SQL Authentication Mode

We are completing a Design Scope document for a potential SBO customer.
The Administration Guide states that SQL Authentication Mode should be set as Mixed Mode (Windows Authentication and SQL Server Authentication).
The customer wishes only to have Windows Authentication.
Would Windows Authentication only be supported by SAP?
We understand that a patch upgrade of SBO requires the 'sa' password to be entered for the upgrade of SBO-COMMON. Would this mean that without the ability to enter the 'sa' user and password a patch upgrade would fail?
Thank you.
Julie Coppins

Hi Julie,
Your concern is correct. Since from formal document, it is not saying SUGGESTING mixed mode. It is a must. Tell your client the consequence. They should be reasonable enough to accept.
Thanks,
Gordon

Similar Messages

How to create a Web Application when SQL is running in SQL Authentication mode ?

Hi,
I a have the following config:
SQL server 2012 with mixed authentication, running in the LAN
IIS server with SharePoint 2013 SP1, running in a DMZ --> SharePoint contacts the SQL server with a SQL login (not a Windows login, the required port has been opened in the FW)
SharePoint is working fine but when I want to create a new Web Application, I get an error: "Could not connect to MySQLServer\MySQLInstance,MyPortnumber using integrated security: Cannot
connect to database master at SQL server. The database might not exist, or the current user does not have permission to connect to it."
I think, since I use SQL authentification, I have to use PowerShell. I found a script on the Internet but this script was not made to create a Web App which a SharePoint installed with SQL authentication.
Can you help to adapt the script ?
Thks
THE SCRIPT Documentation:
New-SPWebApplication -ApplicationPool <String> -Name <String> [-AdditionalClaimProvider <SPClaimProviderPipeBind[]>] [-AllowAnonymousAccess <SwitchParameter>] [-ApplicationPoolAccount <SPProcessAccountPipeBind>]
[-AssignmentCollection <SPAssignmentCollection>] [-AuthenticationMethod <String>] [-AuthenticationProvider <SPAuthenticationProviderPipeBind[]>] [-Confirm [<SwitchParameter>]] [-DatabaseCredentials <PSCredential>] [-DatabaseName
<String>] [-DatabaseServer <String>] [-HostHeader <String>] [-Path <String>] [-Port <UInt32>] [-SecureSocketsLayer <SwitchParameter>] [-ServiceApplicationProxyGroup <SPServiceApplicationProxyGroupPipeBind>] [-SignInRedirectProvider
<SPTrustedIdentityTokenIssuerPipeBind>] [-SignInRedirectURL <String>] [-Url <String>] [-WhatIf [<SwitchParameter> ]] [<CommonParameters>]
The Example:
$siteName = “PowerShell for SharePoint”
$port = 80
$hostHeader = “lab.ps4sp.com”
$url = “http://lab.ps4sp.com”
$appPoolName = “PS4SPAppPool”
$managedAccount = “PS4SPspservice”
$dbServer = “PS-SQL”
$dbName = “PS4SP_SP2010_LAB_ContentDB”
$allowAnonymous = $true
$authenticationMethod = “NTLM”
$ssl = $false
New-SPWebApplication -Name $siteName -Port $port -HostHeader $hostHeader -URL $url -ApplicationPool $appPoolName -ApplicationPoolAccount (Get-SPManagedAccount “$managedAccount”) -DatabaseName $dbName -DatabaseServer $dbServer -AllowAnonymousAccess: $allowAnonymous
-AuthenticationMethod $authenticationMethod -SecureSocketsLayer:$ssl
Charles

Hi Scott,
Based on your aticle, I changed my script by adding the credential, but I still have an error.
Il also put the SQL specific port in the $dbServer variable.
Any idea ?
MY SCRIPT:
$siteName = "TEST Site"
$port = 80
$hostHeader = "sharepoint.test.be"
$url = "http://sharepoint.test.be"
$appPoolName = "TestAppPool"
$managedAccount = "DISNET\administrator"
$authenticationMethod = "NTLM"
$dbServer = "DSPORT-SQL02\DSPORTPRDEXT,50123"
$dbName = "WSS_TEST_Content"
$dbServer_secPassword = ConvertTo-SecureString "MySQLPassword" -AsPlaintext -Force
$dbServer_Creds = New-Object System.Management.Automation.PsCredential "DMZSharePointLoginSQL", $dbServer_secPassword
New-SPWebApplication -Name $siteName -Port $port -HostHeader $hostHeader -URL $url -ApplicationPool $appPoolName -ApplicationPoolAccount (Get-SPManagedAccount "$managedAccount") -AuthenticationMethod $authenticationMethod -DatabaseName
$dbName -DatabaseServer $dbServer -DatabaseCredentials $dbServer_Creds
Charles

