Registering Partner Application in OAS 10.1.3.1
Machine A: ple-wlau5
OID and Oracle SSO [installed through infrastructure - 10.1.2.0.1]. such as D:\Oracle\Product\OID101201
Machine B : wlau-lap
OAS [installed through 10.1.3.1] such as C:\Oracle\product\10.1.3.1\OAS10131
and Oracle Portal [installed 10.1.2.0.1]. such as C:\Oracle\product\Portal
I have an application such as Test and running inside OAS 10.1.3.1.
I have a URL link[to my Test Application] in the Oracle Portal. However, I am not able to get or retrieve the cookie from the header such as %Request.GetHeader("Osso-User-Dn");. No value there. So this means I must have config and setup incorrectly.
Since my oracle portal is on 10.1.2.1 and my OAS is in 10.1.3.1, I think I need to register them from command line such as ssoreg.bat in my OAS 10.1.3.1. This bat file reside in SSO directory. I am not able to locate ssoreg.bat in my OAS 10.1.3.1 in order for me to registered my mod_osso into single signon server..
I need to know how to integrate my application that run in OAS 10.1.3.1 with my Oracle SSO in 10.1.2.0.1
There is some confusion about AS Control users in 10.1.3.x. Important is that you have the oc4jadmin user as the owner of all instances (AS instances in a cluster, and OC4J instances within an AS instance), all with the same password. New OC4J instances should only be created by oc4jadmin.
You can create sub-ordinate users, but you should not give them the role that is intended for oc4jadmin. Sub-ordinate users should be created only with restricted rights, e.g. for deploying applications.
I have used this feature in 10.1.3.2 and tested it on 10.1.3.3 on Windows, and it works. Tomorrow I will be in the opportunity to test it on RH4 update 4.
Message was edited by:
pdevaal
Similar Messages
-
Register external application as partner application on OSSO
Hi All,
I am using OracleAS Single Sign-On. I want to integrate Stellent Universal Content Management(UCM) with OracleAS Single Sign-On.
Can someone please let me know how to achieve this?
Also I would like to know, how can I register external application as a partner application in OracleAS Single Sign-on?
Thanks & Regards,
Yash ShahHi,
Thanks for your quick response. I have gone through the document which you suggested. the document says to register through sooreg.sh script. I would like to register partner application using SSO Administration UI.
When I log in to OSSO server, I have a option of registering the partner application, there in UI I have to specify, Home URL, Success URL and Logout URL.
For me, my sso server and my application server resides on the different servers (systems). Please let me know which URLs I shoudl specify to register my partner application using UI.
I mean, I want to know what should I specify in Home URL, Success URL and Logout URL
Thanks & Regards,
Yash Shah -
ERROR : SSO Partner application could not be registered successfully
Hi,
when i run txkrun.pl to register sso my regisitration fails
perl txkrun.pl -script=SetSSOReg
You are registering ORACLE HOME, Instance with SSO and OID Servers.
Enter the host name where Oracle iAS Infrastructure database is installed ? hschbscgn20104.hclt.corp.hcl.in
Enter the LDAP Port on Oracle Internet Directory server ? 389
Enter SSL LDAP Port on Oracle Internet Directory server ? 636
Enter the Oracle Internet Directory Administrator (orcladmin) Bind password ?
Enter the instance password that you would like to register this application instance with ?
Enter Oracle E-Business apps database user password ?
*** Log File = /data/vis/inst/apps/VIS_hschbscgn20118/logs/appl/rgf/TXK/txkSetSSOReg_Fri_Nov_19_10_05_55_2010.xml
Beginning input parameter validation for Oracle Home Instance registration.
*** ALERT: This Oracle Home Instance is already registered. Oracle Home Instance Registration will be skipped.
Input parameter validation for Oracle Home Instance registration completed.
Beginning input parameter validation for SSO registration.
Input parameter validation for SSO registration completed.
Beginning input parameter validation for OID registration.
Input parameters validation for OID registration completed.
BEGIN SSO REGISTRATION:
Beginning to register partner application.
