Problem in SSO (Single Sign On)

I have configured all the necessary steps for setting up SSO between SAP EP and ECC system. But when i am trying to open a transaction iview from portal its giving me ecc login screen and it is not taking me directly to that transaction.
This is the login screen message i m getting:
SSO logon not possible; browser logon ticket cannot be accepted
Choose "Logon" to continue A dialog box appears in which you can enter your user and password
No switch to HTTPS occurred, so it is not secure to send a password
What could me the reason for this, what steps I am missed out.
Need help on this..

Hi,
" SSO logon not possible; browser logon ticket cannot be accepted "
I believe your SSO is not configured properly,
First test the connection between ECC and EP
1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
make sure that  you get a tick mark. againt all in particular for  " connection test for connectors"
2. If your test conenciton is not working probably  SSO is not confgiured properly.
3. try importing portal certificate to ECC and vice versa
4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
regards,
prakash

Similar Messages

  • SSO (single sign on) on NetWeaver 7.0 Enterprise Portal based on spnego with Microsoft Active Directory

    Hi,
    we are using SAP Netweaver Enterprise Portal 7.0 (SP25) based on Windows 2008 R2/Oracle 11g.
    When we setup the Portal, we used the UME of the ECC - ABAP.
    The portal is used internally only.
    Now we want to provide SSO.
    User authenticate against Windows Active Directory (Windows 2003).
    We thought SSO via spnego would be the best solution.
    Any better alternates, we should use?
    We are following the SAP documentation:
    SAP-Bibliothek - Benutzerauthentifizierung und Single Sign-On
    We still want to create users in ABAP and assign them the portal roles. LDAP access should only have read access, to verify the security token from Active Directory.
    When we setup the portal from scratch using ABAP as its UME, in the system configuration, LDAP can't be selected/add as data source.
    In case we understand the documentation correctly, we would now need to add LDAP via the configtool for read access.
    What is not clear to us, when we active now LDAP via config tool, if we would now lose the ABAP connection.
    Is there a tutorial for SSO Netweaver 7.0 EP, like for EP 7.3, available?
    In 7.3 SSO is pretty simple to get it running, thanks to the many tutorials here and on the internet.
    Thanks for your help.
    Best regards
    Carlos Behlau

    Hi,
    I was able to generate the key via ktab program.
    But when I am enable SSO, nothing is happening when I try to log-on via SSO to the portal.
    I installed WebDiag tool on the portal server and ran trace.
    The users are located in domain: company.com of activate directory.
    The Java AS are located in domain: sap.company.com of activate directory.
    The sap.company.com domain acts as child of company.com.
    When I check the WebDiag trace, I see for the SPNegoLoginModule - the entry "... no key (etype: 23) for realm sap.company.com available ..."
    I would except company.com as realm key, as the keytabs have been generated on the domain controller of company.com.
    Is it possible to get SSO with child domain running?
    Based on the statement of the network folks, child and father domain having a trust.
    Thanks for your help.
    Best regards
    Carlos

  • Navigation problem in implementing Single Sign On

    Hi,
    I am a newbie to JSF.
    One of the projects that i am currently involved in, has a requirement of single sign on (SSO) , where in the user will log into their windows workstation and they will open my Web Application deployed in JBoss AS. Now my web application should get only the username/userid of the logged-in user from ActiveDirectoryServer and authenticate them against Database(Only the users with userids stored in the database should have the access to application) entries.
    If the user id is not in database, user should be taken to login page asking for the username and password. For this purpose, we are using JCIFS and have the necessary logic written in one class.
    I need some help in how to invoke the method in this class as there wont be any action/event fired initially and how to provide the navigation to pages(login page/home page) depending on the user status.
    Development environment::
    Richfaces,SEAM,JPA,JBOSS AS
    Thanks in advance,
    Suresh

    Hi,
    " SSO logon not possible; browser logon ticket cannot be accepted "
    I believe your SSO is not configured properly,
    First test the connection between ECC and EP
    1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
    make sure that  you get a tick mark. againt all in particular for  " connection test for connectors"
    2. If your test conenciton is not working probably  SSO is not confgiured properly.
    3. try importing portal certificate to ECC and vice versa
    4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
    regards,
    prakash

