSO Login Server.
As per the suggested note id 182701.1 in metalink , I implement the following steps :
- Step A : Create the partner Application Schemas (Succesful & the name of the shemas is : ssopartner)
- Step B : Load Packages for the partner application (Successful)
- Step C : Obtain the registration information (Successful)
- Step D : Run the regapp.sql (successful but they forgot to mention that I should load the
SSOHash.class )
- Step E : Compile and Run
I deploy the application under 9iAS in order to test it.
I add the ssosdk307.jar the the jserv.properties file.
I invoke the SSOPartnerServlet java program by entering :
http://name of the webserver/servlet/SSOPartnerServlet
I got the message "redirecting to the login server" and I got the
login page of the SSO Server.
Once I submit the user/password , I got HTTP 400: Page cannot be
displayed.
I check the mod_jserv.log file and find out the following message :
[08/04/2002 13:54:16:949] (ERROR) ajp12: Servlet Error: POST is not
supported by this URL
Could you please advise
Your prompt feedback is highly appreciated
regardsI believe that this is not possible as the mod_osso realizes that the URL is below an URL that you want to protect.
The only way I see that you can do this is the following modification in the mod_osso.conf:
<Location /myApp/secure_partA>
AuthType basic
Require valid-user
</Location>
<Location /myApp/secure_partB>
AuthType basic
Require valid-user
</Location>
<Location /myApp/secure_partX>
AuthType basic
Require valid-user
</Location>
So your application /myApp/subApp will not be effected and people can just access this part. However you will have more administration in your mod_osso.conf
cu
Andreas -
Registering the Web based application as a Partner Application
Good day
I went through the suggested documentation of registering a
web based application as a partner application of the SSO Login Server.
I installed the SSOSDK.JAR and went through the demo application (JSP Demo)
which consists of the following programs :
papp.jsp
ssoinclude.jsp
ssoEnablerJspBean
SSOEnablerBean
SSOSignon
As per the technical documentation,I register this demo application as a
partner application.
1 - The source code of the papp.jsp checks for the existence of the user
through method of ssoEnablerJspBean [getSSOUserInfo(request, response)] which
calls method of SSOEnablerBean [getSSOUserInfo (request, response) and this
method calls getUserInfo(p_request) of SSOEnablerBean (the same program) to
check the existence of the application cookie.
2 - If it doesn't exit , it redirect it to the SSO Login page for user
authentication.Once the user is authenticated, a SSO login cookie is created on
the client's browser and redirects back to the SSOSignOn.
3 - The SSOSignOn program creates the application cookie and redirects back to
the entry point of the demo application which is papp.jsp.
My Questions are as follows :
1 - Instead of creating a session object within my web based application to hold some
information used between the different pages, can I define them in the
application cookie? kindly advise? Is there any limitation for the length of
the application cookie? If yes, what will be the risk?
2 - The SSOSignOn program is calling a method in the SSOEnablerBean
[setPartnerAppCookie(response, request). Within this method , it is retrieving
the parameters values of the request object as :
request.getParameterValues("urlc")[0];
What is the role of this [urlc]? Is it hard coded? Can I change it?
3 - In order to ensure that I am still dealing with the same user, shall I put
the above security check procedure on each page of my weeb based application? Kindly advise?
Thanks in advance for your prompt feedback
regardsDear Paul
I think there is a misunderstanding regarding the last correspondence.
I am talking about the customized home page of the PORTAL and not the home page of my web based application (JSP) .So in this case, Am I able to use the customized home page which contains a login portlet instead of the default Login page of the SSO Login Server.Kindly advise!!!
On the other hand, I am facing a problem during the surfing of the web based application.
The web based application consists mainly of two packages :
Package I : Bank.counter which contains a set of jsp pages.
JSP_HOME_COUNTER (MAIN PAGE WHICH CONTAINS 2 FRAMES)
JSP_LEFT_FRAME_COUNTER
JSP_MAIN_FRAME_COUNTER
JSP_MAIN_FRAME_COUNTER_DETAIL
Package II : Bank.portfolio which contains a set of jsp pages.
JSP_HOME_PORTFOLIO (MAIN PAGE WHICH CONTAINS 2 FRAMES)
JSP_LEFT_FRAME_PORTFOLIO
JSP_MAIN_FRAME_PORTFOLIO
Please note that the SSO classes are residing under the first package.
As agreed on in the third question, I am including in each page of my web based application, a security check procedure as follows :
<%@ include file="ssoinclude.jsp" %>
<%
if(usrInfo == null)
response.getWriter().println("<center>User information not found</center>");
else
my jsp code.......
%>
Please note that all the jsp page of the portfolio package are pointing to the SSO classes as follows :
<%@ include file="../counter/ssoinclude.jsp" %>
<%
if(usrInfo == null)
response.getWriter().println("<center>User information not found</center>");
else
my jsp code.......
%>
Once I invoke the JSP_HOME_COUNTER , it will render the JSP_LEFT_FRAME_COUNTER page and
JSP_MAIN_FRAME_COUNTER page which invokes the SSO Login page. Once the user has been authenticate, the result of the JSP_MAIN_FRAME_COUNTER is rendered successfully. The result contains an hyperlink to the
JSP_MAIN_FRAME_COUNTER_DETAIL page. As the user has been authenticated , this page is rendering automatically the result without displaying the SSO Login page. (Perfect as of now!!).
Once I invoke the JSP_HOME_PORTFOLIO from the JSP_HOME_COUNTER, it runs the security procedure without any rendering of the SSO Login page (fine!!) but redirects me back to JSP_HOME_COUNTER instead of rendering the result of the JSP_HOME_PORTFOLIO.
please note that the m_requestUrl variable in the SSOEnablerJSPBean class has been assigned the folowing value : JSP_HOME_COUNTER
Kindly advise .
Maybe you are looking for
-
Hello, I have a report that is showing data by company code and vendor number. I have the file sorted by company code and vendor number. when I run the report for 1 company, the company code prints on the first line.all of the other lines have the co
-
When I try to save a file using Excel 2008, ver 12.3.3, with extension either .xlsx or .xls, I get a message saying it cannot be saved because it is "read only." How do I change it from read only? (And how did it ever get to be read only?)
-
Carriage Return in Input Parameter
Hello, My report is passed an address string in a parameter like: name addressline1 city state zip. I want to display this like: name addressline1 city state zip In that past, when I have name, address1, and citystatezip in separate fields I use a fo
-
Xalan xslt extension flat file to xml...
anyone used the xsltflat 2.0 to do flat to xml transformation? it does it by using xalan extension... the packate is com.fs.xalan.extensions.* and test.com.fs.xalan.extensions.* anyway, it works fine when I do it from command prompt... however when I
-
the security module of these banks: "Banco do Brasil", "Santander" and "Caixa Econômica Federal" are not compatibles with firefox 4.0