Partner application authorization model missing

We have written our own portal using j2ee technologies. Based upon user identity, we construct a launch pad for the applications that a user has authorization to. It have 260 different applications.
We want to migrate to Oracle Portal. I would like to make each of these applications a partner application. They all share the same user repository.
The problem is that Oracle does not have a user to Partner application authorization model.
I could encapsulate all the applications as portlets, then Oracle portal would be able to manage the authorization to the portlets. To do this would be a major effort, changing thousands of JSP's and classes that render links. But this is not possible if they are just partner applications.
I know, Oracle is going to say "Portal is just a launch pad, it does not handle menuing of individual applications. That is the individual application's responsibility."
THIS does not apply. I thought long and hard on this issue. I am not asking Oracle Portal to take over menuing of an application, rather, I am asking it to be a launchpad to my 260 different applications, and to provide the facility that would allow the assignment of user and groups to execute partner applications.
One thing I may have to do is on the initialization of the partner application is to make a call back to the login server and check whether they are authorized to use the partner application.
There is a big difference between authentication and authorization.
Thanks,
Phillip

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

Similar Messages

Partner application configuration is missing error on SSO login page

We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Following a link to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly, of course!) then the APEX application is shown. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on Metalink or anywhere else on the Internet. Any ideas? I'm concerned that we have a misconfiguration somewhere that is causing this error and will affect any other partner application we setup in the future.
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup on both infra and mid tiers.

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

Wwc- 41653 The partner application configuration is missing or expired.

We have the following scenerio.
Application server 9iR1, apache server, login server, portal3.0.9.8.4 on 9iR2 database on host A. There is another database in 9iR2 where portal3.0.9.8.4 installed on host B. I want to use this database for another website configuring apache on host A as virtual host. I want to use same login server on host A.
The website on host A is working fine while the website on host B does not allow me to log into the login server.
I have run ssodatan script for associating portal schema on host B. I have created partner application on host A portal for accessing portal on host B and run ssodatax script for associating partner application.
when I try to log into the another web site created for host B, I get portal welcome page. when I click on login, I get sso page but i am unable to log into it, getting error The partner application configuration is missing or expired. Please contact the administrator. (WWC-41653)
How to resolve this?

Were you able to resolve the issue???
Can you pls try Rerunning ssodatan/x with the correct data. The ssodatan script is located in the directory ORACLE_HOME/portal30/admin/plsql/ssodatan.
Refer following link for more info on SSODATAN , SSODATAX and DIAGNOSTICS scripts in Portal 3.0.x:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=136138.1

The partner application configuration is missing

Trying to login to portal with portal30 leads to
'The partner application configuration is missing or expired. Please contact the administrator. (WWC-41653)'
Please advise
db 8.1.7
portal 3.0.9
apserver 1.0.2.1
Thank you
Anatoliy Smirnov

Were you able to resolve the issue???
Can you pls try Rerunning ssodatan/x with the correct data. The ssodatan script is located in the directory ORACLE_HOME/portal30/admin/plsql/ssodatan.
Refer following link for more info on SSODATAN , SSODATAX and DIAGNOSTICS scripts in Portal 3.0.x:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=136138.1

Error: Partner application configuration is missing ... on SSO login page

We have APEX 3.1.2 setup as a partner application and an application within APEX setup to use SSO for authentication. Going to the APEX application redirects to the Single Sign-On page, as it should, but it also shows "Error: The partner application configuration is missing or expired." I type in my password and username, click the Login button, and (if I entered my username and password correctly), it redirects me to the APEX application just like it should. So, I cannot figure out why we're getting the no_papp_err error and I have not found any solutions to that issue on metalink or anywhere else on the Internet. Any ideas?
We're on Oracle Portal 10.1.4, SSO 10.1.2, and SSL is setup for both.
+Closing this topic and opening it in [Oracle Application Server - General|http://forums.oracle.com/forums/thread.jspa?threadID=832022&tstart=0|New Topic]+
Edited by: oportalist on Nov 28, 2008 10:24 AM

Did you try checking the partner application entries on the SSO-login server page?
please login as orcladmin or some other user with membership in, i beleive, iasadmins group. verify that for this partner application, what you see here corresponds to the application URL. it looks like your login page call may have issues. so check for login url too.
also check the ORASSO.WWSSO_LS_CONFIGURATION_INFO$ for entries corresponding to Apex application.

