Single Sign-on problem
single sign-on is enabled for my developer account.
the following HttpWebRequest...
https://{server}/Services/Integration?command=ssoitsurl&ssoid={sso_token}"
... throws the following exception everytime:
The remote server returned an error: (500) Internal Server Error.
and the following HttpWebRequest...
https://{server}/Services/Integration?command=ssologin&odSsoToken={token}
... throws the same exception almost everytime.
Any help would be greatly appreciated.
user1141276, typically, before you can use SSO Token, you need to call Customer Care to have your company authentication type changed to the appropriate type based on the token requirements (i.e. validation only, or validation with option to create session id).
Similar Messages
-
Existing Single Sign On Problem with 9iAS rl2
Hi guys
I'm trying to install 9iAS rel2 on XP, when I get the Existing Single Sign-on screen and the port number has been auto-populated with 7777 and Installer is asking me for my host name and domain name, it won't work
My host name is XP3118 the domain that I am connected to is GRID
When I put in XP3118.GRID and click next it says that I need to verify my host and port variables to connect to this host.
Has anyone any ideas?
Thanks
CiaranI was informed by Oracle Support that Forms6i would not be supported on any new operating systems i.e. Windows XP and that in order for me to use our client-server application I would have to web-deploy our forms by upgrading to 9iForms and hence need 9iAS rel2.
Can you please clarify how does Oracle intends to support 9iAS on Windows XP since you should not be providing contradictory support statements.
Regards
Ciaran -
Single Sign-on and SSL problems
We are using WebLogic Portal and Server (version 8.1 SP3). We want to have a single sign-on when entering the portal, so that users do not need to reauthenticate each time they access an application via an applet in the portal. We also want to protect the username/password authentication and all other connection information using SSL. We have applications in multiple domains.
When not using SSL, SSO works okay. We are challenged for username/password exactly once, whether we access the Portal, or an application directly. As soon as we enable SSL, we are challenged repeatedly, and in some cases cannot access the applications at all, as the challenge always fails.
We suspect that there is a Session cookie problem and that something is clobering the cookie and thus breaking the session. Does anyone have any idea on what might be causing the problem?Hi Derick,
I want to make our discussion into 2 parts
1) Sign on
2) Viewing data based on the Heirarchy
1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
2) We can make the second point possible in two ways One is with providing restriction at universe level
and the other one is through the use of flash variables.
Using flash variables:
The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
I hope this is what you ar looking for....
If so i have more points to acheive such scenario.
Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
Regards,
AnjaniKumar C.A. -
Changing of the standard port 1521 and afterward problems with Single Sign
System / Host Environment
Operating System: HP-UX 11i, Existing Oracle RDBMS Vers. 9.2 x, Listener on standard port 1521
9iAS System Architecture: 9iAS Infrastructure and Middle tier (AS Instance) on the same machine
Problem Environment:
-Before and during the installation of 9iAS infrastructure the Listener of the existing Oracle RDBMS was stopped
-The installation of 9iAS Infrastructure (db: IASDB) Version 9.0.2.0 works well
-Afterwards the port 1521 of IASDB changed to 1525. For a detail description of IASB port changing please refer to Doc. ID: 211 929.1 AFTER CHANGE 'IASDB' LISTENER PORT
-The installation of Patch Set 2 (Common Patch 2703110) follows (9iAS is now up to Release 9.0.2.2).
-The Installation of 9iAS Middle tier (AS Instance) Version 9.0.3 follows
Problem description:
-During the installation of 9iAS Middle tier problems with Single Sign On occurs.
The reason of this problems seems a communication problem between the Single Sign On login sequence and the IASDB. After a reset of the port changing (back to the standard port 1521) the installation of 9iAS Middle tier works well.
Through this incorrect and problematic behaviour we have some notes and questions:
-Well at first the description of the port changing in Doc. ID: 211 929.1 seems us incomplete. Some configuration still carry on the standard port 1521 and not the knew value of the port 1525.
-So we want to know all configuration files and parts where we have to change the port value manually ?
-What will happened to the Single Sign On function with this manually port changing. Does Single Sign On works later on correct or have we to change much more ?Currently, changing the listener port is not supported. It must stay on 1521. I believe this is to be fixed in a latter release (perhaps 9.0.4)
-
Problem In Single Sign On Instant Messenger JES
Hai,
I have problem with single sign on to Instant Messenger.