Get an error for changing the windows authentication mode to the both SQL and windows authentication mode

I installed the SQL server Express 2008 R2 and then SQL Server Management Studio 2008 R2 . But during the installation, I could not choose the both SQL and windows authentication mode and an error accrued so I did that just with windows authentication mode.
Now, I want to change the windows authentication mode account to the SQL authentication mode but it shows me an error which is you do not have permission (Although I am the administrator in windows), what can I do?
Following steps are the steps that I went but I got an error:
Server properties >> security >> choose the option of SQL Server and Windows Authentication mode
and the error that I got is attached(access is denied)
Can you please help me?

You can change the setting after you gain admin rights to your SQL Server. You don't admin rights automatically, you have to explicitly add yourself during the install
Here's a guide on how to (re)gain those rights:
http://v-consult.be/2011/05/26/recover-sa-password-microsoft-sql-server-2008-r2/

Issue in using SQL Authentication in child SSIS packages from Parent SSIS package.

I am trying to provide SQL Authentication mode and credentials at parent package and I am using some child pachnages been called from this package.
How can I resolve this to use SQL authentication.
I am using 2008 Version
Thanks
Sreenath
Sreenath G V

Hi Sreenath,
What issue did you encounter when run the parent package? It should work properly if the SQL Server Authentication is already enabled on the target SQL Server instance and the SQL account credentials are input correctly in the child package.
You may encounter issue if you have enabled Package Configurations for the child pages that use SQL Server authentication and selected to expose the UserName and Password for the SQL Server connection. In this situation, the password won’t be exposed to
the package configurations explicitly, hence, the Dtexec utility cannot fetch the password for the connection and fails the package execution. If it is the issue, you have to specify the password for the SQL Server account in the package configurations file.
Regards,
Mike Yin
TechNet Community Support

SQL Authentication

Dear Consultants,
We have SQL 2005 ECC 6.0 ABAP+JAVA stack in MSCS cluster, where CI is installed in NODE 2 DB and ASCS and SCS inVirtual hosts.
when we are moving the SAP and DB resources from NODE1 to NODE 2 the SQL authentication is getting chaged to Windows Authentication only, where as when the Resources are in NODE1 it is in Mixed authentication mode.
now due to this when i move Cluster resources form NODE1 to NODE1(where CI is there) SQL Authentication mode changes form mixed to Windows Authentication mode due to which JAVA is not working as it need sql authentication mode.
Please suggest how to solve the issue as system is live already, can i move all resources to NODE2 then change sql authentication mode to Mixed mode and take a restart will this correct method.
Thanks,
Balaji.S

Hello,
normally this setting is syncronized by the cluster service and should be the same on both nodes.
You can check the setting in the registry:
HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\<Instance>\MSSQLServer\LoginMode = 1 (NT Auth. only)
HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\<Instance>\MSSQLServer\LoginMode = 2 (NT & SQL)
I would recommend the following procedure.
- logon to the active node, where the SQL Server is currently running on
- If the authentication is Windows Only, then change the authentication to Mixed authentication, and then restart or failover the services to the other node
- if the authentication is Mixed already, then change it to Windows Authentication and the back to Mixed authentication, without restarting the services
Then the registry on both nodes should show the same entry (LoginMode=2)
Best regards
Clas

Is it possible to have different authentication mode for SQL Server Database Engine and corresponding SQL Server instance?