  • Bex Web Application Designer launched from desktop NOT SSO (single sign-on)

    NW 2004s
    BI 7.0
    The SSO from the Portal to BI/BW is working correctly, The SSO from BI/BW to the POrtal is working correctly.
    The problem is from the desktop, launching Bex Web Application DEsigner, it prompts to Logon to the BI system, then when you execute the selection it prompts you to log on to the Portal. I would expect the Portal logon to be SSO. Is there an SSO option for the Bex WAD I need ?
    Is there a  Bex tool or desktop configuration that I need to implement?
    Thanks in advance for any help
    Sarah

    Hello Sarah,
    Please refer this SSO SAP Pages
    http://help.sap.com/saphelp_nw04s/helpdata/en/12/9f244183bb8639e10000000a1550b0/content.htm
    For Portals
    http://help.sap.com/saphelp_nw04s/helpdata/en/89/6eb8deaf2f11d5993700508b6b8b11/content.htm
    You can also refer this forum
    /thread/342517 [original link is broken]
    Hope it helps
    Thanks
    Chandran
    Edited by: Chandran Ganesan on Feb 6, 2008 8:26 PM

  • Changing of the standard port 1521 and afterward problems with Single Sign

    System / Host Environment
    Operating System: HP-UX 11i, Existing Oracle RDBMS Vers. 9.2 x, Listener on standard port 1521
    9iAS System Architecture: 9iAS Infrastructure and Middle tier (AS Instance) on the same machine
    Problem Environment:
    -Before and during the installation of 9iAS infrastructure the Listener of the existing Oracle RDBMS was stopped
    -The installation of 9iAS Infrastructure (db: IASDB) Version 9.0.2.0 works well
    -Afterwards the port 1521 of IASDB changed to 1525. For a detail description of IASB port changing please refer to Doc. ID: 211 929.1 AFTER CHANGE 'IASDB' LISTENER PORT
    -The installation of Patch Set 2 (Common Patch 2703110) follows (9iAS is now up to Release 9.0.2.2).
    -The Installation of 9iAS Middle tier (AS Instance) Version 9.0.3 follows
    Problem description:
    -During the installation of 9iAS Middle tier problems with Single Sign On occurs.
    The reason of this problems seems a communication problem between the Single Sign On login sequence and the IASDB. After a reset of the port changing (back to the standard port 1521) the installation of 9iAS Middle tier works well.
    Through this incorrect and problematic behaviour we have some notes and questions:
    -Well at first the description of the port changing in Doc. ID: 211 929.1 seems us incomplete. Some configuration still carry on the standard port 1521 and not the knew value of the port 1525.
    -So we want to know all configuration files and parts where we have to change the port value manually ?
    -What will happened to the Single Sign On function with this manually port changing. Does Single Sign On works later on correct or have we to change much more ?

    Currently, changing the listener port is not supported. It must stay on 1521. I believe this is to be fixed in a latter release (perhaps 9.0.4)

  • MS Outlook Integration with CRM & Single Sign-On for Mobile\Blackberry

    Hi,
    Weu2019re looking at implementing CRM and have some questions on whether SSO (Single Sign-On) is a requirement for integrating Outlook with CRM for access via Mobile\Blackberry devices or not. I've the following questions:
    - For integrating Outlook and Active Directory with CRM is SSO implementation a MUST?
    - Also, is it possible to integrate Outlook without Active Directory integration with SAP esp. CRM?
    Mandeep Virk

    We got this figured out a couple of months earlier. It's nto a requirement to have SSO enabled for MS Outlook integration w/ CRM for Mobile\Blackberry use.