Business Partner in Organizational Model Missing

Hi
I have added an Org Unit in Development Server and the ID and BP number is generated.
I have Transported from Dev to Quality server by using RHMOVE50 to move the org unit.
The Org unit and ID are transported successfully but the BP number is missing.
Note: Earlier for all other Org Units in Qulaity the BP Number exist.
Please prove me solution and points will be rewared.
Thanks and Regards
Masthan

Hi,
Apart from the above steps given by others you can also follow these steps as they did work in my scenario, this generally take some hours for the system to generate the BP ids so its better to schedule these activities in the evening so that when the Ids would be visible the next day I dont know whether this is a standard but this did happen in my case as i had to create the org structure twice so i had this experience twice.
Scenario when the buffering is not done and the Business partner id is not getting created in ppoma_crm
Check Settings for Attribute Maintenance
Check the consistency of the attribute assignments to the organizational units.
1. Access the activity using the following navigation options:
Transaction code SPRO
SAP CRM IMG menu Customer Relationship Management  Master Data  Organizational Management  Organizational Model  Tools  Check Settings for Attribute Maintenance
2. Execute the check.
Organizational Data Settings Check
See documentation of the IMG activity for details about this check
1. Access the activity using the following navigation options:
Transaction code SPRO
SAP CRM IMG menu Customer Relationship Management  Master Data  Organizational Management  Organizational Model  Tools  Organizational Data Settings Check
2. Execute the check.
Setup Buffering for Sales Scenario
Report HRBCI_ATTRIBUTES_BUFFER_UPDATE is used to buffer the attributes of organizational management objects. To enable buffering you have to maintain view T77OMATTR.
Enable Buffering for Sales Scenario
1. Access the activity using the following navigation option:
Transaction code OOATTRCUST
2. Select the structure node Scenarios.
3. Check the checkbox in the column Buffering for the scenario SALE.
4. Choose Save.
Update Buffers for Sales Scenario
1. Access the activity using the following navigation option:
Transaction code SA38
2. Call transaction SA38.
3. Select the report HRBCI_ATTRIBUTES_BUFFER_UPDATE
4. Select the checkboxes for Delete All Buffers and Restructure buffer on Date.
5. Choose Execute (F8).
In note 737315 further details regarding this topic are described. Note you can also schedule a job in transaction SM36 to run this report regularly.
Hope this helps.
Regards,
Amit

LOGIN ERROR: "The partner application configuration is missing or expired."

"portal" login pswd had expired and I changed it a) via OEM under "configure schema" section anb b) under HTTP->PL/SQL Properties section. I also went to OIDADMIN and changed the "portal" user pswd to the same schema pswd used above. However, now when logging in with the "portal" ID I'm getting the error above. Does anyone have any idea what this is and what I should do? THANKS!

hi
have you ran any scripts or did you change your system dates after the installation.
Regards
Deepak

WWC-41653 error on Partner Application

We're trying to configure a partner application. After logging in to SSO we get the error message: "The partner application configuration is missing or expired. Please contact the administrator. (WWC-41653)"
Does anyone have any tips on where to look for this configuration problem?
Thanks in advance!

We resolved this. Our problem was a mismatch in the listener_token.

