Single Sign-on problem

Similar Messages

• Existing Single Sign On Problem with 9iAS rl2

  Hi guys
  I'm trying to install 9iAS rel2 on XP, when I get the Existing Single Sign-on screen and the port number has been auto-populated with 7777 and Installer is asking me for my host name and domain name, it won't work
  My host name is XP3118 the domain that I am connected to is GRID
  When I put in XP3118.GRID and click next it says that I need to verify my host and port variables to connect to this host.
  Has anyone any ideas?
  Thanks
  Ciaran

  I was informed by Oracle Support that Forms6i would not be supported on any new operating systems i.e. Windows XP and that in order for me to use our client-server application I would have to web-deploy our forms by upgrading to 9iForms and hence need 9iAS rel2.
  Can you please clarify how does Oracle intends to support 9iAS on Windows XP since you should not be providing contradictory support statements.
  Regards
  Ciaran

• Single Sign-on and SSL problems

  We are using WebLogic Portal and Server (version 8.1 SP3). We want to have a single sign-on when entering the portal, so that users do not need to reauthenticate each time they access an application via an applet in the portal. We also want to protect the username/password authentication and all other connection information using SSL. We have applications in multiple domains.
  When not using SSL, SSO works okay. We are challenged for username/password exactly once, whether we access the Portal, or an application directly. As soon as we enable SSL, we are challenged repeatedly, and in some cases cannot access the applications at all, as the challenge always fails.
  We suspect that there is a Session cookie problem and that something is clobering the cookie and thus breaking the session. Does anyone have any idea on what might be causing the problem?

  Hi Derick,
  I want to make our discussion into 2 parts
  1) Sign on
  2) Viewing data based on the Heirarchy
  1)Before discussing about the Sign on i want to know which connectivity you are using ? Live offcie or QaaWS.
  2) We can make the second point possible in two ways One is with providing restriction at universe level
  and the other one is through the use of flash variables.
  Using flash variables:
  The main idea of using flash variables is reading the User ID from BO authentication and based on that we fetch the Heirarchy level of that user. Then we use some excel logic to hide the data from Low level heirarchy(Here we use Dynamic Visibility for components).
  I hope this is what you ar looking for....
  If so i have more points to acheive such scenario.
  Please provide the your BO environment details, such that it will be easy to identify the better best wat to acheve it.
  Regards,
  AnjaniKumar C.A.

• Changing of the standard port 1521 and afterward problems with Single Sign

  System / Host Environment
  Operating System: HP-UX 11i, Existing Oracle RDBMS Vers. 9.2 x, Listener on standard port 1521
  9iAS System Architecture: 9iAS Infrastructure and Middle tier (AS Instance) on the same machine
  Problem Environment:
  -Before and during the installation of 9iAS infrastructure the Listener of the existing Oracle RDBMS was stopped
  -The installation of 9iAS Infrastructure (db: IASDB) Version 9.0.2.0 works well
  -Afterwards the port 1521 of IASDB changed to 1525. For a detail description of IASB port changing please refer to Doc. ID: 211 929.1 AFTER CHANGE 'IASDB' LISTENER PORT
  -The installation of Patch Set 2 (Common Patch 2703110) follows (9iAS is now up to Release 9.0.2.2).
  -The Installation of 9iAS Middle tier (AS Instance) Version 9.0.3 follows
  Problem description:
  -During the installation of 9iAS Middle tier problems with Single Sign On occurs.
  The reason of this problems seems a communication problem between the Single Sign On login sequence and the IASDB. After a reset of the port changing (back to the standard port 1521) the installation of 9iAS Middle tier works well.
  Through this incorrect and problematic behaviour we have some notes and questions:
  -Well at first the description of the port changing in Doc. ID: 211 929.1 seems us incomplete. Some configuration still carry on the standard port 1521 and not the knew value of the port 1525.
  -So we want to know all configuration files and parts where we have to change the port value manually ?
  -What will happened to the Single Sign On function with this manually port changing. Does Single Sign On works later on correct or have we to change much more ?

