Problem in coreid authorization

We are providing SSO for third party Java application using Oracle Application server Portal (10.1.4 version) and Oracle access and Identity system(7.0.4 version).
Current Setup:
Oracle Portal is already integrated with Coreid access and identity system and it is
working fine.
Now we added link in oracle Portal page which is pointing to Java application.
Objective:
The idea is the user will log into Oracle portal which is authenticated and authorized by oracle coreid access and identity system. Once the user is logged into portal, the user should be able to access the java application without logging in again.
We have 2000 users who can access our Portal site. In this 2000 users we are authorizing only 500 users to access the java application, by creating dynamic groups and coreid authorization schemes.
Problem:
========
In coreid policy we are passing username and password as header variable upon authorization success for that application. The Java application requires username and password in POST method. So we need to pass username and password in POST method and not in Header variable.
Question:
1. When authorization is success,Is is it possible to pass a value with a URL in POST method ?
2. Is there any authorization plugin available for the same ?
Regards,
Muthu

Thanks for your information!!!
I agree the password stored in OID is in hashed format. And we are not trying to send the password stored in OID. We need to send a common static username/password which is used by java application for authentication.
When the user clicks on java application link in Portal, after authorization we need to send some static username /password to Java application in POST method not as header variable.
The username / password is static value which is common for all 500 users who are authorized to access the application.
Note: Java application can't be modified since its a third party product.
Thanks!
Regards,
Muthu

Similar Messages

  • 'Problems saing the authorization information on the computer'

    Hello, I have a problem with the iTunes Store.
    the thing is that when I try to download a song, search for purchases, give authorization to the computer, or anything related to the iTunes Store, the itunes keeps sending me the same message; "'Problemas saving the authorization information on the computer' Try reinstalling iTunes or repairing it".
    And, after erasing it and instaling it 4 times, the same problem appears.
    The problem is that I purchased 2 songs and I can't listen to them, although the iTunes tells me that all the purchases has been finished, and I lost the money.
    Anybody knows what can I do?
    Thanks anyway for reading.
    PS: Sorry if my english is to hard of understanding, I'm from Chile.

    Please try this:
    http://support.apple.com/kb/TS1277
    It seems to do with deleting the Shared folder under the Users directory.

  • Problem wih analysis authorization for two scenarios on same data provider

    Dear all,
    I am looking for a solution on the following authorization scenario (using the new analysis authorization). Unfortunately everything that I tried did not work out as expected:
    User A is allowed to manually access query 1 (based on cube A) with authorization on all sites A-Z
    The same user A shall get an email distribution automatically (derivation of the filter in the query out of the authorization) for query 2, which is as well based on cube A, but this time the authorization shall be limited only to site A.
    As both queries are based on the same infoobject (0PLANT) and the same infoprovider (0TCAIPROV) I always get the result for all sites A-Z. The 0TCAACTVT is in both cases 03 (display), so I have no chance to distinguish between reporting and email distribution.
    Probably the only chance would be to derive the values for the email distribution scenario not from the authorization directly, but using a customer exit to fill the filter - but I would prefer a "standard" solution...
    Any ideas??
    Thanks,
    Andreas

    Dear Andreas,
    Before give you an alternative for you problem, Iu2019d like to comment the combining authorization concept:
    http://help.sap.com/saphelp_nw70/helpdata/EN/46/98cd87f37d19ace10000000a11466f/frameset.htm
    For this reason I suggest you which combing restriction through authorization and query filter. For query 2 try to use in 0PLANT characteristic the single value u201Csite Au201D, this restriction give you only authorization for see this value.
    Otherwise, you have to use customer exit.
    I hope that alternative help you to find a solution,
    Luis

  • Problem in transporting authorization object

    Hi,
    I am facing a problem in transporting the authorization object. We have an existing cube in development and production. In production the object has 3 authorization objects checked. Now I want to change the authorization object assignment in my cube. So I changed the assignment in the development, but when I tried to transport the authorization object it collected all the cubes where the authorization object is used.
    I want to transport only the authorization object associated with that cube, not all. I understand that logically if we are transporting the authorization object from RSSM, it takes all the assignments. But I don't want to do that because there may be some inconsistencies between the system.
    Can you tell me weather we have any other way, so that the authorization object is transported only for one particular cube assignment not all.
    Thanks in advance
    Prashant