*** ERROR : SSO Partner application could not be registered successfully.
End of /data/vis/apps/apps_st/appl/fnd/12.0.0/patch/115/bin/txkSetSSOReg.pl : No Errors encountered
Below is my Log file:
BEGIN SSO REGISTRATION:</message>
</record>
<record>
<date>2010-11-18T23:31:11</date>
<millis>1290103271727</millis>
<sequence>79</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.TXKSTDIO</class>
<method>info</method>
<thread>10</thread>
<message>Beginning to register partner application.</message>
</record>
<record>
<date>2010-11-18T23:31:11</date>
<millis>1290103271728</millis>
<sequence>80</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>updating ias.properties file by retrieving data from DB</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272017</millis>
<sequence>81</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>Retrieved Preferences: {IASname=VIS.hclt.corp.hcl.in, InfrastructureDBCommonName=ORAAS.HCLT.CORP.HCL.IN, InfrastructureUse=true, OIDhost=hschbscgn20104.hclt.corp.hcl.in, SSLOnly=false, OIDsslport=636, IASpassword=05a78096c85355eed5aa08f04546377eb5e16520f2237467b7, OIDport=389}</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272018</millis>
<sequence>82</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.config.Instance</class>
<method>updateIasProperties</method>
<thread>10</thread>
<message>ias.properties is latest. No need to update.</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272019</millis>
<sequence>83</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Processing APPS_FRAMEWORK_AGENT: https://hschbscgn20118.hclt.corp.hcl.in:443</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272019</millis>
<sequence>84</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>removePortsFromAgent</method>
<thread>10</thread>
<message>Agent:https://hschbscgn20118.hclt.corp.hcl.in:443
After removing default ports Agent:https://hschbscgn20118.hclt.corp.hcl.in</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272053</millis>
<sequence>85</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.DBUtil</class>
<method>getAgentConfFileId</method>
<thread>10</thread>
<message>Executing: SELECT PREFERENCE_NAME FROM FND_USER_PREFERENCES WHERE PREFERENCE_NAME LIKE 'TXK_SSO_FILE_ID_%' AND PREFERENCE_VALUE = 'https://hschbscgn20118.hclt.corp.hcl.in' AND MODULE_NAME = 'LDAP_SYNCH' AND USER_NAME = '#INTERNAL' </message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272054</millis>
<sequence>86</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.DBUtil</class>
<method>getAgentConfFileId</method>
<thread>10</thread>
<message>file id NOT found</message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272055</millis>
<sequence>87</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>updateReqArgs</method>
<thread>10</thread>
<message>Updated Required Arguments Map: -site_name=https://hschbscgn20118.hclt.corp.hcl.in -appspass=******* -config_mod_osso=true -logout_url=https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO -home_url=https://hschbscgn20118.hclt.corp.hcl.in -config_file=/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf -update_mode=CREATE -success_url=https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success -cancel_url=https://hschbscgn20118.hclt.corp.hcl.in </message>
</record>
<record>
<date>2010-11-18T23:31:12</date>
<millis>1290103272056</millis>
<sequence>88</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Commmand is : sh /data/vis/apps/tech_st/10.1.3/sso/bin/ssoreg.sh -site_name https://hschbscgn20118.hclt.corp.hcl.in -config_mod_osso true -logout_url https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO -home_url https://hschbscgn20118.hclt.corp.hcl.in -config_file /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf -update_mode CREATE -success_url https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success -cancel_url https://hschbscgn20118.hclt.corp.hcl.in</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274625</millis>
<sequence>89</sequence>
<logger>txkSetSSOReg</logger>
<level>INFO</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>Return Code is : 1</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274625</millis>
<sequence>90</sequence>
<logger>txkSetSSOReg</logger>
<level>SEVERE</level>
<class>oracle.apps.fnd.txk.ias.sso.Instance</class>
<method>ssoReg</method>
<thread>10</thread>