  Currently, changing the listener port is not supported. It must stay on 1521. I believe this is to be fixed in a latter release (perhaps 9.0.4)

• Problem In Single Sign On Instant Messenger JES

  Hai,
  I have problem with single sign on to Instant Messenger.
  Mail and Calendar single sign on are working fine.
  I configured Instant Messenger with following parameters
  Launch Method: Java Web Start
  Server : servername.com
  Server Port : 49999
  Multiplexor : servername.com
  Multiplexor Port : 49909
  In Desktop Instant Messaging channel
  Error: Unable to get contact information from Instant Messaging server.
  And I clicked Instant Messenger link from Instant Messenger channel the following error is comming
  An error occurred while launching/running the application.
  Title: Sun ONE Instant Messenger
  Vendor: Sun Microsystems, Inc.
  Category: Download Error
  Unable to load resource: http://apolloone.immchen.com:16001/en_US/imres.jar
  Pls help anyone how to configure Instant Messenger Single Sign On
  thankx
  with regds
  parthi

  Hi
  It's working out of the box for me. So I do not think there is much to configure.
  We run IM service on the same node as PS and Identityserver and just followed the install docs. Nothing about SSO there... It just worked.
  /Per-Olov

• Problem Using Single Sign on with Deployed Applications

  I have deployed some appliciations to a standalone OC4J. I am using Identity Management for authentication and it works unless I check the Single Sign on box here:
  OC4J
  Administration ->
  Security Provider->
  Enable SSO Authentication
  I receive this error:
  499 Oracle SSO
  Oracle SSO
  (all my products are version 10.1.1.3)
  I guess I should run ssoreg and osso1013. I can't find the latter.
  I appreciate any comment.
  Regards,
  Farbod

  Dear John,
  from my point of view, we have to seperate the problem in two parts:
  1.) The automatic logon to the struts application via SSO.
  2.) The session sharing via some J2EE mechanism.
  For the SSO (1.) You have to logged on to the portal - with a cookie on the clientside. This cookie can be used for SSO by Your Struts application as long as You share the same session (same browserinstance). This is not difficult examples are available.
  The sessionsharing between a J2EE aap - Struts and an iView is an intersting point. I hope I can get some time to try this out. One trick which is not too clever is to store the session data serialized in a database and privide the sessionid in the url which calls the iView or Struts. Sessionsharing between iViews is no problem as long as You use the HTTPSession.
  Walter

• FC3 : Problem with Single Sign-On

  Hi,
  We are installing Oracle 10g (ias 10.1.2) on Federo Core 3 Operating system.
  We installed successfully 'oracle Infrastructure' 10.1.2. We navigated to infrastructure home, the single sign-on status is'Down' and other components are 'Up'.
  What could be the problem with SSO?.
  Your help will be appreciated.
  Regards,
  Raj

  Hello
  I have the same problem. I installed succesfully Oracle10g on SLSE9 but the single sign-On is every down I followed all step but the problem isn't resolved.
  I would like the infrastructure on Linux you have any idea?

• Problem loading metadata with ODI : "Single sign on validation failed"

  Hi,
  When I load metadata in Planning using ODI, the load fails at the step "Prepare for loading" with this error message : "Single sign on validation failed".
  Can you help me please ?
  Thanks.
  Virgile.

  "com.hyperion.odi.planning.ODIPlanningException: Single sign on validation failed."
  Means you have put the incorrect account details in the topology manager, update the username/password
  Cheers
  John
  http://john-goodwin.blogspot.com/

• OpenDocument Problem with single sign on

  Hi,
  We have implemented single sign on for our BO environment.
  We have a report saved under Public Folders\test folder and this report is called thru Java application by users. I have written below code using OpenDocument Function.
  <a href="<boservername>/enterprise115/desktoplaunch/opendoc/
  openDocument.jsp?&sDocName=test report&sDocType=wid&sPath=[PublicFolders],[testfolder]&sRefresh=Y">Test Report</a>
  But when I click on the link, it brings up the Login screen instead of opening the report. Since we implemented Single Sign on, I am guessing it should directly open up report bypassing login screen.
  Please let me know if my code is wrong and how I bypass the login screen.
  Thanks,
  Ven Men