    Hi,
    I tried that but not getting anything.
    Can you please tell me the steps.
    Steps I have done are as follows.
    1. Go to RSSM and select the authorization object.
    2. We have a button which says transport authorization object. I clicked on that.
    3. I got a list of all the authorization objects there. I selected my authorization objects and clicked on Transfer Object button.
    4. Then I get the hierarchy authorization objects.
    5. After that I selected a request and everything is included in that request. I didn't got your above mentioned option.
    Do you want me to go to the table RSSTOBJDIR and delete all the other entries??
    It would be great if you can tell me the steps to do that.
    Thanks in advance
    prashant

  • Problem with report authorizations

    Hi,
    I have assinged role with same set of query. A second role works like restriction to Business Area (for example: L000).
    problem:
    It doesn't work with InfoProviders of CO module. I want to make the restriction authorization of the users like I said above, but it doesn't want to work.
    I can't do the restricted authorizations of the users to these reports, which use the Controlling (CO) data. Everything is ok, when I attach the same roles to the report, which are created from other data (FI, AA, etc.).
    No authorization can be done with InfoProviders, which belong to CO.
    What has happened?
    Any minds?

    HI,
       r u talking about selection Screen i mean Input Screen or Report Output? Let us know what is the requirement?
    All the best.
    Regards,
    Nagesh Ganisetti.

  • Problem with HR Authorization

    Dear Experts,
    One of our requirements in HR is that we do not want users to execute standard reports for all infotypes and personnel areas. So we have created roles based on infotypes and personnel areas for auth object P_ORGIN.
    Authorization level        R
    Infotype                       0000, 0001, 0002, 0105, 1000, 1001
    Personnel Area            DE*
    Employee Group          *
    Employee Subgroup     *
    Subtype                      *
    Organizational Key       *
    We have assigned this profile to a user and when we run the standard reports with this userid, it works perfectly i.e., I do see the output for the PERSAs starting with DE only.
    We have a requirement to change a standard report to add few extra fields in the output...The problem is that the changed report shows me all the PERNRs...The standard report shows the PERNRs with PERSAs starting with DE but the custom one shows all PERNRs. Ofcourse the PERNRs with PERSAs not starting with DE don't show up any values...It just displays the PERNR and all other blanks....
    Any ideas on why the authorizations not working for the custom report ?

    You have to add the authorization object code something like bellow shown in start of selection event.
      AUTHORITY-CHECK OBJECT 'P_ORGIN'
               ID 'INFTY' FIELD '0169'
               ID 'SUBTY' DUMMY
               ID 'AUTHC' FIELD 'W'
               ID 'PERSA' DUMMY
               ID 'PERSG' DUMMY
               ID 'PERSK' DUMMY
               ID 'VDSK1' DUMMY.
    Dont forget to add the authorization object even in transaction used to invoke your reports.

  • Problem of hierarchy authorization on 0PLANT

    Hello
    I have a problem of authorization on the field 0PLANT.
    0PLANT has always been a authorization field (ZPLANT) which is systematicaly filled with the authorized values of the user.
    Now I need to create a hierarchy on this field but I face a problem of authorization.
    Is it possible not to have authorization on the hierarchy but only on the field (without its hierarchy) ?
    If not, I tried to affect a new authorization (ZPLANT2) that use 0PLANT and 0TCTAUTHH and tried to fill for a user (nothing written in 0PLANT and entire hierarchy for the user) but when I execute the query I always have BRAIN 819 message (no authorization for 0PLANT and hierarchy XXX).
    Can someone help me please ?
    Thanks for your answers.
    Vanessa Roulier

    Hello VERALLIA,
    did you solve the problem?
    Best regards
    Thomas

  • Possible problems in validating authorization (IWERK) in Tx Iw32

    Hello all,
    I have a problem and I do not know if it's a functional problem or if my application has an error. I comment with my invonveniente Example:
    1st. I think a support order in a planning center (100) for equipment XXXX. My user has authorization in the security object:
    I_IWERK
    --- Iwerk = 100
    --- TCD = IW31 IW32
    2nd. Then someone adjust the machine editing of the central planner, placing the center 200.
    3rd. I try to modify the maintenance order that believes in the center 100 and the system tells me I have no authorization to work in the center 200. If I see a little more, I see that the system produces the error objects BASIS:
    I_IWERK
    --- Iwerk = 200
    --- TCD = IW32
    What I find strange is that my support order is still in the planning center 100. From what I could investigate, the system not only controls the center of planning the maintenance order, but so does the machine that contains the order.
    Query:
    Normal Is this approach the system?
    This refers to the do it do not fit into my implementation process.