<message>CLASSPATH=/data/vis/apps/tech_st/10.1.3/jdbc/lib/ojdbc14.jar:/data/vis/apps/tech_st/10.1.3/jlib/repository.jar:/data/vis/apps/tech_st/10.1.3/sso/lib/ossoca.jar:/data/vis/apps/tech_st/10.1.3/sso/lib/ossoreg.jar:/data/vis/apps/tech_st/10.1.3/lib/xmlparserv2.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/classes12.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/nls_charset12.jar:/data/vis/apps/tech_st/10.1.3/jlib/jndi.jar:/data/vis/apps/tech_st/10.1.3/jlib/ojmisc.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/jazn.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/jaas.jar:/data/vis/apps/tech_st/10.1.3/jdk/lib/rt.jar:/data/vis/apps/tech_st/10.1.3/jdk/lib/i18n.jar:/data/vis/apps/apps_st/comn/java/classes/oracle/apps/fnd/jar/fndoid.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/ojdbc14.jar:/data/vis/apps/tech_st/10.1.3/jdbc/lib/orai18n.jar:/data/vis/apps/tech_st/10.1.3/jlib/repository.jar:/data/vis/apps/tech_st/10.1.3/jlib/infratool.jar:/data/vis/apps/apps_st/comn/java/classes:/data/vis/apps/tech_st/10.1.3/sysman/webapps/emd/WEB-INF/lib/emd.jar:/data/vis/apps/tech_st/10.1.3/dcm/lib/dcm.jar:/data/vis/apps/tech_st/10.1.3/sysman/j2ee/lib/portalSMI.jar:/data/vis/apps/tech_st/10.1.3/jlib/emConfigInstall.jar:/data/vis/apps/tech_st/10.1.3/lib/dms.jar:/data/vis/apps/tech_st/10.1.3/opmn/lib/ons.jar:/data/vis/apps/tech_st/10.1.3/j2ee/home/oc4j.jar
Parameters passed to SSO registration tool :
param0:-oracle_home_path param1:/data/vis/apps/tech_st/10.1.3 param2:-site_name param3:https://hschbscgn20118.hclt.corp.hcl.in param4:-config_mod_osso param5:true param6:-logout_url param7:https://hschbscgn20118.hclt.corp.hcl.in/OA_HTML/AppsLogoutSSO param8:-home_url param9:https://hschbscgn20118.hclt.corp.hcl.in param10:-config_file param11:/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/Apache/Apache/conf/osso/VIS_hschbscgn20118_osso.conf param12:-update_mode param13:CREATE param14:-success_url param15:https://hschbscgn20118.hclt.corp.hcl.in/osso_login_success param16:-cancel_url param17:https://hschbscgn20118.hclt.corp.hcl.in
-DinstallType=
-DORACLE_CONFIG_HOME=/data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3
-DoldOracleHome=
-DoldOHSUser=root
Check /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/sso/log/ssoreg.log for details of this registration
SSO registration tool failed. Please check the log file /data/vis/inst/apps/VIS_hschbscgn20118/ora/10.1.3/sso/log/ssoreg.log, correct the problem and re-run the tool.
.end std out.
.end err out.
</message>
</record>
<record>
<date>2010-11-18T23:31:14</date>
<millis>1290103274626</millis>
<sequence>91</sequence>
<logger>txkSetSSOReg</logger>
<level>SEVERE</level>
<class>oracle.apps.fnd.txk.ias.TXKSTDIO</class>
<method>exception</method>
<thread>10</thread>
<message>oracle.apps.fnd.txk.ias.SsoOidException: SSO Partner application could not be registered successfully.
at oracle.apps.fnd.txk.ias.sso.Instance.ssoReg(Instance.java:470)
at oracle.apps.fnd.txk.ias.sso.Instance.registerPartnerApp(Instance.java:690)
at oracle.apps.fnd.txk.ias.Instance.main(Instance.java:88)
</message>
</record>
</log>
can anyone tell me what is the problemHi
Please refer doc and do the following steps.
1. Take a copy of the $IAS_ORACLE_HOME/Apache/Apache/bin/iasobf file
2. Change the ORACLE_HOME=to the correct IAS_ORACLE_HOME
3. Re-run the SSO registration by following the three step process
Regards,
Krishna -
Dear OAS experts, could you please help me with the problem, it worried me for weeks:
I have 2 OAS 10.1.2.0.2 on a different physical servers -
1) type Identity Management, host - OIDserver.mysite.ru, ORACLE_HOME = /d01/oracle/prd/imapp,
2) type J2EE and Web Cache, host - PerlApp.mysite.ru, ORACLE_HOME = /d01/oracle/prd/app_server_101202
they both are in the farm INFRA.mysite.RU, Repository Type - Database
There is a Perl application on a 2-nd server, it should be working thru SSO thru any free port (https). I defined 4445 for it. It's supposed that reference https://PerlApp.mysite.ru:4445 will be redirected to SSO. (On a 4445 for ssl it is faking certificate Oracle for testing purposes, but it doesnt bother me cause I need just to check if it redirects to SSO server, and next step I make certificate real).
What I did: I registered partner app on 1 server as per doc:
$ORACLE_HOME/sso/bin/ssoreg.sh -oracle_home_path /d01/oracle/prd/imapp -site_name PerlApp.mysite.ru:4445 -config_mod_osso TRUE -mod_osso_url https://PerlApp.mysite.ru:4445 -remote_midtier -config_file /d01/oracle/prd/imapp/Apache/Apache/conf/osso/osso4445.conf
Then I transfer appeared file osso4445.conf from 1 to 2 server thru FTP in /d01/oracle/prd/app_server_101202/Apache/Apache/conf/osso/
I changed /d01/oracle/prd/app_server_101202/Apache/Apache/conf/mod_osso.conf on 2 server a bit, so that it referenced new config file osso4445.conf
It looks like:
LoadModule osso_module libexec/mod_osso.so
<IfModule mod_osso.c>
OssoIpCheck off
OssoIdleTimeout off
OssoConfigFile /d01/oracle/prd/app_server_101202/Apache/Apache/conf/osso/osso4445.conf
# Insert Protected Resources: (see Notes below for how to protect resources)
# Notes
# 1. Here's what you need to add to protect a resource,
# e.g. <ApacheServerRoot>/htdocs/private:
# <Location /private>
# require valid-user
# AuthType Basic
# </Location>
</IfModule>
At the end I restarted HTTP-server thru OEM console and checked:
when I go to https://PerlApp.mysite.ru:4445 there is no any SSO redirect, it is just a certified page for App Server. What have I done wriong?Oracle AS 10.1.2 doesn't support J2EE 1.4 in general. You might be lucky with your tests on the other 10.1.2.x versions. For J2EE 1.4 applications you should consider AS 10.1.3.x.