HTMLDB as Partner Application to TWO OID instances - Authentication Schemes

For reasons I won't go into here, we have TWO Oracle OID/SSO instances running - independently.
I am interested in having HTMLDB / APEX applications capable of authenticate against either one. (one at a time, but on the same engine installation)
We have done the PARTNER APPLICATION registration which works well against one of the OID instances. Records have been entered into the WWSEC_ENABLER_CONFIG_INFO$ table and everything works as expected.
What option do I have to register the HTMLDB engine with a SECOND OID/SSO as a partner application and then allow the developers the ability to choose which authentication scheme applies?
What I have observed is that the package given (custom_auth_sso) has built in
g_partner_app_name varchar2(2000) := 'HTML_DB';
Is it possible to duplicate that type of functionality, or is there something deeper ingrained into the engine that I do not understand?
Regards,
Tim

Scott,
I am working under a model similar to your case number two.
Application 1 uses OID A
Application 2 uses OID B
I am going under the assumption that if there were two records in the config_info$ table, that I would need some type of ability to inform the WWV_FLOW_CUSTOM_AUTH_SSO package to switch between them.
I guess what I am missing is the mechanics. I am trying to avoid having to re-write the WWV_FLOW_CUSTOM_AUTH_SSO package by hand. Besides the package body being compiled, I do not know how that authentication scheme is called by HTMLDB/APEX. I have been using the Oracle Application Server Single Sign-On (HTML DB Engine as Partner App) scheme. This leaves most of the Authentication scheme pretty blank with the exception of the Session Not Valid URL ( populated with PORTAL_SSO-) and the logout URL. Magically it works though.
If I had TWO schemes registered in the config_info$, how would I indicate which scheme to use?
Do I have the capability of working with what has already been provided, or am I destined to writing a custom scheme because of the decision which needs to be made?
Many thanks
--Tim

Partner Application Registration

When using the Administer Partner Applications page, it appears the application is not being registered completely. The information does not appear in the WWSEC_ENABLER_CONFIG_INFO$ table, as has been suggested in prior posts (everything is fine in WWSSO_PAPP_CONFIGURATION_INFO$).
I am attempting to deploy the SSO SDK demo PL/SQL application, which works fine when logged into Portal. However, when not logged into Portal, I receive the following errors:
"Error in application: missing application registration information
Please register this application as described in installation guide"
This error is driven by the PL/SQL exception:
"wwsec_sso_enabler_private.enabler_config_not_found"
What am I missing? I have created several Partner applications, and none of them appear in the WWSEC_ENABLER_CONFIG_INFO$ table. I have sucessfully loaded the SSOHash into my partner schemas.
Environment:
Win2000
Portal 3.0.7
Thanks in advance...
Dean

Paul,
Thanks for the info; however, I'm still unable to get the SSO SDK sample, or any partner app, to work.
I have read the docs, what little there is, and followed the steps closely. Everything executes ok.
I have several questions:
1. When executing the REGAPP.SQL script that comes with the SDK, it indicates to login as the partner schema. I have noticed when running this script, the entry is stored in the partner schema table WWSEC_ENABLER_CONFIG_INFO$, not the one owned by Portal. Is this correct?
2. My partner app is really a PL/SQL Server Page (PSP) application which uses the same server as Portal. When entering the Listener Token name, I have been using the same server name as Portal. Is this a problem? What is this token used for? Must it be unique for each partner application?
3. In your response you mentioned changes to the REGAPP script. I found no mention of any changes in the docs with SSO SDK. Am I missing something?
Finally, is there any better documentation for the SDK and/or partner application configuration. The readme and install files do not, in my opinion, pass as documentation.
Thanks...
Dean

Partner Application Definition

I want to register a partner application to portal. (Oracle Exchange)
I registered it as partner application and registered the web provider also. But clicking the link still dismisses me to the login page on the partner application side. What am I missing?
Thanks & Regards,
Nilay

The problem is that I registered the Exchange application as a partner application on portal, and installed the web provider and ran regapp.sql with the token parameters etc.
Having a custom page with the portlets populated from the web provider, signle sign-on works OK. However, clicking the link from the partner application does not take care of my cookie, i.e., I still get the login form displayed. Is this how it should be or am I missing smthing?