    Hello all,
    I have a problem and I do not know if it's a functional problem or if my application has an error. I comment with my invonveniente Example:
    1st. I think a support order in a planning center (100) for equipment XXXX. My user has authorization in the security object:
    I_IWERK
    --- Iwerk = 100
    --- TCD = IW31 IW32
    2nd. Then someone adjust the machine editing of the central planner, placing the center 200.
    3rd. I try to modify the maintenance order that believes in the center 100 and the system tells me I have no authorization to work in the center 200. If I see a little more, I see that the system produces the error objects BASIS:
    I_IWERK
    --- Iwerk = 200
    --- TCD = IW32
    What I find strange is that my support order is still in the planning center 100. From what I could investigate, the system not only controls the center of planning the maintenance order, but so does the machine that contains the order.
    Query:
    Normal Is this approach the system?
    This refers to the do it do not fit into my implementation process.

  • Problem - acs command authorization and web access control

    Hi, I'm trying to add the control of some aironet 1310 bridges with a ACS 3.2 (tacacs+). I wanted to be able to do telnet command authorization restrictions trough shell command authorization sets and be able to give similar restrictive web access at the same time. I have it working if I permit some commands that are sent by the browser as "write memory quiet" and few other ones, but for it to work, I must give them limited users the privilege level 15 and by having the tacacs server authorizing the commands, it work for both, http and telnet. Where my problem begin is when I loose the connection with the ACS server, the user being already authenticated as level 15 user, the device become open to all commands; there is no more restriction applied by the ACS. Do anybody now a workaround.

    It is already at local, that is just that the user already have a level 15 access and I used to control the commands through level settings before. So when I try it, my user that is localy level 5 is already recognized as a level 15 user from when it was authenticated through the ACS. If I could find a way to give web access to the 1310 at priv level 5 and still controlling the command set, it would be ok but as soon as I try to access a page that is not permitted other way than by the view level (i think it's level 1... or 0), I get a username password prompt with that line on the top of it:"level_15_or_view_access" and the only way I can access it is by entering a level 15 un/pass. I attached my 1310 aaa config
    and here are the command set that work at level 15 to do a "shut" or "no shut" of the radio interface by the web interface:
    configure
    permit terminal
    exit
    permit Unmatched Args
    interface
    permit Dot11Radio0
    no
    permit shutdown
    permit cca
    ping
    permit Unmatched Args
    show
    permit Unmatched Args
    shutdown
    permit Unmatched Args
    telnet
    permit Unmatched Args
    write
    permit memory quiet
    Thanks for the help !

  • Problems with belated authorization

    Hello,
    first we installed adobe digital editions on computer 1 without an Adobe ID. Then we tried to authorize it belated with an existing Adobe ID but it didn't work out. The error message was: It is not possible to authorize with an ID which is used on another computer. How can we solve this problem? Thanks in advance!

    Almost certainly a case of typically unhelful and wrong error message by ADE.
    try:
    Open ADE.
    In Library view, enter ctrl-shift-D (cmd-shift-D if on Mac).  That should clear the implicit/anonymous ID it generated when you installed and ran 'without' ID.
    Restart ADE.
    You should now be able to register with your correct ID.

  • Problem with analysis authorization- 0BI_ALL always needed

    Dear all:
    we have a serious issue on so-called "analysis authorization" now. We have auth-restricted user who only have authorization to access data on one company code. We also create a BI-authorization in analysis authorization and assign the following auth-relevant object to this authorization-
    0TCAACTVT = 01-03
    0TCAIPROV = ALL
    0TCAVALID = ALL
    0TCAKYFNM = ALL
    0COMP_CODE = A001
    And we create one query with only company code and number of employee in the row and column. But everytime we execute this query, there s always message" No Authorization". We used ST01 to trace and the result shows we need to have "0BI_ALL" in auth object S_RS_AUTH. If we added 0BI_ALL, all company code data will display, which definitely no auth restriction at all. Is there any specific authorization setting we need to do?
    We are stuck here pretty bad. Thank you all in advance if any input.
    BR
    SF

    Hi,
    I guess the Authorization profile is active , and in the Tcode PFCG -> Role name -> User tab page ( user comparision is done ).
    Check if any of the tab page shows red light .
    And assignment of 0BI_ALL is not a solution , as any user can do anything in the system.
    Also do not forget to log - off and log-in into system after changing into any of the authorization profile to see changes that had happened.
    Hope that helps.
    Regards
    Mr Kapadia
    Assigning points is the way to say thanks in SDN.