--olaf -
Register the partner application through SSO Administer Partner Application
When should I use the "Administer Partner Applications" link on the SSO Server Administration page to register the application among the following cases?
1. sign-on SDK integrated application
2. mod_osso integrated applicationWere you able to resolve the issue???
Can you pls try Rerunning ssodatan/x with the correct data. The ssodatan script is located in the directory ORACLE_HOME/portal30/admin/plsql/ssodatan.
Refer following link for more info on SSODATAN , SSODATAX and DIAGNOSTICS scripts in Portal 3.0.x:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=136138.1 -
Apex application registered with sso as partner application
We have 1 apex app registered with sso and working properly.
I just registered a new apex application with sso. when i authenticate through sso, it directs me to the originally registered application.
I went in through the portal administrator app and verified my settings all pointed to the new application. I verified that my dad is set up correctly.
Any ideas?
APEX 2.0i did register and obtain the keys through portal admin.
to ensure i used the proper keys (i guess there is a possibility i used the keys from db1 registration) i re-ran regapp with the right keys but recieved the following output:
SQL> @regapp
Partner Application Configuration
Enter value for listener_token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
Enter value for site_id: EFBE3E14
Enter value for site_token: MSMXURH1EFBE3E14
Enter value for login_url: https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admin.ls_login
Enter value for encryption_key: 2EBDD126A3A40606
Enter value for ip_check: N
ERROR: Error in registration. Please try again
User-Defined Exception
Registration successful.
Listener token: HTML_DB:050iasphttp.xxx.na.xxx.com:7777
Site id : EFBE3E14
Site token : MSMXURH1EFBE3E14
Encryption key: 2EBDD126A3A40606
Login URL :
https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
n.ls_login
Logout URL :
https://050iaspdb.xxx.na.xxx.com:4443/pls/orasso/orasso.wwsso_app_admi
n.ls_logout
IP check : N
PL/SQL procedure successfully completed.
Commit complete.
No errors.
SQL>
...in spite of the error, i aske the app developer to try and use sso for db2. he now recieves:
User-Defined Exception
Error Error in wwv_flow_custom_auth_sso.process_success:l_sso_user_name:l_sess_id:: Please contact administrator.
OK
any ideas? -
Registering a partner application with SSO SDK
Good day
Since 2 days, I am struggling for the issue of registering a Servlet application as a partner
application using the SSO Login Server.
As per the suggested note id 182701.1 in metalink , I implement the following steps :
- Step A : Create the partner Application Schemas (Succesful & the name of the shemas is : ssopartner)
- Step B : Load Packages for the partner application (Successful)
- Step C : Obtain the registration information (Successful)
- Step D : Run the regapp.sql (successful but they forgot to mention that I should load the
SSOHash.class )
- Step E : Compile and Run
I deploy the application under 9iAS in order to test it.
I add the ssosdk307.jar the the jserv.properties file.
I invoke the SSOPartnerServlet java program by entering :
http://name of the webserver/servlet/SSOPartnerServlet
I got the message "redirecting to the login server" and I got the
login page of the SSO Server.
Once I submit the user/password , I got HTTP 400: Page cannot be
displayed.
I check the mod_jserv.log file and find out the following message :
[08/04/2002 13:54:16:949] (ERROR) ajp12: Servlet Error: POST is not
supported by this URL
Could you please advise
Your prompt feedback is highly appreciated
regardsI believe that this is not possible as the mod_osso realizes that the URL is below an URL that you want to protect.
The only way I see that you can do this is the following modification in the mod_osso.conf:
<Location /myApp/secure_partA>
AuthType basic
Require valid-user
</Location>
<Location /myApp/secure_partB>
AuthType basic
Require valid-user
</Location>
<Location /myApp/secure_partX>
AuthType basic
Require valid-user
</Location>
So your application /myApp/subApp will not be effected and people can just access this part. However you will have more administration in your mod_osso.conf
cu
Andreas -
Registering a Partner application with Oracle SSO 10gR2
Hi Everybody
I'd like to ask a question around registering a partner application with Oracle SSO.
I have entered my home_url, logout_url and cancel_url e.g. home_url is https://vevopuitest1.co.uk/vevo_test1 and so on for the other fields.
When I save the details some information is automatically created e.g. Site Id, Site Token etc.
The bit that I am particularly interested in are the fields Single Sign-On URL and Single Sign-Off URL.