  • Single Sign Issue in Ess

    Dear All,
    EP7.0 SP9, ECC5
    We have an major issue in ESS, The problem is with single sign on.
    Here are the scenario's we are using :-
    1. We are using "training1" as EP login id and in PA30 in R/3 InfoType 105 and Sub Infotype 0001 The same ID "training1" (Same as EP log in), the portal is picking the data properly and working fine.
    2. If we use training1 as EP loginID and in PA30 in R/3 InfoType 105 and Sub Infotype 0001 if we use exeibckk (R/3 ID created for each individual user as communication user),
    we are getting error "User TRAINING1 does not exist in this period"
    we need to go ahead with the Step2, since all the EP login users are LDAP configured and,it has more than 15 characters, we cannot use EP login ID in InfoType 105 and Sub Infotype 0001
    since it is restricted to 12 Characters.
    e.g:
    EP user ID is - shivakumar_ks ( taken from LDAP)
    where as his R/3 or ESS user ID is - P000000002
    since the login ID and R/3 ID are different,The system is throwing the error mentioned above.
    We map the Shivakumar_ks with P000000002 in the EP Personalize option. But it is
    not picking up the mapping. It tried to find the Shivakumar_ks in R/3 and fails.
    Even though we are giving the UIDPWD in the system Logon Method.
    Can anyone please give me the solution on the above.
    Thanks in advane
    Ponnusamy P

    Hi,
    As correctly mentioned here by debasish, most of the iviews in ESS and MSS use JCo Connections but there are some iviews which are IACs.
    In this case, you need to configure both JCo connections as well as user mapping. Incase of PA30, which could be an IAC or a transaction iview, <b>you may just focus on User Mapping</b>. But for the webdynpro applications, you would need JCo Connections.
    The link provided by Antonio clearly explains the steps. In brief, these are the steps involved:
    1) Create System and an alias. Make sure that you use the logon method UIDPW.
    2) Using the Personalization link, select a system and give the backend username and password. Save it.
    Log off and test if it works.
    Hope this helps.
    Regards,
    Sunil
    PS: Reward points for helpful answers.

  • Single Sign-on and SSL problems

    We are using WebLogic Portal and Server (version 8.1 SP3). We want to have a single sign-on when entering the portal, so that users do not need to reauthenticate each time they access an application via an applet in the portal. We also want to protect the username/password authentication and all other connection information using SSL. We have applications in multiple domains.
    When not using SSL, SSO works okay. We are challenged for username/password exactly once, whether we access the Portal, or an application directly. As soon as we enable SSL, we are challenged repeatedly, and in some cases cannot access the applications at all, as the challenge always fails.
    We suspect that there is a Session cookie problem and that something is clobering the cookie and thus breaking the session. Does anyone have any idea on what might be causing the problem?

    Hi Derick,
    I want to make our discussion into 2 parts
    1) Sign on
    2) Viewing data based on the Heirarchy
    1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
    2) We can make the second point possible in two ways One is with providing restriction at universe level
    and the other one is through the use of flash variables.
    Using flash variables:
    The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
    I hope this is what you ar looking for....
    If so i have more points to acheive such scenario.
    Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
    Regards,
    AnjaniKumar C.A.