Mail and Calendar single sign on are working fine.
I configured Instant Messenger with following parameters
Launch Method: Java Web Start
Server : servername.com
Server Port : 49999
Multiplexor : servername.com
Multiplexor Port : 49909
In Desktop Instant Messaging channel
Error: Unable to get contact information from Instant Messaging server.
And I clicked Instant Messenger link from Instant Messenger channel the following error is comming
An error occurred while launching/running the application.
Title: Sun ONE Instant Messenger
Vendor: Sun Microsystems, Inc.
Category: Download Error
Unable to load resource: http://apolloone.immchen.com:16001/en_US/imres.jar
Pls help anyone how to configure Instant Messenger Single Sign On
thankx
with regds
parthiHi
It's working out of the box for me. So I do not think there is much to configure.
We run IM service on the same node as PS and Identityserver and just followed the install docs. Nothing about SSO there... It just worked.
/Per-Olov -
Problem Using Single Sign on with Deployed Applications
I have deployed some appliciations to a standalone OC4J. I am using Identity Management for authentication and it works unless I check the Single Sign on box here:
OC4J
Administration ->
Security Provider->
Enable SSO Authentication
I receive this error:
499 Oracle SSO
Oracle SSO
(all my products are version 10.1.1.3)
I guess I should run ssoreg and osso1013. I can't find the latter.
I appreciate any comment.
Regards,
FarbodDear John,
from my point of view, we have to seperate the problem in two parts:
1.) The automatic logon to the struts application via SSO.
2.) The session sharing via some J2EE mechanism.
For the SSO (1.) You have to logged on to the portal - with a cookie on the clientside. This cookie can be used for SSO by Your Struts application as long as You share the same session (same browserinstance). This is not difficult examples are available.
The sessionsharing between a J2EE aap - Struts and an iView is an intersting point. I hope I can get some time to try this out. One trick which is not too clever is to store the session data serialized in a database and privide the sessionid in the url which calls the iView or Struts. Sessionsharing between iViews is no problem as long as You use the HTTPSession.
Walter -
FC3 : Problem with Single Sign-On
Hi,
We are installing Oracle 10g (ias 10.1.2) on Federo Core 3 Operating system.
We installed successfully 'oracle Infrastructure' 10.1.2. We navigated to infrastructure home, the single sign-on status is'Down' and other components are 'Up'.
What could be the problem with SSO?.
Your help will be appreciated.
Regards,
RajHello
I have the same problem. I installed succesfully Oracle10g on SLSE9 but the single sign-On is every down I followed all step but the problem isn't resolved.
I would like the infrastructure on Linux you have any idea? -
Problem loading metadata with ODI : "Single sign on validation failed"
Hi,
When I load metadata in Planning using ODI, the load fails at the step "Prepare for loading" with this error message : "Single sign on validation failed".
Can you help me please ?
Thanks.
Virgile."com.hyperion.odi.planning.ODIPlanningException: Single sign on validation failed."
Means you have put the incorrect account details in the topology manager, update the username/password
Cheers
John
http://john-goodwin.blogspot.com/ -
OpenDocument Problem with single sign on
Hi,
We have implemented single sign on for our BO environment.
We have a report saved under Public Folders\test folder and this report is called thru Java application by users. I have written below code using OpenDocument Function.
<a href="<boservername>/enterprise115/desktoplaunch/opendoc/
openDocument.jsp?&sDocName=test report&sDocType=wid&sPath=[PublicFolders],[testfolder]&sRefresh=Y">Test Report</a>
But when I click on the link, it brings up the Login screen instead of opening the report. Since we implemented Single Sign on, I am guessing it should directly open up report bypassing login screen.
Please let me know if my code is wrong and how I bypass the login screen.
Thanks,
Ven MenHi Ven,
When you click on the open OpenDoc Link from a infoview (webi report) it will give a login page and you need to provide login details and then the webi report is displayed.
To avoid this login credential page you can follow the below steps:-
To by pass the log on , we need to create logon token which can be pass to URL and in turn logs in BO server. This logon token is nothing but an alphanumeric key and is encrypted form. Logon token mainly comprises of,
1)BO server name
2)Username
3)Password
4)Authentication type
I am sending you "opendoc.jsp" code which will give you a fare idea on how to create logon token and pass it to openDocument.jsp. Place this file in same place where your u201CopenDocument jspu201D resides.