For my purposes these fields are respectively: https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_login and https://cwassotest1.co.uk/pls/orasso/orasso.wwsso_app_admin.ls_logout
My questions are:
1. Where do these values come from?
2. Can I view them anywhere, say, in Oracle Directory Manager or using ldif queries?
I would like to be able to verify these values.
Many Thanks
AndyI'm afraid this won't answer your question completely, but AFAIK in principle it does not matter on which machine SSO is running, as long as it passes the user id and credentials properly through the HTTP Header. Even more: in practice it is very common to have SSO running on a different machine than where your app runs.
So what I would do is find out how to use ADF Faces with SSO. Perhaps someone else can provide pointers on that.
Jan Kettenis -
Error on registering Flights of Fancy application(Partner Application, JPDK) provide
Hi
When i try to add a provider for Flights of Fancy application i am getting this error
An error occurred when attempting to call the providers register function. (WWC-43134)
The following error occurred during the call to Web provider: Unable to initialize new provider instance: oracle.portal.provider.v1.ProviderException: Portlet PartnerFlightPortlet: Required Renderer not set. (WWC-43147)
i am able to access the URL (http://myhost/servlet/flightsprov) without any problem and is displaying the following information
Congratulations! You have successfully reached your Provider's Test Page.
Checking for components:
Oracle XML parser: detected
Oracle JSP: detected
Recognizing initArgs: Usual initArgs are provider_root and sessiontimeout.
dbhost: myhost
partnerAppCookieDomain: mydomain.com.qa
dbsid: mysid
onCancelUrl: http://myhost
partnerAppCookieDesc: SSO application cookie
partnerAppCookieScope: /
dbSchema: mypartner
requestedUrl: http://myhost/servlet/flights
provider_root: D:\port\partner
dbport: 1521
dbPassword: mypartner1
partnerAppCookieName: SSO_PAPP_SERVLET_ID
sessiontimeout: 1800000
listenerToken: myhost:80
ANd i make sure several times that i am using the same URL for Portal registration page.
In the jserv.log file i am getting the following information
[08/04/2001 13:08:24:642 GMT+03:00] flightsprov/javax.servlet.ServletException: Unable to initialize new provider instance: oracle.portal.provider.v1.ProviderException: Portlet PartnerFlightPortlet: Required Renderer not set.
at oracle.portal.provider.v1.http.HttpProvider.getProvider(HttpProvider.java:339)
at oracle.portal.provider.v1.http.HttpProvider.service(HttpProvider.java:246)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:588)
at org.apache.jserv.JServConnection.processRequest(JServConnection.java, Compiled Code)
at org.apache.jserv.JServConnection.run(JServConnection.java, Compiled Code)
at java.lang.Thread.run(Thread.java:479)
Can anybody help me in solving this problem
thanks in advance
Abdulla
nullYou're not missing anything - it sounds like it's working perfectly.
If a provider is affiliated with a partner application, the provider is automatically authenticated when you authenticate to the portal - because it is also a partner application. You only need to authenticate yourself once.
Now, when you go to the partner application, the application session cookie that was created by the provider is passed to the partner application & so you are not challenged.
Now, if you close your browser and access the partner application first, the login server will challenge you. When you subsequently go to the portal, you will not be challenged - the portal contacts the login server behind the scenes, determines you have already authenticated yourself and proceeds as if you had logged in.
When you visit the partner provider portlet, it will detect the cookie created by the partner application and use that to tie into the same session.
This is the whole point of single sign on. -
Registering the Web based application as a Partner Application
Good day
I went through the suggested documentation of registering a
web based application as a partner application of the SSO Login Server.
I installed the SSOSDK.JAR and went through the demo application (JSP Demo)
which consists of the following programs :
papp.jsp
ssoinclude.jsp
ssoEnablerJspBean
SSOEnablerBean
SSOSignon
As per the technical documentation,I register this demo application as a
partner application.
1 - The source code of the papp.jsp checks for the existence of the user
through method of ssoEnablerJspBean [getSSOUserInfo(request, response)] which
calls method of SSOEnablerBean [getSSOUserInfo (request, response) and this
method calls getUserInfo(p_request) of SSOEnablerBean (the same program) to
check the existence of the application cookie.
2 - If it doesn't exit , it redirect it to the SSO Login page for user
authentication.Once the user is authenticated, a SSO login cookie is created on
the client's browser and redirects back to the SSOSignOn.
3 - The SSOSignOn program creates the application cookie and redirects back to
the entry point of the demo application which is papp.jsp.
My Questions are as follows :
1 - Instead of creating a session object within my web based application to hold some
information used between the different pages, can I define them in the
application cookie? kindly advise? Is there any limitation for the length of
the application cookie? If yes, what will be the risk?