HTMLDB -SSO- Partner application

Hi,
I have installed a database 10g/HTMLDB 1.5 and iAS 10g on two different boxes.
Refered & successfully completed the steps from
http://www.oracle.com/technology/products/database/htmldb/howtos/sso_partner_app.html
to Configure an HTML DB Application as a Partner Application in Oracle AS Single Sign-On
(TWICE From the Scratch)
But, Getting error like
"Error Error in portal_sso_redirect: missing application registration information:
p_partner_app_name:g_listener_token:HTML_DB:indl097ba.idc.oracle.com:7777
Please register this application as described in the installation guide."
Please let me know what would be wrong in doing this.
Feel free to ask for any further specific details or parameter values.
As its @ customer's site, need to know the resolution very urgently.
Thanks in advance.
Regards,
Nagadeep.

Hi Scott,
I am doing it from scratch now.
Details are like this:
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>path
PATH=D:\oracle\product\10.1.0\Db_1\BIN;D:\OraHomeOWB\bin;D:\OraHomeOWB\jre\1.4.2
\bin\client;D:\OraHomeOWB\jre\1.4.2\bin;D:\oracle\product\10.1.0\Htmldb\bin;D:\o
racle\product\10.1.0\Htmldb\jre\1.1.8\bin;D:\oracle\product\10.1.0\Htmldb\jre\1.
4.2\bin\client;D:\oracle\product\10.1.0\Htmldb\jre\1.4.2\bin;D:\oracle\product\1
0.1.0\Db_1\bin;D:\oracle\product\10.1.0\Db_1\jre\1.4.2\bin\client;D:\oracle\prod
uct\10.1.0\Db_1\jre\1.4.2\bin;C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\Wbem;
C:\Program Files\Symantec\pcAnywhere\
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>loadjava -user FLOWS_01
0500/welcome1@orcl SSOHash.class
C:\SSO_SDK\ssosdk307_032101\packages\oracle\security\sso>
@ the Database Schema:
SQL*Plus: Release 10.1.0.2.0 - Production on Wed May 18 20:49:33 2005
Copyright (c) 1982, 2004, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.1.0.2.0 - Production
With the Partitioning, OLAP and Data Mining options
SQL> conn flows_010500/welcome1
Connected.
SQL> @C:\SSO_SDK\ssosdk307_032101\packages\loadsdk.sql
Package created.
No errors.
Package body created.
No errors.
Type created.
Table created.
Sequence created.
Sequence created.
Table created.
No errors.
Procedure created.
No errors.
Package created.
No errors.
Package body created.
No errors.
Package created.
No errors.
Package created.
No errors.
Package body created.
No errors.
Package body created.
No errors.
Package created.
No errors.
Package body created.
No errors.
SQL>
Now, at the iAS10g registering HTMLDB application as a partner application.
Let me know whether I have to create any DAD to specify in HOME URL?
Regards,
Nagadeep.

Java SSO Partner application

Hello,
I configured and deployed a Java Partner Application as specified in the demo (ssosdk902.zip). I created an OC4J container and deployed all beans and jsp pages. When I try to access papp.jsp page, it presents me with sso login page but when i try to access other jsp pages under the same container like (index.jsp), it does not ask present with a sso login page. I want to protect all JSP pages under that container. Should I change home url for the SSO Partner application?
Any help is appreciated.
Thanks.

creating a partner application does not automatically secure the entire directory/application. it just sets a cookie for the Login Server and the Partner Application, indicating this user is authenticated.
if you want to secure the entire directory, you need to:
1. lock the directory down with MOD_OSSO in partnership with the Login Server
2. put the session checking code from papp.jsp into every page you want to secure, ensuring you have a valid and current user
3. create an application-specific security layer for the rest of your application that defers to the Oracle Security for user authentication.
what i'm currently doing is number 3. i have my ssoHome, that ensures i have a valid Login Server user. then i create an application session around the SSO user and use that to secure the rest of my site. if that session info ever times out, i delegate back to my ssoHome to see if they're still valid according to Oracle, and if they're not, they get sent back to the Login Server.
this model works very well for me, and is easy to manage.
hope that helps,
.rich