  • Single Sign On (SSO) Issue

    We are running Business Objects Enterprise XI 3.1, SP2 (BOBJ) in a Windows environment and have implemented single sign on for Windows AD.  Randomly single sign on does not work for some of our users when either accessing InfoView or when executing a WebI report via an OpenDocument call.  These users can log into InfoView using the Windows ID and Password manually.  The users also have the u201CEnable Integrated Windows Authenticationu201D option checked in IE.
    We have checked the InfoViewApp web.xml and OpenDocument web.xml settings and everything appears to be setup correctly for using sso and vintela (per SAP Note 1251945).  Required SPN entries appear to have been made.  The maxHttpHeaderSize setting in the Tomcat server.xml is set to 16384.  We do tend to make substantial use of Windows AD Groups within our security model.
    When the users are unable to login via sso, here is the error stack that appears in the Tomcat stdout.log:
    SEVERE: Servlet.service() for servlet action threw exception
    java.lang.IllegalStateException
         at org.apache.catalina.connector.ResponseFacade.sendError(ResponseFacade.java:418)
         at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:117)
         at com.businessobjects.sdk.credential.WrappedServletResponse.sendError(WrappedServletResponse.java:30)
         at com.wedgetail.idm.sso.AbstractAuthenticator.setUnauthorizedResponse(AbstractAuthenticator.java:1328)
         at com.wedgetail.idm.sso.MechChecker.authenticate(MechChecker.java:144)
         at com.wedgetail.idm.sso.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:1060)
         at com.wedgetail.idm.sso.AbstractAuthenticator.authenticateServiceTicket(AbstractAuthenticator.java:998)
         at com.wedgetail.idm.sso.AbstractAuthenticator.checkAuthentication(AbstractAuthenticator.java:953)
         at com.wedgetail.idm.sso.AuthFilter.doFilter(AuthFilter.java:122)
         at com.businessobjects.sdk.credential.WrappedResponseAuthFilter.doFilter(WrappedResponseAuthFilter.java:66)
         at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
         at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
         at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
         at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
         at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
         at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
         at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
         at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
         at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
         at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
         at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
         at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
         at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
         at java.lang.Thread.run(Thread.java:595)
    Before we go about installing SP3 in an effort to resolve the problem, can anyone look at the above error stack and tell us what might be going on here?  Would the above error stack be consistent with an Httpheader getting truncated?
    Thanks in advance for your help.
    Wendell Giedeman

    That error is part of a logging bug and not related to your issue. If SSO is working consistently from infoview then it probably is not a web.xml setting either. The most common problems with opendoc have been related to sessions. Are the users using a new IE window or possibly one that had previous documents open? If it is the session issue then SP3 may help as some work has been done in that area. If you are sure the users are using new IE windows for the opendoc calls then more troubleshooting may be required to identify the problem.
    Regards,
    Tim

  • Single Sign-On (SSO) in Web Server 7.0u5

    Hello,
    I am in the process of trying to configure single sign-on (SSO) between several apps in the same SJWS 7.0u5 virtual server, and I'm not having much luck. This appears to be very similar to the problem reported in another thread (http://forums.sun.com/thread.jspa?forumID=759&threadID=5281564) that applied to 7.0u2.
    I found one interesting detail that the previous post did not mention, however, and I think it is key to resolving this issue.
    I've been using the SSO feature of WS7 since day one, and up to this point is has worked flawlessly. However, I am in the process of adding a new webapp that differs from the prior webapps in one significant way: it uses form-based login, and all the previous webapps used basic authentication.
    Using the "Live HTTP Headers" Firefox add-on I captured the cookie exchanges between the client and server, and this is what I see:
    1. Logging in to any of the apps that use basic authentication results in both the JSESSIONID for the current webapp and the JSESSIONIDSSO for the entire server to be returned in the response.
    2. If I then go to a secured URI in the new (form login) webapp the JSESSIONIDSSO cookie is sent, but I still land on the login page.
    3. When completing the login form and submitting it, no JSESSIONIDSSO is returned.
    In both types of apps, my web.xml includes the appropriate configuration. FORM authentication:  <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>ldap</realm-name>
        <form-login-config>
          <form-login-page>/login.jsf</form-login-page>
          <form-error-page>/error.jsf</form-error-page>
        </form-login-config>
      </login-config>...and BASIC authentication:  <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>ldap</realm-name>
      </login-config>From this, it appears as though the SSO functionality is not working when using FORM authentication, only when using BASIC authentication.
    The web apps developer's guide specifically says that SSO works for all webapps in the same virtual server with the same realm-name, which is certainly the case for me. It doesn't say that SSO is not supported in FORM-authenticated webapps, but that would appear to be the case.
    Or is this a bug?
    Or am I simply doing something obviously wrong?
    Thanks!
    Bill