2 - The SSOSignOn program is calling a method in the SSOEnablerBean
[setPartnerAppCookie(response, request). Within this method , it is retrieving
the parameters values of the request object as :
request.getParameterValues("urlc")[0];
What is the role of this [urlc]? Is it hard coded? Can I change it?
3 - In order to ensure that I am still dealing with the same user, shall I put
the above security check procedure on each page of my weeb based application? Kindly advise?
Thanks in advance for your prompt feedback
regardsDear Paul
I think there is a misunderstanding regarding the last correspondence.
I am talking about the customized home page of the PORTAL and not the home page of my web based application (JSP) .So in this case, Am I able to use the customized home page which contains a login portlet instead of the default Login page of the SSO Login Server.Kindly advise!!!
On the other hand, I am facing a problem during the surfing of the web based application.
The web based application consists mainly of two packages :
Package I : Bank.counter which contains a set of jsp pages.
JSP_HOME_COUNTER (MAIN PAGE WHICH CONTAINS 2 FRAMES)
JSP_LEFT_FRAME_COUNTER
JSP_MAIN_FRAME_COUNTER
JSP_MAIN_FRAME_COUNTER_DETAIL
Package II : Bank.portfolio which contains a set of jsp pages.
JSP_HOME_PORTFOLIO (MAIN PAGE WHICH CONTAINS 2 FRAMES)
JSP_LEFT_FRAME_PORTFOLIO
JSP_MAIN_FRAME_PORTFOLIO
Please note that the SSO classes are residing under the first package.
As agreed on in the third question, I am including in each page of my web based application, a security check procedure as follows :
<%@ include file="ssoinclude.jsp" %>
<%
if(usrInfo == null)
response.getWriter().println("<center>User information not found</center>");
else
my jsp code.......
%>
Please note that all the jsp page of the portfolio package are pointing to the SSO classes as follows :
<%@ include file="../counter/ssoinclude.jsp" %>
<%
if(usrInfo == null)
response.getWriter().println("<center>User information not found</center>");
else
my jsp code.......
%>
Once I invoke the JSP_HOME_COUNTER , it will render the JSP_LEFT_FRAME_COUNTER page and
JSP_MAIN_FRAME_COUNTER page which invokes the SSO Login page. Once the user has been authenticate, the result of the JSP_MAIN_FRAME_COUNTER is rendered successfully. The result contains an hyperlink to the
JSP_MAIN_FRAME_COUNTER_DETAIL page. As the user has been authenticated , this page is rendering automatically the result without displaying the SSO Login page. (Perfect as of now!!).
Once I invoke the JSP_HOME_PORTFOLIO from the JSP_HOME_COUNTER, it runs the security procedure without any rendering of the SSO Login page (fine!!) but redirects me back to JSP_HOME_COUNTER instead of rendering the result of the JSP_HOME_PORTFOLIO.
please note that the m_requestUrl variable in the SSOEnablerJSPBean class has been assigned the folowing value : JSP_HOME_COUNTER
Kindly advise . -
HOW TO SET UP PARTNER APPLICATION TO USE SSO OUTSIDE OF PORTAL
If anyone knows how Portal switches context to run as the db user mapped to the lightweight schema and how it knows the db schema password please let me know.
Should you have any queries please do not hesitate to contact me on 07775 896738.
From document Oracle Portal Security Overview on PortalStudio.oracle.com:
In Single Sign On mode (EnableSSO=Yes in the DAD), mod_plsql determines the name of the light-weight user and mapped database schema by calling
WPG_SESSION_PRIVATE.GET_LW_USER and WPG_SESSION_PRIVATE.GET_DB_USER respectively.
** These calls are done using the Portal Schema (PORTAL30) and Portal schema password **
mod_plsql then executes the procedure in the requested URL by using the N-Tier Authentication feature to connect to the database as the user returned from
WPG_SESSION_PRIVATE.GET_DB_USER. ..... Note that N-Tier Authentication requires all schemas to be used for Portal user mappings to be granted 'connect
through' privleges to the Portal schema (PORTAL30).
The WWCTX packages are also used.
So this is how it works with standard Portal
- the document states that the WPG_SESSION_PRIVATE package is only accessible to the Portal schema
- but I checked and it is also available to PORTAL30_SSO
SQL> desc WPG_SESSION_PRIVATE
PROCEDURE CREATE_SESSION
Argument Name Type In/Out Default?
P_COOKIE_NAME VARCHAR2 IN
FUNCTION GET_DB_USER RETURNS VARCHAR2
FUNCTION GET_LW_USER RETURNS VARCHAR2
PROCEDURE GET_SESSION_INFO
Argument Name Type In/Out Default?