  Hi Ven,
  When you click on the open OpenDoc Link from a infoview (webi report) it will give a login page and you need to provide login details and then the webi report is displayed.
  To avoid this login credential page you can follow the below steps:-
  To by pass the log on , we need to create logon token which can be pass to URL and in turn logs in BO server. This logon token is nothing but an alphanumeric key and is encrypted form. Logon token mainly comprises of,       
  1)BO server name                       
  2)Username                             
  3)Password                             
  4)Authentication type                  
  I am sending you "opendoc.jsp" code which will give you a fare idea on how to create logon token and pass it to openDocument.jsp. Place this file in same place where your u201CopenDocument  jspu201D resides.
  Restart Tomcat                                                                               
  Execute this file in browser                                                                               
  http://<Server Name>:<Port Number>/businessobjects/enterprise115/desktoplaunch/opendoc/opendoc.jsp
  Please make sure you make necessary changes with regards to "USERNAME","PASSWORD",and "BO SERVER NAME" before you executing this file.
  Below is the OpenDoc.jsp file detail
  Under  //CMS logon information provide the below details
  String cms = "CMSServerName"; //Enterprise CMS Server
  String webServer = "WebAppServer"; //Infoview Web Application Server
  String userid = "Administrator";
  String pwd = "";
  String auth = "secEnterprise";
  Thanks,
  Madhu.

• Navigation problem in implementing Single Sign On

  Hi,
  I am a newbie to JSF.
  One of the projects that i am currently involved in, has a requirement of single sign on (SSO) , where in the user will log into their windows workstation and they will open my Web Application deployed in JBoss AS. Now my web application should get only the username/userid of the logged-in user from ActiveDirectoryServer and authenticate them against Database(Only the users with userids stored in the database should have the access to application) entries.
  If the user id is not in database, user should be taken to login page asking for the username and password. For this purpose, we are using JCIFS and have the necessary logic written in one class.
  I need some help in how to invoke the method in this class as there wont be any action/event fired initially and how to provide the navigation to pages(login page/home page) depending on the user status.
  Development environment::
  Richfaces,SEAM,JPA,JBOSS AS
  Thanks in advance,
  Suresh

  Hi,
  " SSO logon not possible; browser logon ticket cannot be accepted "
  I believe your SSO is not configured properly,
  First test the connection between ECC and EP
  1. login to portal -> system administration->system confgiuration->select the ECC system right click open->connection tests
  make sure that  you get a tick mark. againt all in particular for  " connection test for connectors"
  2. If your test conenciton is not working probably  SSO is not confgiured properly.
  3. try importing portal certificate to ECC and vice versa
  4. in strustsso2 check whether you have added the logon tickets for the clients under ACL.
  regards,
  prakash

• Partner application single sign-on and Oc4j

  hello,
  I'm trying to test portal's partner application single sign-on, following the examples inside the "Oracle9 iAS Single Sign-On Application Developers Guide":
  With Tomcat as jsp engine everything works fine, but with Oc4j when I try to enter the protected jsp page i have this exception:
  oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved
       at SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java:153)
       at SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java:57)
       at /protetta.jsp._jspService(/protetta.jsp.java:37) (JSP page line 4)
  Any suggestion?
  Thanks in advance.

  I get the same problem with my partner application. It runs fine on JServer but I get the following problem on oc4j:
  oracle.security.sso.enabler.SSOEnablerException: java.lang.IllegalStateException: OutputStream already retrieved     
  at oracle.br.aerochain.sso.SSOEnablerBean.getSSOUserInfo(SSOEnablerBean.java, Compiled Code)     
  at oracle.br.aerochain.sso.SSOEnablerJspBean.getSSOUserInfo(SSOEnablerJspBean.java, Compiled Code)     
  at /jsp/papp.jsp._jspService(/jsp/papp.jsp.java, Compiled Code)     
  at com.orionserver[Oracle9iAS (9.0.2.0.0) Containers for J2EE].http.OrionHttpJspPage.service(OrionHttpJspPage.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpApplication.serviceJSP(HttpApplication.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.JSPServlet.service(JSPServlet.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java, Compiled Code)     at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].server.http.HttpRequestHandler.run(HttpRequestHandler.java, Compiled Code)     
  at com.evermind[Oracle9iAS (9.0.2.0.0) Containers for J2EE].util.ThreadPoolThread.run(ThreadPoolThread.java, Compiled Code)
  Did anyone get a solution for this?
  TIA

• Configuring JCo3 Connection Pool with single sign on on non SAP Java server

  Hi Everyone,
  i have configured a connection pool on JBoss as per JCo3 Documentation and is working great.
  Now I need help to configure this connection pool with single sign on so that RFc on SAP ECC systems are executed using end users credential rather than using single user name password used to configure JCo connection pool.
  On SAP Java stack I am sure its possible within Java WebDynpro    and i assume using JCA resource adapter. But what if we don't want to use SAP Java App server.
  Any help will be appreciated.
  Thanks,
  Divyakumar Jain

  Eason, 你好！
  I have exactly the same problem.  Did you find a solution to this problem?  If so, please let me know!