Hi,
I have installed the x64 SQL Server 2008 R2 Express with default settings and run MBSA 2.3 (using default settings too). It shows three SQL Server instances: MSSQL10_50.SQLEXPRESS, SQLEXPRESS and SQLEXPRESS (32-bit). For the first, authentication
mode is Windows, for the rest two - mixed. Here https://social.msdn.microsoft.com/Forums/sqlserver/en-US/03e470dc-874d-476d-849b-c805acf5b24d/sql-mbsa-question-on-folder-permission?forum=sqlsecurity question
about such multiple instances was asked and the answer is that "MSSQL10.TEST_DB
is the instance ID for the SQL Server Database Engine of the instance, TEST_DB", so in my case, it seems that MSSQL10_50.SQLEXPRESS is the instance ID for SQL Server Database Engine of the SQLEXPRESS instance.
I have two questions:
1) How can it be that SQL Server DB Engine instance has different authentication mode than corresponding SQL Server Instance?
2) Why 32-bit instance reported although I installed only 64-bit version?
Also, this https://social.technet.microsoft.com/Forums/security/en-US/6b12c019-eaf0-402c-ab40-51d31dce968f/mbsa-23-reporting-sql-32bt-instance-is-running-in-mixed-mode-when-it-is-set-to-integrated?forum=MBSA question seems to be related to this
issue, but there is no answer :(.
Upd: Tried on clean Windows 8 installation and Windows 7 with the same result.

Because I DO NOT want the three people who will be having access to the production SQL Server to also have access to the primary host ProductionA. Since I have to allow them to RDC into the box to manage the SQL Server, I figure why not create
a separate VM for each one of them and they can RDC into those instead.
Does this make any sense?
Any tips are greatly appreciated. The main reason for doing this is because the three people who will be accessing the box, I need to isolate each one of them and at the same time keep them off of the primary ProductionA.
Thanks for your help.
M
Hello M,
Since you dont want the 3 guys to have access to Production machine A.You can install SQL Server client .By client i mean SQL server management studio(SSMS) on there local desktop and then create login for them in SQL Server.Open port on which your SQL server
is running for three of the machines so that they can connct.Now with SSMS installed on each machine each can connect to SQL server from there own machine.
I would also like you to be cautious with giving Sysadmin privilege to all three of them ,first please note down what task they would do and then decide what rights to be provided.
Your option will also work but you need to create 3 VM for that .Which is more tedious task.
Hope this helps
Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

JDBC Connectivity for SQL Server 2005 Windows Authentication Mode

Hi Everyone,
In my Scenario we are using SQL Server 2005 with Mixed Mode Authentication. Now we are planning to move only with Windows Authentication Mode.
We have configured DB with Window authentication mode & user id have been configured in PI channels however we are getting error. We checked microsoft site, which says Windows Authentication mode DB can not be connected using JDBC drivers.
http://support.microsoft.com/kb/313100
In this above link see Basic Connectivity Troubleshooting Section.
Please let me know if someone confirued JDBC Channel Successfuly with Windows Authentication Mode.
Thanks In Advance
Regards,
Bharathi.

I think this issue is related to the way that Vista, Windows 7 and Windows 2008 / 2008 R2 treat users who are logged on to the system with an account that is a member of the local administrators group when SQL is running locally.
If your SQL setup has left you with BUILTIN\Administrators being a member of the sysadmin server role and you start up SQL Management Studio you'd expect to be mapped to the sysadmin role if your user account is in the local administrators group, however
these OS disable this ability and when you try to connect to the database engine SQL server doesn't know you are a member of the local administrators group.
To get round this, close all your open SQL management studio windows and then start a new window by right clicking the icon in the start menu and chosing to run as administrator. This time when you try to connect to the SQL database engine, windows doesn't
"hide" the fact that you are an administrator. If you need to do this a lot you can go to the compatibility tab on the properties of the shortcut and set it to always run as administrator.
Alternatively you can install the admin tools remotely and you don't get this effect.
Tim

InfoPath 2010 does not work in claims authentication mode on SharePoint 2010

Hi everyone,
I created an Infopath 2010 Forms published on a Claims-based authentication site collection. This form has an external datasource plugged on the
_vti_bin/UserProfileService.asmx webservice (within the same site collection). This datasource is queried when the form opens. When I check this form with Infopath designer preview, everything works fine.
But once this forms is published, an error "Error while trying to contact Web Service" occured when opening a new form.
Here ere an extract of the logs:
The following query failed: GetUserProfileByName (User: DOMAIN\username, Form Name: library, IP: , Connection Target: , Request: http://server/_layouts/FormServer.aspx?xsnLocation=http://server/library/forms/template.xsn?DefaultItemOpen=1&Source=http://server/page.aspx, Form ID: urn:schemas-microsoft-com:office:infopath:library:-myXSD-2010-01-12T23-08-28 Type: DataAdapterException, Exception Message: The remote server returned an error: (500) Internal Server Error.
Server was unable to process request. ---> Attempted to perform an unauthorized operation.
The remote server returned an error: (500) Internal Server Error.)
Here is an extract of my IIS log:
2010-11-25 13:45:30 fe80::b9ab:23d9:ff9e:bb23%11 POST /_vti_bin/userprofileservice.asmx - 50000 - fe80::b9ab:23d9:ff9e:bb23%11 InfoPathDA 500 0 0 41
Additionnaly, you have to know :
If we set the web application authentication mode in "Classic mode", everything work fine
As soon as we set "Claim mode authentication", we reproduce the issue and this even if we are using a Windows integrated  account or an external account (SQL Memberships, Claims/AD)
We reproduce this issue in different SharePoint FARM.
It seems that this issue is generic with "Claims mode authentication" and i'm not shure that other forum can help us.
How can I make this WebService works for my form?
Thanks in advance.
Seb Nicot