NUM_PARAMS NUMBER OUT
PARAM_NAMES TABLE OF VARCHAR2(32000) OUT
PARAM_VALUES TABLE OF VARCHAR2(32000) OUT
PROCEDURE RESET_SESSION
Argument Name Type In/Out Default?
P_COOKIE_NAME VARCHAR2 IN
In my case only the Login Server (PORTAL30_SSO) is going to be used/installed
- the SAMPLE_SSO_PAPP application will only work if the DAD used to access is it set to use Basic authentication, i.e. the actual integration with the Login Server
is done in the sample application code calls, stored in the database
- when a DAD has enableSSO=yes it automatically accesses Portal (PORTAL30) packages to implement N-Tier authentication
I'm currently testing:
1. Configuring the SAMPLE_SSO_PAPP sample as documented with a DAD with Basic authentication
2. Amending the ssoapp procedure to set context to another (db) user on successful authentication:
wwctx_api.set_context (
p_user_name => 'SCOTT',
p_password => 'TIGER' );
3. If this works then set_context with get_lw_user instead
I have now amended the ssoapp procedure as follows to print out
1. The userid entered when the login box is presented
2. The Database user which the Portal Lightweight user is mapped to
3. The Lightweight user Portal has used for authentication
Amendments to papp.pkb:
(ssoapp procedure, declare db_user_info and lw_user_info as VARCHAR2 in declare section)
htp.p('Congratulations! It is working!<br>');
db_user_info := wwctx_api.get_db_user;
lw_user_info := wwctx_api.get_user;
htp.p('User Information:' || l_user_info || '<br>');
htp.p('DB User Information:' || db_user_info || '<br>');
htp.p('LW User Information:' || lw_user_info || '<br>');
The following shows the interesting results from my testing:
- if the user owning the sample_sso_papp package is PORTAL30_SSO then the call to wwctx_api.get_db_user succeeds
- if the user owning the sample_sso_papp package is a non-portal schema e.g. SSOAPP below the call to wwctx_api.get_db_user generates a User Defined exception
Steps to test:
Created new schema SSOAPP on the database
- edited it in Portal and checked the use this schema for Portal users checkbox
- created new Lightweight user SSO_LW in Portal, mapped it to SSOAPP schema
- created new Lightweight user SSO_SCOTT in Portal, mapped to SCOTT schema
- loadjava -user ssoapp/ssoapp@portal30 SSOHash.class
- sqlplus portal30/portal30@portal30
@provsyns ssoapp
- sqlplus ssoapp/ssoapp@portal30
@loadsdk.sql
@loadpapp.sql
Created DAD with basic authentication SAMPLE_SSO_PAPP
- username: ssoapp
- default home page: sample_sso_papp.ssoapp
Registered the Sample SSO Partner Application with the Login Server and ran regapp.sql
Commented out the calls to get_db_user in papp.pkb to avoid exception
- called http://<server>/pls/sample_sso_papp
- logged on as SSO_LW/sso_lw
- got output:
Congratulations! It is working!
User Information: SSO_LW
LW User Information: PUBLIC
So the Portal lightweight user is not returned as SSO_LW
if anyone knows why the Lightweight User in my test is returned as PUBLIC not SSO_LW
Best Regards
MIchaelhttp://support.mozilla.com/en-US/kb/Changing+the+e-mail+program+used+by+Firefox
-
Hi All,
I have installed 10g AS Release 2 on a system. I also have Application Express(formerly HTML DB) installed on the same system. I registered one of the HTML DB applications as partner applications and have put SSO authentication for it.
When I try to login the AS looks at the OID installed on the system(which I gave during installation). I want it to look at the Oracle gmldap.oraclecorp.com server OID so that only Oracle employees login.
Can anybody tell me how to change the OID and what are the entries to be give to configure it to gmldap.oraclecorp.com server??
Thanks,
SwaroopSee Task 3 in the Section 9.4 of the Oracle Application Server Administrator's Guide:
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/chginfra.htm#i1014978
See the following for information about what to specify on each page.
http://download-west.oracle.com/docs/cd/B14099_17/core.1012/b13995/reconfig.htm#i1013341 -
Partner Application Registration
When using the Administer Partner Applications page, it appears the application is not being registered completely. The information does not appear in the WWSEC_ENABLER_CONFIG_INFO$ table, as has been suggested in prior posts (everything is fine in WWSSO_PAPP_CONFIGURATION_INFO$).
I am attempting to deploy the SSO SDK demo PL/SQL application, which works fine when logged into Portal. However, when not logged into Portal, I receive the following errors:
"Error in application: missing application registration information
Please register this application as described in installation guide"
This error is driven by the PL/SQL exception:
"wwsec_sso_enabler_private.enabler_config_not_found"
What am I missing? I have created several Partner applications, and none of them appear in the WWSEC_ENABLER_CONFIG_INFO$ table. I have sucessfully loaded the SSOHash into my partner schemas.