• ApEx 2.1.0.00.39 as Partner Application in Oracle AS Single Sign-On

  Hi,
  I've installed the last Application Express 2.1.0.00.39 (oracle-xe-10.2.0.1-1.0.i386.rpm and oracle-xe-univ-10.2.0.1-1.0.i386.rpm) but, when I try to "create an authentication scheme" for configure an ApEx application to use SSO under
  Home>Application Builder>Application xxx>Shared Components>Authentication Schemes>Create Authentication Scheme
  in the second step of the procedure I don't find the choice "Oracle Application Server Single Sign-On (Application Express engine as Partner App)".
  I found only these:
  - Show Built-In Login Page and Use Open Door Credentials
  - Show Login Page and Use Application Express Account Credentials
  - Show Login Page and Use Database Account Credentials
  - Show Login Page and Use LDAP Directory Credentials
  - No Authentication (using DAD)
  even if under the help voice "V Information" the others two are describes:
  Oracle Application Server Single Sign-On (Application Express engine as Partner App) delegates authentication to the Oracle Application Server Single Sign-On (SSO) Server. This Application Express site must have already been registered as a partner application with the SSO server. For more information, contact your administrator.
  Oracle Application Server Single Sign-On (My application as Partner App) delegates authentication to the SSO server. In this case, you must register an application with SSO as a partner application. See the next page for more details.
  Does Someone know how to resolve it?
  Thanks
  Emanuele

  Thanks for all your help Scott
  I've added the -PORTAL_SSO- .....
  After this I've had a new problem same to this: Re: SSO Authentication Not Working
  "get the error below and it then directs me to http://hostx/htmldb/f? and the "p=" is missing"
  But after a lot of tests I discovered where was the problem: "The apache configuration for the proxy!!"
  This an extract from the installation doc :
  SetEnv force-proxy-request-1.0 1
  ProxyPass /htmldb http://127.0.0.1:8080/htmldb
  ProxyPassReverse /htmldb http://127.0.0.1:8080/htmldb
  ProxyPass /i http://127.0.0.1:8080/i
  ProxyPassReverse /i http://127.0.0.1:8080/i
  ProxyPass /sys http://127.0.0.1:8080/sys
  ProxyPassReverse /sys http://127.0.0.1:8080/sys
  where you replace 127.0.0.1 with the name OR ip address of your XE installation. 8080 is the default http port of your XE installation. "
  Well, I used the IP ADDRESS and in the @regapp > listener_token the NAME!!! (HTML_DB:servername.domain:80)
  I changed the IP ADDRESS with the NAME, restarted the httpd service and now all works fine.
  Emanuele

• How to integrate Single Sign-On and JSF?

  Hi all,
  We are going to develop a web application using Oracle technologies, including ADF and JSF.
  But we´ll need to secure our website using Oracle Identity Manager (Single Sign-On). I am having difficulties to find any resource explaining how to do that.
  Also, the IM (SSO) will run on a Oracle AS instance and our web app (ADF+JSF) will run on a separete OC4J instance, due to ADF version. Is this a problem?
  Thanks

  We too are in the process of implementing iStore with SSO features.
  And if you believe me it seems to me as nightmare.
  In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
  [email protected]
  regards and thanks in advance
  Vikas Deep

• Starting single sign-on and directory service

  i am trying to install oracle 9i infrastructure on my clean win2000 box with 2.4 GHz proc and 1GB RAM.
  i am getting falilure messages for the following:
  infrastructure instance configuration assistant: failed
  oracle 9i application server randomize password: failed
  single sign on configuration assistant: failed
  infrastructure mod-osso configuration assistant: failed
  OPMN configuration assistant: failed
  log file says:
  Configuration failed for IAS
  IAS Instance creation failed
  Configuration failed for JAZN
  JAZN configuration failed: unable to establish a directory context.
  Configuration succeeded for IASProperty
  Configuration failed for IAS
  Configuration failed for JAZN
  after which single sign-on and directory service dont start. which means no connectivity :(
  can somebody please guide me about how to avoid this failure in installation or how to manually start these after installation.
  it would be a great help
  ashish

  Hi,
  we're having exactly the same problem.
  Could you tell me what the problem is with the network ?
  You say configure it properly but what do you mean ?
  It's installed on a Windows 2000 Server machine, it's own DNS.
  Thanks,
  Yuri Arts