    In addition, I set the logging level to "fine", and I see these entries for the FORM authentication:
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Process request for '/testSso/'
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  Checking for SSO cookie
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  SSO cookie is not present
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Security checking request GET /testSso/
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:   Matched constraint 'SecurityConstraint[secureURIs]' against GET /index.jsp
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:   Matched constraint 'SecurityConstraint[secureURIs]' against GET /index.jsp
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  Calling hasUserDataPermission()
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:   User data constraint has no restrictions
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  Calling authenticate()
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Restore request from session '19FFE2F63CF4E8756C19B60AC6F7A65E'
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Authenticated 'testUser' with type 'FORM'
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Registering sso id '2698AFCE8889EF9877778386855517BC' for user 'testUser in realm ldap' with auth type 'FORM'
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Associate sso id 2698AFCE8889EF9877778386855517BC with session StandardSession[19FFE2F63CF4E8756C19B60AC6F7A65E]
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Proceed to restored request
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  Calling accessControl()
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:   Checking roles testUser
    [06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports:  Successfully passed all security constraintsThat seems to indicate that an SSO ID is created and a cookie should be sent with the response, but as show in the Live HTTP Headers output, that is not the case.
    The log entries for the BASIC authentication are as follows:
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Process request for '/ppc/'
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:  Checking for SSO cookie
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Security checking request GET /ppc/
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:   Matched constraint 'SecurityConstraint[ppc]' against GET /index.jsp
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:   Matched constraint 'SecurityConstraint[ppc]' against GET /index.jsp
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:  Calling hasUserDataPermission()
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:   User data constraint has no restrictions
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:  Calling authenticate()
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Logging in user [testUser] into realm: ldap using JAAS module: ldapRealm
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Password login succeeded for : testUser
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Authenticated 'testUser' with type 'BASIC'
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Registering sso id 'A58B93F0A00C619AF18F53C2F7C00D16' for user 'testUser in realm ldap' with auth type 'BASIC'
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Associate sso id A58B93F0A00C619AF18F53C2F7C00D16 with session StandardSession[EF2E1F7E8B3FB7E3FDD4607E4A62D99E]
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:  Calling accessControl()
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:   Checking roles testUser
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: No role found:  administrator
    [06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports:  Successfully passed all security constraintsIn this case, you can see that the SSO ID that is generated matches the value set in the response.
    Bill

  • IRecuritment: Resume Parsing with Single Sign on (SSO)

    Application Version:11.5.9
    RDBMS Version:9.2.0.7
    Patch Level:IRC.D, HR_PF.G
    Problem Description/Question:
    Anyone successfully parsed resumes with Single Sign On enabled. We are unable to parse resume with SSO. If I disable the SSO the parsing is working fine. With the SSO enabled resume parsing giving the following error:
    javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
    Pl. let me know if you have any suggestions/work around to resolve the issue. Client is going to live in 3 weeks. Any help is appreciated.
    Thanks,
    V

    Hi Rainer,
    you can find this setting in your Internet Explorer. Use Tools -> Internet Options -> Advanced. In the section "Security", check "Enable Integrated Windows Authentication (requires restart)" and restart your browser.
    If the error still persists Note
    934138 might be useful. 
    Hope this will help out.
    Regards,
    André

  • Problem In Single Sign On Instant Messenger JES

    Hai,
    I have problem with single sign on to Instant Messenger.
    Mail and Calendar single sign on are working fine.
    I configured Instant Messenger with following parameters
    Launch Method: Java Web Start
    Server : servername.com
    Server Port : 49999
    Multiplexor : servername.com
    Multiplexor Port : 49909
    In Desktop Instant Messaging channel
    Error: Unable to get contact information from Instant Messaging server.
    And I clicked Instant Messenger link from Instant Messenger channel the following error is comming
    An error occurred while launching/running the application.
    Title: Sun ONE Instant Messenger
    Vendor: Sun Microsystems, Inc.
    Category: Download Error
    Unable to load resource: http://apolloone.immchen.com:16001/en_US/imres.jar
    Pls help anyone how to configure Instant Messenger Single Sign On
    thankx
    with regds
    parthi

    Hi
    It's working out of the box for me. So I do not think there is much to configure.
    We run IM service on the same node as PS and Identityserver and just followed the install docs. Nothing about SSO there... It just worked.
    /Per-Olov