Environment:
Win2000
Portal 3.0.7
Thanks in advance...
DeanPaul,
Thanks for the info; however, I'm still unable to get the SSO SDK sample, or any partner app, to work.
I have read the docs, what little there is, and followed the steps closely. Everything executes ok.
I have several questions:
1. When executing the REGAPP.SQL script that comes with the SDK, it indicates to login as the partner schema. I have noticed when running this script, the entry is stored in the partner schema table WWSEC_ENABLER_CONFIG_INFO$, not the one owned by Portal. Is this correct?
2. My partner app is really a PL/SQL Server Page (PSP) application which uses the same server as Portal. When entering the Listener Token name, I have been using the same server name as Portal. Is this a problem? What is this token used for? Must it be unique for each partner application?
3. In your response you mentioned changes to the REGAPP script. I found no mention of any changes in the docs with SSO SDK. Am I missing something?
Finally, is there any better documentation for the SDK and/or partner application configuration. The readme and install files do not, in my opinion, pass as documentation.
Thanks...
Dean -
Partner application logoff not working
We have a partner application registered with sso with custom login screen. The login works fine. We use the following code to logoff the partner application in logoff.jsp
response.setHeader("Osso-Return-Url", "http://my.oracle.com" );
response.sendError(470, "Oracle SSO");
session.invalidate();
but the logoff is not working properly. It is not invalidating the session and the logout http request is not going from the application server to the sso server.
Are there any additional configurations for SSO logoff.Any help is appreciated.
ThanksHi
The WF should also trigger if i add the Partner function in UI.If i change any Attribute the WF triggers but i dont want to change the attribute when i add the partner function.
If i have only one event for WF that is Partner Change the WF will not trigger it for the 1st time when i save the UI. But next i come to the same saved doc and add a partner function then the Wf triggers.
So this means that Partner change is active.
the issue here is i need to trigger the WF on , the 1st time i save the UI, for which i wil be using Attribute Change and next time when i come back to saved doc the and add only the partner function and no changes are made to attributes the WF should again trigger.
Thanks
Tarmeem -
Partner application and web clipping.
Hi All,
I am trying to add an external application (say my.yahoo.com) to a webclipping and its throwing the below error in the application log.
WC-517 : SSL handshake failed with the url ...
I have checked the file ca-bundle.crt and the certificates are in place. Does anybody know how to go about debugging this problem as I am quite new to portals and at my wits end to solve it.
Also I would be greatful if anybody can suggest me the steps on adding an Apex application configured as partner application with SSO authentication to a web clipping.There seems to be little or no-documentation at all in this regard(as far as my search goes).
Thanks in advance
-VenkatI finally got it working by VERY CAREFULLY reading the instructions in the install.txt document in the SSO SDK package. You have to set up the partner application with a new schema in the login server database, and run the regapp.sql script AFTER editing it to insert data from the Login Server Partner Application admin screen. After you register the partner app in Portal, it gives you some info (site token, listener token, encryption key, etc). You have to MANUALLY copy these and paste them into the regapp.sql script, then run the script in the partner app schema. Make sure you don't confuse capital I with numeral 1 (like I did, since Oracle so nicely uses a non-serif font where you can not tell the difference).
Also make sure you copy the exact values for these parameters into your code when you use the SSOEnabler class. The listener token was very confusing since different documents appear to disagree on whether it should include the partner app name or not. It does require the partner app name:
app-name:hostname:port
hostname and port are for the web server that is handling http requests for the login server (usually your main portal web server).
John H.
Maybe you are looking for
-
Hi how do I de enable an auto launch of iPhoto when a memory card is plugged in to Mac book pro
Hi can anyone help to stop iPhoto launching directly into the memory card or camera import utility when either is plugged in. Greatful
-
Mobile E72 hangs frequently after updating Firmwar...
Hi I updated the Firmware version of my Nokia E72 to the latest firmware version 31.023 two weeks back, after updrading my mobile keeps on hanging frequently and have to restart almost 5-6 times a day. I bought the handset just 2 mnths back. What
-
Prior to ver 5 was able to connect to my bank website not getting invalid url
Since update when I try to connect to my bank website I now get this message Invalid URL The requested URL "/corporate/default.asp", is invalid. Reference #9.15951160.1309454346.73627b7 site opens fine in Internet explorer 9
-
Can only see reports with Consumer Role
Hello. i am setting up shared folders for multiple LDAP groups. Regardless of the group, a user can only view a folder if i grant "Open" to the BI Consumer Role. We will be setting up shared folders for each department and would like only members in
-
Question RE Single Orientation
I have a client who wants to do a horizonal only layout. No vertical. How does DPS render the pages, when it's held in a vertical position, considering there are no vertical folios only horizonal?????