I am not sure but a Code Solution might work ... I assume InfoPath 2010 is not Claims-Based aware.
I am on SP1 and June 2011 CU but still had no luck
If you only need the current user’s login name, then in the “FormEvents_Loading” event, you can retrieve the current user name with a call to the “Application.User.LoginName” property. Here is an example:
        public void FormEvents_Loading(object sender, LoadingEventArgs e)
            XPathNavigator codeUserNameXPN = this.CreateNavigator().SelectSingleNode(
                "/my:myFields/my:CodeRetrievedUserName", this.NamespaceManager);
            codeUserNameXPN.SetValue(this.Application.User.LoginName);
OR ----------------
        public void FormEvents_Loading(object sender, LoadingEventArgs e)
            //A place to write the results
            XPathNavigator codeUserNameXPN = this.CreateNavigator().SelectSingleNode(
                "/my:myFields/my:CodeRetrievedUserName", this.NamespaceManager);
            //codeUserNameXPN.SetValue(this.Application.User.LoginName);
            try
                //ThresholdAuthentication is the web service reference to the
                //https://test:24575/_vti_bin/authentication.asmx web service
                GetUserName.ThresholdAuthentication.Authentication authenticationWS =
                    new GetUserName.ThresholdAuthentication.Authentication();
                //Call the web service's Login method and pass the username and password of a site
                //administrator so we have rights to read all user profiles
                authenticationWS.Url = "https://test:24575/_vti_bin/authentication.asmx";
                authenticationWS.CookieContainer = new System.Net.CookieContainer();
                GetUserName.ThresholdAuthentication.LoginResult result = authenticationWS.Login(
                    "Admin", "Pa$$w0rd");
                if (result.ErrorCode == GetUserName.ThresholdAuthentication.LoginErrorCode.NoError)
                    //If we authenticated correctly, then set up a call to the user profile service
                    //ThresholdUserProfileService is the web service reference to the
                    //https://test:24575/_vti_bin/userprofileservice.asmx web service
                    GetUserName.ThresholdUserProfileService.UserProfileService userProfileWS =
                        new GetUserName.ThresholdUserProfileService.UserProfileService();
                    //Pass the authentication cookies we got back from the authentication web service
                    userProfileWS.Url = "https://test:24575/_vti_bin/userprofileservice.asmx";
                    userProfileWS.CookieContainer = authenticationWS.CookieContainer;
                    //Try to find the user profile information of the current
                    GetUserName.ThresholdUserProfileService.PropertyData[] resultData =
                        userProfileWS.GetUserProfileByName(this.Application.User.LoginName);
                    //Enumerate through the properties
                    foreach (GetUserName.ThresholdUserProfileService.PropertyData property in resultData)
                        //Pick out the "AccountName" property and display it
                        if (property.Name == "AccountName")
                            codeUserNameXPN.SetValue(property.Values[0].Value.ToString());
                else
                    //If we failed to authenticate properly, display the reason why
                    codeUserNameXPN.SetValue(result.ErrorCode.ToString());
            catch (System.Exception ex)
                //If an exception occurred, report it.
                codeUserNameXPN.SetValue(ex.Message);
Note that in order for this code to work, you will need to make your form template fully-trusted in the “Security” section of the “Form Options” dialog, and then publish your form template to SharePoint as an Administrator-Approved form
template

Database access only authentication mode don't access in windows mode.

Hi, I Had create new database in sql server authentication mode but don't access in windows mode how, only show authentication mode not show in windows mode .