Restart Tomcat
Execute this file in browser
http://<Server Name>:<Port Number>/businessobjects/enterprise115/desktoplaunch/opendoc/opendoc.jsp
Please make sure you make necessary changes with regards to "USERNAME","PASSWORD",and "BO SERVER NAME" before you executing this file.
Below is the OpenDoc.jsp file detail
Under //CMS logon information provide the below details
String cms = "CMSServerName"; //Enterprise CMS Server
String webServer = "WebAppServer"; //Infoview Web Application Server
String userid = "Administrator";
String pwd = "";
String auth = "secEnterprise";
Thanks,
Madhu. -
Navigation problem in implementing Single Sign On
Hi,
I am a newbie to JSF.
One of the projects that i am currently involved in, has a requirement of single sign on (SSO) , where in the user will log into their windows workstation and they will open my Web Application deployed in JBoss AS. Now my web application should get only the username/userid of the logged-in user from ActiveDirectoryServer and authenticate them against Database(Only the users with userids stored in the database should have the access to application) entries.
If the user id is not in database, user should be taken to login page asking for the username and password. For this purpose, we are using JCIFS and have the necessary logic written in one class.
I need some help in how to invoke the method in this class as there wont be any action/event fired initially and how to provide the navigation to pages(login page/home page) depending on the user status.
Development environment::
Richfaces,SEAM,JPA,JBOSS AS
Thanks in advance,
SureshHi,
" SSO logon not possible; browser logon ticket cannot be accepted "
I believe your SSO is not configured properly,
First test the connection between ECC and EP
1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
make sure that you get a tick mark. againt all in particular for " connection test for connectors"
2. If your test conenciton is not working probably SSO is not confgiured properly.
3. try importing portal certificate to ECC and vice versa
4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
regards,
prakash -
Partner application single sign-on and Oc4j
hello,
I'm trying to test portal's partner application single sign-on, following the examples inside the "Oracle9 iAS Single Sign-On Application Developers Guide":
With Tomcat as jsp engine everything works fine, but with Oc4j when I try to enter the protected jsp page i have this exception:
oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved
at SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java:153)
at SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java:57)
at /protetta.jsp._jspService(/protetta.jsp.java:37) (JSP page line 4)
Any suggestion?
Thanks in advance.I get the same problem with my partner application. It runs fine on JServer but I get the following problem on oc4j:
oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved
at oracle.br.aerochain.sso.SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java, Compiled Code)
at oracle.br.aerochain.sso.SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java, Compiled Code)
at /jsp/papp.jsp._jspService(/jsp/papp.jsp.java, Compiled Code)
at com.orionserver[Oracle9iAS (9.0.2.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpApplication.serviceJSP(HttpApplication.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.JSPServlet.service(JSPServlet.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java, Compiled Code) at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java, Compiled Code)
at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java, Compiled Code)
Did anyone get a solution for this?
TIA -
Configuring JCo3 Connection Pool with single sign on on non SAP Java server
Hi Everyone,
i have configured a connection pool on JBoss as per JCo3 Documentation and is working great.
Now I need help to configure this connection pool with single sign on so that RFc on SAP ECC systems are executed using end users credential rather than using single user name password used to configure JCo connection pool.
On SAP Java stack I am sure its possible within Java WebDynpro and i assume using JCA resource adapter. But what if we don't want to use SAP Java App server.
Any help will be appreciated.
Thanks,
Divyakumar JainEason, 你好!
I have exactly the same problem. Did you find a solution to this problem? If so, please let me know! -
ApEx 2.1.0.00.39 as Partner Application in Oracle AS Single Sign-On
Hi,
I've installed the last Application Express 2.1.0.00.39 (oracle-xe-10.2.0.1-1.0.i386.rpm and oracle-xe-univ-10.2.0.1-1.0.i386.rpm) but, when I try to "create an authentication scheme" for configure an ApEx application to use SSO under
Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Create Authentication Scheme
in the second step of the procedure I don't find the choice "Oracle Application Server Single Sign-On (Application Express engine as Partner App)".
I found only these:
- Show Built-In Login Page and Use Open Door Credentials
- Show Login Page and Use Application Express Account Credentials
- Show Login Page and Use Database Account Credentials
- Show Login Page and Use LDAP Directory Credentials
- No Authentication (using DAD)
even if under the help voice "V Information" the others two are describes:
Oracle Application Server Single Sign-On (Application Express engine as Partner App) delegates authentication to the Oracle Application Server Single Sign-On (SSO) Server. This Application Express site must have already been registered as a partner application with the SSO server. For more information, contact your administrator.