Java Partner Application

Hi Friends,
I'm experiencing some problems with the Partner Application that comes in Java version of PDK. Debugging the code in JDeveloper 3.2 all process stop when I try to create a new SSOEnablerBean.. the application just freeze out.. and return to me this error String:
oracle.security.sso.enabler.SSOEnablerException: oracle.security.sso.enabler.SSOConfigException: Error in generating redirect url.Missing enabler configuration.1003
at SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java:162)
at SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java:77)
at jsp_sso._papp._jspService(_papp.java:64)
at oracle.jsp.runtime.HttpJsp.service(HttpJsp.java)
at oracle.jsp.app.JspApplication.dispatchRequest(JspApplication.java)
at oracle.jsp.JspServlet.doDispatch(JspServlet.java)
at oracle.jsp.JspServlet.internalService(JspServlet.java, Compiled Code)
at oracle.jsp.JspServlet.service(JspServlet.java)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:588)
at org.apache.jserv.JServConnection.processRequest(JServConnection.java)
at org.apache.jserv.JServConnection.run(JServConnection.java)
at java.lang.Thread.run(Thread.java:479)
Does anyone know what could it be ??
null

The problem must be in how you are selecting from the enabler configuration table.
I'm not too familiar with the Java APIs but check the contents of the WWSEC_ENABLER_CONFIG_INFO$ table and make sure that the LSNR_TOKEN column value is consistent with what your app is passing as the selector.
null

ApEx 2.1.0.00.39 as Partner Application in Oracle AS Single Sign-On

Hi,
I've installed the last Application Express 2.1.0.00.39 (oracle-xe-10.2.0.1-1.0.i386.rpm and oracle-xe-univ-10.2.0.1-1.0.i386.rpm) but, when I try to "create an authentication scheme" for configure an ApEx application to use SSO under
Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Create Authentication Scheme
in the second step of the procedure I don't find the choice "Oracle Application Server Single Sign-On (Application Express engine as Partner App)".
I found only these:
- Show Built-In Login Page and Use Open Door Credentials
- Show Login Page and Use Application Express Account Credentials
- Show Login Page and Use Database Account Credentials
- Show Login Page and Use LDAP Directory Credentials
- No Authentication (using DAD)
even if under the help voice "V Information" the others two are describes:
Oracle Application Server Single Sign-On (Application Express engine as Partner App) delegates authentication to the Oracle Application Server Single Sign-On (SSO) Server. This Application Express site must have already been registered as a partner application with the SSO server. For more information, contact your administrator.
Oracle Application Server Single Sign-On (My application as Partner App) delegates authentication to the SSO server. In this case, you must register an application with SSO as a partner application. See the next page for more details.
Does Someone know how to resolve it?
Thanks
Emanuele

Thanks for all your help Scott
I've added the -PORTAL_SSO- .....
After this I've had a new problem same to this: Re: SSO Authentication Not Working
"get the error below and it then directs me to http://hostx/htmldb/f? and the "p=" is missing"
But after a lot of tests I discovered where was the problem: "The apache configuration for the proxy!!"
This an extract from the installation doc :
SetEnv force-proxy-request-1.0 1
ProxyPass /htmldb http://127.0.0.1:8080/htmldb
ProxyPassReverse /htmldb http://127.0.0.1:8080/htmldb
ProxyPass /i http://127.0.0.1:8080/i
ProxyPassReverse /i http://127.0.0.1:8080/i
ProxyPass /sys http://127.0.0.1:8080/sys
ProxyPassReverse /sys http://127.0.0.1:8080/sys
where you replace 127.0.0.1 with the name OR ip address of your XE installation. 8080 is the default http port of your XE installation. "
Well, I used the IP ADDRESS and in the @regapp > listener_token the NAME!!! (HTML_DB:servername.domain:80)
I changed the IP ADDRESS with the NAME, restarted the httpd service and now all works fine.
Emanuele

Partner application authorization model missing

Similar Messages

Maybe you are looking for