Can you rephrase the question. I'm trying to determine what the exact question is, but I'm unsure.
Are you asking of you can configure an SQL Server only accept logins using SQL Server authentication and not Windows authentication, for instance?
same here
and also the thread title talks about "database authentication"
Andreas Wolter (Blog |
Twitter)
MCSM: Microsoft Certified Solutions Master Data Platform, MCM, MVP
www.SarpedonQualityLab.com |
www.SQL-Server-Master-Class.com

Data Federator authentication modes

In Data Federator (3.0 SP1 or previous), Is there any authentication mode similar to AD/LDAP in BOE?
What are the options available for dynamic logon, while connecting to a database via JDBC in the DF Data source definition screen?
Thanks
Tiji

Hi Tiji,
Connecting to Data Federator using BOE applications
In Data Federator XI 3.0 SP1 and previous versions the only way to connect to Data Federator is to provide a user name and password. Data Federator manages its own repository of users.
Using Universe Designer, you can create a Data Federator connection with two authentication modes:
- Configured Identity: the same user name and password is used for all consumers of the connection
- Database Mapping: the DBUser and DBPassword associated to the BOE user are used to connect to Data Federator.
There is no support for single sign on.
Creating a datasource using Data Federator Designer*
When you register a new datasource using Data Federator Designer you have three authentication modes supported:
- Configured Identity: the same user name and password is used to connect to the database (for all DF users).
- Principal Mapping: a mapping can be defined between a DF user and data source credentials. This is done through creating and managing "login domains".
- Caller Impersonation: the DF user and DF password is used to connect to the data source.
The Principal Mapping mode is pretty similar to the feature in BOE called Database Mapping except that you are not restricted to a single DBUser/DFPassword pair whatever data source you want to access. This is more flexible. Note that there is no UI in Administrator to manage login domains. You have to run built in stored procedures in the query tool.
Hope this helps,
Mokrane
Mokrane Amzal
Software Development Manager
SAP BusinessObjects Divison

Problem with ADF Security / SQL Authenticator after upgrade to 11.1.1.6

Hi,
We have an ADF application built with JDeveloper 11.1.1.2 that's been in production for a couple of years. Now we are in the process of upgrading to 11.1.1.6 so I have upgraded WLS and ADF in a test environment and re-deployed the application there. The application uses users and groups from database using SQL Authenticator configured in WLS. This worked fine in the old version but now after the upgrade we can't log in with credentials from the database. I can log in if I add a user to the default authenticator. We didn't touch any of the authenticator settings or security realm configurations during the upgrade. Both authenticators are marked as SUFFICIENT, as they have always been.
Has something changed in the way SQL Authenticator is used since 11.1.1.2? What could be the problem?
Regards,
Joonas

Answering myself here: after recreating the SQL Authenticator and the ADF Security configuration logins are working again. Don't know where the problem was though.

There is an inconsistency between the authentication mode of target web application and the source web application after migrating to claims

I've had my farm upgraded from SP2010 to SP2013 for over 6 months now and all is well, however, I was refreshing my staging environment from production and I noticed that one of the databases still shows these errors when I run test-spcontentdatabase:
Category : Configuration
Error : False
UpgradeBlocking : False
Message : The [SharePoint Web App] web application is configured with claims authentication mode however the content database you are trying to attach is intended to be used against
a windows classic authentication mode.
Remedy : There is an inconsistency between the authentication mode of target web application and the source web application. Ensure that the authentication mode setting in upgraded web application is the
same as what you had in previous SharePoint 2010 web application. Refer to the link "http://go.microsoft.com/fwlink/?LinkId=236865" for more information.
This doesn't make sense considering I converted the production web application to claims during the upgrade and then verified all sites were working with claims logins. I also verified that existing AD user identities were converted to claims by checking out
the database tables. Yet test-spcontentdatabase still thinks there is a mismatch here.
My farm is SP1 and no further CUs. The point of this particular refresh is so I can update to the November CUs in my test farm. Anyone else see this? Seems like it's a bug/safe to ignore because my stuff is working.
Thanks,
Aaron

See:
http://thesharepointfarm.com/2014/11/test-spcontentdatabase-classic-to-claims-conversion/
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Workflows Do Not Start - "Not Supported in Windows Authentication Mode"