Oracle Application Server Single Sign-On (My application as Partner App) delegates authentication to the SSO server. In this case, you must register an application with SSO as a partner application. See the next page for more details.
Does Someone know how to resolve it?
Thanks
EmanueleThanks for all your help Scott
I've added the -PORTAL_SSO- .....
After this I've had a new problem same to this: Re: SSO Authentication Not Working
"get the error below and it then directs me to http://hostx/htmldb/f? and the "p=" is missing"
But after a lot of tests I discovered where was the problem: "The apache configuration for the proxy!!"
This an extract from the installation doc :
SetEnv force-proxy-request-1.0 1
ProxyPass /htmldb http://127.0.0.1:8080/htmldb
ProxyPassReverse /htmldb http://127.0.0.1:8080/htmldb
ProxyPass /i http://127.0.0.1:8080/i
ProxyPassReverse /i http://127.0.0.1:8080/i
ProxyPass /sys http://127.0.0.1:8080/sys
ProxyPassReverse /sys http://127.0.0.1:8080/sys
where you replace 127.0.0.1 with the name OR ip address of your XE installation. 8080 is the default http port of your XE installation. "
Well, I used the IP ADDRESS and in the @regapp > listener_token the NAME!!! (HTML_DB:servername.domain:80)
I changed the IP ADDRESS with the NAME, restarted the httpd service and now all works fine.
Emanuele -
How to integrate Single Sign-On and JSF?
Hi all,
We are going to develop a web application using Oracle technologies, including ADF and JSF.
But we´ll need to secure our website using Oracle Identity Manager (Single Sign-On). I am having difficulties to find any resource explaining how to do that.
Also, the IM (SSO) will run on a Oracle AS instance and our web app (ADF+JSF) will run on a separete OC4J instance, due to ADF version. Is this a problem?
ThanksWe too are in the process of implementing iStore with SSO features.
And if you believe me it seems to me as nightmare.
In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
[email protected]
regards and thanks in advance
Vikas Deep -
Starting single sign-on and directory service
i am trying to install oracle 9i infrastructure on my clean win2000 box with 2.4 GHz proc and 1GB RAM.
i am getting falilure messages for the following:
infrastructure instance configuration assistant: failed
oracle 9i application server randomize password: failed
single sign on configuration assistant: failed
infrastructure mod-osso configuration assistant: failed
OPMN configuration assistant: failed
log file says:
Configuration failed for IAS
IAS Instance creation failed
Configuration failed for JAZN
JAZN configuration failed: unable to establish a directory context.
Configuration succeeded for IASProperty
Configuration failed for IAS
Configuration failed for JAZN
after which single sign-on and directory service dont start. which means no connectivity :(
can somebody please guide me about how to avoid this failure in installation or how to manually start these after installation.
it would be a great help
ashishHi,
we're having exactly the same problem.
Could you tell me what the problem is with the network ?
You say configure it properly but what do you mean ?
It's installed on a Windows 2000 Server machine, it's own DNS.
Thanks,
Yuri Arts
Maybe you are looking for
-
HT1551 Apple tv no longer responding to remote ...
The apple tv has suddenly stopped responding to the remote. Cant navigate itunes or use main menu at all Not a problem with the remote - it works on macs and it still triggers reaction from sensor light on the box - but nothing happens. Reset box -
-
Use my macbook pro as PS3 display
hi i want to use my macbook book pro as a monitor for my ps3 ,i have the 2014 macbook with the retina display , it has an hdmi port , i want to know is it possible ?
-
Don't want to synchronize with duplicate iTunes
My wife rarely uses iTunes, so I use a third party synchronizing utility (Chronosync), to make her iTunes (and her iPhoto) to be working backups of mine. We hadn't noticed until my iMac was in the shop and I opened her iTunes, but my iPhone & iPad
-
Report Localization Suggestion
Hi, Our product support many languages and till now we used several RPT, one for each language and for every change in the report we need to go al over the other reports as well. I tought about something else and I need your opnion if it is possible
-
I am trying to download my purchased music and it get stuck in waiting
I am trying to download my purchased music and it get stuck in waiting. Any suggestion?