  • Problem Using Single Sign on with Deployed Applications

    I have deployed some appliciations to a standalone OC4J. I am using Identity Management for authentication and it works unless I check the Single Sign on box here:
    OC4J
    Administration ->
    Security Provider->
    Enable SSO Authentication
    I receive this error:
    499 Oracle SSO
    Oracle SSO
    (all my products are version 10.1.1.3)
    I guess I should run ssoreg and osso1013. I can't find the latter.
    I appreciate any comment.
    Regards,
    Farbod

    Dear John,
    from my point of view, we have to seperate the problem in two parts:
    1.) The automatic logon to the struts application via SSO.
    2.) The session sharing via some J2EE mechanism.
    For the SSO (1.) You have to logged on to the portal - with a cookie on the clientside. This cookie can be used for SSO by Your Struts application as long as You share the same session (same browserinstance). This is not difficult examples are available.
    The sessionsharing between a J2EE aap - Struts and an iView is an intersting point. I hope I can get some time to try this out. One trick which is not too clever is to store the session data serialized in a database and privide the sessionid in the url which calls the iView or Struts. Sessionsharing between iViews is no problem as long as You use the HTTPSession.
    Walter

  • FC3 : Problem with Single Sign-On

    Hi,
    We are installing Oracle 10g (ias 10.1.2) on Federo Core 3 Operating system.
    We installed successfully 'oracle Infrastructure' 10.1.2. We navigated to infrastructure home, the single sign-on status is'Down' and other components are 'Up'.
    What could be the problem with SSO?.
    Your help will be appreciated.
    Regards,
    Raj

    Hello
    I have the same problem. I installed succesfully Oracle10g on SLSE9 but the single sign-On is every down I followed all step but the problem isn't resolved.
    I would like the infrastructure on Linux you have any idea?

  • Can Captivate pull a user's login information from a Single Sign On (SSO) page?

    Looking to start pushing out quizzes and trainings via Captivate.  We currently do not have a LMS, so I started testing using Acrobat.com.  We have a Single Sign On (SSO) page that passes our users credenitals on to all the sites and apps.  Is there a way for Captivate to get those credentials, when submitting quiz results?  Do they have to submit their quiz answers via an Acrobat sign in?  Can Captivate auto submit answers or does the end user have to hit the Submit/Submit All button?

    Hi there,
    There is no native feature for getting SSO information in Captivate course.
    If you don't have an LMS, and if you would like to use Acrobat.com reporting, then learner will have to click on the post results button, and enter their Adobe.com or Acrobat.com credentials, then hit submit. (Learners must have an Account on Acrobat.com or Adobe.com to submit the results.)
    If the course will be accessed within the organization's network, then you can also use Internal server reporting, that works exactly same except learners do not need an account on Adobe.com
    They will have to enter their Name and E-mail address to niquely identify them while fetching result reports.
    Thanks.

Maybe you are looking for

  • AirPort Extreme - Can't Ping or See Other LAN Computers

    I recently reset my AirPort Extreme in order to get it to work with a new cable modem (per Apple Care suggestion). The device had worked fine until I replaced my modem. The reset resolved the problem. However, I'm no longer able to ping (or utilize a

  • New OA page on server

    Hi , I created a new OA page .Now i had named the page as HzmyCustomersPG.xml .The pkg is oracle.apps.xxx.yyy.zzz.server. I palced the xml file under standard oracle package structure.In future any patches are applied,does my custom file be there in

  • Ken Burns - size

    Hi, I have a Ken Burns effect on part of the video.  What I want to do is after the Ken Burns is over I want the rest of the video to be at that size (I am zooming it and then I want to hold the rest of the video at that zoom level).  I can't figure

  • E-Rec Portal Configuration

    Dear Friends, Please do let me know how to deploy E-Rec in the portal.  Name of the E-Rec business pacakge to be deployed in Enterprise Portal.? We are using ECC 6.0 and EP 6.0. Thanks in advance Regards, Sananthanan

  • Distributed transaction hangs thread

    Hi,           I am using WL8.1 sp3,           And am using a transaction across two servers.           The first invokes 2 EJBs on the other, one that updates a db (Oracle 9i, thin xa driver), and the other sends a message to a queue.           The t