I have a publishing site that is using Kerbos authentication. Everything on the site works fine.
I created a simple workflow in SPD 2013 and published this to the site without any problems. However when I try to start the workflow with the account of a user who is a member of the site it will not run. In the browser an alert pop's up
saying "Something went wrong. To try again, reload the page and then start the workflow again".
In the SharePoint log's I find the following:
SharePoint Server Workflow Services aj5oh Exception System.NotSupportedException: Not supported
in Windows authentication mode. at Microsoft.SharePoint.IdentityModel.SPIdentityContext.Create(SPUserToken token, Boolean isShareByLinkGuestUser) at Microsoft.SharePoint.WorkflowServices.WorkflowServiceContextExtensions.GetApplicationUserCredentials(WorkflowServicesContext
context) StackTrace: at Microsoft.Office.Server.Native.dll: (sig=1f86b0bf-2440-4b16-9099-860a571153c2|2|microsoft.office.server.native.pdb, offset=131CE) at Microsoft.Office.Server.Native.dll: (offset=21C85) 799af29b-db87-0034-c938-8a35e4082ffc
This is a dev environment where everthing is setup on a single box, and I registered the workflow service in HTTP mode (which I allowed during the installation of workflow manager).
Any ideas on what the problem might be?
Thanks,
Richard

You haven't changed it to Claims there, you have changed NTLM to Kerberos. I guess your web app was already claims based because in SP 2013 we have to use Powershell to convert classic to claims and not from GUI.
When I click the workflow on a item to start in manually I get the error:
"Something went wrong. To try again, reload the page and then start the workflow"
In ULS I get the not supported exception.
It seems 2013 platform workflows aren't supported in classic mode web applications:
http://sharepointconnoisseur.blogspot.co.uk/2012/11/sharepoint-2013-upgrade-preparation-to.html
But I am not able to publish 2010 mode workflows in the classic web application, SPD 2013 throws error while publishing:
"Unexpected error on server, wf cannot be associated"
So does Infopath while publishing on to a list in that web application:
-- The opinions expressed here represent my own and not those of anybody else -- http://manojvnair.blogspot.com

Usage Tracking - Access problem when Authentication Mode = Windows

Hi Everyone,
I´m working on UPK Usage Tracking configuration, in order to provide the finished training material.
1) In Server01 (on Window Server 2003) the UPK Usage Tracking is installed
2) In Server02 (also on Windows Server 2003) the Usage Tracking database is installed
3) By accessing the configuration file (http://Server01/ODSTrack/configuration/setup.aspx) on Server01,I setup the Authentication Mode = Forms
Note: The rest of the configurations were done.
4) Once the configuration from step 3 is done, I execute the traning material (on Server01) from another node of the windows network
and as a result I´m able to perform it.
5) I access the Statistc data on Server01 by accessing the file (http://Server01/ODSTrack/admin/default.aspx)and I´m also able to see the results.
6) When I execute the step 3 but with Authentication Mode = Windows, and including the GROUP name (windows group specially created for this goal where my user is included),
- I still have access to the training material (step 4)
- I have NO aceess to the statistics data any more (step 5) and the following message is display
"You do not have permission to access this page. Please contact your Usage Tracking Server Administrator to update your permissions. "
I don´t know what else I can do, and I wonder if some other configurations need to be done at windows network and/or explorer lever or any other.
Any help would be appreciated.
Best Regards//
Rubén Zamudio

Hi All,
This problem was solved by reconfiguring Usage Tracking in the authentication method (was anonymous and the solution was Windows integrated).
It is important to count on people from your organization working on Networks with some knowledge in IIS.
Best Regards
Ruben

BPM Integration with SQL Authenticator Provider in WebLogic

Hi Gurus,
Related to the explanation from this blog : http://orasoa.blogspot.com/2010/06/sqlauthenticator-and-human-worklist.html
I have followed this review, I can see all user and groups from sql authenticator provider.
And also I can assign bpm application roles to users from sql authenticator provider.
But when I try to assign bpm application roles to groups from sql authenticator provider, the bpm application is not show from bpm workspace.
Is there any clue to solve this problem?
Cheers,
Agus W

Hi All,
Found the reason for the exception. I was implementing the generated the CustomAuthenticatorImpl class (generated through WebLogic MBeanMaker utility) as the provider class by implementing the AuthenticationProvider interface. Keeping them separate solved the issue.
Able to create the jar without any issues and also no error or exception after restart.
Thanks.

SQL Authentication Mode

Similar Messages

Maybe you are looking for