  • Problem with setting Authorization

    Hi,
    I created a sample survey using the downloadable Survey app on the hosted apex site. The Survey is meant to be public, but I want the Admin, reports pages to require login.
    At first it looked very straightforward since when I click on security for the page attributes, there already seems to be an Authorization Scheme listed in the drop down list "Must Not Be Public User" and an Authentication item "Page Requires Authentication". Looked perfect for what I needed. But when I apply the changes, the public user still can access the pages! What am I missing? Or am I too naive to think such functionality was actually built into this version of Apex and applicable to this particular application.
    PM

    PM -
    Something I've done is to create custom Authorization schemes for the types of users that access my applications through Single Sign On. I grab their ID and then do a select based on a table where I identify the level of security they have. And then I set the Authorization to "Page requires authentication".
    In my authorization scheme I use a PL/SQL function that returns a boolean to determine what the user may or may not be able to see.
    My code is something like:
    CASE
    WHEN my_pkg.authenticate_user(&APP_USER.) = 'SURVEY_ADMIN' THEN
    RETURN true;
    END CASE;
    Hope this helps.

  • Problem to get authorization for digital edition

    I have downloaded Digital Edition. Either it would give an connection error but internet is connected or it will show that have to wait to get authorization for this computer and it happen that I waited a whole day but nothing. What must I do please?

    Hi, I am getting the same error... saying there is an authorization error and to check that I am connected to the internet, which I am. Any help?

  • Problem with branch authorization scheme

    Hello,
    I am trying to use 2 non-conditional branches (onsubmit after processing) with different authorization schemes (the first one should be executed for USER, the second - for ADMIN). But it doesn't work - the branch with smaller sequence number is executed in spite of the fact that user has no right because of authorization scheme of this branch (the second one should be executed for this user).
    Why do this happens?
    Regards,
    Nikolay

    We use our own installation of HTML DB, so it is not on the Oracle site.
    The first branch (which is executed in spite of authorization) sets page-item using value of item which is not accessible for this user (using the same authorization scheme as branch). Therefore this value equels null (we don't setup this item for this user) instead of using another branch with another value.
    Thanks.
    Nikolay

  • Problems with paypal authorization

    I am out of itunes cards and simply want to designate my paypal account to buy music.  Everytime I try - it has me resign in with apple --->directs me to paypal -----> I accept terms and authorize---->I am redirected to download itunes on the apple site.  I redownloaded, restarted computer and it just keeps going in an infinite loop on the situation I just described.  I even tried to jump right into my own account info and the loop continues.  I'm frustrated.... any suggestions?  I am in the US

    Almost certainly a case of typically unhelful and wrong error message by ADE.
    try:
    Open ADE.
    In Library view, enter ctrl-shift-D (cmd-shift-D if on Mac).  That should clear the implicit/anonymous ID it generated when you installed and ran 'without' ID.
    Restart ADE.
    You should now be able to register with your correct ID.

Maybe you are looking for

  • Work Phone and personal apple ID

    I am leaving a company that asked me a few years back to use my personal apple ID for purchasing apps on the company purchased phone and iPad.  I wasn't comfortable doing this and told them at the time that I wasn't.  They told me it was company poli

  • HT1311 i cannot change the country of my account, because i still had a 0.05$ left in my account. any idea?

    i want to change my country in my account detail to add the info my credit card, unfortunately, itune does not allow me because i still have 0.05$ available balance in my gift card, any idea how to do so?

  • Odd XML behaviour

    Hello Again, I'm having an odd problem that I don't fully understand and I'm hoping for some insight. Basically if I have an XML object declared like var xml:XML = <template label="test" />; or var xml:XML = <tempate label="test"></template>; and the

  • Glitch with tooltip layout

    Hi, I'm having a problem with iTunes. My problem is the tooltips for certain buttons are popping up in the wrong places, keeping me from clicking there. The first four tooltips that are in the wrong spot are: "Create a playlist" "Turn shuffle on or o

  • Work with Latin2 in CRM and Mobile Sales

    Hi all, I have the following question: we have a CRM implementation (non Unicode, English language), connected to a non-unicode R/3 system but with MDMP and languages activated, and also a Mobile Sales implementation. The Mobile users do the logon in